a0cfc507ed
We will also create stable/xena branch from this commit. Change-Id: I2c887fa031a6001431bf5075fb9a58e5726f64ca
35 lines
1003 B
YAML
35 lines
1003 B
YAML
---
|
|
features:
|
|
- |
|
|
Galera role now leverages PKI role for creation and distribution of the
|
|
certificates and certificate authorities.
|
|
This introduces bunch of new variables which controls CA and certificates
|
|
generation details.
|
|
If user SSL certificates are provided - they would be used instead of
|
|
the generated ones.
|
|
|
|
The following new variables were introduced:
|
|
|
|
- galera_ssl_verify
|
|
- galera_pki_dir
|
|
- galera_pki_create_ca
|
|
- galera_pki_regen_ca
|
|
- galera_pki_certificates
|
|
- galera_pki_regen_cert
|
|
- galera_pki_authorities
|
|
- galera_pki_install_ca
|
|
- galera_pki_keys_path
|
|
- galera_pki_certs_path
|
|
- galera_pki_intermediate_cert_name
|
|
- galera_pki_intermediate_cert_path
|
|
- galera_pki_install_certificates
|
|
|
|
deprecations:
|
|
- |
|
|
Following variables were removed in favor of PKI ones
|
|
and have no effect anymore:
|
|
|
|
- galera_ssl_self_signed_regen
|
|
- galera_ssl_self_signed_subject
|
|
- galera_ssl_ca_self_signed_subject
|