Add nova x509 metadata
Relaited-Prod: PROD-22766
Change-Id: Iacab6680b55db7f0372a4c1ef459666e9987a488
diff --git a/nova/control/cluster.yml b/nova/control/cluster.yml
index 2f411b5..c21bee4 100644
--- a/nova/control/cluster.yml
+++ b/nova/control/cluster.yml
@@ -5,6 +5,7 @@
- system.haproxy.proxy.listen.openstack.nova
- system.haproxy.proxy.listen.openstack.novnc
- system.salt.minion.cert.mysql.clients.openstack.nova
+- system.salt.minion.cert.rabbitmq.clients.openstack.nova
parameters:
_param:
nova_vncproxy_url: http://${_param:cluster_vip_address}:6080
@@ -15,6 +16,8 @@
cluster_internal_protocol: 'http'
openstack_mysql_x509_enabled: False
galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
linux:
system:
package:
@@ -73,6 +76,13 @@
- host: ${_param:openstack_message_queue_node01_address}
- host: ${_param:openstack_message_queue_node02_address}
- host: ${_param:openstack_message_queue_node03_address}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_nova_ssl_ca_file}
+ key_file: ${_param:rabbitmq_nova_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_nova_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
glance:
host: ${_param:cluster_vip_address}
port: 9292