openstack/tripleo-heat-templates
Code Issues Proposed changes
4f373ea30f
tripleo-heat-templates/extraconfig/tasks
History
Ben Nemec 4f373ea30f Restart haproxy after configuring SSL certs 
If a certificate expires, the user will need to update it.  However,
because we only restart services at the end of a stack-update the
new certificate doesn't take effect until after puppet has run.
This is a problem because puppet makes OpenStack calls, which will
fail if the certificate is expired.  In that case we never get to
the service restart so the stack is wedged until the user manually
restart haproxy.

This patch addresses the problem by reloading haproxy before puppet
runs.  This is done in a pre-puppet script for pacemaker after pacemaker
is maintenance mode because we need to make sure it happens after all of
the certs have been installed on the controllers, but before puppet
runs.

For non-pacemaker, haproxy is simply reloaded.

Change-Id: Id5ed05b3a20d06af8ae7a3d6f859b03399b0d77d
2016-04-01 12:42:02 -04:00
..
major_upgrade_block_storage.sh Upgrades: quiet yum upgrade on cinder nodes 2016-03-10 14:22:05 +01:00
major_upgrade_ceph_storage.sh Add a ceph-storage node upgrade script for the upgrade workflow 2016-03-08 17:47:36 +02:00
major_upgrade_compute.sh Upgrades: install zaqarclient 2016-03-02 12:11:36 +01:00
major_upgrade_controller_pacemaker_1.sh Moves the swift start/stop into the common_functions.sh file 2016-03-02 18:31:51 +02:00
major_upgrade_controller_pacemaker_2.sh Moves the swift start/stop into the common_functions.sh file 2016-03-02 18:31:51 +02:00
major_upgrade_object_storage.sh Upgrades: object storage node upgrade fix 2016-03-09 15:05:10 +01:00
major_upgrade_pacemaker_init.yaml Upgrades: initialization command/snippet 2016-03-09 13:58:20 +01:00
major_upgrade_pacemaker_migrations.sh Deploy Aodh services, replacing Ceilometer Alarm 2016-03-20 10:27:21 -04:00
major_upgrade_pacemaker.yaml Merge "Upgrade of Cinder block storage nodes" 2016-03-10 12:57:37 +00:00
noop.yaml Introduce update/upgrade workflow 2016-02-23 16:28:43 +01:00
pacemaker_common_functions.sh Fixup systemctl_swift stop/start during the controller upgrade 2016-03-09 15:43:40 +02:00
pacemaker_maintenance_mode.sh Restart haproxy after configuring SSL certs 2016-04-01 12:42:02 -04:00
pacemaker_resource_restart.sh Set UpdateIdentifier for upgrade converge, to prevent services down 2016-03-24 20:25:52 +02:00
post_puppet_pacemaker.yaml Split pacemaker common check_service function out of _restart.sh 2016-01-26 15:21:24 +01:00
pre_puppet_pacemaker.yaml Restart haproxy after configuring SSL certs 2016-04-01 12:42:02 -04:00
yum_update_noop.yaml Introduce update/upgrade workflow 2016-02-23 16:28:43 +01:00
yum_update.sh Deploy Aodh services, replacing Ceilometer Alarm 2016-03-20 10:27:21 -04:00
yum_update.yaml Ensure present/latest for puppet driven package updates 2015-10-01 15:37:17 +13:00