From 5e5f2d0f3f3d2f01b0482f306e6bc2d62f90d512 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Harald=20Jens=C3=A5s?= Date: Wed, 29 May 2019 09:34:52 +0200 Subject: [PATCH] Fix custom network.name_lower in krb-service-principals The lowercase network names was hardcoded to 'external', 'internal_api' and 'storage_mgmt'. Use jinja to get the network.name_lower value from network_data.yaml instead so that users can customize the lowercase network name. Handle service_net_map_replace in the jinja2 logic so that service_net_map_replace works for both default networks and custom networks. Enables a user either to change 'name_lower' of a network and overriding the ServiceNetMap accordingly, as well as user changeing 'name_lower' and use 'service_net_map_replace' so that the default ServiceNetMap can be used. Closes-Bug: #1830852 Change-Id: Ie9bd482782ff770d90dfc38a585237812ed81c06 (cherry picked from commit c0fcf8674d5f7c5c0cec1179fa56ef4536d5c5fb) (cherry picked from commit f708ab7a827cc0db211b4709447f77126087347e) --- .../krb-service-principals/role.role.j2.yaml | 22 ++++++++++++++++--- ...r-and-tls-everywhere-1f2300f9a2ba4d98.yaml | 7 ++++++ 2 files changed, 26 insertions(+), 3 deletions(-) create mode 100644 releasenotes/notes/fix-custom-netname-lower-and-tls-everywhere-1f2300f9a2ba4d98.yaml diff --git a/extraconfig/nova_metadata/krb-service-principals/role.role.j2.yaml b/extraconfig/nova_metadata/krb-service-principals/role.role.j2.yaml index 46597ce79e..8418272936 100644 --- a/extraconfig/nova_metadata/krb-service-principals/role.role.j2.yaml +++ b/extraconfig/nova_metadata/krb-service-principals/role.role.j2.yaml @@ -71,13 +71,29 @@ resources: fqdns: {%- for network in networks if network.vip|default(false) and network.name in role.networks %} {%- if network.name == 'External' %} - external: {get_param: CloudName} + {%- if network.service_net_map_replace is defined %} + {{network.service_net_map_replace}}: {get_param: CloudName} + {%- else %} + {{network.name_lower}}: {get_param: CloudName} + {%- endif %} {%- elif network.name == 'InternalApi' %} - internal_api: {get_param: CloudNameInternal} + {%- if network.service_net_map_replace is defined %} + {{network.service_net_map_replace}}: {get_param: CloudNameInternal} + {%- else %} + {{network.name_lower}}: {get_param: CloudNameInternal} + {%- endif %} {%- elif network.name == 'StorageMgmt' %} - storage_mgmt: {get_param: CloudNameStorageManagement} + {%- if network.service_net_map_replace is defined %} + {{network.service_net_map_replace}}: {get_param: CloudNameStorageManagement} + {%- else %} + {{network.name_lower}}: {get_param: CloudNameStorageManagement} + {%- endif %} {%- else %} + {%- if network.service_net_map_replace is defined %} + {{network.service_net_map_replace}}: {get_param: CloudNameStorageManagement} + {%- else %} {{network.name_lower}}: {get_param: CloudName{{network.name}}} + {%- endif %} {%- endif %} {%- endfor %} ctlplane: {get_param: CloudNameCtlplane} diff --git a/releasenotes/notes/fix-custom-netname-lower-and-tls-everywhere-1f2300f9a2ba4d98.yaml b/releasenotes/notes/fix-custom-netname-lower-and-tls-everywhere-1f2300f9a2ba4d98.yaml new file mode 100644 index 0000000000..11c546490e --- /dev/null +++ b/releasenotes/notes/fix-custom-netname-lower-and-tls-everywhere-1f2300f9a2ba4d98.yaml @@ -0,0 +1,7 @@ +--- +fixes: + - | + Fixes an issue where deployment would fail if a non-default ``name_lower`` + is used in network data for one of the networks: ``External``, + ``InternalApi`` or ``StorageMgmt``. + (See `bug: 1830852 `_.) \ No newline at end of file