5581a28253
Add support for automatic provisioning and renewal of HTTPS certificates via LetsEncrypt. Spec is available at: https://etherpad.opendev.org/p/kolla-ansible-letsencrypt-https Depends-On: https://review.opendev.org/c/openstack/kolla/+/887347 Co-Authored-By: Michal Arbet <michal.arbet@ultimum.io> Implements: blueprint letsencrypt-https Change-Id: I35317ea0343f0db74ddc0e587862e95408e9e106
11 lines
528 B
YAML
11 lines
528 B
YAML
---
|
|
features:
|
|
- Add Lets Encrypt TLS certificate service integration into Openstack
|
|
deployment. Enables trusted TLS certificate generation option for
|
|
secure communcation with OpenStack HAProxy instances using
|
|
``letsencrypt_email``, ``kolla_internal_fqdn`` and/or
|
|
``kolla_external_fqdn`` is required. One container runs an Apache
|
|
ACME client webserver and one runs Lego for certificate retrieval
|
|
and renewal. The Lego container starts a cron job which attempts
|
|
to renew certificates every 12 hours.
|