Merge "docs: fix order of steps"
This commit is contained in:
Zuul
@ -39,7 +39,6 @@ with ID ``40``. In your ``user_variables.yml`` define the following variables:
|
||||
|
||||
.. code:: yaml
|
||||
|
||||
|
||||
_systemd_networkd_generic_devices:
|
||||
- NetDev:
|
||||
Name: bond0
|
||||
@ -128,11 +127,12 @@ For that we need to do the following series of changes in the
|
||||
#. In ``cidr_networks`` add a network which should be used as "public" network
|
||||
for accessing APIs. For example we will be using `203.0.113.128/28`:
|
||||
|
||||
.. code:: yaml
|
||||
.. code:: yaml
|
||||
|
||||
cidr_networks:
|
||||
...
|
||||
public_api: 203.0.113.128/28
|
||||
|
||||
cidr_networks:
|
||||
...
|
||||
public_api: 203.0.113.128/28
|
||||
|
||||
#. In ``used_ips`` you need to reserve IP address for your gateway and
|
||||
``haproxy_keepalived_external_vip_cidr``/``external_lb_vip_address``
|
||||
@ -166,6 +166,7 @@ For that we need to do the following series of changes in the
|
||||
- cidr: 0.0.0.0/0
|
||||
gateway: 203.0.113.129
|
||||
|
||||
|
||||
While these are all changes, that need to be done in
|
||||
``openstack_user_config.yml``, there is one more override that needs to be
|
||||
applied.
|
||||
@ -203,6 +204,7 @@ Example bellow shows a possible content in ``user_variables.yml``:
|
||||
haproxy_keepalived_external_interface: "{{ haproxy_bind_external_lb_vip_interface }}"
|
||||
haproxy_keepalived_internal_interface: "{{ haproxy_bind_internal_lb_vip_interface }}"
|
||||
|
||||
|
||||
Alternatively, you can detect IPs used inside your containers to configure
|
||||
HAProxy binds. This can be done by reffering to ``container_networks`` mapping:
|
||||
|
||||
|
||||
@ -20,21 +20,25 @@ using OpenStack-Ansible:
|
||||
|
||||
#. Write the contents of the ``security.txt`` file in accordance with the
|
||||
standard.
|
||||
|
||||
|
||||
#. Define the contents of ``security.txt`` in the variable
|
||||
``haproxy_security_txt_content`` in the
|
||||
``/etc/openstack_deploy/user_variables.yml`` file:
|
||||
|
||||
.. code-block:: yaml
|
||||
.. code-block:: yaml
|
||||
|
||||
haproxy_security_txt_content: |
|
||||
haproxy_security_txt_content: |
|
||||
# This is my example security.txt file
|
||||
# Please see https://securitytxt.org/ for details of the specification of this file
|
||||
|
||||
|
||||
#. Update HAProxy
|
||||
|
||||
.. code-block:: shell-session
|
||||
.. code-block:: shell-session
|
||||
|
||||
# openstack-ansible haproxy-install.yml
|
||||
|
||||
# openstack-ansible haproxy-install.yml
|
||||
|
||||
Advanced security.txt ACL
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Reference in New Issue
Block a user