Add DB SSL support
Change-Id: I5927663040a52e664e40cd13bee931b771adabb0 Depends-On: I9e6d9ee439cab734eba02320d58ccfcd73e23106
This commit is contained in:
Proskurin Kirill
parent
8a24d2badd
commit
9e46d0abd7
|
|
@ -16,7 +16,7 @@ reauthentication_auth_method = trusts
|
||||||
endpoint_type = internalURL
|
endpoint_type = internalURL
|
||||||
|
|
||||||
[database]
|
[database]
|
||||||
connection = mysql+pymysql://{{ heat.db.username }}:{{ heat.db.password }}@{{ address(service.database) }}/{{ heat.db.name }}
|
connection = mysql+pymysql://{{ heat.db.username }}:{{ heat.db.password }}@{{ address(service.database) }}/{{ heat.db.name }}{% if percona.tls.enabled %}?ssl_ca=/opt/ccp/etc/tls/ca.pem{% endif %}
|
||||||
|
|
||||||
[keystone_authtoken]
|
[keystone_authtoken]
|
||||||
auth_version = v3
|
auth_version = v3
|
||||||
|
|
|
||||||
|
|
@ -13,7 +13,10 @@ service:
|
||||||
type: single
|
type: single
|
||||||
command:
|
command:
|
||||||
mysql -u root -p{{ db.root_password }} -h {{ address(service.database) }} -e "create database {{ heat.db.name }};
|
mysql -u root -p{{ db.root_password }} -h {{ address(service.database) }} -e "create database {{ heat.db.name }};
|
||||||
grant all privileges on {{ heat.db.name }}.* to '{{ heat.db.username }}'@'%' identified by '{{ heat.db.password }}';"
|
create user '{{ heat.db.username }}'@'%' identified by '{{ heat.db.password }}'
|
||||||
|
{% if percona.tls.enabled %} require ssl {% endif %};
|
||||||
|
grant all privileges on {{ heat.db.name }}.* to '{{ heat.db.username }}'@'%' identified by '{{ heat.db.password }}'
|
||||||
|
{% if percona.tls.enabled %} require ssl {% endif %};"
|
||||||
- name: heat-db-sync
|
- name: heat-db-sync
|
||||||
files:
|
files:
|
||||||
- heat-conf
|
- heat-conf
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue