vault: Use internal FQDN for barbican -> Vault communication

markgoddard · markgoddard · commit 334b6639daf1 · 2024-06-07T09:28:56.000+01:00
Typically the certificate is only valid for the FQDN. This will not
cause a problem usually because the internal API generally uses the VIP
directly rather than an FQDN.
diff --git a/doc/source/configuration/vault.rst b/doc/source/configuration/vault.rst
@@ -351,7 +351,7 @@ Configure Barbican
       enabled_secretstore_plugins=vault_plugin
 
       [vault_plugin]
-      vault_url = https://{{ kolla_internal_vip_address }}:8200
+      vault_url = https://{{ kolla_internal_fqdn }}:8200
       use_ssl = True
       {% raw %}
       ssl_ca_crt_file = {{ openstack_cacert }}
diff --git a/etc/kayobe/environments/ci-multinode/kolla/config/barbican.conf b/etc/kayobe/environments/ci-multinode/kolla/config/barbican.conf
@@ -5,7 +5,7 @@ enable_multiple_secret_stores=false
 enabled_secretstore_plugins=vault_plugin
 
 [vault_plugin]
-vault_url = https://{{ kolla_internal_vip_address }}:8200
+vault_url = https://{{ kolla_internal_fqdn }}:8200
 use_ssl = True
 {% raw %}
 ssl_ca_crt_file = {{ openstack_cacert }}
