x/fuel-ccp-neutron
Code Issues Proposed changes

Moving tls flag from percona to db group

Browse Source 
Change-Id: Ie60055dabb8d81c8aa3fd763f650d1955d59ace1
Depends-On: I2ff95f7a1cbb14cb1cd9e35677f95c30a4523340
This commit is contained in:
Andrey Pavlov 2017-02-20 14:30:47 +00:00
parent 9d50ce7330
commit 209dd8728f
3 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
service/files/backup.sh.j2
View File

@ -1,6 +1,6 @@
#!/bin/bash -ex
set -o pipefail
BACKUP_FILE="/var/ccp/backup/neutron/backup-$(date "+%Y%m%d%H%M%S").sql"
mysqldump {% if percona.tls.enabled %} --ssl-mode REQUIRED {% endif %} -h {{ address(service.database) }} \
mysqldump {% if db.tls.enabled %} --ssl-mode REQUIRED {% endif %} -h {{ address(service.database) }} \
-u {{ neutron.db.username }} -p{{ neutron.db.password }} \
--single-transaction {{ neutron.db.name }} > "${BACKUP_FILE}"

2
service/files/neutron.conf.j2
View File

@ -56,7 +56,7 @@ root_helper = sudo neutron-rootwrap /etc/neutron/rootwrap.conf
root_helper_daemon = sudo neutron-rootwrap-daemon /etc/neutron/rootwrap.conf
[database]
connection = mysql+pymysql://{{ neutron.db.username }}:{{ neutron.db.password }}@{{ address(service.database) }}/{{ neutron.db.name }}{% if percona.tls.enabled %}?ssl_ca=/opt/ccp/etc/tls/ca.pem{% endif %}
connection = mysql+pymysql://{{ neutron.db.username }}:{{ neutron.db.password }}@{{ address(service.database) }}/{{ neutron.db.name }}{% if db.tls.enabled %}?ssl_ca=/opt/ccp/etc/tls/ca.pem{% endif %}
max_retries = -1
max_pool_size = {{ neutron.db.max_pool_size }}
max_overflow = {{ neutron.db.max_overflow }}

4
service/neutron-server.yaml
View File

@ -19,9 +19,9 @@ service:
type: single
command: mysql -u root -p{{ db.root_password }} -h {{ address(service.database) }} -e 'create database `{{ neutron.db.name }}`;
create user "{{ neutron.db.username }}"@"%" identified by "{{ neutron.db.password }}"
{% if percona.tls.enabled %} require ssl {% endif %};
{% if db.tls.enabled %} require ssl {% endif %};
grant all privileges on `{{ neutron.db.name }}`.* to "{{ neutron.db.username }}"@"%" identified by "{{ neutron.db.password }}"
{% if percona.tls.enabled %} require ssl {% endif %};'
{% if db.tls.enabled %} require ssl {% endif %};'
- name: neutron-db-sync
type: single
command: neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head