From 981304578833352473f9c1353adcd7b613674fb6 Mon Sep 17 00:00:00 2001 From: Dmitriy Rabotyagov Date: Tue, 29 Nov 2022 17:53:41 +0100 Subject: [PATCH] [doc] Document better requirement for keepalived vip_cidr Closes-Bug: #1998109 Change-Id: I5149b81f66775d0212d44e277e1e1cf794b1003d --- etc/openstack_deploy/openstack_user_config.yml.pod.example | 7 ++++--- etc/openstack_deploy/user_variables.yml | 2 ++ etc/openstack_deploy/user_variables.yml.prod-ceph.example | 2 ++ etc/openstack_deploy/user_variables.yml.prod.example | 2 ++ 4 files changed, 10 insertions(+), 3 deletions(-) diff --git a/etc/openstack_deploy/openstack_user_config.yml.pod.example b/etc/openstack_deploy/openstack_user_config.yml.pod.example index 85106012c9..4a58223a93 100644 --- a/etc/openstack_deploy/openstack_user_config.yml.pod.example +++ b/etc/openstack_deploy/openstack_user_config.yml.pod.example @@ -28,13 +28,14 @@ used_ips: - "172.29.247.1,172.29.247.50" global_overrides: - internal_lb_vip_address: internal-openstack.example.com # - # The below domain name must resolve to an IP address - # in the CIDR specified in haproxy_keepalived_external_vip_cidr. + # The below domains name must resolve to an IP address + # in the CIDR specified in haproxy_keepalived_external_vip_cidr and + # haproxy_keepalived_internal_vip_cidr. # If using different protocols (https/http) for the public/internal # endpoints the two addresses must be different. # + internal_lb_vip_address: internal-openstack.example.com external_lb_vip_address: openstack.example.com management_bridge: "br-mgmt" provider_networks: diff --git a/etc/openstack_deploy/user_variables.yml b/etc/openstack_deploy/user_variables.yml index afce925912..0241c535ea 100644 --- a/etc/openstack_deploy/user_variables.yml +++ b/etc/openstack_deploy/user_variables.yml @@ -173,6 +173,8 @@ install_method: source # HAProxy Keepalived configuration (cf. documentation) # Make sure that this is set correctly according to the CIDR used for your # internal and external addresses. +# If you've set external_lb_vip_address or internal_lb_vip_address to FQDN +# you must set these variables to the corresponding CIDRs for your setup. # haproxy_keepalived_external_vip_cidr: "{{external_lb_vip_address}}/32" # haproxy_keepalived_internal_vip_cidr: "{{internal_lb_vip_address}}/32" # haproxy_keepalived_external_interface: diff --git a/etc/openstack_deploy/user_variables.yml.prod-ceph.example b/etc/openstack_deploy/user_variables.yml.prod-ceph.example index ca4bbfd43c..c93fab3de8 100644 --- a/etc/openstack_deploy/user_variables.yml.prod-ceph.example +++ b/etc/openstack_deploy/user_variables.yml.prod-ceph.example @@ -1,6 +1,8 @@ --- # Because we have three haproxy nodes, we need # to one active LB IP, and we use keepalived for that. +# These variables must be defined when external_lb_vip_address or +# internal_lb_vip_address is set to FQDN. ## Load Balancer Configuration (haproxy/keepalived) haproxy_keepalived_external_vip_cidr: "/" haproxy_keepalived_internal_vip_cidr: "172.29.236.9/32" diff --git a/etc/openstack_deploy/user_variables.yml.prod.example b/etc/openstack_deploy/user_variables.yml.prod.example index 2baadd9288..8f3d98c953 100644 --- a/etc/openstack_deploy/user_variables.yml.prod.example +++ b/etc/openstack_deploy/user_variables.yml.prod.example @@ -1,6 +1,8 @@ --- # This file contains an example of the global variable overrides # which may need to be set for a production environment. +# These variables must be defined when external_lb_vip_address or +# internal_lb_vip_address is set to FQDN. ## Load Balancer Configuration (haproxy/keepalived) haproxy_keepalived_external_vip_cidr: "/" haproxy_keepalived_internal_vip_cidr: "172.29.236.9/32"