Add nova x509 metadata
Relaited-Prod: PROD-22766
Change-Id: Iacab6680b55db7f0372a4c1ef459666e9987a488
diff --git a/nova/compute/cluster.yml b/nova/compute/cluster.yml
index c88dcc7..4482b52 100644
--- a/nova/compute/cluster.yml
+++ b/nova/compute/cluster.yml
@@ -1,5 +1,6 @@
classes:
- service.nova.compute.kvm
+- system.salt.minion.cert.rabbitmq.clients.openstack.nova
parameters:
_param:
nova_vncproxy_url: https://${_param:cluster_public_host}:6080
@@ -36,6 +37,8 @@
SG9MrLHCd5l60aCUQg0UA5ed7Hd6SA314k+HwxJno9/wJ+voBeacMg==
-----END RSA PRIVATE KEY-----
cluster_internal_protocol: 'http'
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
openssh:
client:
enabled: True
@@ -80,6 +83,13 @@
- host: ${_param:openstack_message_queue_node01_address}
- host: ${_param:openstack_message_queue_node02_address}
- host: ${_param:openstack_message_queue_node03_address}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_nova_ssl_ca_file}
+ key_file: ${_param:rabbitmq_nova_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_nova_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
image:
engine: glance
host: ${_param:cluster_vip_address}