Reusable certificates - store cert under /srv/salt/pki - isolate certs per cluster name - reclass overrides (openstack, wildcard)

commit: 2a75c3b019cc157e0bd74af3876c1bb5dbc1e737 [log] [tgz]
author: Petr Michalec <epcim@apealive.net> Tue Mar 21 13:40:12 2017 +0100
committer: Petr Michalec <epcim@apealive.net> Wed Mar 22 15:08:38 2017 +0100
tree: 55008b7d1566c410f35d7e2fca76e055d8755295
parent: ecd14b0e06a6d63358acafe7ff60c237e27b604c [diff] [blame]
diff --git a/salt/minion/cert/ceph/pki.yml b/salt/minion/cert/ceph/pki.yml
new file mode 100644
index 0000000..259fc38
--- /dev/null
+++ b/salt/minion/cert/ceph/pki.yml

@@ -0,0 +1,8 @@
+parameters:
+  salt:
+    minion:
+      cert:
+        ceph:
+          key_file:  /srv/salt/pki/${_param:cluster_name}/ceph.${_param:cluster_public_host}.key
+          cert_file: /srv/salt/pki/${_param:cluster_name}/ceph.${_param:cluster_public_host}.crt
+          all_file:  /srv/salt/pki/${_param:cluster_name}/ceph-with-key.${_param:cluster_public_host}.pem
commit	2a75c3b019cc157e0bd74af3876c1bb5dbc1e737	[log] [tgz]
author	Petr Michalec <epcim@apealive.net>	Tue Mar 21 13:40:12 2017 +0100
committer	Petr Michalec <epcim@apealive.net>	Wed Mar 22 15:08:38 2017 +0100
tree	55008b7d1566c410f35d7e2fca76e055d8755295
parent	ecd14b0e06a6d63358acafe7ff60c237e27b604c [diff] [blame]