diff options
| author | Martin Eggen <meggen@redhat.com> | 2017-03-08 16:37:43 +0100 |
|---|---|---|
| committer | Martin Eggen <meggen@redhat.com> | 2017-03-09 14:41:27 +0100 |
| commit | 91065cc31b9025c44c3b4a9cfcddac4711898e82 (patch) | |
| tree | 7e6a1d085d5ceb70deaf665d032ea1c609def332 /inventory | |
| parent | b551ba3afbe6bf2b4888bd62dc0f5a837edadb67 (diff) | |
| download | openshift-91065cc31b9025c44c3b4a9cfcddac4711898e82.tar.gz openshift-91065cc31b9025c44c3b4a9cfcddac4711898e82.tar.bz2 openshift-91065cc31b9025c44c3b4a9cfcddac4711898e82.tar.xz openshift-91065cc31b9025c44c3b4a9cfcddac4711898e82.zip | |
Allow overriding minTLSVersion and cipherSuites
Add parameters to allow overriding minTLSVersion and
cipherSuites in master and node servingInfo config stanzas.
Diffstat (limited to 'inventory')
| -rw-r--r-- | inventory/byo/hosts.origin.example | 9 | ||||
| -rw-r--r-- | inventory/byo/hosts.ose.example | 9 |
2 files changed, 18 insertions, 0 deletions
diff --git a/inventory/byo/hosts.origin.example b/inventory/byo/hosts.origin.example index 0ddca6576..c2ca6743d 100644 --- a/inventory/byo/hosts.origin.example +++ b/inventory/byo/hosts.origin.example @@ -263,6 +263,15 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', # Override master servingInfo.maxRequestsInFlight #openshift_master_max_requests_inflight=500 +# Override master and node servingInfo.minTLSVersion and .cipherSuites +# valid TLS versions are VersionTLS10, VersionTLS11, VersionTLS12 +# example cipher suites override, valid cipher suites are https://golang.org/pkg/crypto/tls/#pkg-constants +#openshift_master_min_tls_version=VersionTLS12 +#openshift_master_cipher_suites=['TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256', '...'] +# +#openshift_node_min_tls_version=VersionTLS12 +#openshift_node_cipher_suites=['TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256', '...'] + # default storage plugin dependencies to install, by default the ceph and # glusterfs plugin dependencies will be installed, if available. #osn_storage_plugin_deps=['ceph','glusterfs','iscsi'] diff --git a/inventory/byo/hosts.ose.example b/inventory/byo/hosts.ose.example index 7f80a9639..a6d613766 100644 --- a/inventory/byo/hosts.ose.example +++ b/inventory/byo/hosts.ose.example @@ -263,6 +263,15 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', # Override master servingInfo.maxRequestsInFlight #openshift_master_max_requests_inflight=500 +# Override master and node servingInfo.minTLSVersion and .cipherSuites +# valid TLS versions are VersionTLS10, VersionTLS11, VersionTLS12 +# example cipher suites override, valid cipher suites are https://golang.org/pkg/crypto/tls/#pkg-constants +#openshift_master_min_tls_version=VersionTLS12 +#openshift_master_cipher_suites=['TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256', '...'] +# +#openshift_node_min_tls_version=VersionTLS12 +#openshift_node_cipher_suites=['TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256', '...'] + # default storage plugin dependencies to install, by default the ceph and # glusterfs plugin dependencies will be installed, if available. #osn_storage_plugin_deps=['ceph','glusterfs'] |