Certificates were only being added to the VIP, which means only one node
would get the add certificate request. This would work if there was a
highly available trust store, however MD-SAL lacks support in OpenFlow
Plugin and therefore we have to use a file based trust store. Since we
are using a file based trust store, the certificate needs to be pushed
to every OpenDaylight node.
Also includes minor fix where tcp was only being force-modified to ssl
for the first ODL OVSDB URI.
Closes-Bug: 1766989
Change-Id: Ifd8401e2facdad07ccda4ec6f885a82bc0a16421
Signed-off-by: Tim Rozet <email address hidden>
Reviewed: https:/ /review. openstack. org/564353 /git.openstack. org/cgit/ openstack/ puppet- neutron/ commit/ ?id=7c7a39da808 1eaf536050daaa3 50b6fb2606be12
Committed: https:/
Submitter: Zuul
Branch: master
commit 7c7a39da8081eaf 536050daaa350b6 fb2606be12
Author: Tim Rozet <email address hidden>
Date: Wed Apr 25 18:03:33 2018 -0400
Fixes ODL OVS to add certs to every node
Certificates were only being added to the VIP, which means only one node
would get the add certificate request. This would work if there was a
highly available trust store, however MD-SAL lacks support in OpenFlow
Plugin and therefore we have to use a file based trust store. Since we
are using a file based trust store, the certificate needs to be pushed
to every OpenDaylight node.
Also includes minor fix where tcp was only being force-modified to ssl
for the first ODL OVSDB URI.
Closes-Bug: 1766989
Change-Id: Ifd8401e2facdad 07ccda4ec6f885a 82bc0a16421
Signed-off-by: Tim Rozet <email address hidden>