default: true
description: If set to true and if EnableInternalTLS is enabled, it will
set the libvirt URI's transport to tls and configure the
- relevant keys for libvirt.
+ relevant keys for libvirt. NOTE. this is currently being
+ ignored and TLS for libvirtd is always disabled for now.
InternalTLSCAFile:
default: '/etc/ipa/ca.crt'
type: string
public_key: ''
private_key: ''
MigrationSshPort:
- default: 22
+ default: 2022
description: Target port for migration over ssh
type: number
conditions:
- use_tls_for_live_migration:
- and:
- - equals:
- - {get_param: EnableInternalTLS}
- - true
- - equals:
- - {get_param: UseTLSTransportForLiveMigration}
- - true
+ use_tls_for_live_migration: false
+ # and:
+ # - equals:
+ # - {get_param: EnableInternalTLS}
+ # - true
+ # - equals:
+ # - {get_param: UseTLSTransportForLiveMigration}
+ # - true
libvirt_specific_ca_unset:
equals:
-
generate_service_certificates: true
tripleo::profile::base::nova::migration::client::libvirt_tls: true
+ nova::migration::libvirt::listen_address:
+ get_param: [ServiceNetMap, NovaLibvirtNetwork]
nova::migration::libvirt::live_migration_inbound_addr:
str_replace:
template: