5 Commits

Author SHA1 Message Date
Arthur Outhenin-Chalandre
57220ce1d9 Add kolla_externally_managed_cert option
This option disables copy of certificates from the operator host to
kolla-ansible managed hosts.

This is especially useful if you already have some mechanisms to handle
your certificates directly on your hosts.

Co-Authored-By: Marc 'risson' Schmitt <marc.schmitt@risson.space>
Change-Id: Ie18b2464cb5a65a88c4ac191a921b8074a14f504
2021-03-02 18:09:06 +01:00
James Kirsch
93ad57f47e Add support for encrypting backend Neutron API Server
Add TLS support for backend Neutron API Server communication using
HAProxy to perform TLS termination. When used in conjunction with
enabling TLS for service API endpoints, network communication will be
encrypted end to end, from client through HAProxy to the Neutron
service.

Change-Id: Ib333a1f1bd12491df72a9e52d961161210e2d330
Partially-Implements: blueprint add-ssl-internal-network
2020-10-12 17:27:44 +00:00
Radosław Piliszek
2fd72a39e9 Add support for ACME http-01 challenge
All docs are included.

Change-Id: Ie29ff7ca340812c8dc0dac493518c87cf7bf137b
Partially-Implements: blueprint letsencrypt-https
2020-09-26 20:29:20 +02:00
James Kirsch
589803c186 Update TLS documentation
Updated TLS documentation to reflect new features and configuration
options added in Ussuri.

Change-Id: I74550eaf394287b14fc521293cc4b5ea8074192c
Partially-Implements: blueprint add-ssl-internal-network
2020-08-04 13:58:39 +01:00
Mark Goddard
3870c74d0b Move TLS documentation to its own page
Moved the TLS documentation from "advanced-configuration" doc to its
own TLS document. This is in preparation for improving it.

Change-Id: I4c83f1810ef1222aaa3560174c1ba39328853c4e
Co-Authored-By: James Kirsch <generalfuzz@gmail.com>
2020-07-27 10:05:58 +00:00