TLS for containerized horizon
bind mount the certificates needed for TLS. bp tls-via-certmonger-containers Change-Id: Ib9b533249be37665b77396a76133cc42fd15ee2b
This commit is contained in:
parent
1d1ad7849b
commit
8ba30a1912
@ -36,6 +36,13 @@ parameters:
|
||||
default: {}
|
||||
description: Parameters specific to the role
|
||||
type: json
|
||||
EnableInternalTLS:
|
||||
type: boolean
|
||||
default: false
|
||||
|
||||
conditions:
|
||||
|
||||
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
|
||||
|
||||
resources:
|
||||
|
||||
@ -117,6 +124,16 @@ outputs:
|
||||
- /var/lib/kolla/config_files/horizon.json:/var/lib/kolla/config_files/config.json:ro
|
||||
- /var/lib/config-data/puppet-generated/horizon/:/var/lib/kolla/config_files/src:ro
|
||||
- /var/log/containers/horizon:/var/log/horizon
|
||||
-
|
||||
if:
|
||||
- internal_tls_enabled
|
||||
- /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro
|
||||
- ''
|
||||
-
|
||||
if:
|
||||
- internal_tls_enabled
|
||||
- /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro
|
||||
- ''
|
||||
environment:
|
||||
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
|
||||
host_prep_tasks:
|
||||
|
@ -21,6 +21,7 @@ resource_registry:
|
||||
OS::TripleO::Services::HeatApi: ../docker/services/heat-api.yaml
|
||||
OS::TripleO::Services::HeatApiCfn: ../docker/services/heat-api-cfn.yaml
|
||||
OS::TripleO::Services::HeatEngine: ../docker/services/heat-engine.yaml
|
||||
OS::TripleO::Services::Horizon: ../docker/services/horizon.yaml
|
||||
OS::TripleO::Services::Keystone: ../docker/services/keystone.yaml
|
||||
OS::TripleO::Services::Memcached: ../docker/services/memcached.yaml
|
||||
OS::TripleO::Services::NeutronApi: ../docker/services/neutron-api.yaml
|
||||
|
Loading…
x
Reference in New Issue
Block a user