[MediaWiki-commits] [Gerrit] eventlogging: use the system-wide puppet CA - change (operations/puppet)

Thu, 03 Dec 2015 08:28:14 -0800 

Giuseppe Lavagetto has submitted this change and it was merged.

Change subject: eventlogging: use the system-wide puppet CA
......................................................................


eventlogging: use the system-wide puppet CA

Bug: T114638
Change-Id: I63908eb3d9fc2d639e38c07a4716faabd59f1593
---
M manifests/role/eventlogging.pp
1 file changed, 1 insertion(+), 17 deletions(-)

Approvals:
  Giuseppe Lavagetto: Verified; Looks good to me, approved
  jenkins-bot: Verified



diff --git a/manifests/role/eventlogging.pp b/manifests/role/eventlogging.pp
index 31ebda3..95a5cf1 100644
--- a/manifests/role/eventlogging.pp
+++ b/manifests/role/eventlogging.pp
@@ -156,23 +156,7 @@
     # etcd client port, and join them into a string.
     $etcd_hosts = join(suffix(hiera('etcd_hosts'), ':2379'), ',')
 
-    # If etcd is using SSL, then we'll need to have the
-    # CA cert in place so that we can use it to verify the HTTPS connection
-    file { '/etc/eventlogging.d/ssl':
-        ensure => directory,
-        owner  => 'root',
-        group  => 'root',
-        mode   => '0755'
-    }
-
-    file { '/etc/eventlogging.d/ssl/ca.pem':
-        ensure => present,
-        owner  => 'root',
-        group  => 'root',
-        mode   => '0644',
-        source => '/var/lib/puppet/ssl/certs/ca.pem',
-    }
-    $etcd_uri  = "https://${etcd_hosts}?ca_cert=/etc/eventlogging.d/ssl/ca.pem";
+    $etcd_uri  = "https://${etcd_hosts}";
 
     eventlogging::service::processor { 'server-side-0':
         format         => '%{seqId}d EventLogging %j',

-- 
To view, visit https://gerrit.wikimedia.org/r/243665
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: I63908eb3d9fc2d639e38c07a4716faabd59f1593
Gerrit-PatchSet: 4
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Giuseppe Lavagetto <[email protected]>
Gerrit-Reviewer: Giuseppe Lavagetto <[email protected]>
Gerrit-Reviewer: jenkins-bot <>

_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to