tripleo

  1. Bug #1917868
  2. Comment #2

Comment 2 for bug 1917868

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to tripleo-heat-templates (stable/victoria)

Reviewed: https://review.opendev.org/c/openstack/tripleo-heat-templates/+/783942
Committed: https://opendev.org/openstack/tripleo-heat-templates/commit/63001263ad011d5a1dcca42fc7c79599fe6c78c8
Submitter: "Zuul (22348)"
Branch: stable/victoria

commit 63001263ad011d5a1dcca42fc7c79599fe6c78c8
Author: Damien Ciabrini <email address hidden>
Date: Mon Mar 22 18:04:08 2021 +0100

    HA: inject public certificates without blocking container

    Do not inject public certificates in pacemaker bundles by means
    of "podman cp", as this pauses the container for a short amount
    of time and can make pacemaker operation fail during that time
    window and impact cluster for no reason.

    Keep "podman cp" for non-HA containers, as the freeze is short
    and doesn't seem to impact podman monitoring anyway.

    The new certificate injection only works for podman 1.9+, lower
    version won't overwrite the existing certificate.

    (cherry-picked from 93e53b74293cb4478ea415255fee96e7fddda004)
    (squashed with Ic6e4264c5ad46bd2589cc907c365af2d42fde63d)
    (removed a part that should stay in puppet-tripleo before wallaby)

    Closes-Bug: #1917868

    Change-Id: Id7308f028f33716be5e3df6699c3f2c12e33e344