You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: doc/source/configuration/vault.rst
+17-5Lines changed: 17 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -379,30 +379,42 @@ Pulp TLS with Vault
379
379
===================
380
380
.. warning::
381
381
382
-
These steps are intended for enabling tls for pulp on an existing deployment as on a new deployment the overcloud vaults may not be up at this point.
382
+
These steps are intended for enabling TLS for pulp on an existing deployment as on a new deployment the overcloud vaults may not be up at this point.
383
383
384
-
To enable tls for pulp using vault generated certificates, we first need to generate the certificates using vault and then configure the seed + seed-hypervisor + overcloud nodes to add the root CA to their trust.
384
+
To enable TLS for pulp using vault generated certificates, we first need to generate the certificates using vault and then configure the seed + seed-hypervisor + overcloud nodes to add the root CA to their trust.
385
385
386
386
1. Run the playbook which will generate the certificates and add the root CA to the seed + seed-hypervisor + overcloud nodes
387
387
388
388
.. code-block::
389
389
390
390
kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/vault-generate-pulp-tls.yml
391
391
392
-
2. Next, enable tls for pulp in pulp.yml
392
+
2. Encrypt the generated private key with ansible-vault (use the correct path to your vault password file).
0 commit comments