summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJenkins <jenkins@review.openstack.org>2017-02-21 06:47:40 +0000
committerGerrit Code Review <review@openstack.org>2017-02-21 06:47:40 +0000
commite96c3bc5291852f04713a3a0c66866220ecc579a (patch)
treecfffc72b7a28e0e02498631a5cd8fbaf56587267
parent8951a80b8b245dbb2031ce532dc8f23e3282d24b (diff)
parent27d01257d4fbbd94cd26fa4942d584e59aab277d (diff)
Merge "Moving tls flag from percona to db group"
-rw-r--r--service/files/backup.sh.j22
-rw-r--r--service/files/glance-api.conf.j22
-rw-r--r--service/files/glance-registry.conf.j22
-rw-r--r--service/glance-api.yaml6
4 files changed, 7 insertions, 5 deletions
diff --git a/service/files/backup.sh.j2 b/service/files/backup.sh.j2
index af75d1f..1f57758 100644
--- a/service/files/backup.sh.j2
+++ b/service/files/backup.sh.j2
@@ -1,6 +1,6 @@
1#!/bin/bash -ex 1#!/bin/bash -ex
2set -o pipefail 2set -o pipefail
3BACKUP_FILE="/var/ccp/backup/glance/backup-$(date "+%Y%m%d%H%M%S").sql" 3BACKUP_FILE="/var/ccp/backup/glance/backup-$(date "+%Y%m%d%H%M%S").sql"
4mysqldump {% if percona.tls.enabled %} --ssl-mode REQUIRED {% endif %} -h {{ address(service.database) }} \ 4mysqldump {% if db.tls.enabled %} --ssl-mode REQUIRED {% endif %} -h {{ address(service.database) }} \
5 -u {{ glance.db.username }} -p{{ glance.db.password }} \ 5 -u {{ glance.db.username }} -p{{ glance.db.password }} \
6 --single-transaction {{ glance.db.name }} > "${BACKUP_FILE}" 6 --single-transaction {{ glance.db.name }} > "${BACKUP_FILE}"
diff --git a/service/files/glance-api.conf.j2 b/service/files/glance-api.conf.j2
index 46ea986..f5ecd28 100644
--- a/service/files/glance-api.conf.j2
+++ b/service/files/glance-api.conf.j2
@@ -16,7 +16,7 @@ show_image_direct_url = true
16show_multiple_locations = true 16show_multiple_locations = true
17 17
18[database] 18[database]
19connection = mysql+pymysql://{{ glance.db.username }}:{{ glance.db.password }}@{{ address(service.database) }}/{{ glance.db.name }}{% if percona.tls.enabled %}?ssl_ca=/opt/ccp/etc/tls/ca.pem{% endif %} 19connection = mysql+pymysql://{{ glance.db.username }}:{{ glance.db.password }}@{{ address(service.database) }}/{{ glance.db.name }}{% if db.tls.enabled %}?ssl_ca=/opt/ccp/etc/tls/ca.pem{% endif %}
20max_retries = -1 20max_retries = -1
21 21
22{{ keystone_authtoken.keystone_authtoken(glance.user, glance.password) }} 22{{ keystone_authtoken.keystone_authtoken(glance.user, glance.password) }}
diff --git a/service/files/glance-registry.conf.j2 b/service/files/glance-registry.conf.j2
index 39922d3..92104cd 100644
--- a/service/files/glance-registry.conf.j2
+++ b/service/files/glance-registry.conf.j2
@@ -9,7 +9,7 @@ bind_host = {{ network_topology["private"]["address"] }}
9bind_port = {{ glance.registry_port.cont }} 9bind_port = {{ glance.registry_port.cont }}
10 10
11[database] 11[database]
12connection = mysql+pymysql://{{ glance.db.username }}:{{ glance.db.password }}@{{ address(service.database) }}/{{ glance.db.name }}{% if percona.tls.enabled %}?ssl_ca=/opt/ccp/etc/tls/ca.pem{% endif %} 12connection = mysql+pymysql://{{ glance.db.username }}:{{ glance.db.password }}@{{ address(service.database) }}/{{ glance.db.name }}{% if db.tls.enabled %}?ssl_ca=/opt/ccp/etc/tls/ca.pem{% endif %}
13max_retries = -1 13max_retries = -1
14 14
15{{ keystone_authtoken.keystone_authtoken(glance.user, glance.password) }} 15{{ keystone_authtoken.keystone_authtoken(glance.user, glance.password) }}
diff --git a/service/glance-api.yaml b/service/glance-api.yaml
index c7d24b0..adf6a39 100644
--- a/service/glance-api.yaml
+++ b/service/glance-api.yaml
@@ -18,9 +18,9 @@ service:
18 command: 18 command:
19 mysql -u root -p{{ db.root_password }} -h {{ address(service.database) }} -e "create database {{ glance.db.name }}; 19 mysql -u root -p{{ db.root_password }} -h {{ address(service.database) }} -e "create database {{ glance.db.name }};
20 create user '{{ glance.db.username }}'@'%' identified by '{{ glance.db.password }}' 20 create user '{{ glance.db.username }}'@'%' identified by '{{ glance.db.password }}'
21 {% if percona.tls.enabled %} require ssl {% endif %}; 21 {% if db.tls.enabled %} require ssl {% endif %};
22 grant all privileges on {{ glance.db.name }}.* to '{{ glance.db.username }}'@'%' identified by '{{ glance.db.password }}' 22 grant all privileges on {{ glance.db.name }}.* to '{{ glance.db.username }}'@'%' identified by '{{ glance.db.password }}'
23 {% if percona.tls.enabled %} require ssl {% endif %};" 23 {% if db.tls.enabled %} require ssl {% endif %};"
24 - name: glance-db-sync 24 - name: glance-db-sync
25 files: 25 files:
26 - glance-api 26 - glance-api
@@ -69,6 +69,8 @@ service:
69 - glance-swift-conf 69 - glance-swift-conf
70 # {% endif %} 70 # {% endif %}
71 command: glance-api 71 command: glance-api
72 dependencies:
73 - memcached
72 # {% if glance.bootstrap.enable %} 74 # {% if glance.bootstrap.enable %}
73 post: 75 post:
74 - name: glance-cirros-image-upload 76 - name: glance-cirros-image-upload