From 9a4b972737825c5402d7d2b1ca7b3b4fb7f2c6e5 Mon Sep 17 00:00:00 2001
From: Juan Antonio Osorio Robles <jaosorior@redhat.com>
Date: Thu, 23 Feb 2017 15:02:56 +0200
Subject: Configure SSL connection for MySQL client via client config file

This uses the mysql client configuration file to configure if SSL should
be used for the connection if SSL in the internal network is enabled.

Change-Id: Ifd1a06e0749a05a65f6314255843f572d2209067
---
 ci/environments/multinode-3nodes.yaml      | 1 +
 puppet/services/database/mysql-client.yaml | 4 ++++
 roles_data.yaml                            | 5 ++++-
 3 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/ci/environments/multinode-3nodes.yaml b/ci/environments/multinode-3nodes.yaml
index 03065c6a..d6e2376a 100644
--- a/ci/environments/multinode-3nodes.yaml
+++ b/ci/environments/multinode-3nodes.yaml
@@ -55,6 +55,7 @@
     - OS::TripleO::Services::TripleoFirewall
     - OS::TripleO::Services::NovaCompute
     - OS::TripleO::Services::NovaLibvirt
+    - OS::TripleO::Services::MySQLClient
 
 - name: Controller
   CountDefault: 1
diff --git a/puppet/services/database/mysql-client.yaml b/puppet/services/database/mysql-client.yaml
index 1415391c..c8428e0a 100644
--- a/puppet/services/database/mysql-client.yaml
+++ b/puppet/services/database/mysql-client.yaml
@@ -18,6 +18,9 @@ parameters:
     description: Mapping of service endpoint -> protocol. Typically set
                  via parameter_defaults in the resource registry.
     type: json
+  EnableInternalTLS:
+    type: boolean
+    default: false
 
 outputs:
   role_data:
@@ -26,5 +29,6 @@ outputs:
       service_name: mysql_client
       config_settings:
         tripleo::profile::base:database::mysql::client_bind_address: {get_param: [ServiceNetMap, MysqlNetwork]}
+        tripleo::profile::base::database::mysql::client::enable_ssl: {get_param: EnableInternalTLS}
       step_config: |
         include ::tripleo::profile::base::database::mysql::client
diff --git a/roles_data.yaml b/roles_data.yaml
index 64b72a4e..95b25d98 100644
--- a/roles_data.yaml
+++ b/roles_data.yaml
@@ -156,7 +156,7 @@
     - OS::TripleO::Services::AuditD
     - OS::TripleO::Services::Collectd
     - OS::TripleO::Services::Vpp
-
+    - OS::TripleO::Services::MySQLClient
 
 - name: BlockStorage
   ServicesDefault:
@@ -173,6 +173,7 @@
     - OS::TripleO::Services::FluentdClient
     - OS::TripleO::Services::AuditD
     - OS::TripleO::Services::Collectd
+    - OS::TripleO::Services::MySQLClient
 
 - name: ObjectStorage
   disable_upgrade_deployment: True
@@ -191,6 +192,7 @@
     - OS::TripleO::Services::FluentdClient
     - OS::TripleO::Services::AuditD
     - OS::TripleO::Services::Collectd
+    - OS::TripleO::Services::MySQLClient
 
 - name: CephStorage
   ServicesDefault:
@@ -207,3 +209,4 @@
     - OS::TripleO::Services::FluentdClient
     - OS::TripleO::Services::AuditD
     - OS::TripleO::Services::Collectd
+    - OS::TripleO::Services::MySQLClient
-- 
cgit 1.2.3-korg