Merge "Implement SSL on rabbit/mysql"

commit: 4ed5041e1bb9df0120a1fab7fb8c530b44ad56bb [log] [tgz]
author: mcp-jenkins <mcp-jenkins@mirantis.com> Tue Jan 29 08:40:27 2019 +0000
committer: Gerrit Code Review <mail@domain.com> Tue Jan 29 08:40:27 2019 +0000
tree: 40fbc2fde304cfbd2fbe0dba1e9115c69e1c9c03
parent: 22ba08fc8bb94f65a5d0db872a2206058b27bd1f [diff]
parent: 68732c885dfc1faae0d33a23c918d1e71f675090 [diff]
diff --git a/octavia/files/pike/octavia_api.conf b/octavia/files/pike/octavia_api.conf
index f81cfe3..6dce92f 100644
--- a/octavia/files/pike/octavia_api.conf
+++ b/octavia/files/pike/octavia_api.conf

@@ -970,7 +970,7 @@
 
 # The auth_url is the admin endpoint actually used for validating tokens
 #auth_url = <None>
-auth_url=http://{{ api.identity.host }}:35357
+auth_url={{ api.identity.get('protocol', 'http') }}://{{ api.identity.host }}:35357
 
 # API version of the admin Identity API endpoint. (string value)
 #auth_version = <None>
@@ -1002,7 +1002,9 @@
 # A PEM encoded Certificate Authority to use when verifying HTTPs connections.
 # Defaults to system CAs. (string value)
 #cafile = <None>
-cafile =
+{%- if api.identity.get('protocol', 'http') == 'https' %}
+cafile = {{ api.identity.get('cacert_file', api.cacert_file) }}
+{%- endif %}
 
 # Verify HTTPS connections. (boolean value)
 #insecure = false
@@ -2026,6 +2028,9 @@
 # PEM encoded Certificate Authority to use when verifying HTTPs connections.
 # (string value)
 #cafile = <None>
+{%- if api.identity.get('protocol', 'http') == 'https' %}
+cafile = {{ api.identity.get('cacert_file', api.cacert_file) }}
+{%- endif %}
 
 # PEM encoded client certificate cert file (string value)
 #certfile = <None>

diff --git a/octavia/files/pike/octavia_manager.conf b/octavia/files/pike/octavia_manager.conf
index fdfff6c..b785bdf 100644
--- a/octavia/files/pike/octavia_manager.conf
+++ b/octavia/files/pike/octavia_manager.conf

@@ -1017,7 +1017,7 @@
 
 # The auth_url is the admin endpoint actually used for validating tokens
 #auth_url = <None>
-auth_url=http://{{ manager.identity.host }}:35357
+auth_url={{ manager.identity.get('protocol', 'http') }}://{{ manager.identity.host }}:35357
 
 # API version of the admin Identity API endpoint. (string value)
 #auth_version = <None>
@@ -1049,7 +1049,9 @@
 # A PEM encoded Certificate Authority to use when verifying HTTPs connections.
 # Defaults to system CAs. (string value)
 #cafile = <None>
-cafile =
+{%- if manager.identity.get('protocol', 'http') == 'https' %}
+cafile = {{ manager.identity.get('cacert_file', manager.cacert_file) }}
+{%- endif %}
 
 # Verify HTTPS connections. (boolean value)
 #insecure = false
@@ -2072,6 +2074,9 @@
 # PEM encoded Certificate Authority to use when verifying HTTPs connections.
 # (string value)
 #cafile = <None>
+{%- if manager.identity.get('protocol', 'http') == 'https' %}
+cafile = {{ manager.identity.get('cacert_file', manager.cacert_file) }}
+{%- endif %}
 
 # PEM encoded client certificate cert file (string value)
 #certfile = <None>
commit	4ed5041e1bb9df0120a1fab7fb8c530b44ad56bb	[log] [tgz]
author	mcp-jenkins <mcp-jenkins@mirantis.com>	Tue Jan 29 08:40:27 2019 +0000
committer	Gerrit Code Review <mail@domain.com>	Tue Jan 29 08:40:27 2019 +0000
tree	40fbc2fde304cfbd2fbe0dba1e9115c69e1c9c03
parent	22ba08fc8bb94f65a5d0db872a2206058b27bd1f [diff]
parent	68732c885dfc1faae0d33a23c918d1e71f675090 [diff]