Add Octavia certificate parameters
Adds configuration for the paths to Octavia's certificate files. Change-Id: I892854d623e63f339e94fe83261ac9b8a84bdcb5
This commit is contained in:
parent
3dfd327db6
commit
1331feaef1
@ -7,4 +7,7 @@ resource_registry:
|
|||||||
parameter_defaults:
|
parameter_defaults:
|
||||||
NeutronServicePlugins: "qos,router,trunk,lbaasv2"
|
NeutronServicePlugins: "qos,router,trunk,lbaasv2"
|
||||||
NeutronEnableForceMetadata: true
|
NeutronEnableForceMetadata: true
|
||||||
|
OctaviaCaCertFile: '/etc/octavia/certs/ca_01.pem'
|
||||||
|
OctaviaCaKeyFile: '/etc/octavia/certs/private/cakey.pem'
|
||||||
|
OctaviaCaKeyPassphrase: 'foobar'
|
||||||
|
OctaviaClientCertFile: '/etc/octavia/certs/client.pem'
|
||||||
|
@ -74,6 +74,18 @@ parameters:
|
|||||||
description: The password for the Octavia's database account.
|
description: The password for the Octavia's database account.
|
||||||
type: string
|
type: string
|
||||||
hidden: true
|
hidden: true
|
||||||
|
OctaviaCaCertFile:
|
||||||
|
type: string
|
||||||
|
default: '/etc/octavia/certs/ca_01.pem'
|
||||||
|
description: Octavia CA certificate file path.
|
||||||
|
OctaviaCaKeyFile:
|
||||||
|
type: string
|
||||||
|
default: '/etc/octavia/certs/private/cakey.pem'
|
||||||
|
description: Octavia CA private key file path.
|
||||||
|
OctaviaCaKeyPassphrase:
|
||||||
|
description: CA private key passphrase.
|
||||||
|
type: string
|
||||||
|
hidden: true
|
||||||
|
|
||||||
conditions:
|
conditions:
|
||||||
service_debug_unset: {equals : [{get_param: OctaviaDebug}, '']}
|
service_debug_unset: {equals : [{get_param: OctaviaDebug}, '']}
|
||||||
@ -102,3 +114,6 @@ outputs:
|
|||||||
octavia::service_auth::project_name: 'service'
|
octavia::service_auth::project_name: 'service'
|
||||||
octavia::service_auth::project_domain_name: 'Default'
|
octavia::service_auth::project_domain_name: 'Default'
|
||||||
octavia::service_auth::user_domain_name: 'Default'
|
octavia::service_auth::user_domain_name: 'Default'
|
||||||
|
octavia::certificates::ca_certificate: {get_param: OctaviaCaCertFile}
|
||||||
|
octavia::certificates::ca_private_key: {get_param: OctaviaCaKeyFile}
|
||||||
|
octavia::certificates::ca_private_key_passphrase: {get_param: OctaviaCaKeyPassphrase}
|
||||||
|
@ -39,7 +39,7 @@ parameters:
|
|||||||
tag: openstack.octavia.worker
|
tag: openstack.octavia.worker
|
||||||
path: /var/log/octavia/worker.log
|
path: /var/log/octavia/worker.log
|
||||||
OctaviaAmphoraImageTag:
|
OctaviaAmphoraImageTag:
|
||||||
default: ''
|
default: 'amphora-image'
|
||||||
description: Glance image tag for identifying the amphora image.
|
description: Glance image tag for identifying the amphora image.
|
||||||
type: string
|
type: string
|
||||||
OctaviaAmphoraNetworkList:
|
OctaviaAmphoraNetworkList:
|
||||||
@ -63,15 +63,13 @@ parameters:
|
|||||||
default: false
|
default: false
|
||||||
description: Configure the nova flavor for the amphora.
|
description: Configure the nova flavor for the amphora.
|
||||||
type: boolean
|
type: boolean
|
||||||
OctaviaSSHKeyName:
|
OctaviaClientCertFile:
|
||||||
default: 'octavia-ssh-key'
|
default: '/etc/octavia/certs/client.pem'
|
||||||
description: name for ssh key to be configured so the amphora can
|
description: client certificate for amphoras
|
||||||
be logged into.
|
|
||||||
type: string
|
type: string
|
||||||
|
|
||||||
conditions:
|
conditions:
|
||||||
octavia_topology_unset: {equals : [{get_param: OctaviaLoadBalancerTopology}, ""]}
|
octavia_topology_unset: {equals : [{get_param: OctaviaLoadBalancerTopology}, ""]}
|
||||||
octavia_amphora_tag_unset: {equals: [{get_param: OctaviaAmphoraImageTag}, ""]}
|
|
||||||
|
|
||||||
resources:
|
resources:
|
||||||
|
|
||||||
@ -101,12 +99,8 @@ outputs:
|
|||||||
octavia::worker::amp_flavor_id: {get_param: OctaviaFlavorId}
|
octavia::worker::amp_flavor_id: {get_param: OctaviaFlavorId}
|
||||||
octavia::worker::nova_flavor_config: {get_param: OctaviaFlavorProperties}
|
octavia::worker::nova_flavor_config: {get_param: OctaviaFlavorProperties}
|
||||||
octavia::worker::manage_nova_flavor: {get_param: OctaviaManageNovaFlavor}
|
octavia::worker::manage_nova_flavor: {get_param: OctaviaManageNovaFlavor}
|
||||||
octavia::worker::ssh_key_name: {get_param: OctaviaSSHKeyName}
|
octavia::certificates::client_cert: {get_param: OctaviaClientCertFile}
|
||||||
-
|
octavia::worker::amp_image_tag: {get_param: OctaviaAmphoraImageTag}
|
||||||
if:
|
|
||||||
- octavia_amphora_tag_unset
|
|
||||||
- {}
|
|
||||||
- octavia::worker::amp_image_tag: {get_param: OctaviaAmphoraImageTag}
|
|
||||||
-
|
-
|
||||||
if:
|
if:
|
||||||
- octavia_topology_unset
|
- octavia_topology_unset
|
||||||
|
Loading…
x
Reference in New Issue
Block a user