openstack
/
tripleo-heat-templates
Code Issues Proposed changes

Skip both tenant and management networks when generating certs 

Without this change we were unable to deploy TLS Everywhere with
management network. This is because the service principal is not
created due to VIP being set to false in network_data.yaml

Closes-Bug: #1861097
Resolves: rhbz#1777605
Change-Id: I43fd5f67c1a0be6eaa1752575349e64329cada4a
(cherry picked from commit a22c04c576)
This commit is contained in:
Grzegorz Grasza 2019-12-02 10:47:29 +01:00
parent 9ef3e5ee58
commit 50ecaf5f78
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
deployment/apache/apache-baremetal-puppet.j2.yaml
View File

@ -58,12 +58,12 @@ resources:
type: OS::Heat::Value
properties:
value:
# NOTE(jaosorior) Get unique network names to create
# certificates for those. We skip the tenant network since
# we don't need a certificate for that.
# NOTE(xek) Get unique network names to create certificates.
# We skip the tenant and management network (vip != false)
# since we don't generate certificates for those.
- ctlplane
{%- for network in networks if network.enabled|default(true) %}
{%- if network.name_lower != 'tenant' %}
{%- if network.vip | default(false) %}
- {{network.name_lower}}
{%- endif %}
{%- endfor %}