diff --git a/ansible/roles/kolla-ansible/templates/overcloud-components.j2 b/ansible/roles/kolla-ansible/templates/overcloud-components.j2 index 0ef0a176c..88781653f 100644 --- a/ansible/roles/kolla-ansible/templates/overcloud-components.j2 +++ b/ansible/roles/kolla-ansible/templates/overcloud-components.j2 @@ -15,6 +15,7 @@ bifrost [tls-backend:children] control +network # You can explicitly specify which hosts run each project by updating the # groups in the sections below. Common services are grouped together. diff --git a/ansible/roles/public-openrc/templates/public-openrc.sh.j2 b/ansible/roles/public-openrc/templates/public-openrc.sh.j2 index d11c795dd..49225fc60 100644 --- a/ansible/roles/public-openrc/templates/public-openrc.sh.j2 +++ b/ansible/roles/public-openrc/templates/public-openrc.sh.j2 @@ -11,6 +11,8 @@ export OS_ENDPOINT_TYPE=publicURL export OS_MANILA_ENDPOINT_TYPE=publicURL {% elif "export OS_MISTRAL_ENDPOINT_TYPE" in line %} export OS_MISTRAL_ENDPOINT_TYPE=publicURL +{% elif "export OS_CACERT" in line %} +{# NOTE(bbezak): drop admin OS_CACERT; public-openrc sets its own. -#} {% else %} {{ line }} {% endif %} diff --git a/releasenotes/notes/bug-2116318-44f0c022cde1e686.yaml b/releasenotes/notes/bug-2116318-44f0c022cde1e686.yaml new file mode 100644 index 000000000..8851717e4 --- /dev/null +++ b/releasenotes/notes/bug-2116318-44f0c022cde1e686.yaml @@ -0,0 +1,6 @@ +--- +fixes: + - | + Fixes duplicate ``OS_CACERT`` lines in ``public-openrc.sh`` when both admin + and public cacert variables are set. + `LP#2116318 `__ diff --git a/releasenotes/notes/bug-2117084-8d1eaa375df1d1f8.yaml b/releasenotes/notes/bug-2117084-8d1eaa375df1d1f8.yaml new file mode 100644 index 000000000..1e275e202 --- /dev/null +++ b/releasenotes/notes/bug-2117084-8d1eaa375df1d1f8.yaml @@ -0,0 +1,6 @@ +--- +fixes: + - | + Fixes configuration of backend TLS when network nodes are separate from + controllers. + `LP#2117084 `__