Add SSL support for designate CCP plugin
Add SSL for designate components. Change-Id: I5e94299fdb38fb9eaa74498778b14df3e00b9824
This commit is contained in:
parent
c7773735e3
commit
1f39d95902
@ -13,7 +13,10 @@ service:
|
|||||||
type: single
|
type: single
|
||||||
command:
|
command:
|
||||||
mysql -u root -p{{ db.root_password }} -h {{ address(service.database) }} -e "create database {{ designate.db.name.main_database }};
|
mysql -u root -p{{ db.root_password }} -h {{ address(service.database) }} -e "create database {{ designate.db.name.main_database }};
|
||||||
grant all privileges on {{ designate.db.name.main_database }}.* to '{{ designate.db.username }}'@'%' identified by '{{ designate.db.password }}';"
|
create user '{{ designate.db.username }}'@'%' identified by '{{ designate.db.password }}'
|
||||||
|
{% if percona.tls.enabled %} require ssl {% endif %};
|
||||||
|
grant all privileges on {{ designate.db.name.main_database }}.* to '{{ designate.db.username }}'@'%' identified by '{{ designate.db.password }}'
|
||||||
|
{% if percona.tls.enabled %} require ssl {% endif %};"
|
||||||
- name: designate-syncdb
|
- name: designate-syncdb
|
||||||
dependencies:
|
dependencies:
|
||||||
- designate-main-db-create
|
- designate-main-db-create
|
||||||
|
@ -11,7 +11,10 @@ service:
|
|||||||
type: single
|
type: single
|
||||||
command:
|
command:
|
||||||
mysql -u root -p{{ db.root_password }} -h {{ address(service.database) }} -e "create database {{ designate.db.name.pool_manager }};
|
mysql -u root -p{{ db.root_password }} -h {{ address(service.database) }} -e "create database {{ designate.db.name.pool_manager }};
|
||||||
grant all privileges on {{ designate.db.name.pool_manager }}.* to '{{ designate.db.username }}'@'%' identified by '{{ designate.db.password }}';"
|
create user '{{ designate.db.username }}'@'%' identified by '{{ designate.db.password }}'
|
||||||
|
{% if percona.tls.enabled %} require ssl {% endif %};
|
||||||
|
grant all privileges on {{ designate.db.name.pool_manager }}.* to '{{ designate.db.username }}'@'%' identified by '{{ designate.db.password }}'
|
||||||
|
{% if percona.tls.enabled %} require ssl {% endif %};"
|
||||||
- name: designate-pool-sync
|
- name: designate-pool-sync
|
||||||
dependencies:
|
dependencies:
|
||||||
- designate-pool-manager-db-create
|
- designate-pool-manager-db-create
|
||||||
|
@ -108,7 +108,7 @@ pool_id = {{ designate.pool.pool_id }}
|
|||||||
# SQLAlchemy Pool Manager Cache
|
# SQLAlchemy Pool Manager Cache
|
||||||
#------------------------------
|
#------------------------------
|
||||||
[pool_manager_cache:sqlalchemy]
|
[pool_manager_cache:sqlalchemy]
|
||||||
connection = mysql+pymysql://{{ designate.db.username }}:{{ designate.db.password }}@{{ address(service.database) }}/{{ designate.db.name.pool_manager }}
|
connection = mysql+pymysql://{{ designate.db.username }}:{{ designate.db.password }}@{{ address(service.database) }}/{{ designate.db.name.pool_manager }}{% if percona.tls.enabled %}?ssl_ca=/opt/ccp/etc/tls/ca.pem{% endif %}
|
||||||
|
|
||||||
########################
|
########################
|
||||||
## Storage Configuration
|
## Storage Configuration
|
||||||
@ -117,7 +117,7 @@ connection = mysql+pymysql://{{ designate.db.username }}:{{ designate.db.passwor
|
|||||||
# SQLAlchemy Storage
|
# SQLAlchemy Storage
|
||||||
#-------------------
|
#-------------------
|
||||||
[storage:sqlalchemy]
|
[storage:sqlalchemy]
|
||||||
connection = mysql+pymysql://{{ designate.db.username }}:{{ designate.db.password }}@{{ address(service.database) }}/{{ designate.db.name.main_database }}
|
connection = mysql+pymysql://{{ designate.db.username }}:{{ designate.db.password }}@{{ address(service.database) }}/{{ designate.db.name.main_database }}{% if percona.tls.enabled %}?ssl_ca=/opt/ccp/etc/tls/ca.pem{% endif %}
|
||||||
|
|
||||||
########################
|
########################
|
||||||
## Handler Configuration
|
## Handler Configuration
|
||||||
|
Loading…
Reference in New Issue
Block a user