On Wed, 16 Jun 2021 at 10:11, Tony Pearce <tonyppe@gmail.com> wrote:
I have deployed Train with Kayobe. I'd like to enable SSL using a cert which is signed but NOT by a public CA. This means I need to add the CA cert to the containers.
I came across this doc [1] and I wanted to ask / discover when this variable comes into play "kolla_copy_ca_into_containers"? Does this variable work only from Victoria onwards or will it work in Train?
The kolla_copy_ca_into_containers variable was added to Kolla Ansible in Ussuri.
Do I require to have a "seed" to build containers, to enable this cert copy into containers? (kayobe overcloud container image build). OR if I do "kayobe overcloud container image pull" will the cert be copied at that point? The certs are copied at runtime, not when the images are built.
[1] OpenStack Docs: TLS
Thanks and regards,
Tony Pearce