Variables for keepalived are already defined in my case with correct IP addresses.
So I tried with haproxy_bind_external/internal_lb_vip_address and haproxy_bind_external/internal_lb_vip_interface but another error occurred, certificate in configuration is `/etc/haproxy/ssl/haproxy_node0-10.2.200.205.pem` but certificate file in ssl directory is `haproxy_node0-10.2.200.200-br-mgmt.pem`.
Another problem is that the certificate is self signed but not certbot one.
Hi Dmitriy,
Thanks for your response.
Variables for keepalived are already defined in my case with correct IP addresses.
So I tried with haproxy_ bind_external/ internal_ lb_vip_ address and haproxy_ bind_external/ internal_ lb_vip_ interface but another error occurred, certificate in configuration is `/etc/haproxy/ ssl/haproxy_ node0-10. 2.200.205. pem` but certificate file in ssl directory is `haproxy_ node0-10. 2.200.200- br-mgmt. pem`.
Another problem is that the certificate is self signed but not certbot one.
This is my configuration :
####### ####### ####### ####### ####### keepalived_ external_ vip_cidr: "10.2.200.200/24" keepalived_ internal_ vip_cidr: "10.2.200.205/24" keepalived_ external_ interface: br-mgmt keepalived_ internal_ interface: br-mgmt
haproxy_
haproxy_
haproxy_
haproxy_
haproxy_ bind_external_ lb_vip_ address: 10.2.200.200 bind_internal_ lb_vip_ address: 10.2.200.205
haproxy_
haproxy_ bind_external_ lb_vip_ interface: br-mgmt bind_internal_ lb_vip_ interface: br-mgmt
haproxy_
# https:/ /bugs.launchpad .net/openstack- ansible/ +bug/2006938 ssl_letsencrypt _enable: True ssl_letsencrypt _install_ method: "distro" ssl_letsencrypt _email: ***** ssl_letsencrypt _setup_ extra_params: "--dns-google --dns-google- credentials *****" ssl_letsencrypt _certbot_ challenge: "dns-01"
# I delete --standalone argument in task file
haproxy_
haproxy_
haproxy_
haproxy_interval: 2000
haproxy_
haproxy_
haproxy_ stats_enabled: true stats_prometheu s_enabled: true ####### ####### ####### #######
haproxy_
#######
I tried with and without define interfaces without effect and change `haproxy_ tls_vip_ binds` but I have issue want haproxy generate pem.
EDIT:
My bad, certbot cert is generate after flush handlers but role failed in this step.