diff --git a/04_setup_ironic.sh b/04_setup_ironic.sh index ff8d0ef6d..366dc0757 100755 --- a/04_setup_ironic.sh +++ b/04_setup_ironic.sh @@ -73,6 +73,7 @@ sudo podman run -d --net host --privileged --name mariadb --pod ironic-pod \ sudo podman run -d --net host --privileged --name ironic --pod ironic-pod \ --env MARIADB_PASSWORD=$mariadb_password \ + --env OS_CONDUCTOR__HEARTBEAT_TIMEOUT=120 \ -v $IRONIC_DATA_DIR:/shared ${IRONIC_IMAGE} # Start Ironic Inspector diff --git a/assets/files/etc/kubernetes/manifests/keepalived.yaml b/assets/files/etc/kubernetes/manifests/keepalived.yaml index 6ce1012d6..d9584f911 100644 --- a/assets/files/etc/kubernetes/manifests/keepalived.yaml +++ b/assets/files/etc/kubernetes/manifests/keepalived.yaml @@ -94,7 +94,7 @@ spec: - name: keepalived securityContext: privileged: true - image: quay.io/celebdor/keepalived:latest + image: registry.svc.ci.openshift.org/ocp/4.2@sha256:daa9f390c43563b67546cd5b4cf3d8e351c3530f8091f523a73061fa441e8818 command: - /usr/sbin/keepalived args: diff --git a/assets/files/etc/kubernetes/static-pod-resources/keepalived/keepalived.conf.template b/assets/files/etc/kubernetes/static-pod-resources/keepalived/keepalived.conf.template index a0b3b2af4..aff40fd60 100644 --- a/assets/files/etc/kubernetes/static-pod-resources/keepalived/keepalived.conf.template +++ b/assets/files/etc/kubernetes/static-pod-resources/keepalived/keepalived.conf.template @@ -1,17 +1,22 @@ +global_defs { + enable_script_security + script_user root +} + vrrp_script chk_ocp { - script "curl -o /dev/null -kLs https://0:6443/readyz" + script "/usr/bin/curl -o /dev/null -kLs https://0:6443/readyz" interval 1 weight 50 } vrrp_script chk_dns { - script "host -t SRV _etcd-server-ssl._tcp.${DOMAIN} localhost" + script "/usr/bin/host -t SRV _etcd-server-ssl._tcp.${DOMAIN} localhost" interval 1 weight 50 } vrrp_script chk_ingress { - script "curl -o /dev/null -kLs https://0:1936/healthz" + script "/usr/bin/curl -o /dev/null -kLs https://0:1936/healthz" interval 1 weight 50 }