2017-08-11 16:31:01 -05:00
|
|
|
# ********************************************************************************
|
|
|
|
# DEPRECATED: Use tripleo-heat-templates/environments/ssl/enable-internal-tls.yaml
|
|
|
|
# instead.
|
|
|
|
# ********************************************************************************
|
2016-09-26 15:34:10 +00:00
|
|
|
# A Heat environment file which can be used to enable a
|
|
|
|
# a TLS for in the internal network via certmonger
|
2016-09-12 11:46:15 +03:00
|
|
|
parameter_defaults:
|
|
|
|
EnableInternalTLS: true
|
2016-12-09 15:22:42 +02:00
|
|
|
RabbitClientUseSSL: true
|
2017-01-18 01:02:35 +02:00
|
|
|
|
|
|
|
# Required for novajoin to enroll the overcloud nodes
|
|
|
|
ServerMetadata:
|
|
|
|
ipa_enroll: True
|
|
|
|
|
2016-09-26 15:34:10 +00:00
|
|
|
resource_registry:
|
2018-04-11 16:13:29 +02:00
|
|
|
# FIXME(bogdando): switch it, once it is containerized
|
2017-03-13 14:30:03 +02:00
|
|
|
OS::TripleO::Services::CertmongerUser: ../puppet/services/certmonger-user.yaml
|
|
|
|
|
2016-12-07 09:03:18 +02:00
|
|
|
OS::TripleO::Services::HAProxyInternalTLS: ../puppet/services/haproxy-internal-tls-certmonger.yaml
|
2016-12-09 15:22:42 +02:00
|
|
|
|
2016-12-08 13:10:22 +02:00
|
|
|
# We use apache as a TLS proxy
|
2018-04-11 16:13:29 +02:00
|
|
|
# FIXME(bogdando): switch it, once it is containerized
|
2016-12-08 13:10:22 +02:00
|
|
|
OS::TripleO::Services::TLSProxyBase: ../puppet/services/apache.yaml
|
2017-01-18 01:02:35 +02:00
|
|
|
|
|
|
|
# Creates nova metadata that will create the extra service principals per
|
|
|
|
# node.
|
|
|
|
OS::TripleO::ServiceServerMetadataHook: ../extraconfig/nova_metadata/krb-service-principals.yaml
|