Fix Heat 302 redirects

When doing a heat stack-show, Heat initially returns a 302 redirect.
With the existing loadbalancer config for SSL, this results in a
redirect to an http:// address pointing at the SSL port, which
naturally doesn't work.

The fix for this is to use the rsprep haproxy option to rewrite the
Location header in responses from the Heat api server.  This allows
us to properly handle redirect traffic as https.

Also note that http header rewriting requires "mode http", so that
is added here as well.

Change-Id: I7e5c5b1877e9aa46c4b88dfba45c1fddf61727fc

1 files changed, 9 insertions, 3 deletions

diff --git a/manifests/loadbalancer.pp b/manifests/loadbalancer.pp
index f7a4ff8..f9877a6 100644
--- a/manifests/loadbalancer.pp
+++ b/manifests/loadbalancer.pp
@@ -538,6 +538,10 @@ class tripleo::loadbalancer (
       "${heat_api_vip}:8004" => [],
       "${public_virtual_ip}:13004" => ['ssl', 'crt', $heat_bind_certificate],
     }
+    $heat_options = {
+      'option' => [ 'httpchk GET /' ],
+      'rsprep' => "^Location:\\ http://${public_virtual_ip}(.*) Location:\\ https://${public_virtual_ip}\\1",
+    }
     $heat_cw_bind_opts = {
       "${heat_api_vip}:8003" => [],
       "${public_virtual_ip}:13003" => ['ssl', 'crt', $heat_bind_certificate],
@@ -551,6 +555,9 @@ class tripleo::loadbalancer (
       "${heat_api_vip}:8004" => [],
       "${public_virtual_ip}:8004" => [],
     }
+    $heat_options = {
+      'option' => [ 'httpchk GET /' ],
+    }
     $heat_cw_bind_opts = {
       "${heat_api_vip}:8003" => [],
       "${public_virtual_ip}:8003" => [],
@@ -824,10 +831,9 @@ class tripleo::loadbalancer (
   if $heat_api {
     haproxy::listen { 'heat_api':
       bind             => $heat_bind_opts,
-      options          => {
-        'option' => [ 'httpchk GET /' ],
-      },
+      options          => $heat_options,
       collect_exported => false,
+      mode             => 'http',
     }
     haproxy::balancermember { 'heat_api':
       listening_service => 'heat_api',