Maintain sm-api in haproxy runtime on all controllers
The sm-api configuration in /etc/haproxy/haproxy.cfg will be lost in an
AIOSX setting after enabling https and installing a new certificate,
in this case, haproxy is expected to reload. This commit modifies the
haproxy runtime monitor the sm-api for all roles rather than the dc
roles.
Test:
1. Install a fresh AIOSX
2. system modify --https_enabled true
system certificate-install aiosx.pem
3. Check the sm-api public endpoint with:
curl -vi https://10.10.10.2:7777.
Connected to the endpoint and get the cert info.
4. Check the sm-api configuration by:
grep -e 7777 -e sm-api /etc/haproxy/haproxy.cfg. Configuration about public/internal endpoints of sm-api are in this
file.
Reviewed: https:/ /review. opendev. org/748735 /git.openstack. org/cgit/ starlingx/ stx-puppet/ commit/ ?id=f8b9339fb97 a887c1f48c18e9e fec7eb3dc7452b
Committed: https:/
Submitter: Zuul
Branch: master
commit f8b9339fb97a887 c1f48c18e9efec7 eb3dc7452b
Author: Yuxing Jiang <email address hidden>
Date: Fri Aug 28 14:20:17 2020 -0400
Maintain sm-api in haproxy runtime on all controllers
The sm-api configuration in /etc/haproxy/ haproxy. cfg will be lost in an
AIOSX setting after enabling https and installing a new certificate,
in this case, haproxy is expected to reload. This commit modifies the
haproxy runtime monitor the sm-api for all roles rather than the dc
roles.
Test: /10.10. 10.2:7777. haproxy. cfg.
Configuration about public/internal endpoints of sm-api are in this
1. Install a fresh AIOSX
2. system modify --https_enabled true
system certificate-install aiosx.pem
3. Check the sm-api public endpoint with:
curl -vi https:/
Connected to the endpoint and get the cert info.
4. Check the sm-api configuration by:
grep -e 7777 -e sm-api /etc/haproxy/
file.
Closes-Bug: 1893235 43a5a6ec0cdbf97 72f1dbd4283
Change-Id: Ia47c83df705f11
Signed-off-by: Yuxing Jiang <email address hidden>