Browse Source

Merge "Only generate Octavia certs on stack create" into stable/stein

tags/10.6.1
Zuul 2 weeks ago
parent
commit
193d32413c
1 changed files with 15 additions and 1 deletions
  1. 15
    1
      deployment/octavia/octavia-deployment-config.j2.yaml

+ 15
- 1
deployment/octavia/octavia-deployment-config.j2.yaml View File

@@ -34,6 +34,13 @@ parameters:
34 34
     description: Mapping of service endpoint -> protocol. Typically set
35 35
                  via parameter_defaults in the resource registry.
36 36
     type: json
37
+  StackAction:
38
+    type: string
39
+    description: >
40
+      Heat action on performed top-level stack.  Note StackUpdateType is
41
+      set to UPGRADE when a major-version upgrade is in progress.
42
+    constraints:
43
+    - allowed_values: ['CREATE', 'UPDATE']
37 44
   OctaviaPostWorkflowName:
38 45
     description: Mistral workflow name for octavia configuration steps
39 46
                  once the overcloud is ready.
@@ -187,6 +194,13 @@ conditions:
187 194
       - raw
188 195
     - get_param: NovaEnableRbdBackend
189 196
 
197
+  generate_certs:
198
+      and:
199
+      - get_param: OctaviaGenerateCerts
200
+      - equals:
201
+        - get_param: StackAction
202
+        - CREATE
203
+
190 204
 resources:
191 205
 {% if not octavia_standalone %}
192 206
   default_key_pair:
@@ -226,7 +240,7 @@ resources:
226 240
           server_certs_key_passphrase: {get_param: OctaviaServerCertsKeyPassphrase}
227 241
           ca_passphrase: { get_param: OctaviaCaKeyPassphrase }
228 242
           client_cert_path: { get_param: OctaviaClientCertFile }
229
-          generate_certs: { get_param: OctaviaGenerateCerts }
243
+          generate_certs: {if: [generate_certs, true, false]}
230 244
           mgmt_port_dev: { get_param: OctaviaMgmtPortDevName }
231 245
           os_password: { get_param: AdminPassword }
232 246
           os_project_name: 'admin'

Loading…
Cancel
Save