Hi, Can u send me content of /etc/kolla ? And also config in globals regarding tls ? Kevko Michal Arbet Openstack Engineer Ultimum Technologies a.s. Na Poříčí 1047/26, 11000 Praha 1 Czech Republic +420 604 228 897 michal.arbet@ultimum.io *https://ultimum.io <https://ultimum.io/>* LinkedIn <https://www.linkedin.com/company/ultimum-technologies> | Twitter <https://twitter.com/ultimumtech> | Facebook <https://www.facebook.com/ultimumtechnologies/timeline> po 20. 5. 2024 v 22:23 odesílatel Jonathan Proulx <jon@csail.mit.edu> napsal:
On Mon, May 20, 2024 at 01:44:24PM -0400, Jonathan Proulx wrote: :Hi All, : :I'm trying to do a test multinode deploy using 2023.2 : :I have letsencrypt_webserver and letsencrypt_lego contsainers running :and I'm seeing random traffic in the :/var/log/kolla/letsencrypt/letsencrypt-webserver-access.log so fairly :confident they're plumbed through to the public internet properly, but :I don't seem to be getting certificates. : :how can I trigger a renewal attempt so I can maybe see what I've :screwed up?
Of course as soon as I ask I find the answer and more questions.
`exec`ing the /usr/bin/letsencrypt-certificates line from `/usr/local/bin/letsencrypt-lego-run.sh` in the letsencrypt_lego container does get a letsencrypt cert into th haproxy container as `/etc/haproxy/certificates/haproxy-internal.pem` however there's also a `/etc/haproxy/certificates/haproxy.pem` that is self-signed.
What my `kolla-ansible deploy` is actually dying on is currently:
fatal: [control0]: FAILED! => {"msg": "An unhandled exception occurred while templating '{{ lookup('first_found', certs) }}'. Error was a <class 'ansible.errors.AnsibleLookupError'>, original message: No file was found when using first_found."}
so perhaps there's something I need ot turn "off" in `globals.yml`?
-- Jonathan Proulx (he/him) Sr. Technical Architect The Infrastructure Group MIT CSAIL