© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0f7b58d
(Get the code!)
I'm somewhat surprised by the concerns here.
> What is the use case for needing this value on a node level override?
Passing the CA through a configuration option is actually the only usable way to do it: passing it through the Node requires somehow knowing local paths on the conductor and being able to upload files there.
> How is the user expected to get the certificate onto the conductor securely?
A *user* neither can nor should (see above). CA certificates are deployment-wide, I would not expect a sane operator to use different local CA's for different bare-metal machines. So the literal answer to the question is: via container options, puppet, ansible or whatever way is used to install Ironic.