Skip to content

Commit a481c33

Browse files
jackhodgkissAlex-Welsh
jackhodgkiss
authored and
Alex-Welsh
committed
fix (docs): add space before language in code-block 
1 parent e2eb312 commit a481c33

File tree

1 file changed

+27
-36
lines changed

1 file changed

+27
-36
lines changed

doc/source/configuration/openbao.rst

Lines changed: 27 additions & 36 deletions
Original file line numberDiff line numberDiff line change
@@ -78,13 +78,13 @@ Setup OpenBao on the seed node
7878

7979
1. Run secret-store-deploy-seed.yml custom playbook
8080

81-
.. code-block::bash
81+
.. code-block:: bash
8282
8383
kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/secret-store-deploy-seed.yml
8484
8585
2. Encrypt generated certs/keys with ansible-vault (use proper location of vault password file)
8686

87-
.. code-block::bash
87+
.. code-block:: bash
8888
8989
ansible-vault encrypt --vault-password-file ~/vault.pass $KAYOBE_CONFIG_PATH/openbao/OS-TLS-INT.pem
9090
ansible-vault encrypt --vault-password-file ~/vault.pass $KAYOBE_CONFIG_PATH/openbao/seed-openbao-keys.json
@@ -97,7 +97,7 @@ Setup OpenBao on the seed node
9797
9898
Or if environments are being used
9999

100-
.. code-block::bash
100+
.. code-block:: bash
101101
102102
ansible-vault encrypt --vault-password-file ~/vault.pass $KAYOBE_CONFIG_PATH/environments/$KAYOBE_ENVIRONMENT/openbao/OS-TLS-INT.pem
103103
ansible-vault encrypt --vault-password-file ~/vault.pass $KAYOBE_CONFIG_PATH/environments/$KAYOBE_ENVIRONMENT/openbao/seed-openbao-keys.json
@@ -113,28 +113,19 @@ Setup OpenBao HA on the overcloud hosts
113113

114114
1. Run secret-store-deploy-overcloud.yml custom playbook
115115

116-
.. code-block::bash
116+
.. code-block:: bash
117117
118118
kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/secret-store-deploy-overcloud.yml
119119
120120
2. Encrypt overcloud openbao keys (use proper location of vault password file)
121121

122-
.. code-block::bash
122+
.. code-block:: bash
123123
124124
ansible-vault encrypt --vault-password-file ~/vault.pass $KAYOBE_CONFIG_PATH/openbao/overcloud-openbao-keys.json
125125
126126
# For Hashicorp Vault
127127
ansible-vault encrypt --vault-password-file ~/vault.pass $KAYOBE_CONFIG_PATH/vault/overcloud-vault-keys.json
128128
129-
Or if environments are being used
130-
131-
.. code-block::bash
132-
133-
ansible-vault encrypt --vault-password-file ~/vault.pass $KAYOBE_CONFIG_PATH/environments/$KAYOBE_ENVIRONMENT/openbao/overcloud-openbao-keys.json
134-
135-
# For Hashicorp Vault
136-
ansible-vault encrypt --vault-password-file ~/vault.pass $KAYOBE_CONFIG_PATH/environments/$KAYOBE_ENVIRONMENT/vault/overcloud-vault-keys.json
137-
138129
Rotating OpenBao certificate on the overcloud hosts
139130
---------------------------------------------------
140131

@@ -145,7 +136,7 @@ cannot be unsealed with an expired certificate.
145136

146137
1. Delete the old certificate:
147138

148-
.. code-block::bash
139+
.. code-block:: bash
149140
150141
rm $KAYOBE_CONFIG_PATH/openbao/overcloud.crt
151142
@@ -154,7 +145,7 @@ cannot be unsealed with an expired certificate.
154145
155146
Or if environments are being used
156147

157-
.. code-block::bash
148+
.. code-block:: bash
158149
159150
rm $KAYOBE_CONFIG_PATH/environments/$KAYOBE_ENVIRONMENT/openbao/overcloud.crt
160151
@@ -163,13 +154,13 @@ cannot be unsealed with an expired certificate.
163154
164155
2. Generate a new certificate (and key):
165156

166-
.. code-block::bash
157+
.. code-block:: bash
167158
168159
kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/secret-store-deploy-seed.yml
169160
170161
3. Encrypt generated key with ansible-vault (use proper location of vault password file)
171162

172-
.. code-block::bash
163+
.. code-block:: bash
173164
174165
ansible-vault encrypt --vault-password-file ~/vault.pass $KAYOBE_CONFIG_PATH/openbao/overcloud.key
175166
@@ -178,7 +169,7 @@ cannot be unsealed with an expired certificate.
178169
179170
Or if environments are being used
180171

181-
.. code-block::bash
172+
.. code-block:: bash
182173
183174
ansible-vault encrypt --vault-password-file ~/vault.pass $KAYOBE_CONFIG_PATH/environments/$KAYOBE_ENVIRONMENT/openbao/overcloud.key
184175
@@ -188,13 +179,13 @@ cannot be unsealed with an expired certificate.
188179
4. Copy the new certificate to the overcloud hosts. Note, if the old
189180
certificate has expired this will fail on the unseal step.
190181

191-
.. code-block::bash
182+
.. code-block:: bash
192183
193184
kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/secret-store-deploy-overcloud.yml
194185
195186
5. Restart the containers to use the new certificate:
196187

197-
.. code-block::bash
188+
.. code-block:: bash
198189
199190
kayobe overcloud host command run --command "docker restart openbao" -l controllers
200191
@@ -203,7 +194,7 @@ cannot be unsealed with an expired certificate.
203194
204195
6. If sealed, unseal OpenBao:
205196

206-
.. code-block::bash
197+
.. code-block:: bash
207198
208199
kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/secret-store-unseal-overcloud.yml
209200
@@ -230,19 +221,19 @@ For test and development purposes it is possible to use OpenBao as a CA for the
230221

231222
1. Run the playbook
232223

233-
.. code-block::bash
224+
.. code-block:: bash
234225
235226
kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/secret-store-generate-test-external-tls.yml
236227
237228
2. Use ansible-vault to encrypt the PEM bundle in $KAYOBE_CONFIG_PATH/kolla/certificates/haproxy.pem. Commit the PEM bundle to the kayobe configuration.
238229

239-
.. code-block::bash
230+
.. code-block:: bash
240231
241232
ansible-vault encrypt --vault-password-file ~/vault.pass $KAYOBE_CONFIG_PATH/kolla/certificates/haproxy.pem
242233
243234
Or if environments are being used
244235

245-
.. code-block::bash
236+
.. code-block:: bash
246237
247238
ansible-vault encrypt --vault-password-file ~/vault.pass $KAYOBE_CONFIG_PATH/environments/$KAYOBE_ENVIRONMENT/kolla/certificates/haproxy.pem
248239
@@ -251,19 +242,19 @@ Create the internal TLS certificates
251242

252243
1. Run the playbook
253244

254-
.. code-block::bash
245+
.. code-block:: bash
255246
256247
kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/secret-store-generate-internal-tls.yml
257248
258249
2. Use ansible-vault to encrypt the PEM bundle in $KAYOBE_CONFIG_PATH/kolla/certificates/haproxy-internal.pem. Commit the PEM bundle and root CA to the kayobe configuration.
259250

260-
.. code-block::bash
251+
.. code-block:: bash
261252
262253
ansible-vault encrypt --vault-password-file ~/vault.pass $KAYOBE_CONFIG_PATH/kolla/certificates/haproxy-internal.pem
263254
264255
Or if environments are being used
265256

266-
.. code-block::bash
257+
.. code-block:: bash
267258
268259
ansible-vault encrypt --vault-password-file ~/vault.pass $KAYOBE_CONFIG_PATH/environments/$KAYOBE_ENVIRONMENT/kolla/certificates/haproxy-internal.pem
269260
@@ -272,19 +263,19 @@ Create the backend TLS and RabbitMQ TLS certificates
272263

273264
1. Run the playbook
274265

275-
.. code-block::bash
266+
.. code-block:: bash
276267
277268
kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/secret-store-generate-backend-tls.yml
278269
279270
2. Use ansible-vault to encrypt the keys in $KAYOBE_CONFIG_PATH/kolla/certificates/<controller>-key.pem. Commit the certificates and keys to the kayobe configuration.
280271

281-
.. code-block::bash
272+
.. code-block:: bash
282273
283274
ansible-vault encrypt --vault-password-file ~/vault.pass $KAYOBE_CONFIG_PATH/kolla/certificates/<controller>-key.pem
284275
285276
Or if environments are being used
286277

287-
.. code-block::bash
278+
.. code-block:: bash
288279
289280
ansible-vault encrypt --vault-password-file ~/vault.pass $KAYOBE_CONFIG_PATH/environments/$KAYOBE_ENVIRONMENT/kolla/certificates/<controller>-key.pem
290281
@@ -425,12 +416,12 @@ Enable the required TLS variables in kayobe and kolla
425416
It is important that you are only using admin endpoints for keystone. If
426417
any admin endpoints exist for other services, they must be deleted e.g.
427418

428-
.. code-block::bash
419+
.. code-block:: bash
429420
430421
openstack endpoint list --interface admin -f value | \
431422
awk '!/keystone/ {print $1}' | xargs openstack endpoint delete
432423
433-
.. code-block::bash
424+
.. code-block:: bash
434425
435426
kayobe overcloud service deploy
436427
@@ -442,7 +433,7 @@ Enable the required TLS variables in kayobe and kolla
442433
443434
Restart the nova-compute container on all hypervisors:
444435

445-
.. code-block::bash
436+
.. code-block:: bash
446437
447438
kayobe overcloud host command run --command "systemctl restart kolla-nova_compute-container.service" --become --show-output -l compute
448439
@@ -475,7 +466,7 @@ Create required configuration in OpenBao
475466

476467
1. Run secret-store-deploy-barbican.yml custom playbook
477468

478-
.. code-block::bash
469+
.. code-block:: bash
479470
480471
kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/secret-store-deploy-barbican.yml
481472
@@ -513,6 +504,6 @@ Configure Barbican
513504
Deploy Barbican
514505
---------------
515506

516-
.. code-block::bash
507+
.. code-block:: bash
517508
518509
kayobe overcloud service deploy -kt barbican

0 commit comments

Comments
 (0)