Galera cluster TLS Support Change-Id: I07624681c53cef53de6c72de97a53b96ea52381b

commit: 5f0c1d6f8a776000ce412cef24985b5dbc3594bd [log] [tgz]
author: Kirill Bespalov <kbespalov@mirantis.com> Tue Aug 15 15:29:32 2017 +0300
committer: Kirill Bespalov <kbespalov@mirantis.com> Mon Sep 18 16:54:14 2017 +0300
tree: e3cb6864234481a965d90a71235ba1a192461091
parent: d5b0e50ec384a03dcac3d7deee557287da3e1e1e [diff] [blame]
diff --git a/metadata/service/ssl.yml b/metadata/service/ssl.yml
new file mode 100644
index 0000000..5b31b31
--- /dev/null
+++ b/metadata/service/ssl.yml

@@ -0,0 +1,21 @@
+# class to enable tls for galera.master and galera.slave
+
+parameters:
+  _param:
+    mysql_ssl_key_file: /etc/mysql/ssl/key.pem
+    mysql_ssl_cert_file: /etc/mysql/ssl/cert.pem
+    mysql_ssl_ca_file: /etc/mysql/ssl/ca.pem
+
+  galera:
+    master:
+      ssl:
+        enabled: True
+        key_file: ${_param:mysql_ssl_key_file}
+        cert_file: ${_param:mysql_ssl_cert_file}
+        ca_file: ${_param:mysql_ssl_ca_file}
+    slave:
+      ssl:
+        enabled: True
+        key_file: ${_param:mysql_ssl_key_file}
+        cert_file: ${_param:mysql_ssl_cert_file}
+        ca_file: ${_param:mysql_ssl_ca_file}
commit	5f0c1d6f8a776000ce412cef24985b5dbc3594bd	[log] [tgz]
author	Kirill Bespalov <kbespalov@mirantis.com>	Tue Aug 15 15:29:32 2017 +0300
committer	Kirill Bespalov <kbespalov@mirantis.com>	Mon Sep 18 16:54:14 2017 +0300
tree	e3cb6864234481a965d90a71235ba1a192461091
parent	d5b0e50ec384a03dcac3d7deee557287da3e1e1e [diff] [blame]