Update git submodules
* Update openstack-ansible-haproxy_server from branch 'master' to 2336b468c6c88bbaf33512d99180767f9eabe779 - Merge "Add functionality to accept both HTTP and HTTPS during upgrade" - Add functionality to accept both HTTP and HTTPS during upgrade Enable TLS on internal communication has 2 parts * Enabling TLS on the internal VIPs for haproxy frontends * Enabling TLS on the service backends Haproxy has support for enabling TLS on frontends and backends, but doing so would cause downtime. In the case of upgrading frontends, enabling TLS would prevent openstack services from working until their config is changed from http to https, as they do not follow redirects. In the case of backends haproxy would mark each backend as down because if could not initiate a HTTPS connection to the backend until the backend is updated. This patch fixes this and allows haproxy to accept both HTTP and HTTPS on the same well known port for each service. It also allows for both HTTP and HTTPS backends. Support for HTTP and HTTPS on the frontend is enabled by setting haproxy_tcp_upgrade_frontend: true Support for HTTP and HTTPS on the backend is enabled by setting haproxy_tcp_upgrade_backend: true This is a temporary patch and will be removed once instances have been upgraded to HTTPS for internal communications in a future release of OSA. Change-Id: I4279005d5b4e6133cf85ba43379b51149c838f17
This commit is contained in:
parent
144494f70d
commit
de8a648634
|
@ -1 +1 @@
|
|||
Subproject commit 13e79b2cd7a44d4467e7b942df8eb12bf72fbca4
|
||||
Subproject commit 2336b468c6c88bbaf33512d99180767f9eabe779
|
Loading…
Reference in New Issue