openstack/openstack-ansible-ops
Code Issues Proposed changes
openstack-ansible-ops/skydive/roles/skydive_common/templates/skydive-openssl.cnf.j2
Kevin Carter cfa103dab7 Update delegated setup hosts to support IP delegation 
The option `skydive_service_setup_host` allows a user to define a
setup host target which could, or could not, be in the provided
inventory. Additionally a setup target host could also be simply
an IP reference. This change ensures that the playbooks and roles
respect the different setup host delegation node types by creating
in memory host entries and gathering facts on the dynamic
information when the target is not in inventory, is not in the
skydive_all group, or simply an IP.

Change-Id: I532abd7171ba9077759640e4bf18b9b517264426
Signed-off-by: Kevin Carter <kevin@cloudnull.com>
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
2019-01-24 05:27:56 +00:00

46 lines
1.9 KiB
Django/Jinja
Raw Blame History

[req]
distinguished_name = req_distinguished_name
req_extensions = v3_req
[req_distinguished_name]
countryName = Country Name (2 letter code)
countryName_default = XX
stateOrProvinceName = State or Province Name (full name)
stateOrProvinceName_default = XX
localityName = Locality Name (eg, city)
localityName_default = XX
organizationalUnitName = Organizational Unit Name (eg, section)
organizationalUnitName_default = OpenStack-Ansible
commonName = {{ ((ansible_domain | length) > 0) | ternary(ansible_domain, ansible_hostname) }}
commonName_max = 64
[v3_req]
basicConstraints = CA:TRUE
keyUsage = digitalSignature, keyEncipherment, keyCertSign
extendedKeyUsage = serverAuth,clientAuth
subjectAltName = @alt_names
[alt_names]
{% set ips = [] %}
{% set hostnames = [] %}
{% for node in groups['skydive_all'] %}
{% if hostvars[node]['ansible_default_ipv4'] is defined %}
{% set _ansible_interface_name = hostvars[node]['skydive_network_device'] | default(hostvars[node]['ansible_default_ipv4']['interface']) | replace('-', '_') %}
{% set _skydive_ip = hostvars[node]['skydive_bind_address'] | default(hostvars[node]["ansible_" ~ _ansible_interface_name]['ipv4']['address']) %}
{% set _skydive_ansible_domain = hostvars[node]['ansible_fqdn'] | default(hostvars[node]['ansible_hostname'] ) %}
{% set _skydive_dns_name = ((_skydive_ansible_domain | length) > 0) | ternary(_skydive_ansible_domain, hostvars[node]['ansible_hostname']) %}
{% set _ = ips.append(_skydive_ip) %}
{% set _ = hostnames.append(_skydive_dns_name) %}
IP.{{ loop.index }} = {{ _skydive_ip }}
DNS.{{ loop.index }} = {{ _skydive_dns_name }}
{% endif %}
{% endfor %}
{% set localhost_index = (groups['skydive_all'] | length) + 1 %}
{% if '127.0.0.1' not in ips %}
IP.{{ localhost_index }} = 127.0.0.1
{% endif %}
{% if 'localhost' not in hostnames %}
DNS.{{ localhost_index }} = localhost
{% endif %}
View Git Blame Copy Permalink