openstack
/
tripleo-heat-templates
Code Issues Proposed changes

Merge "Add node's FQDN to mysql certificate request and CA file"

This commit is contained in:
Jenkins 2017-06-21 15:06:38 +00:00 committed by Gerrit Code Review
parent dfd4e12b22 53407bd8b7
commit 4ccce0e36b
2 changed files with 20 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
puppet/services/database/mysql.yaml
View File

@ -118,6 +118,16 @@ outputs:
template: "%{hiera('cloud_name_NETWORK')}" template: "%{hiera('cloud_name_NETWORK')}"
params: params:
NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]} NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
dnsnames:
- str_replace:
template: "%{hiera('cloud_name_NETWORK')}"
params:
NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
- str_replace:
template:
"%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
principal: principal:
str_replace: str_replace:
template: "mysql/%{hiera('cloud_name_NETWORK')}" template: "mysql/%{hiera('cloud_name_NETWORK')}"
@ -132,6 +142,9 @@ outputs:
- service: mysql - service: mysql
network: {get_param: [ServiceNetMap, MysqlNetwork]} network: {get_param: [ServiceNetMap, MysqlNetwork]}
type: vip type: vip
- service: mysql
network: {get_param: [ServiceNetMap, MysqlNetwork]}
type: node
- null - null
upgrade_tasks: upgrade_tasks:
- name: Check for galera root password - name: Check for galera root password

7
puppet/services/pacemaker/database/mysql.yaml
View File

@ -27,6 +27,11 @@ parameters:
description: Mapping of service endpoint -> protocol. Typically set description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry. via parameter_defaults in the resource registry.
type: json type: json
InternalTLSCAFile:
default: '/etc/ipa/ca.crt'
type: string
description: Specifies the default CA cert to use if TLS is used for
services in the internal network.
resources: resources:
@ -61,6 +66,8 @@ outputs:
# internal_api_subnet - > IP/CIDR # internal_api_subnet - > IP/CIDR
tripleo::profile::pacemaker::database::mysql::gmcast_listen_addr: tripleo::profile::pacemaker::database::mysql::gmcast_listen_addr:
get_param: [ServiceNetMap, MysqlNetwork] get_param: [ServiceNetMap, MysqlNetwork]
tripleo::profile::pacemaker::database::mysql::ca_file:
get_param: InternalTLSCAFile
step_config: | step_config: |
include ::tripleo::profile::pacemaker::database::mysql include ::tripleo::profile::pacemaker::database::mysql
metadata_settings: metadata_settings: