Fix configuration check without public API network

If no public API network is used, as in the case of typical all-in-one environments, the checks in kolla-ansible.yml, task "Validate Kolla Ansible API address configuration" may fail. This happens only when using the new kolla_internal_vip_address variable, and not if the legacy vip_address network attribute is used. This change fixes the issue by only checking for valid external VIP address/FQDN configuration when a separate public API network is in use. If the external VIP/FQDN are not set, then Kayobe no longer defaults their values to the internal VIP/FQDN, instead relying on the Kolla Ansible defaults to do this. This may have consequences for anyone relying on these variables in configuration. Change-Id: I0b1c963006c044ade5c67c4046da5e2addc9a8c7 Story: 2009134 Task: 43070
2021-08-19 16:30:11 +01:00 · 2021-08-19 16:30:11 +01:00 · 3c56f32fac
parent a48cc24988
commit 3c56f32fac
4 changed files with 13 additions and 3 deletions
--- a/ansible/kolla-ansible.yml
+++ b/ansible/kolla-ansible.yml
@ -87,10 +87,10 @@
          required: True
        - var_name: "kolla_external_vip_address"
          description: "external API VIP address"
-          required: True
+          required: "{{ public_net_name != internal_net_name }}"
        - var_name: "kolla_external_fqdn"
          description: "External API Fully Qualified Domain Name (FQDN)"
-          required: True
+          required: "{{ public_net_name != internal_net_name }}"
      tags:
        - config
        - config-validation
--- a/ansible/public-openrc.yml
+++ b/ansible/public-openrc.yml
@ -8,7 +8,7 @@
    - public-openrc
  vars:
    public_api_proto: "{% if kolla_enable_tls_external | bool %}https{% else %}http{% endif %}"
-    public_api_host: "{{ kolla_external_fqdn }}"
+    public_api_host: "{{ kolla_external_fqdn or kolla_internal_fqdn }}"
    public_api_keystone_port: 5000
  roles:
    - role: public-openrc
--- a/ansible/roles/kolla-ansible/templates/globals.yml.j2
+++ b/ansible/roles/kolla-ansible/templates/globals.yml.j2
@ -36,17 +36,21 @@ kolla_internal_vip_address: "{{ kolla_internal_vip_address }}"
 # default it is the same as kolla_internal_vip_address.
 kolla_internal_fqdn: "{{ kolla_internal_fqdn }}"

+{% if kolla_external_vip_address %}
 # This should be a VIP, an unused IP on your network that will float between
 # the hosts running keepalived for high-availability. It defaults to the
 # kolla_internal_vip_address, allowing internal and external communication to
 # share the same address.  Specify a kolla_external_vip_address to separate
 # internal and external requests between two VIPs.
 kolla_external_vip_address: "{{ kolla_external_vip_address }}"
+{% endif %}

+{% if kolla_external_fqdn %}
 # The Public address used to communicate with OpenStack as set in the public_url
 # for the endpoints that will be created. This DNS name should map to
 # kolla_external_vip_address.
 kolla_external_fqdn: "{{ kolla_external_fqdn }}"
+{% endif %}

 ################
 # Docker options
--- a/releasenotes/notes/fix-precheck-no-public-net-c0db9168063b6203.yaml
+++ b/releasenotes/notes/fix-precheck-no-public-net-c0db9168063b6203.yaml
@ -0,0 +1,6 @@
+---
+fixes:
+  - |
+    Fixes an issue with configuration validation when no public API network is
+    in use. See `story 2009134
+    <https://storyboard.openstack.org/#!/story/2009134>`__ for details.