Moving tls flag from percona to db group
Change-Id: I2ff95f7a1cbb14cb1cd9e35677f95c30a4523340
This commit is contained in:
parent
05282a410d
commit
8d6629fe3c
@ -4,6 +4,8 @@ configs:
|
||||
db:
|
||||
root_password: "password"
|
||||
max_timeout: 60
|
||||
tls:
|
||||
enabled: false
|
||||
percona:
|
||||
cluster_name: "k8scluster"
|
||||
xtrabackup_password: "password"
|
||||
@ -16,8 +18,6 @@ configs:
|
||||
node: null
|
||||
port:
|
||||
cont: 3306
|
||||
tls:
|
||||
enabled: true
|
||||
url:
|
||||
percona:
|
||||
debian:
|
||||
|
@ -35,9 +35,9 @@ wsrep_provider = /usr/lib/galera3/libgalera_smm.so
|
||||
wsrep_cluster_name = {{ percona.cluster_name }}
|
||||
wsrep_sst_method = xtrabackup-v2
|
||||
wsrep_sst_auth = "xtrabackup:{{ percona.xtrabackup_password }}"
|
||||
wsrep_provider_options = "gcache.size={{ percona.gcache_size }};gcache.recover=yes{% if percona.tls.enabled %};socket.ssl=yes;socket.ssl_key=/opt/ccp/etc/tls/server-key.pem;socket.ssl_cert=/opt/ccp/etc/tls/server-cert.pem;socket.ssl_ca=/opt/ccp/etc/tls/ca.pem"{% endif %}
|
||||
wsrep_provider_options = "gcache.size={{ percona.gcache_size }};gcache.recover=yes{% if db.tls.enabled %};socket.ssl=yes;socket.ssl_key=/opt/ccp/etc/tls/server-key.pem;socket.ssl_cert=/opt/ccp/etc/tls/server-cert.pem;socket.ssl_ca=/opt/ccp/etc/tls/ca.pem"{% endif %}
|
||||
|
||||
{% if percona.tls.enabled %}
|
||||
{% if db.tls.enabled %}
|
||||
ssl-ca = /opt/ccp/etc/tls/ca.pem
|
||||
ssl-cert = /opt/ccp/etc/tls/server-cert.pem
|
||||
ssl-key = /opt/ccp/etc/tls/server-key.pem
|
||||
|
@ -15,7 +15,7 @@ service:
|
||||
daemon:
|
||||
files:
|
||||
- galera-checker
|
||||
# {% if percona.tls.enabled %}
|
||||
# {% if db.tls.enabled %}
|
||||
- ca.pem
|
||||
- server-key.pem
|
||||
- server-cert.pem
|
||||
@ -36,7 +36,7 @@ service:
|
||||
files:
|
||||
- haproxy-conf
|
||||
- haproxy_entrypoint
|
||||
# {% if percona.tls.enabled %}
|
||||
# {% if db.tls.enabled %}
|
||||
- ca.pem
|
||||
- server-key.pem
|
||||
- server-cert.pem
|
||||
@ -79,7 +79,7 @@ service:
|
||||
- entrypoint
|
||||
- mycnf
|
||||
- galera-checker
|
||||
# {% if percona.tls.enabled %}
|
||||
# {% if db.tls.enabled %}
|
||||
- ca.pem
|
||||
- server-key.pem
|
||||
- server-cert.pem
|
||||
@ -107,7 +107,7 @@ files:
|
||||
path: /opt/ccp/bin/haproxy_entrypoint.py
|
||||
content: haproxy_entrypoint.py
|
||||
perm: "0755"
|
||||
# {% if percona.tls.enabled %}
|
||||
# {% if db.tls.enabled %}
|
||||
ca.pem:
|
||||
path: /opt/ccp/etc/tls/ca.pem
|
||||
content: ca.pem.j2
|
||||
|
Loading…
Reference in New Issue
Block a user