Skip to content

Commit

Permalink
Add ubuntu support for adding vault root cert on seed
Browse files Browse the repository at this point in the history
  • Loading branch information
@seunghun1ee
seunghun1ee committed May 8, 2024
1 parent 7e11de6 commit 35fc6b9
Showing 1 changed file with 7 additions and 2 deletions.
9 changes: 7 additions & 2 deletions templates/deploy-openstack.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -142,8 +142,13 @@ set -x

# Add the Vault CA to the trust store on the seed.
scp -oStrictHostKeyChecking=no $KAYOBE_CONFIG_PATH/environments/$KAYOBE_ENVIRONMENT/kolla/certificates/ca/vault.crt ${ ssh_user }@${ seed_addr }:
ssh -oStrictHostKeyChecking=no ${ ssh_user }@${ seed_addr } sudo cp vault.crt /etc/pki/ca-trust/source/anchors/OS-TLS-ROOT.crt
ssh -oStrictHostKeyChecking=no ${ ssh_user }@${ seed_addr } sudo update-ca-trust
if [[ $(grep '^ID=' /etc/os-release | cut -d= -f2) == "ubuntu" ]]; then
ssh -oStrictHostKeyChecking=no ${ ssh_user }@${ seed_addr } sudo cp vault.crt /usr/local/share/ca-certificates/OS-TLS-ROOT.crt
ssh -oStrictHostKeyChecking=no ${ ssh_user }@${ seed_addr } sudo update-ca-certificates
else
ssh -oStrictHostKeyChecking=no ${ ssh_user }@${ seed_addr } sudo cp vault.crt /etc/pki/ca-trust/source/anchors/OS-TLS-ROOT.crt
ssh -oStrictHostKeyChecking=no ${ ssh_user }@${ seed_addr } sudo update-ca-trust
fi

~/src/openstack-config/tools/openstack-config

Expand Down

0 comments on commit 35fc6b9

Please sign in to comment.