From 77ae65328949043624db7ff1b0fe6bcd94ffb86e Mon Sep 17 00:00:00 2001 From: Carlos Goncalves Date: Thu, 23 May 2019 12:25:52 +0200 Subject: [PATCH] Fix Octavia certificate file path and content Certificate files were being created in a wrong path and with invalid content. The bug was caused because Ansible variables were not being quoted, and as so Ansible assumed plain text instead. Closes-Bug: #1830190 Change-Id: Ie576537d77b57927d430f20b274d1cb5d351241e (cherry picked from commit 4de9f78b291e2a1f0311aa4c705daba08322cc7e) (cherry picked from commit 71c099f2092e77b35099eee1e1e763283549c7ad) --- .../roles/octavia-controller-config/tasks/certificate.yml | 8 ++++---- ...ix-certificates-path-and-content-e8acf1e859e75135.yaml | 6 ++++++ 2 files changed, 10 insertions(+), 4 deletions(-) create mode 100644 releasenotes/notes/octavia-fix-certificates-path-and-content-e8acf1e859e75135.yaml diff --git a/playbooks/roles/octavia-controller-config/tasks/certificate.yml b/playbooks/roles/octavia-controller-config/tasks/certificate.yml index 80791f3d5..10a5d20f3 100644 --- a/playbooks/roles/octavia-controller-config/tasks/certificate.yml +++ b/playbooks/roles/octavia-controller-config/tasks/certificate.yml @@ -10,13 +10,13 @@ become: true copy: content: "{{ item.content }}" - dest: "{{ octavia_confd_prefix }}{{ item.path }}" + dest: "{{ octavia_confd_prefix }}/{{ item.path }}" selevel: s0 setype: svirt_sandbox_file_t no_log: true loop: - - { content: private_key_content, path: ca_private_key_path } - - { content: ca_cert_content, path: ca_cert_path } - - { content: service_pem_content, path: client_cert_path } + - { content: "{{ private_key_content }}", path: "{{ ca_private_key_path }}" } + - { content: "{{ ca_cert_content }}", path: "{{ ca_cert_path }}" } + - { content: "{{ service_pem_content }}" , path: "{{ client_cert_path }}" } notify: - octavia config updated diff --git a/releasenotes/notes/octavia-fix-certificates-path-and-content-e8acf1e859e75135.yaml b/releasenotes/notes/octavia-fix-certificates-path-and-content-e8acf1e859e75135.yaml new file mode 100644 index 000000000..8fc897f40 --- /dev/null +++ b/releasenotes/notes/octavia-fix-certificates-path-and-content-e8acf1e859e75135.yaml @@ -0,0 +1,6 @@ +--- +fixes: + - | + Fixed an issue were amphora load balancers would fail to create. The + problem was because Octavia certificate files were being created in a wrong + path and with invalid content.