packaging: setup: Fix the call to ok_to_renew_cert #48
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ok_to_renew_cert now requires two more parameters - "short_life", which tells whether the cert's life should be (relatively) short (e.g. for a web server) or can be long (e.g. for engine<->hosts communications), and "environment", which is used to check the value of CertExpirationWarnPeriodInDays (the "long" life one). Please note, that the use, there, of environment[ENGINE_DB_ENV_KEYS], breaks us if grafana is set up separately from both the engine and dwh. The documentation currently tells to configure grafana either on the engine machine or on the dwh machine (if they are separate), but nothing thus far prevented configuring it on a third machine. This will now break. Change-Id: I274917c7452c42bc3f3f05446677154852f847e1 Signed-off-by: Yedidyah Bar David <didi@redhat.com>
|
/ost |
michalskrivanek
approved these changes
Aug 23, 2022
avlitman
approved these changes
Aug 23, 2022
|
Maybe worth adding a release note that Grafana on separate machine is now not possible according to this pr, so users can revert this change if they need. |
Grafana on separate machine is broken regardless of current PR, since oVirt/ovirt-engine#486. Working around this is probably possible by copying /etc/ovirt-engine/engine.conf.d/10-setup-database.conf from the engine machine to the grafana machine, probably after changing ENGINE_DB_HOST to the engine (database) machine's name. I didn't try this, nor do I recommend this, unless really needed. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
ok_to_renew_cert now requires two more parameters - "short_life", which
tells whether the cert's life should be (relatively) short (e.g. for a
web server) or can be long (e.g. for engine<->hosts communications), and
"environment", which is used to check the value of
CertExpirationWarnPeriodInDays (the "long" life one).
Please note, that the use, there, of environment[ENGINE_DB_ENV_KEYS],
breaks us if grafana is set up separately from both the engine and dwh.
The documentation currently tells to configure grafana either on the
engine machine or on the dwh machine (if they are separate), but nothing
thus far prevented configuring it on a third machine. This will now
break.
Change-Id: I274917c7452c42bc3f3f05446677154852f847e1
Signed-off-by: Yedidyah Bar David didi@redhat.com