Add SSL support for designate CCP plugin

Add SSL for designate components.

Change-Id: I5e94299fdb38fb9eaa74498778b14df3e00b9824
This commit is contained in:
Peter Razumovsky 2017-02-14 12:46:43 +04:00
parent c7773735e3
commit 1f39d95902
3 changed files with 10 additions and 4 deletions

View File

@ -13,7 +13,10 @@ service:
type: single
command:
mysql -u root -p{{ db.root_password }} -h {{ address(service.database) }} -e "create database {{ designate.db.name.main_database }};
grant all privileges on {{ designate.db.name.main_database }}.* to '{{ designate.db.username }}'@'%' identified by '{{ designate.db.password }}';"
create user '{{ designate.db.username }}'@'%' identified by '{{ designate.db.password }}'
{% if percona.tls.enabled %} require ssl {% endif %};
grant all privileges on {{ designate.db.name.main_database }}.* to '{{ designate.db.username }}'@'%' identified by '{{ designate.db.password }}'
{% if percona.tls.enabled %} require ssl {% endif %};"
- name: designate-syncdb
dependencies:
- designate-main-db-create

View File

@ -11,7 +11,10 @@ service:
type: single
command:
mysql -u root -p{{ db.root_password }} -h {{ address(service.database) }} -e "create database {{ designate.db.name.pool_manager }};
grant all privileges on {{ designate.db.name.pool_manager }}.* to '{{ designate.db.username }}'@'%' identified by '{{ designate.db.password }}';"
create user '{{ designate.db.username }}'@'%' identified by '{{ designate.db.password }}'
{% if percona.tls.enabled %} require ssl {% endif %};
grant all privileges on {{ designate.db.name.pool_manager }}.* to '{{ designate.db.username }}'@'%' identified by '{{ designate.db.password }}'
{% if percona.tls.enabled %} require ssl {% endif %};"
- name: designate-pool-sync
dependencies:
- designate-pool-manager-db-create

View File

@ -108,7 +108,7 @@ pool_id = {{ designate.pool.pool_id }}
# SQLAlchemy Pool Manager Cache
#------------------------------
[pool_manager_cache:sqlalchemy]
connection = mysql+pymysql://{{ designate.db.username }}:{{ designate.db.password }}@{{ address(service.database) }}/{{ designate.db.name.pool_manager }}
connection = mysql+pymysql://{{ designate.db.username }}:{{ designate.db.password }}@{{ address(service.database) }}/{{ designate.db.name.pool_manager }}{% if percona.tls.enabled %}?ssl_ca=/opt/ccp/etc/tls/ca.pem{% endif %}
########################
## Storage Configuration
@ -117,7 +117,7 @@ connection = mysql+pymysql://{{ designate.db.username }}:{{ designate.db.passwor
# SQLAlchemy Storage
#-------------------
[storage:sqlalchemy]
connection = mysql+pymysql://{{ designate.db.username }}:{{ designate.db.password }}@{{ address(service.database) }}/{{ designate.db.name.main_database }}
connection = mysql+pymysql://{{ designate.db.username }}:{{ designate.db.password }}@{{ address(service.database) }}/{{ designate.db.name.main_database }}{% if percona.tls.enabled %}?ssl_ca=/opt/ccp/etc/tls/ca.pem{% endif %}
########################
## Handler Configuration