refs #8175 - configure dispatch router on pulp and pulp nodes #34
Conversation
| qpid::router::ssl_profile { 'router-ssl': | ||
| ca => $certs::ca_cert, | ||
| cert => $certs::params::messaging_client_cert, | ||
| key => $certs::params::messaging_client_cert, |
There was a problem hiding this comment.
I guess I need some advice here. For the qpid dispatcher, I need 2 ssl profiles on the hub - one for the server and one for the connection to the existing broker.
I'm not really sure what to use, I don't want to create yet more certificates, can I use the qpid-broker ones?
stbenjam
force-pushed
the
8175
branch
2 times, most recently
from
14f8bd6 to
56a59b7
Compare
stbenjam
force-pushed
the
8175
branch
2 times, most recently
from
d542816 to
04541c1
Compare
|
Note, tests will fail until the other PR's mentioned in the top comment. |
stbenjam
force-pushed
the
8175
branch
2 times, most recently
from
7af8a3a to
db88289
Compare
|
|
||
| # SSL Certificate Configuration | ||
| class { 'certs::qpid_router': | ||
| require => Package[$qpid::router::router_packages], |
There was a problem hiding this comment.
Couldn't we just require Class['qpid::config'] ? Should that class itself not be requiring this package to be present?
There was a problem hiding this comment.
I don't think so, I can't anchor that to happen before because of puppet-concat's voodoo.
Class['qpid::config'] contains the actual file entry for the concat bits, and the certs need to be done before the qdrouterd.conf is laid down.
There was a problem hiding this comment.
I could require Class['qpid::router::install'], that might be cleaner
|
ACk |
refs #8175 - configure dispatch router on pulp and pulp nodes
Requires
theforeman/puppet-certs#51andtheforeman/puppet-qpid#15andtheforeman/puppet-qpid#17