x
/
fuel-ccp-designate
Code Issues Proposed changes

Add SSL support for designate CCP plugin 

Add SSL for designate components.

Change-Id: I5e94299fdb38fb9eaa74498778b14df3e00b9824
This commit is contained in:
Peter Razumovsky 2017-02-14 12:46:43 +04:00
parent c7773735e3
commit 1f39d95902
3 changed files with 10 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
service/designate-api.yaml
View File

@ -13,7 +13,10 @@ service:
type: single type: single
command: command:
mysql -u root -p{{ db.root_password }} -h {{ address(service.database) }} -e "create database {{ designate.db.name.main_database }}; mysql -u root -p{{ db.root_password }} -h {{ address(service.database) }} -e "create database {{ designate.db.name.main_database }};
grant all privileges on {{ designate.db.name.main_database }}.* to '{{ designate.db.username }}'@'%' identified by '{{ designate.db.password }}';" create user '{{ designate.db.username }}'@'%' identified by '{{ designate.db.password }}'
{% if percona.tls.enabled %} require ssl {% endif %};
grant all privileges on {{ designate.db.name.main_database }}.* to '{{ designate.db.username }}'@'%' identified by '{{ designate.db.password }}'
{% if percona.tls.enabled %} require ssl {% endif %};"
- name: designate-syncdb - name: designate-syncdb
dependencies: dependencies:
- designate-main-db-create - designate-main-db-create

5
service/designate-pool-manager.yaml
View File

@ -11,7 +11,10 @@ service:
type: single type: single
command: command:
mysql -u root -p{{ db.root_password }} -h {{ address(service.database) }} -e "create database {{ designate.db.name.pool_manager }}; mysql -u root -p{{ db.root_password }} -h {{ address(service.database) }} -e "create database {{ designate.db.name.pool_manager }};
grant all privileges on {{ designate.db.name.pool_manager }}.* to '{{ designate.db.username }}'@'%' identified by '{{ designate.db.password }}';" create user '{{ designate.db.username }}'@'%' identified by '{{ designate.db.password }}'
{% if percona.tls.enabled %} require ssl {% endif %};
grant all privileges on {{ designate.db.name.pool_manager }}.* to '{{ designate.db.username }}'@'%' identified by '{{ designate.db.password }}'
{% if percona.tls.enabled %} require ssl {% endif %};"
- name: designate-pool-sync - name: designate-pool-sync
dependencies: dependencies:
- designate-pool-manager-db-create - designate-pool-manager-db-create

4
service/files/designate.conf.j2
View File

@ -108,7 +108,7 @@ pool_id = {{ designate.pool.pool_id }}
# SQLAlchemy Pool Manager Cache # SQLAlchemy Pool Manager Cache
#------------------------------ #------------------------------
[pool_manager_cache:sqlalchemy] [pool_manager_cache:sqlalchemy]
connection = mysql+pymysql://{{ designate.db.username }}:{{ designate.db.password }}@{{ address(service.database) }}/{{ designate.db.name.pool_manager }} connection = mysql+pymysql://{{ designate.db.username }}:{{ designate.db.password }}@{{ address(service.database) }}/{{ designate.db.name.pool_manager }}{% if percona.tls.enabled %}?ssl_ca=/opt/ccp/etc/tls/ca.pem{% endif %}
######################## ########################
## Storage Configuration ## Storage Configuration
@ -117,7 +117,7 @@ connection = mysql+pymysql://{{ designate.db.username }}:{{ designate.db.passwor
# SQLAlchemy Storage # SQLAlchemy Storage
#------------------- #-------------------
[storage:sqlalchemy] [storage:sqlalchemy]
connection = mysql+pymysql://{{ designate.db.username }}:{{ designate.db.password }}@{{ address(service.database) }}/{{ designate.db.name.main_database }} connection = mysql+pymysql://{{ designate.db.username }}:{{ designate.db.password }}@{{ address(service.database) }}/{{ designate.db.name.main_database }}{% if percona.tls.enabled %}?ssl_ca=/opt/ccp/etc/tls/ca.pem{% endif %}
######################## ########################
## Handler Configuration ## Handler Configuration