openstack
/
tripleo-heat-templates
Code Issues Proposed changes
tripleo-heat-templates/deployment/haproxy
History
Damien Ciabrini 63001263ad HA: inject public certificates without blocking container 
Do not inject public certificates in pacemaker bundles by means
of "podman cp", as this pauses the container for a short amount
of time and can make pacemaker operation fail during that time
window and impact cluster for no reason.

Keep "podman cp" for non-HA containers, as the freeze is short
and doesn't seem to impact podman monitoring anyway.

The new certificate injection only works for podman 1.9+, lower
version won't overwrite the existing certificate.

(cherry-picked from 93e53b7429)
(squashed with Ic6e4264c5ad46bd2589cc907c365af2d42fde63d)
(removed a part that should stay in puppet-tripleo before wallaby)

Closes-Bug: #1917868

Change-Id: Id7308f028f33716be5e3df6699c3f2c12e33e344
 		2021-03-31 19:33:18 +02:00
..
haproxy-container-puppet.yaml Merge "Expose the zaqar_ws_timeout_tunnel variable." 2020-06-12 04:36:32 +00:00
haproxy-edge-container-puppet.yaml DCN: use FQDN in glance endpoint with internal TLS 2020-08-31 09:16:44 -07:00
haproxy-internal-tls-certmonger.j2.yaml Adding key_size option on the certificate creation 2021-01-06 13:18:20 +00:00
haproxy-pacemaker-puppet.yaml Use ansible_facts instead 2021-03-01 14:17:11 -07:00
haproxy-public-tls-certmonger.yaml Adding key_size option on the certificate creation 2021-01-06 13:18:20 +00:00
haproxy-public-tls-inject.yaml HA: inject public certificates without blocking container 2021-03-31 19:33:18 +02:00