openstack
/
tripleo-heat-templates
Code Issues Proposed changes
tripleo-heat-templates/deployment/haproxy
History
Damien Ciabrini ab5d866cbc HA: inject public certificates without blocking container 
Do not inject public certificates in pacemaker bundles by means
of "podman cp", as this pauses the container for a short amount
of time and can make pacemaker operation fail during that time
window and impact cluster for no reason.

Keep "podman cp" for non-HA containers, as the freeze is short
and doesn't seem to impact podman monitoring anyway.

The new certificate injection only works for podman 1.9+, lower
version won't overwrite the existing certificate.

(cherry-picked from 93e53b7429)
(squashed with Ic6e4264c5ad46bd2589cc907c365af2d42fde63d)
(removed a part that should stay in puppet-tripleo before wallaby)

Closes-Bug: #1917868

Change-Id: Id7308f028f33716be5e3df6699c3f2c12e33e344
 		2021-05-11 13:31:15 +00:00
..
haproxy-container-puppet.yaml Expose the zaqar_ws_timeout_tunnel variable. 2020-07-30 12:52:28 +00:00
haproxy-edge-container-puppet.yaml DCN: use FQDN in glance endpoint with internal TLS 2020-09-02 20:04:00 -07:00
haproxy-internal-tls-certmonger.j2.yaml Adding key_size option on the certificate creation 2021-01-11 16:34:44 +00:00
haproxy-pacemaker-puppet.yaml Use ansible_facts instead 2021-03-01 14:57:11 -07:00
haproxy-public-tls-certmonger.yaml Adding key_size option on the certificate creation 2021-01-11 16:34:44 +00:00
haproxy-public-tls-inject.yaml HA: inject public certificates without blocking container 2021-05-11 13:31:15 +00:00