Create a new parameter for the HAProxy external network

In the standalone config, there is no external network defined. This leaves the hieradata cloud_name_external undefined, resulting in an error when we are using the haproxy-public-tls-certmonger template to create new public certs through haproxy. Using the PublicNetwork allows us to get the right network for haproxy in all cases to specify the network and fqdn to use for public certmonger certificates. Co-Authored-By: Grzegorz Grasza <xek@redhat.com> Change-Id: I8778402bbb7a670c4aa95671c6017dff356238d4 (cherry picked from commit e5f51815c5)
2019-11-25 21:53:33 +00:00 · 2019-11-25 21:53:33 +00:00 · 7dea79a9e3
parent 71977985e3
commit 7dea79a9e3
1 changed files with 11 additions and 3 deletions
--- a/deployment/haproxy/haproxy-public-tls-certmonger.yaml
+++ b/deployment/haproxy/haproxy-public-tls-certmonger.yaml
@ -67,10 +67,18 @@ outputs:
            - ''
            - - {get_param: HAProxyInternalTLSKeysDirectory}
              - '/overcloud-haproxy-external.key'
-          hostname: "%{hiera('cloud_name_external')}"
-          principal: "haproxy/%{hiera('cloud_name_external')}"
+          hostname:
+            str_replace:
+              template: "%{hiera('cloud_name_NETWORK')}"
+              params:
+                NETWORK: {get_param: [ServiceNetMap, PublicNetwork]}
+          principal:
+            str_replace:
+              template: "haproxy/%{hiera('cloud_name_NETWORK')}"
+              params:
+                NETWORK: {get_param: [ServiceNetMap, PublicNetwork]}
          postsave_cmd: "/usr/bin/certmonger-haproxy-refresh.sh reload external"
      metadata_settings:
        - service: haproxy
-          network: external
+          network: {get_param: [ServiceNetMap, PublicNetwork]}
          type: vip