Fix tls-e CA cert declaration for OVN

When using the OVN Cluster Ansible role, we currently default to
/etc/ipa/ca.crt. We should instead use the value defined by the
user in InternalTLSCAFile parameter.

This change defines the relevant Ansible variables when the role
is called:
  tripleo_ovn_cluster_northd_ssl_ca_cert
  tripleo_ovn_cluster_sb_ssl_ca_cert
  tripleo_ovn_cluster_nb_ssl_ca_cert

Closes-Bug: #1989535
Change-Id: I28a4d173505a194c8a735e8b2e1c6f2589338730
This commit is contained in:
Brendan Shephard 2022-09-14 18:08:03 +10:00
parent ab4004e4aa
commit 3c5d5a12fd

View File

@ -308,6 +308,9 @@ outputs:
tripleo_ovn_cluster_nb_remote_port: {get_param: OVNNorthboundClusterPort}
tripleo_ovn_cluster_sb_local_port: {get_param: OVNSouthboundClusterPort}
tripleo_ovn_cluster_sb_remote_port: {get_param: OVNSouthboundClusterPort}
tripleo_ovn_cluster_northd_ssl_ca_cert: {get_param: InternalTLSCAFile}
tripleo_ovn_cluster_sb_ssl_ca_cert: {get_param: InternalTLSCAFile}
tripleo_ovn_cluster_nb_ssl_ca_cert: {get_param: InternalTLSCAFile}
- name: Start OVN DBs and northd containers (bootstrap node)
when:
- step|int == 3