OK - so at least directories are OK. We can spot the following issues:
- certificates don't have the right type (ca_01.pem, client.pem and cakey.pem)
- the files located in conf.d don't inherits their parent type for some reason (post-deploy.conf, manager-post-deploy.conf and worker-post-deploy.conf).
According to this[1][2], config files are created by ansible ini_file. I'd push the setype in the different calls to that one, and check what's going on.
Next step will be the certificate - octavia won't be allowed to access them as well, for the same reason. Care to check how they are created, and maybe add the requested things?
OK - so at least directories are OK. We can spot the following issues: post-deploy. conf and worker- post-deploy. conf).
- certificates don't have the right type (ca_01.pem, client.pem and cakey.pem)
- the files located in conf.d don't inherits their parent type for some reason (post-deploy.conf, manager-
According to this[1][2], config files are created by ansible ini_file. I'd push the setype in the different calls to that one, and check what's going on.
Next step will be the certificate - octavia won't be allowed to access them as well, for the same reason. Care to check how they are created, and maybe add the requested things?
Cheers,
C.
[1] https:/ /github. com/openstack/ tripleo- common/ blob/master/ playbooks/ roles/octavia- controller- post-config/ tasks/main. yml#L30- L38 /github. com/openstack/ tripleo- common/ blob/master/ playbooks/ roles/octavia- controller- config/ tasks/octavia. yml#L5- L12
[2] https:/
(note: there are probably other calls)