Update git submodules

* Update tripleo-heat-templates from branch 'master'
  to 2b8479d3191de1943ddd72a48529060921a63b98
  - Merge "Missing client certificate for live-migration with TLS"
  - Missing client certificate for live-migration with TLS
    
    TLS client verification used to be accidentally disabled in libvirt.
    This was fixed in libvirt-6.10.0-1[1].
    Which means, once you're using libvirt-6.10.0-1 or higher, a client
    certificate is mandatory during live migration with TLS.
    
    In this case, the server certificate generated by TripleO is valid
    for client _and_ server:
    
                     Key Purpose (not critical):
                             TLS WWW Server.
                             TLS WWW Client.
    
    So most deployments can re-use the same certificate for client and
    server.  Why?  Because if both migration ends points are located
    on the same infrastructure, it is reasonable to use the same
    certificate for both client and server roles.
    
    Introducing QemuDefaultTLSVerify parameter
    
    This parameter will allow operators to enable or disable TLS client
    certificate verification. Enabling this option will reject any client
    who does not have a certificate signed by the CA in
    /etc/pki/qemu/ca-cert.pem.
    
    The default is true and matches libvirt's. We will want to disable this
    by default in train.
    
    [1] https://bugzilla.redhat.com/show_bug.cgi?id=1879477#c3
    
    Depends-On: https://review.opendev.org/c/openstack/puppet-nova/+/785957/
    Related: https://bugzilla.redhat.com/show_bug.cgi?id=1945760
    Change-Id: I3b252854a0dbf121d69bab79543561da6be781f4

tripleo-heat-templates

@@ -1 +1 @@
-Subproject commit a28c3e4c5eba9cf702559bcaf5776a97a1d29821
+Subproject commit 2b8479d3191de1943ddd72a48529060921a63b98