openstack/openstack-helm
Code Issues Proposed changes

Aodh and Panko: Add TLS support for public endpoints

Browse Source 
This commit adds the capability for Aodh, Panko charts to
support TLS on overriden fqdn for public endpoints.

Change-Id: Ia1350f65872b0eddda8ecc83ffea1dd215b3b6db
Signed-off-by: Angie Wang <angie.wang@windriver.com>
This commit is contained in:
Angie Wang 2019-07-10 12:03:57 -04:00
parent 4e8f25b115
commit 9c2f6fadb4
4 changed files with 62 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
aodh/templates/secret-ingress-tls.yaml Normal file
View File

@ -0,0 +1,19 @@
{{/*
Copyright 2019 Wind River Systems, Inc.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.secret_ingress_tls }}
{{- include "helm-toolkit.manifests.secret_ingress_tls" ( dict "envAll" . "backendServiceType" "alarming" ) }}
{{- end }}

12
aodh/values.yaml
View File

@ -542,6 +542,10 @@ secrets:
oslo_messaging: oslo_messaging:
admin: aodh-rabbitmq-admin admin: aodh-rabbitmq-admin
aodh: aodh-rabbitmq-user aodh: aodh-rabbitmq-user
tls:
alarming:
api:
public: aodh-tls-public
bootstrap: bootstrap:
enabled: false enabled: false
@ -604,6 +608,13 @@ endpoints:
public: aodh public: aodh
host_fqdn_override: host_fqdn_override:
default: null default: null
# NOTE: this chart supports TLS for fqdn over-ridden public
# endpoints using the following format:
# public:
# host: null
# tls:
# crt: null
# key: null
path: path:
default: null default: null
scheme: scheme:
@ -705,5 +716,6 @@ manifests:
secret_db: true secret_db: true
secret_keystone: true secret_keystone: true
secret_rabbitmq: true secret_rabbitmq: true
secret_ingress_tls: true
service_api: true service_api: true
service_ingress_api: true service_ingress_api: true

19
panko/templates/secret-ingress-tls.yaml Normal file
View File

@ -0,0 +1,19 @@
{{/*
Copyright 2019 Wind River Systems, Inc.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.secret_ingress_tls }}
{{- include "helm-toolkit.manifests.secret_ingress_tls" ( dict "envAll" . "backendServiceType" "event" ) }}
{{- end }}

12
panko/values.yaml
View File

@ -159,6 +159,10 @@ secrets:
oslo_db: oslo_db:
admin: panko-db-admin admin: panko-db-admin
panko: panko-db-user panko: panko-db-user
tls:
event:
api:
public: panko-tls-public
bootstrap: bootstrap:
enabled: false enabled: false
@ -387,6 +391,13 @@ endpoints:
public: panko public: panko
host_fqdn_override: host_fqdn_override:
default: null default: null
# NOTE: this chart supports TLS for fqdn over-ridden public
# endpoints using the following format:
# public:
# host: null
# tls:
# crt: null
# key: null
path: path:
default: null default: null
scheme: scheme:
@ -599,6 +610,7 @@ manifests:
pod_rally_test: true pod_rally_test: true
secret_db: true secret_db: true
secret_keystone: true secret_keystone: true
secret_ingress_tls: true
service_api: true service_api: true
service_ingress_api: true service_ingress_api: true