From e5f51815c5a8f9698092aee49b966018faa5b414 Mon Sep 17 00:00:00 2001 From: Ade Lee Date: Mon, 25 Nov 2019 21:53:33 +0000 Subject: [PATCH] Create a new parameter for the HAProxy external network In the standalone config, there is no external network defined. This leaves the hieradata cloud_name_external undefined, resulting in an error when we are using the haproxy-public-tls-certmonger template to create new public certs through haproxy. Using the PublicNetwork allows us to get the right network for haproxy in all cases to specify the network and fqdn to use for public certmonger certificates. Co-Authored-By: Grzegorz Grasza Change-Id: I8778402bbb7a670c4aa95671c6017dff356238d4 --- .../haproxy/haproxy-public-tls-certmonger.yaml | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/deployment/haproxy/haproxy-public-tls-certmonger.yaml b/deployment/haproxy/haproxy-public-tls-certmonger.yaml index 29a3c1a089..f7184475c7 100644 --- a/deployment/haproxy/haproxy-public-tls-certmonger.yaml +++ b/deployment/haproxy/haproxy-public-tls-certmonger.yaml @@ -67,10 +67,18 @@ outputs: - '' - - {get_param: HAProxyInternalTLSKeysDirectory} - '/overcloud-haproxy-external.key' - hostname: "%{hiera('cloud_name_external')}" - principal: "haproxy/%{hiera('cloud_name_external')}" + hostname: + str_replace: + template: "%{hiera('cloud_name_NETWORK')}" + params: + NETWORK: {get_param: [ServiceNetMap, PublicNetwork]} + principal: + str_replace: + template: "haproxy/%{hiera('cloud_name_NETWORK')}" + params: + NETWORK: {get_param: [ServiceNetMap, PublicNetwork]} postsave_cmd: "/usr/bin/certmonger-haproxy-refresh.sh reload external" metadata_settings: - service: haproxy - network: external + network: {get_param: [ServiceNetMap, PublicNetwork]} type: vip