6bae6da36c
When deploying Kibana with the default configuration of openstack_cacert being unset, it fails due to an invalid configuration. The error message is both unfriendly and useful: "message":"child \"elasticsearch\" fails because [child \"ssl\" fails because [child \"certificateAuthorities\" fails because [single value of \"certificateAuthorities\" fails because [\"certificateAuthorities\" must be a string]]]]"} This is because we set elasticsearch.ssl.certificateAuthorities even when there is no CA cert configured. This change fixes the issue by only setting elasticsearch.ssl.certificateAuthorities when a CA cert is configured. Change-Id: I5954751451b7c931e8a9d79c713a2798522d8b81 Closes-Bug: #1864180
12 lines
672 B
Django/Jinja
12 lines
672 B
Django/Jinja
kibana.defaultAppId: "{{ kibana_default_app_id }}"
|
|
logging.dest: /var/log/kolla/kibana/kibana.log
|
|
server.port: {{ kibana_server_port }}
|
|
server.host: "{{ api_interface_address }}"
|
|
elasticsearch.url: "{{ internal_protocol }}://{{ kolla_internal_fqdn | put_address_in_context('url') }}:{{ elasticsearch_port }}"
|
|
elasticsearch.requestTimeout: {{ kibana_elasticsearch_request_timeout }}
|
|
elasticsearch.shardTimeout: {{ kibana_elasticsearch_shard_timeout }}
|
|
elasticsearch.ssl.verificationMode: "{{ 'full' if kibana_elasticsearch_ssl_verify | bool else 'none' }}"
|
|
{% if openstack_cacert | length > 0 %}
|
|
elasticsearch.ssl.certificateAuthorities: {{ openstack_cacert }}
|
|
{% endif %}
|