Ask Your Question

Nickdev's profile - activity

2018-10-08 01:18:07 -0500 asked a question Neutron L3 lbaas namespace migration


I'm using the depricated lbaas v2 neutron plugin, I'm planning on redeploying one of my network nodes, and it's considered as a production environment. I'm not sure how to migrate the lb namespace to a different network node. I know that it's not implemented, but still Is there any script or method that u can recommand. Is the really only way to do it is to delete and recreate it on another one?

Thanks in advance

2017-07-05 20:57:28 -0500 received badge  Famous Question (source)
2017-04-22 23:32:01 -0500 received badge  Supporter (source)
2017-04-21 13:38:31 -0500 received badge  Notable Question (source)
2017-04-12 14:41:38 -0500 received badge  Popular Question (source)
2017-04-10 02:23:39 -0500 asked a question Kolla set intra and external tls communication


I am willing to enable an external and internal communication via tls in my openstack kolla environment.

Using haproxy, i spearated kolla_external_vip_address from the kolla_internal_vip_address and placed them on different interfaces.

meanwhile i achieved the following:

In the globals.yml i enabled the following:

Kolla_enable_tls_external: "yes"
Kolla_external_fqdn_cert: "{{ node_config_directory }}/os.pem"

note: the 'os.pem' file contains certificate and private.

Now, after running kolla-ansible reconfigure i can access my external vip via tls.

question - is kolla configuration has additional options that enables:

  1. Enable the openstack services to communicate via tls with haproxy via the internal_vip_address.
  2. Enable haproxy to communicate via tls with each one of the internal openstack endpoints.

note: i know that i can configure and manage it manually by editing each openstack service and haproxy's configuration, i am searching for more elegant solution using kolla's features.