Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-formulas / neutron / ea47018d6f93f5713d36f141eedc92d50fed1d92^! / .
commitea47018d6f93f5713d36f141eedc92d50fed1d92[log] [tgz]
authorDzmitry Stremkouski <dstremkouski@mirantis.com>Wed Oct 24 15:33:35 2018 +0200
committerVasyl Saienko <vsaienko@mirantis.com>Wed Oct 24 16:47:33 2018 +0000
tree5403979ac67909217769107a813f469ec2972d2c
parent48b0c608e7834a5d07ed92b92cac8684f11ee025 [diff]
Adding an ability to use ssl for metadata host

Prod-Related: PROD-19298
Change-Id: I4150abd2caf87c39183fcdf4f9bace7a360ecaa1

diff --git a/README.rst b/README.rst
index e9f63d0..00a74c4 100644
--- a/README.rst
+++ b/README.rst

@@ -58,6 +58,8 @@
         metadata:
           host: 127.0.0.1
           port: 8775
+          insecure: true
+          proto: https
           password: pass
           workers: 2
         audit:

diff --git a/neutron/files/newton/metadata_agent.ini b/neutron/files/newton/metadata_agent.ini
index ccbb827..d9b26c5 100644
--- a/neutron/files/newton/metadata_agent.ini
+++ b/neutron/files/newton/metadata_agent.ini

@@ -38,10 +38,16 @@
 # Protocol to access nova metadata, http or https (string value)
 # Allowed values: http, https
 #nova_metadata_protocol = http
-nova_metadata_protocol = http
+{%- if neutron.metadata.proto is defined %}
+nova_metadata_protocol = {{ neutron.metadata.proto }}
+{%- endif %}
 
-# Allow to perform insecure SSL (https) requests to nova metadata (boolean value)
+# Allow to perform insecure SSL (https) requests to nova metadata (boolean
+# value)
 #nova_metadata_insecure = false
+{%- if neutron.metadata.insecure is defined %}
+nova_metadata_insecure = {{ neutron.metadata.insecure }}
+{%- endif %}
 
 # Client certificate for nova metadata api server. (string value)
 #nova_client_cert =

diff --git a/neutron/files/ocata/metadata_agent.ini b/neutron/files/ocata/metadata_agent.ini
index 082da7b..d846630 100644
--- a/neutron/files/ocata/metadata_agent.ini
+++ b/neutron/files/ocata/metadata_agent.ini

@@ -43,11 +43,16 @@
 # Protocol to access nova metadata, http or https (string value)
 # Allowed values: http, https
 #nova_metadata_protocol = http
-nova_metadata_protocol = http
+{%- if neutron.metadata.proto is defined %}
+nova_metadata_protocol = {{ neutron.metadata.proto }}
+{%- endif %}
 
 # Allow to perform insecure SSL (https) requests to nova metadata (boolean
 # value)
 #nova_metadata_insecure = false
+{%- if neutron.metadata.insecure is defined %}
+nova_metadata_insecure = {{ neutron.metadata.insecure }}
+{%- endif %}
 
 # Client certificate for nova metadata api server. (string value)
 #nova_client_cert =

diff --git a/neutron/files/pike/metadata_agent.ini b/neutron/files/pike/metadata_agent.ini
index 082da7b..d846630 100644
--- a/neutron/files/pike/metadata_agent.ini
+++ b/neutron/files/pike/metadata_agent.ini

@@ -43,11 +43,16 @@
 # Protocol to access nova metadata, http or https (string value)
 # Allowed values: http, https
 #nova_metadata_protocol = http
-nova_metadata_protocol = http
+{%- if neutron.metadata.proto is defined %}
+nova_metadata_protocol = {{ neutron.metadata.proto }}
+{%- endif %}
 
 # Allow to perform insecure SSL (https) requests to nova metadata (boolean
 # value)
 #nova_metadata_insecure = false
+{%- if neutron.metadata.insecure is defined %}
+nova_metadata_insecure = {{ neutron.metadata.insecure }}
+{%- endif %}
 
 # Client certificate for nova metadata api server. (string value)
 #nova_client_cert =

diff --git a/tests/pillar/compute_dvr.sls b/tests/pillar/compute_dvr.sls
index 9213e38..24ab218 100644
--- a/tests/pillar/compute_dvr.sls
+++ b/tests/pillar/compute_dvr.sls

@@ -23,5 +23,7 @@
     metadata:
       host: 127.0.0.1
       password: password
+      insecure: true
+      proto: https
       workers: 2
     version: pike