puppet-tripleo

History

Michele Baldessari f13e634249 Initial support for tls_priorities We add initial support for being able to specify tls priorities in pacemaker. For bundles this will happen via an env variable because pacemaker_remote is started normally as a process and there is no sourcing of /etc/sysconfig/pacemaker. Tested on both queens and stein. Via a deploy and a redeploy against existing cloud. Observed that: A) We got PCMK_tls_priorities inside /etc/sysconfig/pacemaker with the value that was passed in THT B) Containers had the following env variable set: "PCMK_tls_priorities=normal", The '-e' addition is a noop in case the PCMK_tls_priorities is unset so that we do not change the signature of the resources and hence do not needlessly restart the HA resource. NB: cherry-pick needed manual adjustment due to missing context (i.e. we're not backporting podman support in rocky and queens) Depends-On: I1971810f6a90f244ed5ced972a5fe7fde29dde86 Change-Id: I703b5a429f48063474aace85bc45d948f5c91435 (cherry picked from commit `f1a593b642`) (cherry picked from commit `dbae850692`) (cherry picked from commit `6aae98b3f1`)	2019-10-09 08:36:43 +02:00
..
share_bundle.pp	Initial support for tls_priorities	2019-10-09 08:36:43 +02:00

Michele Baldessari f13e634249 Initial support for tls_priorities

We add initial support for being able to specify tls priorities in
pacemaker. For bundles this will happen via an env variable because
pacemaker_remote is started normally as a process and there is no
sourcing of /etc/sysconfig/pacemaker.

Tested on both queens and stein. Via a deploy and a redeploy against
existing cloud. Observed that:
A) We got PCMK_tls_priorities inside /etc/sysconfig/pacemaker with the
value that was passed in THT
B) Containers had the following env variable set:
  "PCMK_tls_priorities=normal",

The '-e' addition is a noop in case the PCMK_tls_priorities is unset
so that we do not change the signature of the resources and hence do
not needlessly restart the HA resource.

NB: cherry-pick needed manual adjustment due to missing context (i.e.
    we're not backporting podman support in rocky and queens)

Depends-On: I1971810f6a90f244ed5ced972a5fe7fde29dde86
Change-Id: I703b5a429f48063474aace85bc45d948f5c91435
(cherry picked from commit f1a593b642)
(cherry picked from commit dbae850692)
(cherry picked from commit 6aae98b3f1)

2019-10-09 08:36:43 +02:00

share_bundle.pp Initial support for tls_priorities 2019-10-09 08:36:43 +02:00