Merge "Adding tls flag to db group"
This commit is contained in:
commit
9c5d6a52d1
|
@ -4,6 +4,8 @@ configs:
|
|||
db:
|
||||
root_password: "password"
|
||||
max_timeout: 60
|
||||
tls:
|
||||
enabled: true
|
||||
percona:
|
||||
cluster_name: "k8scluster"
|
||||
xtrabackup_password: "password"
|
||||
|
|
|
@ -35,9 +35,9 @@ wsrep_provider = /usr/lib/galera3/libgalera_smm.so
|
|||
wsrep_cluster_name = {{ percona.cluster_name }}
|
||||
wsrep_sst_method = xtrabackup-v2
|
||||
wsrep_sst_auth = "xtrabackup:{{ percona.xtrabackup_password }}"
|
||||
wsrep_provider_options = "gcache.size={{ percona.gcache_size }};gcache.recover=yes{% if percona.tls.enabled %};socket.ssl=yes;socket.ssl_key=/opt/ccp/etc/tls/server-key.pem;socket.ssl_cert=/opt/ccp/etc/tls/server-cert.pem;socket.ssl_ca=/opt/ccp/etc/tls/ca.pem"{% endif %}
|
||||
wsrep_provider_options = "gcache.size={{ percona.gcache_size }};gcache.recover=yes{% if db.tls.enabled %};socket.ssl=yes;socket.ssl_key=/opt/ccp/etc/tls/server-key.pem;socket.ssl_cert=/opt/ccp/etc/tls/server-cert.pem;socket.ssl_ca=/opt/ccp/etc/tls/ca.pem"{% endif %}
|
||||
|
||||
{% if percona.tls.enabled %}
|
||||
{% if db.tls.enabled %}
|
||||
ssl-ca = /opt/ccp/etc/tls/ca.pem
|
||||
ssl-cert = /opt/ccp/etc/tls/server-cert.pem
|
||||
ssl-key = /opt/ccp/etc/tls/server-key.pem
|
||||
|
|
|
@ -15,7 +15,7 @@ service:
|
|||
daemon:
|
||||
files:
|
||||
- galera-checker
|
||||
# {% if percona.tls.enabled %}
|
||||
# {% if db.tls.enabled %}
|
||||
- ca.pem
|
||||
- server-key.pem
|
||||
- server-cert.pem
|
||||
|
@ -36,7 +36,7 @@ service:
|
|||
files:
|
||||
- haproxy-conf
|
||||
- haproxy_entrypoint
|
||||
# {% if percona.tls.enabled %}
|
||||
# {% if db.tls.enabled %}
|
||||
- ca.pem
|
||||
- server-key.pem
|
||||
- server-cert.pem
|
||||
|
@ -79,7 +79,7 @@ service:
|
|||
- entrypoint
|
||||
- mycnf
|
||||
- galera-checker
|
||||
# {% if percona.tls.enabled %}
|
||||
# {% if db.tls.enabled %}
|
||||
- ca.pem
|
||||
- server-key.pem
|
||||
- server-cert.pem
|
||||
|
@ -107,7 +107,7 @@ files:
|
|||
path: /opt/ccp/bin/haproxy_entrypoint.py
|
||||
content: haproxy_entrypoint.py
|
||||
perm: "0755"
|
||||
# {% if percona.tls.enabled %}
|
||||
# {% if db.tls.enabled %}
|
||||
ca.pem:
|
||||
path: /opt/ccp/etc/tls/ca.pem
|
||||
content: ca.pem.j2
|
||||
|
|
Loading…
Reference in New Issue