Make haproxy.pp honor EnableInternalTLS for rgw

haproxy.pp assumes that Ceph rgw instances cannot be SSL encrypted and generates invalid haproxy configuration files in setups where EnableInternalTLS is set to true. This patch makes haproxy.pp honor EnableInternalTLS and include internal_tls_member_options in the member_options for Ceph rgw instances. Change-Id: If59a27b28eb61ab2c1ff84f5047261e8695234d4 Closes-Bug: #1883296
2020-06-12 19:10:32 +02:00 · 2020-06-12 19:10:32 +02:00 · 436bfaa158
commit 436bfaa158
parent e62b614331
1 changed files with 1 additions and 0 deletions
--- a/manifests/haproxy.pp
+++ b/manifests/haproxy.pp
@ -1490,6 +1490,7 @@ class tripleo::haproxy (
      public_ssl_port   => $ports[ceph_rgw_ssl_port],
      service_network   => $ceph_rgw_network,
      listen_options    => merge($default_listen_options, { 'option' => [ 'httpchk GET /' ] }),
+      member_options    => union($haproxy_member_options, $internal_tls_member_options),
    }
  }