openstack/kayobe
Code Issues Proposed changes

Merge "docs: add information about enabling TLS to automated guide"

Browse Source
This commit is contained in:
Zuul
2023-02-21 17:44:46 +00:00
committed by Gerrit Code Review
parent 8576e719cd 804c1cb669
commit db9ce40e81
1 changed files with 28 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
doc/source/contributor/automated.rst
View File

@@ -89,6 +89,30 @@ This can be added using the following commands::
sudo ip l set eth1 up sudo ip l set eth1 up
sudo ip l set eth1 master breth1 sudo ip l set eth1 master breth1
Configuration
-------------
Enable TLS
^^^^^^^^^^
Apply the following configuration if you wish to enable TLS for the OpenStack
API:
Set the following option in ``config/src/kayobe-config/etc/kayobe/kolla.yml``:
.. code-block:: yaml
kolla_enable_tls_internal: "yes"
Set the following options in
``config/src/kayobe-config/etc/kayobe/kolla/globals.yml``:
.. code-block:: yaml
kolla_copy_ca_into_containers: "yes"
openstack_cacert: "{% if os_distribution == 'ubuntu' %}/etc/ssl/certs/ca-certificates.crt{% else %}/etc/pki/tls/certs/ca-bundle.crt{% endif %}"
kolla_admin_openrc_cacert: "{% if os_distribution == 'ubuntu' %}/etc/ssl/certs/ca-certificates.crt{% else %}/etc/pki/tls/certs/ca-bundle.crt{% endif %}"
Usage Usage
----- -----
@@ -109,6 +133,10 @@ its dependencies in a Python virtual environment::
changes will not been seen until you reinstall the package. To do this you changes will not been seen until you reinstall the package. To do this you
can run ``./dev/install.sh``. can run ``./dev/install.sh``.
If you are using TLS and wish to generate self-signed certificates::
export KAYOBE_OVERCLOUD_GENERATE_CERTIFICATES=1
Run the ``dev/overcloud-deploy.sh`` script to deploy the OpenStack control Run the ``dev/overcloud-deploy.sh`` script to deploy the OpenStack control
plane:: plane::