openstack
/
puppet-tripleo
Code Issues Proposed changes

Make haproxy.pp honor EnableInternalTLS for rgw 

haproxy.pp assumes that Ceph rgw instances cannot be SSL
encrypted and generates invalid haproxy configuration files
in setups where EnableInternalTLS is set to true.

This patch makes haproxy.pp honor EnableInternalTLS and
include internal_tls_member_options in the member_options
for Ceph rgw instances.

Change-Id: If59a27b28eb61ab2c1ff84f5047261e8695234d4
Closes-Bug: #1883296
(cherry picked from commit 436bfaa158)
This commit is contained in:
Francesco Pantano 2020-06-15 13:40:23 +02:00
parent e86dd81441
commit 56e56b1511
No known key found for this signature in database
GPG Key ID: 799868C47301D458
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
manifests/haproxy.pp
View File

@ -1577,6 +1577,7 @@ class tripleo::haproxy (
public_ssl_port => $ports[ceph_rgw_ssl_port],
service_network => $ceph_rgw_network,
listen_options => merge($default_listen_options, { 'option' => [ 'httpchk GET /' ] }),
member_options => union($haproxy_member_options, $internal_tls_member_options),
}
}