Configure sahara to work with other secured services
Registering SSL parameters in sahara.conf for all openstack
services.
Change-Id: I63dd8a0f6e7b37cfd8140d2783af04505f29285f
Closes-Bug: #1419195
diff --git a/lib/sahara b/lib/sahara
index 44c06d3..f2a506c 100644
--- a/lib/sahara
+++ b/lib/sahara
@@ -128,6 +128,10 @@
if is_service_enabled neutron; then
iniset $SAHARA_CONF_FILE DEFAULT use_neutron true
iniset $SAHARA_CONF_FILE DEFAULT use_floating_ips true
+
+ if is_ssl_enabled_service "neutron" || is_service_enabled tls-proxy; then
+ iniset $SAHARA_CONF_FILE neutron ca_file $SSL_BUNDLE_FILE
+ fi
else
iniset $SAHARA_CONF_FILE DEFAULT use_neutron false
iniset $SAHARA_CONF_FILE DEFAULT use_floating_ips false
@@ -135,10 +139,30 @@
if is_service_enabled heat; then
iniset $SAHARA_CONF_FILE DEFAULT infrastructure_engine heat
+
+ if is_ssl_enabled_service "heat" || is_service_enabled tls-proxy; then
+ iniset $SAHARA_CONF_FILE heat ca_file $SSL_BUNDLE_FILE
+ fi
else
iniset $SAHARA_CONF_FILE DEFAULT infrastructure_engine direct
fi
+ if is_ssl_enabled_service "cinder" || is_service_enabled tls-proxy; then
+ iniset $SAHARA_CONF_FILE cinder ca_file $SSL_BUNDLE_FILE
+ fi
+
+ if is_ssl_enabled_service "nova" || is_service_enabled tls-proxy; then
+ iniset $SAHARA_CONF_FILE nova ca_file $SSL_BUNDLE_FILE
+ fi
+
+ if is_ssl_enabled_service "swift" || is_service_enabled tls-proxy; then
+ iniset $SAHARA_CONF_FILE swift ca_file $SSL_BUNDLE_FILE
+ fi
+
+ if is_ssl_enabled_service "key" || is_service_enabled tls-proxy; then
+ iniset $SAHARA_CONF_FILE keystone ca_file $SSL_BUNDLE_FILE
+ fi
+
iniset $SAHARA_CONF_FILE DEFAULT use_syslog $SYSLOG
# Format logging