Merge "Allow overriding mysql_bundle::gcomm_cipher"
This commit is contained in:
commit
9d00446475
|
@ -104,6 +104,10 @@ parameters:
|
||||||
hidden: true
|
hidden: true
|
||||||
description: When MysqlGaleraSSTMethod is set to mariabackup, the password
|
description: When MysqlGaleraSSTMethod is set to mariabackup, the password
|
||||||
of the database user that executes the SST.
|
of the database user that executes the SST.
|
||||||
|
MysqlGaleraSSLCipher:
|
||||||
|
type: string
|
||||||
|
default: 'AES128-SHA256'
|
||||||
|
description: Symmetric cipher to use.
|
||||||
|
|
||||||
resources:
|
resources:
|
||||||
ContainersCommon:
|
ContainersCommon:
|
||||||
|
@ -185,6 +189,7 @@ outputs:
|
||||||
# starting from pcs-0.10.14-6 enforces validations but this doesn't work when running
|
# starting from pcs-0.10.14-6 enforces validations but this doesn't work when running
|
||||||
# outside the respective containers. we need to use --force to overcome this.
|
# outside the respective containers. we need to use --force to overcome this.
|
||||||
tripleo::profile::pacemaker::database::mysql_bundle::force_ocf: true
|
tripleo::profile::pacemaker::database::mysql_bundle::force_ocf: true
|
||||||
|
tripleo::profile::pacemaker::database::mysql_bundle::gcomm_cipher: {get_param: MysqlGaleraSSLCipher}
|
||||||
# BEGIN DOCKER SETTINGS #
|
# BEGIN DOCKER SETTINGS #
|
||||||
puppet_config:
|
puppet_config:
|
||||||
config_volume: mysql
|
config_volume: mysql
|
||||||
|
|
|
@ -0,0 +1,6 @@
|
||||||
|
---
|
||||||
|
features:
|
||||||
|
- |
|
||||||
|
Add support for overriding the default cipher used by galera.
|
||||||
|
This is useful for cases like FIPS where the default 'AES128-SHA256' is
|
||||||
|
not allowed.
|
Loading…
Reference in New Issue