X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=blobdiff_plain;f=puppet%2Fservices%2Fdatabase%2Fmysql.yaml;h=da55da3c83ae97df8db6b7b63e1917a3c565d8d0;hb=88381053c2785cce670bf91ebc00177992dc45bc;hp=808f135338f81a07e1aed7b0b41a6c3784158161;hpb=5353f1c7c9cd4408d10745206165aa4950ad76c6;p=apex-tripleo-heat-templates.git

diff --git a/puppet/services/database/mysql.yaml b/puppet/services/database/mysql.yaml
index 808f1353..da55da3c 100644
--- a/puppet/services/database/mysql.yaml
+++ b/puppet/services/database/mysql.yaml
@@ -23,6 +23,10 @@ parameters:
     description: Configures MySQL max_connections config setting
     type: number
     default: 4096
+  MysqlIncreaseFileLimit:
+    description: Flag to increase MySQL open-files-limit to 16384
+    type: boolean
+    default: true
   MysqlRootPassword:
     type: string
     hidden: true
@@ -38,13 +42,13 @@ parameters:
     description: The password for the nova db account
     type: string
     hidden: true
+  EnableInternalTLS:
+    type: boolean
+    default: false
 
-resources:
+conditions:
 
-  MySQLTLS:
-    type: OS::TripleO::Services::MySQLTLS
-    properties:
-      ServiceNetMap: {get_param: ServiceNetMap}
+  internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
 
 outputs:
   role_data:
@@ -53,7 +57,6 @@ outputs:
       service_name: mysql
       config_settings:
         map_merge:
-          - get_attr: [MySQLTLS, role_data, config_settings]
           -
             # The Galera package should work in cluster and
             # non-cluster modes based on the config file.
@@ -96,10 +99,32 @@ outputs:
                   $NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
             tripleo::profile::base::database::mysql::client_bind_address:
               {get_param: [ServiceNetMap, MysqlNetwork]}
+            tripleo::profile::base::database::mysql::generate_dropin_file_limit:
+              {get_param: MysqlIncreaseFileLimit}
+          - generate_service_certificates: true
+            tripleo::profile::base::database::mysql::certificate_specs:
+              service_certificate: '/etc/pki/tls/certs/mysql.crt'
+              service_key: '/etc/pki/tls/private/mysql.key'
+              hostname:
+                str_replace:
+                  template: "%{hiera('cloud_name_NETWORK')}"
+                  params:
+                    NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
+              principal:
+                str_replace:
+                  template: "mysql/%{hiera('cloud_name_NETWORK')}"
+                  params:
+                    NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
       step_config: |
         include ::tripleo::profile::base::database::mysql
       metadata_settings:
-        get_attr: [MySQLTLS, role_data, metadata_settings]
+        if:
+          - internal_tls_enabled
+          -
+            - service: mysql
+              network: {get_param: [ServiceNetMap, MysqlNetwork]}
+              type: vip
+          - null
       upgrade_tasks:
         - name: Check for galera root password
           tags: step0