cd /root/workspace/paasta-5.5/deployment/bosh-deployment/runtime-configs
vi dns.yml
[deployment 추가]
addons:
- include:
deployments:
- paasta
- portal-container-infra
- docker-registry
- pinpoint
- pinpoint-monitoring
- rabbitmq
...
[인증서 기간 추가]
...
- name: /dns_api_client_tls
options:
alternative_names:
- api.bosh-dns
ca: /dns_api_tls_ca
common_name: api.bosh-dns
duration: 3650
extended_key_usage:
- client_auth
type: certificate
...
$ bosh update-runtime-config -n runtime-configs/dns.yml
Shell
복사
cd /root/workspace/paasta-5.5/deployment/paasta-deployment-min/manifest-min
vi deployment.yml
...
- name: nats_ca
type: certificate
options:
duration: ((cert_days)) //전부 넣어줘야함
is_ca: true
common_name: nats
- name: nats_client_cert
type: certificate
options:
duration: ((cert_days))
ca: nats_ca
common_name: "nats_client"
extended_key_usage:
- client_auth
- name: nats_server_cert
type: certificate
options:
duration: ((cert_days))
ca: nats_ca
common_name: nats.service.cf.internal
extended_key_usage:
- server_auth
consumes:
alternative_name:
from: nats-tls-address
properties: { wildcard: true }
Shell
복사
