Merge pull request #1255 from stackhpc/zed-multinode-tls

zed: ci-multinode: Add Kolla Ansible TLS config to globals.yml

Author: Alex-Welsh

etc/kayobe/environments/ci-multinode/kolla/globals.yml

@@ -1,3 +1,4 @@
+# yamllint disable-file
 ---
 # Most development environments will use nested virtualisation, and we can't
 # guarantee that nested KVM support is available. Use QEMU as a lowest common
@@ -44,3 +45,15 @@ designate_ns_record:
 designate_backend: "bind9"
 designate_recursion: "yes"
 designate_forwarders_addresses: "1.1.1.1; 8.8.8.8"
+
+{% if kolla_enable_tls_internal | bool %}
+############################################################################
+# Internal and backend TLS configuration
+
+# Copy the self-signed CA into the kolla containers
+kolla_copy_ca_into_containers: "yes"
+openstack_cacert: "{{ '/etc/pki/tls/certs/ca-bundle.crt' if os_distribution == 'rocky' else '/etc/ssl/certs/ca-certificates.crt' }}"
+kolla_enable_tls_backend: "yes"
+rabbitmq_enable_tls: "yes"
+
+{% endif %}