DCN: use FQDN in glance endpoint with internal TLS

Fix the glance-api endpoint used by cinder and nova services at DCN sites. When internal TLS is enabled, the URI must use a FQDN and not an IP address. Closes-Bug: #1893453 Change-Id: I386a035f9688c54d617e714888c9c0fa14f34a1e (cherry picked from commit 2035b88f5b)
2020-08-27 12:22:02 -07:00 · 2020-08-27 12:22:02 -07:00 · 9471eb030f
parent 1ecccef564
commit 9471eb030f
2 changed files with 24 additions and 20 deletions
--- a/deployment/glance/glance-api-edge-container-puppet.yaml
+++ b/deployment/glance/glance-api-edge-container-puppet.yaml
@ -55,16 +55,18 @@ outputs:
  glance_api_edge_uri:
    description: URI of the glance-api service runing at the edge site.
    value: &glance_api_edge_uri
-      str_replace:
-        template:
-          "PROTOCOL://%{hiera('NETWORK_uri')}:9292"
-        params:
-          PROTOCOL:
-            if:
-            - internal_tls_enabled
-            - https
-            - http
-          NETWORK: {get_param: [ServiceNetMap, GlanceApiEdgeNetwork]}
+      if:
+      - internal_tls_enabled
+      - str_replace:
+          template:
+            "https://%{hiera('fqdn_NETWORK')}:9292"
+          params:
+            NETWORK: {get_param: [ServiceNetMap, GlanceApiEdgeNetwork]}
+      - str_replace:
+          template:
+            "http://%{hiera('NETWORK_uri')}:9292"
+          params:
+            NETWORK: {get_param: [ServiceNetMap, GlanceApiEdgeNetwork]}

  role_data:
    description: Role data for the Glance API role for DCN/Edge.
--- a/deployment/haproxy/haproxy-edge-container-puppet.yaml
+++ b/deployment/haproxy/haproxy-edge-container-puppet.yaml
@ -61,16 +61,18 @@ outputs:
  glance_api_edge_uri:
    description: URI of the glance-api service runing at the edge site.
    value: &glance_api_edge_uri
-      str_replace:
-        template:
-          "PROTOCOL://%{hiera('NETWORK_uri')}:9292"
-        params:
-          PROTOCOL:
-            if:
-            - internal_tls_enabled
-            - https
-            - http
-          NETWORK: {get_param: [ServiceNetMap, GlanceApiEdgeNetwork]}
+      if:
+      - internal_tls_enabled
+      - str_replace:
+          template:
+            "https://%{hiera('fqdn_NETWORK')}:9292"
+          params:
+            NETWORK: {get_param: [ServiceNetMap, GlanceApiEdgeNetwork]}
+      - str_replace:
+          template:
+            "http://%{hiera('NETWORK_uri')}:9292"
+          params:
+            NETWORK: {get_param: [ServiceNetMap, GlanceApiEdgeNetwork]}

  role_data:
    description: Role data for the HAproxy role for DCN/Edge.