Commit 59b1f077 authored by Thomas Goirand's avatar Thomas Goirand

Correct swift pipeline order when using encryption.

parent 264e2d6b
......@@ -25,6 +25,7 @@ openstack-cluster-installer (21) UNRELEASED; urgency=medium
* Firewall swift's container, account and object servers.
* Correctly set the erlang_cookie for rabbitmq as a random value.
* Correctly use a a real random key for heat's encryption key.
* Correct swift pipeline order when using encryption.
[ Oliver Chaze ]
* swift: do not log in syslog general logs
......
......@@ -167,7 +167,7 @@ class oci::swiftproxy(
# Because there's no ca_file option in castellan, we must
# allow swiftproxy to run without encryption in case we're
# running on a PoC without a real certificate for the API
$pipeline_start = [ 'catch_errors', 'healthcheck' ]
$pipeline_start = [ 'catch_errors', 'healthcheck', 'proxy-logging', 'cache', 'container_sync', 'bulk', 'ratelimit', 's3api', 's3token', 'authtoken', 'keystone', 'copy', 'container-quotas', 'account-quotas', 'slo', 'dlo', 'versioned_writes' ]
if $swift_encryption_key_id == "" {
$disable_encryption = true
$pipeline_kms = $pipeline_start
......@@ -175,7 +175,7 @@ class oci::swiftproxy(
$disable_encryption = false
$pipeline_kms = concat($pipeline_start, [ 'kms_keymaster', 'encryption' ])
}
$pipeline = concat($pipeline_kms, [ 'proxy-logging', 'cache', 'container_sync', 'bulk', 'ratelimit', 's3api', 's3token', 'authtoken', 'keystone', 'copy', 'container-quotas', 'account-quotas', 'slo', 'dlo', 'versioned_writes', 'proxy-server' ])
$pipeline = concat($pipeline_kms, [ 'proxy-server' ])
package { 'barbicanclient':
name => 'python-barbicanclient',
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment