openstack/openstack-ansible-haproxy_server
Code Issues Proposed changes

Add releasenote for HA configuration of LetsEncrypt/Certbot

Browse Source 
Change-Id: I7bbd51f6b693593be04f11c695b149fad1237bd3
This commit is contained in:
Jonathan Rosser 2020-05-12 07:33:46 +01:00
parent 1dc605c4aa
commit ebf2674d6b
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
releasenotes/notes/certbot_ha-83b56aed3f360dba.yaml Normal file
View File

@ -0,0 +1,11 @@
---
features:
- |
Multiple HAProxy nodes can now be deployed in an HA configuration with
keepalived and LetsEncrypt certificates. Certbot can be treated as a
backend service for haproxy and acme-challenge requests from LetsEncrypt
can be directed to whichever HAProxy server is running a certificate
renewal. New variables are defined for frontend ACLs and options
to be passed to Certbot which enable this new feature, but the majority
of the required configuration is done via the existing HAProxy service
setup. An example is provided in the documentation.