enable ssl for keystone on compute nodes

2015-03-02 12:52:48 +00:00 · 2015-03-02 12:52:48 +00:00 · db16bd3dc4
commit db16bd3dc4
parent 1dee9ba400
1 changed files with 5 additions and 5 deletions
--- a/roles/cloud_compute/tasks/main.yml
+++ b/roles/cloud_compute/tasks/main.yml
@ -29,9 +29,9 @@
 - name: Set up db connection to controller
  ini_file: dest=/etc/nova/nova.conf section=database option=connection value=mysql://nova:{{NOVA_DBPASS}}@{{controller_private_ip}}/nova
 - ini_file: dest=/etc/nova/nova.conf section=DEFAULT option=auth_strategy value=keystone
- ini_file: dest=/etc/nova/nova.conf section=keystone_authtoken option=auth_uri value=http://{{controller_private_ip}}:5000
+- ini_file: dest=/etc/nova/nova.conf section=keystone_authtoken option=auth_uri value=https://{{controller_private_ip}}:5000
 - ini_file: dest=/etc/nova/nova.conf section=keystone_authtoken option=auth_host value={{controller_private_ip}}
- ini_file: dest=/etc/nova/nova.conf section=keystone_authtoken option=auth_protocol value=http
+- ini_file: dest=/etc/nova/nova.conf section=keystone_authtoken option=auth_protocol value=https
 - ini_file: dest=/etc/nova/nova.conf section=keystone_authtoken option=auth_port value=35357
 - ini_file: dest=/etc/nova/nova.conf section=keystone_authtoken option=admin_user value=nova
 - ini_file: dest=/etc/nova/nova.conf section=keystone_authtoken option=admin_tenant_name value=services
@ -69,9 +69,9 @@
  - openstack-neutron-openvswitch

 - ini_file: dest=/etc/neutron/neutron.conf section=DEFAULT option=auth_strategy value=keystone
- ini_file: dest=/etc/neutron/neutron.conf section=keystone_authtoken option=auth_uri value=http://{{controller_private_ip}}:5000
+- ini_file: dest=/etc/neutron/neutron.conf section=keystone_authtoken option=auth_uri value=https://{{controller_private_ip}}:5000
 - ini_file: dest=/etc/neutron/neutron.conf section=keystone_authtoken option=auth_host value={{controller_private_ip}}
- ini_file: dest=/etc/neutron/neutron.conf section=keystone_authtoken option=auth_protocol value=http
+- ini_file: dest=/etc/neutron/neutron.conf section=keystone_authtoken option=auth_protocol value=https
 - ini_file: dest=/etc/neutron/neutron.conf section=keystone_authtoken option=auth_port value=35357
 - ini_file: dest=/etc/neutron/neutron.conf section=keystone_authtoken option=admin_user value=neutron
 - ini_file: dest=/etc/neutron/neutron.conf section=keystone_authtoken option=admin_tenant_name value=services
@ -115,7 +115,7 @@
 - ini_file: dest=/etc/nova/nova.conf section=DEFAULT option=neutron_admin_username value=neutron
 - name: set neutron_admin_password
  ini_file: dest=/etc/nova/nova.conf section=DEFAULT option=neutron_admin_password value={{NEUTRON_PASS}}
- ini_file: dest=/etc/nova/nova.conf section=DEFAULT option=neutron_admin_auth_url value=http://{{controller_private_ip}}:35357/v2.0
+- ini_file: dest=/etc/nova/nova.conf section=DEFAULT option=neutron_admin_auth_url value=https://{{controller_private_ip}}:35357/v2.0
 - ini_file: dest=/etc/nova/nova.conf section=DEFAULT option=linuxnet_interface_driver value=nova.network.linux_net.LinuxOVSInterfaceDriver
 - ini_file: dest=/etc/nova/nova.conf section=DEFAULT option=firewall_driver value=nova.virt.firewall.NoopFirewallDriver
 - ini_file: dest=/etc/nova/nova.conf section=DEFAULT option=security_group_api value=neutron