feat(tls): Make openstack services compatible with mariadb with TLS
Change database scerets. Change-Id: I068dfcb23d596d4b9bcde1944fb4def010490452
This commit is contained in:
Gupta, Sangeet (sg774j)
parent
d277386769
commit
7b720184e3
@ -16,6 +16,7 @@ limitations under the License.
|
|||||||
{{- $envAll := . }}
|
{{- $envAll := . }}
|
||||||
{{- range $key1, $userClass := tuple "admin" "cinder" }}
|
{{- range $key1, $userClass := tuple "admin" "cinder" }}
|
||||||
{{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }}
|
{{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }}
|
||||||
|
{{- $connection := tuple "oslo_db" "internal" $userClass "mysql" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" }}
|
||||||
---
|
---
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Secret
|
kind: Secret
|
||||||
@ -23,6 +24,10 @@ metadata:
|
|||||||
name: {{ $secretName }}
|
name: {{ $secretName }}
|
||||||
type: Opaque
|
type: Opaque
|
||||||
data:
|
data:
|
||||||
DB_CONNECTION: {{ tuple "oslo_db" "internal" $userClass "mysql" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | b64enc -}}
|
{{- if $envAll.Values.manifests.certificates }}
|
||||||
|
DB_CONNECTION: {{ (printf "%s?charset=utf8&ssl_ca=/etc/mysql/certs/ca.crt&ssl_key=/etc/mysql/certs/tls.key&ssl_cert=/etc/mysql/certs/tls.crt&ssl_verify_cert" $connection ) | b64enc -}}
|
||||||
|
{{- else }}
|
||||||
|
DB_CONNECTION: {{ $connection | b64enc -}}
|
||||||
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|||||||
@ -16,6 +16,7 @@ limitations under the License.
|
|||||||
{{- $envAll := . }}
|
{{- $envAll := . }}
|
||||||
{{- range $key1, $userClass := tuple "admin" "glance" }}
|
{{- range $key1, $userClass := tuple "admin" "glance" }}
|
||||||
{{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }}
|
{{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }}
|
||||||
|
{{- $connection := tuple "oslo_db" "internal" $userClass "mysql" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" }}
|
||||||
---
|
---
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Secret
|
kind: Secret
|
||||||
@ -23,6 +24,10 @@ metadata:
|
|||||||
name: {{ $secretName }}
|
name: {{ $secretName }}
|
||||||
type: Opaque
|
type: Opaque
|
||||||
data:
|
data:
|
||||||
DB_CONNECTION: {{ tuple "oslo_db" "internal" $userClass "mysql" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | b64enc -}}
|
{{- if $envAll.Values.manifests.certificates }}
|
||||||
|
DB_CONNECTION: {{ (printf "%s?charset=utf8&ssl_ca=/etc/mysql/certs/ca.crt&ssl_key=/etc/mysql/certs/tls.key&ssl_cert=/etc/mysql/certs/tls.crt&ssl_verify_cert" $connection ) | b64enc -}}
|
||||||
|
{{- else }}
|
||||||
|
DB_CONNECTION: {{ $connection | b64enc -}}
|
||||||
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|||||||
@ -16,6 +16,7 @@ limitations under the License.
|
|||||||
{{- $envAll := . }}
|
{{- $envAll := . }}
|
||||||
{{- range $key1, $userClass := tuple "admin" "heat" }}
|
{{- range $key1, $userClass := tuple "admin" "heat" }}
|
||||||
{{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }}
|
{{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }}
|
||||||
|
{{- $connection := tuple "oslo_db" "internal" $userClass "mysql" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" }}
|
||||||
---
|
---
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Secret
|
kind: Secret
|
||||||
@ -23,6 +24,10 @@ metadata:
|
|||||||
name: {{ $secretName }}
|
name: {{ $secretName }}
|
||||||
type: Opaque
|
type: Opaque
|
||||||
data:
|
data:
|
||||||
DB_CONNECTION: {{ tuple "oslo_db" "internal" $userClass "mysql" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | b64enc -}}
|
{{- if $envAll.Values.manifests.certificates }}
|
||||||
|
DB_CONNECTION: {{ (printf "%s?charset=utf8&ssl_ca=/etc/mysql/certs/ca.crt&ssl_key=/etc/mysql/certs/tls.key&ssl_cert=/etc/mysql/certs/tls.crt&ssl_verify_cert" $connection ) | b64enc -}}
|
||||||
|
{{- else }}
|
||||||
|
DB_CONNECTION: {{ $connection | b64enc -}}
|
||||||
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|||||||
@ -16,6 +16,7 @@ limitations under the License.
|
|||||||
{{- $envAll := . }}
|
{{- $envAll := . }}
|
||||||
{{- range $key1, $userClass := tuple "admin" "keystone" }}
|
{{- range $key1, $userClass := tuple "admin" "keystone" }}
|
||||||
{{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }}
|
{{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }}
|
||||||
|
{{- $connection := tuple "oslo_db" "internal" $userClass "mysql" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" }}
|
||||||
---
|
---
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Secret
|
kind: Secret
|
||||||
@ -23,6 +24,10 @@ metadata:
|
|||||||
name: {{ $secretName }}
|
name: {{ $secretName }}
|
||||||
type: Opaque
|
type: Opaque
|
||||||
data:
|
data:
|
||||||
DB_CONNECTION: {{ tuple "oslo_db" "internal" $userClass "mysql" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | b64enc -}}
|
{{- if $envAll.Values.manifests.certificates }}
|
||||||
|
DB_CONNECTION: {{ (printf "%s?charset=utf8&ssl_ca=/etc/mysql/certs/ca.crt&ssl_key=/etc/mysql/certs/tls.key&ssl_cert=/etc/mysql/certs/tls.crt&ssl_verify_cert" $connection ) | b64enc -}}
|
||||||
|
{{- else }}
|
||||||
|
DB_CONNECTION: {{ $connection | b64enc -}}
|
||||||
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|||||||
@ -16,6 +16,7 @@ limitations under the License.
|
|||||||
{{- $envAll := . }}
|
{{- $envAll := . }}
|
||||||
{{- range $key1, $userClass := tuple "admin" "neutron" }}
|
{{- range $key1, $userClass := tuple "admin" "neutron" }}
|
||||||
{{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }}
|
{{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }}
|
||||||
|
{{- $connection := tuple "oslo_db" "internal" $userClass "mysql" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" }}
|
||||||
---
|
---
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Secret
|
kind: Secret
|
||||||
@ -23,6 +24,10 @@ metadata:
|
|||||||
name: {{ $secretName }}
|
name: {{ $secretName }}
|
||||||
type: Opaque
|
type: Opaque
|
||||||
data:
|
data:
|
||||||
DB_CONNECTION: {{ tuple "oslo_db" "internal" $userClass "mysql" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | b64enc -}}
|
{{- if $envAll.Values.manifests.certificates }}
|
||||||
|
DB_CONNECTION: {{ (printf "%s?charset=utf8&ssl_ca=/etc/mysql/certs/ca.crt&ssl_key=/etc/mysql/certs/tls.key&ssl_cert=/etc/mysql/certs/tls.crt&ssl_verify_cert" $connection ) | b64enc -}}
|
||||||
|
{{- else }}
|
||||||
|
DB_CONNECTION: {{ $connection | b64enc -}}
|
||||||
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user