Merge "Add cluster_vip_address to alternative names"
diff --git a/ceilometer/server/backend/gnocchi.yml b/ceilometer/server/backend/gnocchi.yml
index 723d58c..6ebf45f 100644
--- a/ceilometer/server/backend/gnocchi.yml
+++ b/ceilometer/server/backend/gnocchi.yml
@@ -22,3 +22,19 @@
enabled: true
url: "notifier://?topic=${_param:openstack_event_alarm_topic}"
publish_event: true
+ # default permissions in panko configuration files and ssl certificates are restricted
+ # to panko group, therefore ceilometer must have those permission to have ability to
+ # connect to panko's backend db
+ linux:
+ system:
+ group:
+ panko:
+ enabled: true
+ user:
+ ceilometer:
+ enabled: true
+ name: 'ceilometer'
+ home: '/var/lib/ceilometer'
+ shell: '/bin/false'
+ groups:
+ - 'panko'
diff --git a/salt/minion/cert/barbican.yml b/salt/minion/cert/barbican.yml
index f499732..b53d07d 100644
--- a/salt/minion/cert/barbican.yml
+++ b/salt/minion/cert/barbican.yml
@@ -2,7 +2,7 @@
_param:
salt_minion_ca_host: kmn01.${_param:cluster_domain}
salt_minion_ca_authority: salt_master_ca
- barbican_cert_alternative_names: IP:127.0.0.1,IP:${_param:cluster_local_address},IP:${_param:cluster_vip_address},DNS:${linux:system:name},DNS:${linux:network:fqdn}
+ barbican_cert_alternative_names: IP:127.0.0.1,IP:${_param:cluster_local_address},IP:${_param:cluster_vip_address},DNS:${linux:system:name},DNS:${linux:network:fqdn},DNS:${_param:cluster_vip_address}
salt:
minion:
cert: