Am Montag, dem 05.08.2024 um 18:58 +0000 schrieb jjjamesg@proton.me:
At this point I've determined it's just not possible, having tried a myriad of settings and asking on here and irc I've found no solution to use an official ca such as LetsEncrypt for backend tls, self signed is possible but causes problems when the vips are https. So as it stands, internal/external vips are tls, backend is not, I'll revisit this when either someone expands on how or the docs are updated to explain how as right now, there is no explainable way to get it working with official certs for all 3. This seems to be a bug which is currently being fixed, see:
https://bugs.launchpad.net/kolla-ansible/+bug/2076331 and the fix (still being reviewed): https://review.opendev.org/c/openstack/kolla-ansible/+/925971 maybe you can backport it to your branch locally and check if it works for you? it's only a very small change. HTH -- Sven Kieske Senior Cloud Engineer Mail: kieske@osism.tech Web: https://osism.tech OSISM GmbH / Talweg 8 / 75417 Mühlacker / Deutschland Geschäftsführer: Christian Berendt Unternehmenssitz: Mühlacker Amtsgericht: Stuttgart, HRB 756139