Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #############
- # TLS options
- #############
- # To provide encryption and authentication on the kolla_external_vip_interface,
- # TLS can be enabled. When TLS is enabled, certificates must be provided to
- # allow clients to perform authentication.
- #kolla_enable_tls_internal: "no"
- kolla_enable_tls_internal: "no"
- #kolla_enable_tls_external: "{{ kolla_enable_tls_internal if kolla_same_external_internal_vip | bool else 'no' }}"
- kolla_enable_tls_external: "yes"
- #kolla_certificates_dir: "{{ node_config }}/certificates"
- #kolla_external_fqdn_cert: "{{ kolla_certificates_dir }}/haxy.pem"
- kolla_external_fqdn_cert: "/etc/kolla/config/certificates/multistar_<scrubbed our domain>_com.pem"
- #kolla_internal_fqdn_cert: "{{ kolla_certificates_dir }}/haproxy-internal.pem"
- #kolla_admin_openrc_cacert: ""
- #kolla_copy_ca_into_containers: "no"
- kolla_copy_ca_into_containers: "no"
- #haproxy_backend_cacert: "{{ 'ca-certificates.crt' if kolla_base_distro in ['debian', 'ubuntu'] else 'ca-bundle.trust.crt' }}"
- #haproxy_backend_cacert_dir: "/etc/ssl/certs"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement