Add parameters for setting up keystone keys/certs in undercloud
This will allow us distribute identical keys/certs to all control nodes in HA mode. CAKey was removed because it's not required by keystone. Change-Id: I187492d5fac448e57f8cd687f9cb751520df5921
This commit is contained in:
parent
b5b85036c4
commit
8fc307cc22
|
@ -248,17 +248,10 @@ Parameters:
|
|||
Default: ''
|
||||
Description: Keystone self-signed certificate authority certificate.
|
||||
Type: String
|
||||
NoEcho: true
|
||||
KeystoneCAKey:
|
||||
Default: ''
|
||||
Description: Keystone certificate authority key.
|
||||
Type: String
|
||||
NoEcho: true
|
||||
KeystoneSigningCertificate:
|
||||
Default: ''
|
||||
Description: Keystone certificate for verifying token validity.
|
||||
Type: String
|
||||
NoEcho: true
|
||||
KeystoneSigningKey:
|
||||
Default: ''
|
||||
Description: Keystone key for signing tokens.
|
||||
|
@ -440,7 +433,6 @@ Resources:
|
|||
db: mysql://keystone:unset@localhost/keystone
|
||||
host:
|
||||
get_input: controller_host
|
||||
ca_key: {Ref: KeystoneCAKey}
|
||||
ca_certificate: {Ref: KeystoneCACertificate}
|
||||
signing_key: {Ref: KeystoneSigningKey}
|
||||
signing_certificate: {Ref: KeystoneSigningCertificate}
|
||||
|
|
|
@ -160,6 +160,19 @@ Parameters:
|
|||
lower level default.
|
||||
Type: Number
|
||||
Default: 0
|
||||
KeystoneCACertificate:
|
||||
Default: ''
|
||||
Description: Keystone self-signed certificate authority certificate.
|
||||
Type: String
|
||||
KeystoneSigningCertificate:
|
||||
Default: ''
|
||||
Description: Keystone certificate for verifying token validity.
|
||||
Type: String
|
||||
KeystoneSigningKey:
|
||||
Default: ''
|
||||
Description: Keystone key for signing tokens.
|
||||
Type: String
|
||||
NoEcho: true
|
||||
Resources:
|
||||
RabbitCookie:
|
||||
Type: OS::Heat::RandomString
|
||||
|
@ -229,6 +242,9 @@ Resources:
|
|||
keystone:
|
||||
db: mysql://keystone:unset@localhost/keystone
|
||||
host: 127.0.0.1
|
||||
ca_certificate: {Ref: KeystoneCACertificate}
|
||||
signing_key: {Ref: KeystoneSigningKey}
|
||||
signing_certificate: {Ref: KeystoneSigningCertificate}
|
||||
mysql:
|
||||
innodb_buffer_pool_size: {Ref: MysqlInnodbBufferPoolSize}
|
||||
neutron:
|
||||
|
|
Loading…
Reference in New Issue