Skip both tenant and management networks when generating certs
Without this change we were unable to deploy TLS Everywhere with
management network. This is because the service principal is not
created due to VIP being set to false in network_data.yaml
Closes-Bug: #1861097
Resolves: rhbz#1777605
Change-Id: I43fd5f67c1a0be6eaa1752575349e64329cada4a
(cherry picked from commit a22c04c576
)
This commit is contained in:
parent
5323f2033e
commit
5b5780c154
|
@ -58,12 +58,12 @@ resources:
|
||||||
type: OS::Heat::Value
|
type: OS::Heat::Value
|
||||||
properties:
|
properties:
|
||||||
value:
|
value:
|
||||||
# NOTE(jaosorior) Get unique network names to create
|
# NOTE(xek) Get unique network names to create certificates.
|
||||||
# certificates for those. We skip the tenant network since
|
# We skip the tenant and management network (vip != false)
|
||||||
# we don't need a certificate for that.
|
# since we don't generate certificates for those.
|
||||||
- ctlplane
|
- ctlplane
|
||||||
{%- for network in networks if network.enabled|default(true) %}
|
{%- for network in networks if network.enabled|default(true) %}
|
||||||
{%- if network.name_lower != 'tenant' %}
|
{%- if network.vip | default(false) %}
|
||||||
- {{network.name_lower}}
|
- {{network.name_lower}}
|
||||||
{%- endif %}
|
{%- endif %}
|
||||||
{%- endfor %}
|
{%- endfor %}
|
||||||
|
|
Loading…
Reference in New Issue