Create a new parameter for the HAProxy external network

In the standalone config, there is no external network defined. This leaves the hieradata cloud_name_external undefined, resulting in an error when we are using the haproxy-public-tls-certmonger template to create new public certs through haproxy. Using the PublicNetwork allows us to get the right network for haproxy in all cases to specify the network and fqdn to use for public certmonger certificates. Co-Authored-By: Grzegorz Grasza <xek@redhat.com> Change-Id: I8778402bbb7a670c4aa95671c6017dff356238d4
2019-11-25 21:53:33 +00:00 · 2019-11-25 21:53:33 +00:00 · e5f51815c5
commit e5f51815c5
parent bff8747cf1
1 changed files with 11 additions and 3 deletions
--- a/deployment/haproxy/haproxy-public-tls-certmonger.yaml
+++ b/deployment/haproxy/haproxy-public-tls-certmonger.yaml
@ -67,10 +67,18 @@ outputs:
            - ''
            - - {get_param: HAProxyInternalTLSKeysDirectory}
              - '/overcloud-haproxy-external.key'
-          hostname: "%{hiera('cloud_name_external')}"
-          principal: "haproxy/%{hiera('cloud_name_external')}"
+          hostname:
+            str_replace:
+              template: "%{hiera('cloud_name_NETWORK')}"
+              params:
+                NETWORK: {get_param: [ServiceNetMap, PublicNetwork]}
+          principal:
+            str_replace:
+              template: "haproxy/%{hiera('cloud_name_NETWORK')}"
+              params:
+                NETWORK: {get_param: [ServiceNetMap, PublicNetwork]}
          postsave_cmd: "/usr/bin/certmonger-haproxy-refresh.sh reload external"
      metadata_settings:
        - service: haproxy
-          network: external
+          network: {get_param: [ServiceNetMap, PublicNetwork]}
          type: vip