From 3c56f32facb01d9265c5224e088e6e876b7506b6 Mon Sep 17 00:00:00 2001
From: Mark Goddard <mark@stackhpc.com>
Date: Thu, 19 Aug 2021 16:30:11 +0100
Subject: [PATCH] Fix configuration check without public API network
If no public API network is used, as in the case of typical all-in-one
environments, the checks in kolla-ansible.yml, task "Validate Kolla
Ansible API address configuration" may fail. This happens only when
using the new kolla_internal_vip_address variable, and not if the legacy
vip_address network attribute is used.
This change fixes the issue by only checking for valid external VIP
address/FQDN configuration when a separate public API network is in use.
If the external VIP/FQDN are not set, then Kayobe no longer defaults
their values to the internal VIP/FQDN, instead relying on the Kolla
Ansible defaults to do this. This may have consequences for anyone
relying on these variables in configuration.
Change-Id: I0b1c963006c044ade5c67c4046da5e2addc9a8c7
Story: 2009134
Task: 43070
---
ansible/kolla-ansible.yml | 4 ++--
ansible/public-openrc.yml | 2 +-
ansible/roles/kolla-ansible/templates/globals.yml.j2 | 4 ++++
.../notes/fix-precheck-no-public-net-c0db9168063b6203.yaml | 6 ++++++
4 files changed, 13 insertions(+), 3 deletions(-)
create mode 100644 releasenotes/notes/fix-precheck-no-public-net-c0db9168063b6203.yaml
diff --git a/ansible/kolla-ansible.yml b/ansible/kolla-ansible.yml
index 7a5f9e49..6c136148 100644
--- a/ansible/kolla-ansible.yml
+++ b/ansible/kolla-ansible.yml
@@ -87,10 +87,10 @@
required: True
- var_name: "kolla_external_vip_address"
description: "external API VIP address"
- required: True
+ required: "{{ public_net_name != internal_net_name }}"
- var_name: "kolla_external_fqdn"
description: "External API Fully Qualified Domain Name (FQDN)"
- required: True
+ required: "{{ public_net_name != internal_net_name }}"
tags:
- config
- config-validation
diff --git a/ansible/public-openrc.yml b/ansible/public-openrc.yml
index d81d1300..412c2cd1 100644
--- a/ansible/public-openrc.yml
+++ b/ansible/public-openrc.yml
@@ -8,7 +8,7 @@
- public-openrc
vars:
public_api_proto: "{% if kolla_enable_tls_external | bool %}https{% else %}http{% endif %}"
- public_api_host: "{{ kolla_external_fqdn }}"
+ public_api_host: "{{ kolla_external_fqdn or kolla_internal_fqdn }}"
public_api_keystone_port: 5000
roles:
- role: public-openrc
diff --git a/ansible/roles/kolla-ansible/templates/globals.yml.j2 b/ansible/roles/kolla-ansible/templates/globals.yml.j2
index 85b84472..10b809a1 100644
--- a/ansible/roles/kolla-ansible/templates/globals.yml.j2
+++ b/ansible/roles/kolla-ansible/templates/globals.yml.j2
@@ -36,17 +36,21 @@ kolla_internal_vip_address: "{{ kolla_internal_vip_address }}"
# default it is the same as kolla_internal_vip_address.
kolla_internal_fqdn: "{{ kolla_internal_fqdn }}"
+{% if kolla_external_vip_address %}
# This should be a VIP, an unused IP on your network that will float between
# the hosts running keepalived for high-availability. It defaults to the
# kolla_internal_vip_address, allowing internal and external communication to
# share the same address. Specify a kolla_external_vip_address to separate
# internal and external requests between two VIPs.
kolla_external_vip_address: "{{ kolla_external_vip_address }}"
+{% endif %}
+{% if kolla_external_fqdn %}
# The Public address used to communicate with OpenStack as set in the public_url
# for the endpoints that will be created. This DNS name should map to
# kolla_external_vip_address.
kolla_external_fqdn: "{{ kolla_external_fqdn }}"
+{% endif %}
################
# Docker options
diff --git a/releasenotes/notes/fix-precheck-no-public-net-c0db9168063b6203.yaml b/releasenotes/notes/fix-precheck-no-public-net-c0db9168063b6203.yaml
new file mode 100644
index 00000000..cfe1ffce
--- /dev/null
+++ b/releasenotes/notes/fix-precheck-no-public-net-c0db9168063b6203.yaml
@@ -0,0 +1,6 @@
+---
+fixes:
+ - |
+ Fixes an issue with configuration validation when no public API network is
+ in use. See `story 2009134
+ <https://storyboard.openstack.org/#!/story/2009134>`__ for details.
--
GitLab