Fix faulty precheck for RabbitMQ
When using externally managed certificates, according to [1],
one should set `kolla_externally_managed_cert: yes` and ensure
that the certificates are in the correct place.
However, RabbitMQ precheck still expects the certificates to be
available on the controller node. This is incorrect.
Fix by not running the tasks in question when `kolla_externally_managed_cert: yes`
[1] https://docs.openstack.org/kolla-ansible/latest/admin/tls.html
Closes-Bug: 1999081
Related-Bug: 1940286
Signed-off-by: Magnus Lööf <magnus.loof@basalt.se>
Change-Id: I9f845a7bdf5055165e199ab1887ed3ccbfb9d808
(cherry picked from commit fdacf9d1d9
)
This commit is contained in:
parent
6028760113
commit
5f01fa1d53
|
@ -96,3 +96,5 @@ rabbitmq_plugins:
|
|||
enabled: "{{ rabbitmq_enable_prometheus_plugin | bool }}"
|
||||
|
||||
rabbitmq_enabled_plugins: "{{ rabbitmq_plugins | selectattr('enabled', 'equalto', true) | list }}"
|
||||
|
||||
kolla_externally_managed_cert: False
|
||||
|
|
|
@ -87,6 +87,7 @@
|
|||
fail:
|
||||
msg: No TLS certificate provided for RabbitMQ.
|
||||
when:
|
||||
- not kolla_externally_managed_cert | bool
|
||||
- rabbitmq_enable_tls | bool
|
||||
- cert | length == 0
|
||||
|
||||
|
@ -100,6 +101,7 @@
|
|||
fail:
|
||||
msg: No TLS key provided for RabbitMQ.
|
||||
when:
|
||||
- not kolla_externally_managed_cert | bool
|
||||
- rabbitmq_enable_tls | bool
|
||||
- key | length == 0
|
||||
|
||||
|
@ -178,6 +180,7 @@
|
|||
fail:
|
||||
msg: No TLS certificate provided for outward RabbitMQ.
|
||||
when:
|
||||
- not kolla_externally_managed_cert | bool
|
||||
- enable_outward_rabbitmq | bool
|
||||
- rabbitmq_enable_tls | bool
|
||||
- cert | length == 0
|
||||
|
@ -192,6 +195,7 @@
|
|||
fail:
|
||||
msg: No TLS key provided for outward RabbitMQ.
|
||||
when:
|
||||
- not kolla_externally_managed_cert | bool
|
||||
- enable_outward_rabbitmq | bool
|
||||
- rabbitmq_enable_tls | bool
|
||||
- key | length == 0
|
||||
|
|
|
@ -0,0 +1,6 @@
|
|||
---
|
||||
fixes:
|
||||
- |
|
||||
The precheck for RabbitMQ failed incorrectly when
|
||||
``kolla_externally_managed_cert`` was set to ``true``.
|
||||
`LP#1999081 <https://bugs.launchpad.net/kolla-ansible/+bug/1999081>`__
|
Loading…
Reference in New Issue