Ensure we configure ssl.conf
Every time we call apache module regardless of using SSL we have to
configure mod_ssl from puppet-apache or we'll hit issue during package
update. File /etc/httpd/conf.d/ssl.conf from mod_ssl package contains
Listen 443 while apache::mod::ssl just configures SSL bits but does not
add Listen. If the apache::mod::ssl is not included the ssl.conf file is
removed and recreated during mod_ssl package update. This causes
conflict on port 443.
Change-Id: Ic5a0719f67d3795a9edca25284d1cf6f088073e8
Related-Bug: 1682448
Resolves: rhbz#1441977
Depends-On: I49bd6f0017048fbab8a4011d5d7c3ffc6cda85b6
(cherry picked from commit 9e729c0db2
)
This commit is contained in:
parent
e0d5fc523a
commit
a70c065aab
|
@ -37,6 +37,7 @@ class tripleo::profile::base::aodh::api (
|
|||
|
||||
if $step >= 3 {
|
||||
include ::aodh::api
|
||||
include ::apache::mod::ssl
|
||||
include ::aodh::wsgi::apache
|
||||
|
||||
#NOTE: Combination alarms are deprecated in newton and disabled by default.
|
||||
|
|
|
@ -30,6 +30,7 @@ class tripleo::profile::base::ceilometer::api (
|
|||
|
||||
if $step >= 4 {
|
||||
include ::ceilometer::api
|
||||
include ::apache::mod::ssl
|
||||
include ::ceilometer::wsgi::apache
|
||||
}
|
||||
}
|
||||
|
|
|
@ -50,6 +50,7 @@ class tripleo::profile::base::gnocchi::api (
|
|||
|
||||
if $step >= 4 {
|
||||
include ::gnocchi::api
|
||||
include ::apache::mod::ssl
|
||||
include ::gnocchi::wsgi::apache
|
||||
|
||||
class { '::gnocchi::storage':
|
||||
|
|
|
@ -87,6 +87,7 @@ class tripleo::profile::base::keystone (
|
|||
}
|
||||
|
||||
include ::keystone::config
|
||||
include ::apache::mod::ssl
|
||||
include ::keystone::wsgi::apache
|
||||
include ::keystone::cors
|
||||
|
||||
|
|
|
@ -0,0 +1,10 @@
|
|||
---
|
||||
fixes:
|
||||
- |
|
||||
With having package mod_ssl by default installed in images we introduced
|
||||
issue with mod_ssl package update. In case of SSL not being used or
|
||||
provided by HAproxy the puppet-apache module by default purges the
|
||||
ssl.conf file. The package update then recreates the file with default
|
||||
Listen 443 option. This causes conflict on 443 port during httpd restart.
|
||||
If we include ::apache::mod::ssl the ssl.conf file will be configured and
|
||||
the Listen option will be used only if there is vhost set to use SSL.
|
Loading…
Reference in New Issue