diff options
author | Martin André <m.andre@redhat.com> | 2017-08-23 08:53:12 +0200 |
---|---|---|
committer | Emilien Macchi <emilien@redhat.com> | 2017-09-06 06:47:55 +0000 |
commit | dc646db94395ce4ad29d430107f6cb19e7a44d31 (patch) | |
tree | ce510f11c88a36ba1219b47517bc5fc778372392 /puppet/services/pacemaker/database | |
parent | 1b3264c2ad7a5ac3cfdf3f37dd6e899ee7063cfa (diff) |
TLS proxy for redis
Redis does not have TLS out of the box. Let's use a proxy container for
TLS termination.
bp tls-via-certmonger
Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com>
Change-Id: Ie2ae0d048a71e1b1b4edb10c74bc0395a1a9d5c9
Depends-On: I078567c831ade540cf704f81564e2b7654c85c0b
Depends-On: Ia50933da9e59268b17f56db34d01dcc6b6c38147
(cherry picked from commit c2a93cf4c5d9d6b5ee0536380751a7a9540927cc)
Diffstat (limited to 'puppet/services/pacemaker/database')
-rw-r--r-- | puppet/services/pacemaker/database/redis.yaml | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/puppet/services/pacemaker/database/redis.yaml b/puppet/services/pacemaker/database/redis.yaml index 66eb4b2a..e466f304 100644 --- a/puppet/services/pacemaker/database/redis.yaml +++ b/puppet/services/pacemaker/database/redis.yaml @@ -53,5 +53,16 @@ outputs: - redis::service_manage: false redis::notify_service: false redis::managed_by_cluster_manager: true + tripleo::profile::pacemaker::database::redis::tls_proxy_bind_ip: + get_param: [ServiceNetMap, RedisNetwork] + tripleo::profile::pacemaker::database::redis::tls_proxy_fqdn: + str_replace: + template: + "%{hiera('fqdn_$NETWORK')}" + params: + $NETWORK: {get_param: [ServiceNetMap, RedisNetwork]} + tripleo::profile::pacemaker::database::redis::tls_proxy_port: 6379 step_config: | include ::tripleo::profile::pacemaker::database::redis + metadata_settings: + get_attr: [RedisBase, role_data, metadata_settings] |