Gitiles
Code Review Sign In
spfactory.storpool.com / devstack / a79aa4783bcbe0b26eee2f957a5f1e71b6ddf605^2..a79aa4783bcbe0b26eee2f957a5f1e71b6ddf605 / .
commita79aa4783bcbe0b26eee2f957a5f1e71b6ddf605[log] [tgz]
authorJenkins <jenkins@review.openstack.org>Fri Nov 18 18:01:22 2016 +0000
committerGerrit Code Review <review@openstack.org>Fri Nov 18 18:01:22 2016 +0000
tree81f62700cd1e6e895ce44f441d908c51a6ae8121
parent1493bdeba24674f6634160d51b8081c571df4017 [diff]
parent4bfbc291eefd92d8b7885f36275b7ff541e067ab [diff]
Merge "Derive IP ranges from new ADDRS_SAFE_TO_USE vars"
diff --git a/lib/neutron_plugins/services/l3 b/lib/neutron_plugins/services/l3
index 56eb223..2099757 100644
--- a/lib/neutron_plugins/services/l3
+++ b/lib/neutron_plugins/services/l3

@@ -374,11 +374,6 @@
             fi
             ROUTER_GW_IP=$(openstack --os-cloud devstack-admin --os-region "$REGION_NAME" port list -c 'Fixed IP Addresses' --device-owner network:router_gateway | awk -F'ip_address'  '{ print $2 }' | cut -f2 -d\' | tr '\n' ' ')
             die_if_not_set $LINENO ROUTER_GW_IP "Failure retrieving ROUTER_GW_IP"
-            local replace_range=${SUBNETPOOL_PREFIX_V4}
-            if [[ -z "${SUBNETPOOL_V4_ID}" ]]; then
-                replace_range=${FIXED_RANGE}
-            fi
-            sudo ip route replace $replace_range via $ROUTER_GW_IP
         fi
         _neutron_set_router_id
     fi

diff --git a/lib/tls b/lib/tls
index 40f3e81..14cdf19 100644
--- a/lib/tls
+++ b/lib/tls

@@ -201,7 +201,6 @@
 # Create root and intermediate CAs
 # init_CA
 function init_CA {
-    fix_system_ca_bundle_path
     # Ensure CAs are built
     make_root_CA $ROOT_CA_DIR
     make_int_CA $INT_CA_DIR $ROOT_CA_DIR

diff --git a/stack.sh b/stack.sh
index 54485b6..f20c9d9 100755
--- a/stack.sh
+++ b/stack.sh

@@ -809,6 +809,13 @@
     install_os_brick
 fi
 
+# Setup TLS certs
+if is_service_enabled tls-proxy || [ "$USE_SSL" == "True" ]; then
+    configure_CA
+    init_CA
+    init_cert
+fi
+
 # Install middleware
 install_keystonemiddleware
 
@@ -881,14 +888,9 @@
 fi
 
 if is_service_enabled tls-proxy || [ "$USE_SSL" == "True" ]; then
-    configure_CA
-    init_CA
-    init_cert
-    # Add name to ``/etc/hosts``.
-    # Don't be naive and add to existing line!
+    fix_system_ca_bundle_path
 fi
 
-
 # Extras Install
 # --------------
 

diff --git a/tools/make_cert.sh b/tools/make_cert.sh
index 2628b40..e91464f 100755
--- a/tools/make_cert.sh
+++ b/tools/make_cert.sh

@@ -45,6 +45,7 @@
 
 # Make sure the CA is set up
 configure_CA
+fix_system_ca_bundle_path
 init_CA
 
 # Create the server cert