Modify IPA install and usage for multi-env
Remove auto-reverse from IPA server install as this option is causing errors in environments where the zone being created already exists and is owned by some other dns server. See related change in: https://review.opendev.org/c/openstack/tripleo-quickstart-extras/+/737058/. This patch also stops the unbound service if it is running on the undercloud. Change-Id: Ie46809379e5c143910560b4d3f7cb0eee6f80ea1
This commit is contained in:
parent
1380d6158b
commit
2c2b16dc1e
|
@ -96,6 +96,13 @@
|
||||||
name: NetworkManager
|
name: NetworkManager
|
||||||
state: reloaded
|
state: reloaded
|
||||||
|
|
||||||
|
- name: disable unbound service
|
||||||
|
become: true
|
||||||
|
service:
|
||||||
|
name: unbound
|
||||||
|
state: stopped
|
||||||
|
ignore_errors: true
|
||||||
|
|
||||||
- name: remove any existing entries from the resolv.conf file
|
- name: remove any existing entries from the resolv.conf file
|
||||||
become: true
|
become: true
|
||||||
lineinfile:
|
lineinfile:
|
||||||
|
|
|
@ -71,7 +71,9 @@ ipa-server-install -U \
|
||||||
{% else %}
|
{% else %}
|
||||||
--auto-forwarders \
|
--auto-forwarders \
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
{% if cloudenv is not defined or cloudenv not in ['internal'] -%}
|
||||||
--auto-reverse {{ ipa_server_install_params|default('') }}
|
--auto-reverse {{ ipa_server_install_params|default('') }}
|
||||||
|
{% endif %}
|
||||||
## * Set CA to create CRL on restart
|
## * Set CA to create CRL on restart
|
||||||
sed -i "s/ca.crl.MasterCRL.publishOnStart=.*/ca.crl.MasterCRL.publishOnStart=true/" /etc/pki/pki-tomcat/ca/CS.cfg
|
sed -i "s/ca.crl.MasterCRL.publishOnStart=.*/ca.crl.MasterCRL.publishOnStart=true/" /etc/pki/pki-tomcat/ca/CS.cfg
|
||||||
systemctl restart pki-tomcatd@pki-tomcat.service
|
systemctl restart pki-tomcatd@pki-tomcat.service
|
||||||
|
|
Loading…
Reference in New Issue