Comment 37 for bug 1759576

With review 42476 patched and below knobs in by instances.yml

contrail_configuration:
  METADATA_SSL_ENABLE: True

kolla_config:
  kolla_globals:
    metadata_ssl_enable: "yes"
    tls_bind_info_internal: "yes"

**********************************************
**********************************************
**********************************************

I am hitting haproxy bring up error

TASK [haproxy : Copying over haproxy.cfg] **********************************************************************************************************************************************************
failed: [10.204.217.131] (item=/root/contrail-kolla-ansible/ansible/roles/haproxy/templates/haproxy.cfg.j2) => {"changed": false, "item": "/root/contrail-kolla-ansible/ansible/roles/haproxy/templates/haproxy.cfg.j2", "msg": "AnsibleError: template error while templating string: expected token ':', got '}'. String: {% set tls_bind_info = 'ssl crt /etc/haproxy/haproxy.pem' if kolla_enable_tls_external | bool else '' %}\n{% set tls_bind_info_internal = 'ssl crt /etc/haproxy/haproxy-internal.pem' if kolla_enable_tls_internal | bool else '' %}\n{% set tls_bind_info_nova_metadata = {{ tls_bind_info_internal }} if metadata_ssl_enable | bool else '' %}\nglobal\n chroot /var/lib/haproxy\n user haproxy\n group haproxy\n daemon\n{% if orchestration_engine != 'KUBERNETES' %}\n log {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}:{{ fluentd_syslog_port }} local1\n{% endif %}\n maxconn 4000\n stats socket /var/lib/kolla/haproxy/haproxy.sock\n{% if kolla_enable_tls_external | bool %}\n ssl-default-bind-ciphers DEFAULT:!MEDIUM:!3DES\n ssl-default-bind-options no-sslv3 no-tlsv10\n tune.ssl.default-dh-param 4096\n{%