1 heat_template_version: ocata
4 HAProxy deployment with TLS enabled, powered by certmonger
9 description: Mapping of service_name -> network name. Typically set
10 via parameter_defaults in the resource registry. This
11 mapping overrides those in ServiceNetMapDefaults.
18 description: Mapping of service endpoint -> protocol. Typically set
19 via parameter_defaults in the resource registry.
24 description: Role data for the HAProxy public TLS via certmonger role.
26 service_name: haproxy_public_tls_certmonger
28 generate_service_certificates: true
29 tripleo::haproxy::service_certificate: '/etc/pki/tls/certs/overcloud-haproxy-external.pem'
32 service_pem: '/etc/pki/tls/certs/overcloud-haproxy-external.pem'
33 service_certificate: '/etc/pki/tls/certs/overcloud-haproxy-external.crt'
34 service_key: '/etc/pki/tls/private/overcloud-haproxy-external.key'
35 hostname: "%{hiera('cloud_name_external')}"
36 postsave_cmd: "" # TODO
37 principal: "haproxy/%{hiera('cloud_name_external')}"