Add novajoin entries to the TLS-everywhere environment file
These metadata settings (the hardcoded metadata and the hook override) are used by the novajoin service when it's deployed in the undercloud, and will tell it to enroll the overcloud nodes and the services that are specified by the metadata hook. bp novajoin bp tls-via-certmonger Change-Id: Ia4645cc356688b7bcf82ed7765c0b74d53d64ed1
This commit is contained in:
parent
7dbd771a35
commit
c6b6466f07
|
@ -2,9 +2,18 @@
|
|||
# a TLS for in the internal network via certmonger
|
||||
parameter_defaults:
|
||||
EnableInternalTLS: true
|
||||
|
||||
# Required for novajoin to enroll the overcloud nodes
|
||||
ServerMetadata:
|
||||
ipa_enroll: True
|
||||
|
||||
resource_registry:
|
||||
OS::TripleO::Services::HAProxyInternalTLS: ../puppet/services/haproxy-internal-tls-certmonger.yaml
|
||||
OS::TripleO::Services::ApacheTLS: ../puppet/services/apache-internal-tls-certmonger.yaml
|
||||
OS::TripleO::Services::MySQLTLS: ../puppet/services/database/mysql-internal-tls-certmonger.yaml
|
||||
# We use apache as a TLS proxy
|
||||
OS::TripleO::Services::TLSProxyBase: ../puppet/services/apache.yaml
|
||||
|
||||
# Creates nova metadata that will create the extra service principals per
|
||||
# node.
|
||||
OS::TripleO::ServiceServerMetadataHook: ../extraconfig/nova_metadata/krb-service-principals.yaml
|
||||
|
|
Loading…
Reference in New Issue