haproxy-system-wrapper is a solution for systemd from upstream. it can
handle the reload graceful.
Change-Id: I6a3d141af065e429bd1be1b7252f5c6df1fda3bb
Closes-Bug: #1559238
These values are optional only when the services are not enabled.
If the file does not exist we should not warn, but rather inform.
Ceph-mon is an exception here since its bootstrap process means
the files may or may not exist initially.
TrivialFix
Change-Id: Ic02bece76d480e99deecf612036f37abb5604135
TLS can be used to encrypt and authenticate the connection with
OpenStack endpoints. This patch provides the necessary
parameters and changes the resulting service configurations to
enable TLS for the Kolla deployed OpenStack cloud.
The new input parameters are:
kolla_enable_tls_external: "yes" or "no" (default is "no")
kolla_external_fqdn_cert: "/etc/kolla/certificates/haproxy.pem"
kolla_external_fqdn_cacert: "/etc/kolla/certificates/haproxy-ca.crt"
Implements: blueprint kolla-ssl
Change-Id: I48ef8a781c3035d58817f9bf6f36d59a488bab41
This brings Kolla images inline with FHS and should make finding
locations of things more consistent and reliable with the linux world
at large.
Change-Id: Iece5b4da4bace0fb8b1f41a65ab2c852ec73e6f8
Closes-Bug: #1485742
