Add DB SSL support
Change-Id: Ie457d890c700c3423a5f4e4933b0c00af37d6f0d Depends-On: I9e6d9ee439cab734eba02320d58ccfcd73e23106
This commit is contained in:
parent
8f1257dabe
commit
5b216b1355
|
@ -16,7 +16,7 @@ host_ip = {{ network_topology["private"]["address"] }}
|
|||
port = {{ ironic.api_port.cont }}
|
||||
|
||||
[database]
|
||||
connection = mysql+pymysql://{{ ironic.db.username }}:{{ ironic.db.password }}@{{ address('mariadb', mariadb.port) }}/{{ ironic.db.name }}
|
||||
connection = mysql+pymysql://{{ ironic.db.username }}:{{ ironic.db.password }}@{{ address(service.database) }}/{{ ironic.db.name }}{% if percona.tls.enabled %}?ssl_ca=/opt/ccp/etc/tls/ca.pem{% endif %}
|
||||
max_retries = -1
|
||||
|
||||
[keystone_authtoken]
|
||||
|
|
|
@ -15,9 +15,11 @@ service:
|
|||
pre:
|
||||
- name: ironic-db-create
|
||||
type: single
|
||||
command: mysql -v -u root -p{{ db.root_password }} -h {{ address(service.database) }} -e
|
||||
'create database `{{ ironic.db.name }}`; grant all privileges on `{{ ironic.db.name }}`.* to
|
||||
"{{ ironic.db.username }}"@"%" identified by "{{ ironic.db.password }}"'
|
||||
command: mysql -v -u root -p{{ db.root_password }} -h {{ address(service.database) }} -e "create database `{{ ironic.db.name }}`;
|
||||
create user '{{ ironic.db.username }}'@'%' identified by '{{ ironic.db.password }}'
|
||||
{% if percona.tls.enabled %} require ssl {% endif %};
|
||||
grant all privileges on `{{ ironic.db.name }}`.* to '{{ ironic.db.username }}'@'%' identified by '{{ ironic.db.password }}'
|
||||
{% if percona.tls.enabled %} require ssl {% endif %};"
|
||||
dependencies:
|
||||
- {{ service.database }}
|
||||
- name: ironic-db-sync
|
||||
|
|
Loading…
Reference in New Issue