search

openstack-k8s-operators / edpm-ansible

External Dataplane Management Ansible Playbooks
https://openstack-k8s-operators.github.io/edpm-ansible/
Apache License 2.0
9 stars 66 forks source link

Add OVN TLS certs for metadata agent #615

Closed olliewalsh closed 7 months ago

olliewalsh commented 7 months ago

Metadata agent requires TLS certs to access the southdb. Also cleanup dup volume mounts in ovn services.

openshift-ci[bot] commented 7 months ago

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: olliewalsh

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[OWNERS](https://github.com/openstack-k8s-operators/edpm-ansible/blob/main/OWNERS)~~ [olliewalsh] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment
softwarefactory-project-zuul[bot] commented 7 months ago

Build failed (check pipeline). Post recheck (without leading slash) to rerun all jobs. Make sure the failure cause has been resolved before you rerun jobs.

https://review.rdoproject.org/zuul/buildset/474c2b62dbbd4e9198d2a4420e783da7

:heavy_check_mark: openstack-k8s-operators-content-provider SUCCESS in 2h 03m 30s :x: podified-multinode-edpm-deployment-crc FAILURE in 1h 24m 02s :heavy_check_mark: cifmw-crc-podified-edpm-baremetal SUCCESS in 1h 40m 51s :heavy_check_mark: edpm-ansible-molecule-edpm_bootstrap SUCCESS in 5m 36s :heavy_check_mark: edpm-ansible-molecule-edpm_podman SUCCESS in 4m 34s :heavy_check_mark: edpm-ansible-molecule-edpm_module_load SUCCESS in 4m 29s :heavy_check_mark: edpm-ansible-molecule-edpm_kernel SUCCESS in 9m 29s :heavy_check_mark: edpm-ansible-molecule-edpm_libvirt SUCCESS in 7m 47s :heavy_check_mark: edpm-ansible-molecule-edpm_nova SUCCESS in 8m 10s :heavy_check_mark: edpm-ansible-molecule-edpm_frr SUCCESS in 6m 15s :heavy_check_mark: edpm-ansible-molecule-edpm_iscsid SUCCESS in 4m 16s :heavy_check_mark: edpm-ansible-molecule-edpm_ovn_bgp_agent SUCCESS in 6m 14s :heavy_check_mark: edpm-ansible-molecule-edpm_ovs SUCCESS in 4m 53s

olliewalsh commented 7 months ago

Confirmed metadata API now works in a TLS deployment:

~/install_yamls/devsetup$ ssh 192.168.122.207 -l cirros
cirros@192.168.122.207's password: 
$ curl http://169.254.169.254/openstack
2012-08-10
2013-04-04
2013-10-17
2015-10-15
2016-06-30
2016-10-06
2017-02-22
2018-08-27
2020-10-14
latest$
vakwetu commented 7 months ago

/lgtm