infra ca & etc tls config

1 files changed, 2 insertions, 1 deletions

diff --git a/global/overlay/etc/puppet/modules/sunet/manifests/etcd_node.pp b/global/overlay/etc/puppet/modules/sunet/manifests/etcd_node.pp
index 3d17691..3509114 100644
--- a/global/overlay/etc/puppet/modules/sunet/manifests/etcd_node.pp
+++ b/global/overlay/etc/puppet/modules/sunet/manifests/etcd_node.pp
@@ -7,7 +7,8 @@ define sunet::etcd_node(
    sunet::docker_run { "etcd_${name}":
       image            => 'quay.io/coreos/etcd',
       imagetag         => $etcd_version,
-      command          => "-initial-advertise-peer-urls http://${::ipaddress_eth1}:2380 -listen-peer-urls http://${::ipaddress_eth1}:2380 -discovery ${disco_url} -name ${::hostname} -data-dir /data/${name}/${::hostname}",
+      volumes          => ["/data/${name}/${::hostname}:/var/lib/etcd","/etc/ssl:/etc/ssl"]
+      command          => "--initial-advertise-peer-urls http://0.0.0.0:2380 --listen-peer-urls http://0.0.0.0:2380 --discovery ${disco_url} --name ${::hostname} --data-dir /var/lib/etcd --key-file /etc/ssl/private/${::fqdn}_infra.key --peer-key-file /etc/ssl/private/${::fqdn}_infra.key --ca-file /etc/ssl/certs/infra.crt --peer-ca-file /etc/ssl/certs/infra.crt --cert-file /etc/ssl/certs/${::fqdn}_infra.crt --peer-cert-file /etc/ssl/certs/${::fqdn}_infra.crt",
       ports            => ["${::ipaddress_eth1}:2380:2380"]
    }
 }