commit a1c041a469cac50fb133987e5b527c9f044ea182
author Elena Ezhova <eezhova@mirantis.com> Tue Aug 01 11:40:35 2017 +0400
committer Elena Ezhova <eezhova@mirantis.com> Fri Aug 04 14:59:26 2017 +0400
tree fa9e5f9f0ac2c74b212f2a254aa9aea109f872e4
parent 7e6697c99320cbab7235bfd6014827bad4380429

Update Octavia cert metadata

Relates to PROD-13439

Change-Id: If5bab9692a78c6ef8f2c1f02c553aae3457aa9d3

salt/minion/cert/octavia/amphora_client.yml

diff --git a/salt/minion/cert/octavia/amphora_client.yml b/salt/minion/cert/octavia/amphora_client.yml
new file mode 100644
index 0000000..fd8f465
--- /dev/null
+++ b/salt/minion/cert/octavia/amphora_client.yml
@@ -0,0 +1,12 @@
+classes:
+- system.salt.minion.cert.octavia
+parameters:
+  salt:
+    minion:
+      cert:
+        octavia_amp_client:
+          ca_file: ${octavia:manager:certificates:ca_certificate}
+          ca_key_file: ${octavia:manager:certificates:ca_private_key}
+          key_file: ${octavia:manager:haproxy_amphora:client_cert_key}
+          cert_file: ${octavia:manager:haproxy_amphora:client_cert}
+          all_file: ${octavia:manager:haproxy_amphora:client_cert_all}

salt/minion/cert/octavia/init.yml

diff --git a/salt/minion/cert/octavia/init.yml b/salt/minion/cert/octavia/init.yml
new file mode 100644
index 0000000..25d3ee4
--- /dev/null
+++ b/salt/minion/cert/octavia/init.yml
@@ -0,0 +1,16 @@
+parameters:
+  _param:
+    octavia_ca_hostname: ${linux:system:name}
+    octavia_ca_host: ${_param:octavia_ca_hostname}.${_param:cluster_domain}
+    octavia_ca_authority: octavia_ca
+  salt:
+    minion:
+      cert:
+        octavia_amp_client:
+          host: ${_param:octavia_ca_host}
+          authority: ${_param:octavia_ca_authority}
+          common_name: octavia_amp_client
+          signing_policy: cert_open
+          key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+          user: octavia
+          group: octavia