HA: do not rotate cluster passwords
Various passwords used by pacemaker (pcsd, pacemaker remote, clustercheck), cannot currently be updated on one node without impacting communication with the other nodes in the cluster (pacemaker), or other clustered services (galera). Do not rotate those cluster passwords by default, until an orchestrated rotation is implemented specifically for each of them. Closes-Bug: #1960277 Change-Id: I4132f184454b9c2b907d3317256c3de185fd9da9 (cherry picked from commit77130ddcea
) (cherry picked from commit301b6b8a5c
)
This commit is contained in:
parent
597231e26f
commit
efae439343
|
@ -161,6 +161,9 @@ DO_NOT_ROTATE_LIST = (
|
|||
'CephManilaClientKey',
|
||||
'CephRgwKey',
|
||||
'HeatAuthEncryptionKey',
|
||||
'MysqlClustercheckPassword',
|
||||
'PacemakerRemoteAuthkey',
|
||||
'PcsdPassword',
|
||||
)
|
||||
|
||||
PLAN_NAME_PATTERN = '^[a-zA-Z0-9-]+$'
|
||||
|
|
Loading…
Reference in New Issue