openstack
/
tripleo-heat-templates
Code Issues Proposed changes

Merge "Add node's FQDN to mysql certificate request and CA file"

This commit is contained in:
Jenkins 2017-06-21 15:06:38 +00:00 committed by Gerrit Code Review
parent dfd4e12b22 53407bd8b7
commit 4ccce0e36b
2 changed files with 20 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
puppet/services/database/mysql.yaml
View File

@ -118,6 +118,16 @@ outputs:
template: "%{hiera('cloud_name_NETWORK')}"
params:
NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
dnsnames:
- str_replace:
template: "%{hiera('cloud_name_NETWORK')}"
params:
NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
- str_replace:
template:
"%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
principal:
str_replace:
template: "mysql/%{hiera('cloud_name_NETWORK')}"
@ -132,6 +142,9 @@ outputs:
- service: mysql
network: {get_param: [ServiceNetMap, MysqlNetwork]}
type: vip
- service: mysql
network: {get_param: [ServiceNetMap, MysqlNetwork]}
type: node
- null
upgrade_tasks:
- name: Check for galera root password

7
puppet/services/pacemaker/database/mysql.yaml
View File

@ -27,6 +27,11 @@ parameters:
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
InternalTLSCAFile:
default: '/etc/ipa/ca.crt'
type: string
description: Specifies the default CA cert to use if TLS is used for
services in the internal network.
resources:
@ -61,6 +66,8 @@ outputs:
# internal_api_subnet - > IP/CIDR
tripleo::profile::pacemaker::database::mysql::gmcast_listen_addr:
get_param: [ServiceNetMap, MysqlNetwork]
tripleo::profile::pacemaker::database::mysql::ca_file:
get_param: InternalTLSCAFile
step_config: |
include ::tripleo::profile::pacemaker::database::mysql
metadata_settings: