stsstack-bundles

Merge ~arif-ali/stsstack-bundles:ssl_add_example_domain into stsstack-bundles:master

  1. Git
  2. lp:~arif-ali/stsstack-bundles
  3. ssl_add_example_domain
  4. Merge into master
Proposed by Arif Ali
Status: Work in progress
Proposed branch: ~arif-ali/stsstack-bundles:ssl_add_example_domain
Merge into: stsstack-bundles:master
Diff against target: 26 lines (+15/-0)
1 file modified
ssl/create_ca_cert.sh (+15/-0)
Reviewer Review Type Date Requested Status
Edward Hope-Morley Needs Fixing
Review via email: mp+390391@code.launchpad.net

Commit message

Add internal and external domains

This will allow debugging internal and external endpoints
using FQDN with SSL

To post a comment you must log in.
Revision history for this message
Edward Hope-Morley (hopem) wrote :

Can we do the same for vault?

Reply
Revision history for this message
Edward Hope-Morley (hopem) wrote :

I actually think that we should consider switching to setting use-internal-endpoints=true everywhere since that's fairly common in these field these days. It isn't currently set anywhere in stsstack-bundles so i assume that means that this would not be used?

Reply
Revision history for this message
Edward Hope-Morley (hopem) wrote :

Oh and glance cinder nova horizon keystone neutron isn't all the apis, we should a way to make that more dynamic.

Reply
Revision history for this message
Arif Ali (arif-ali) wrote :

Hey Ed,

* I will add vault
* I was testing use-internal-endpoints=true for a customer, with then using SSL, so needed this addition to help with this, so hence adding this in
* Will have a think on how we can make that dynamic

Reply
Revision history for this message
Edward Hope-Morley (hopem) :
review: Needs Fixing
Reply
Revision history for this message
Arif Ali (arif-ali) wrote :

I've added a bit of more dynamic nature to this

however, --vault and --ssl are not supported apparently, so you can't have that in there

Reply

Unmerged commits

f24cc02... by Arif Ali

Add internal and external domains

This will allow debugging internal and external enpoints

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/ssl/create_ca_cert.sh b/ssl/create_ca_cert.sh
2index d93d920..2e460ca 100755
3--- a/ssl/create_ca_cert.sh
4+++ b/ssl/create_ca_cert.sh
5@@ -29,6 +29,21 @@ for ((i=0;i<20;i++)); do
6 echo "IP.$((i+1)) = $vip_net_prefix.$((vip_net_suffix+i))" >> $state_dir/openssl-server.cnf
7 done
8
9+projects="glance cinder nova keystone neutron"
10+has_opt --openstack-dashboard* && projects+=" horizon"
11+has_opt --swift* && projects+=" swift"
12+has_opt --heat* && projects+=" heat"
13+has_opt --telemetry && projects+=" aodh ceilometer"
14+has_opt --telemetry-gnocchi && projects+=" gnocchi"
15+has_opt --nagios && projects+=" nagios"
16+
17+i=1
18+for proj in ${projects}; do
19+ echo "DNS.$((i++)) = ${proj}.internal.example.com" >> $state_dir/openssl-server.cnf
20+ echo "DNS.$((i++)) = ${proj}.public.example.com" >> $state_dir/openssl-server.cnf
21+ echo "DNS.$((i++)) = ${proj}.example.com" >> $state_dir/openssl-server.cnf
22+done
23+
24 touch $results_dir/index.txt
25 echo '01' > $results_dir/serial.txt
26 {

Subscribers

People subscribed via source and target branches