forked from cloudfoundry/cf-deployment
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathuse-pxc.yml
155 lines (155 loc) · 4.97 KB
/
use-pxc.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
- type: replace
path: /releases/name=cf-mysql
value:
name: pxc
sha1: 44822031ded0e4c48133df92775964dcebe99204
url: https://bosh.io/d/github.com/cloudfoundry-incubator/pxc-release?v=0.10.0
version: 0.10.0
- type: replace
path: /instance_groups/name=database/jobs/name=mysql/name
value: pxc-mysql
- type: replace
path: /instance_groups/name=database/jobs/name=pxc-mysql/release
value: pxc
- type: replace
path: /instance_groups/name=database/jobs/name=pxc-mysql?/properties
value:
admin_password: ((cf_mysql_mysql_admin_password))
binlog_enabled: false
cluster_health:
password: ((cf_mysql_mysql_cluster_health_password))
galera_agent:
db_password: ((cf_mysql_mysql_galera_healthcheck_password))
endpoint_password: ((cf_mysql_mysql_galera_healthcheck_endpoint_password))
endpoint_username: galera_healthcheck
port: 13306
seeded_databases:
- name: cloud_controller
password: ((cc_database_password))
username: cloud_controller
- name: diego
password: ((diego_database_password))
username: diego
- name: network_connectivity
password: ((network_connectivity_database_password))
username: network_connectivity
- name: network_policy
password: ((network_policy_database_password))
username: network_policy
- name: routing-api
password: ((routing_api_database_password))
username: routing-api
- name: uaa
password: ((uaa_database_password))
username: uaa
- name: locket
password: ((locket_database_password))
username: locket
tls:
galera: ((galera_server_certificate))
server: ((mysql_server_certificate))
- type: replace
path: /instance_groups/name=database/jobs/name=proxy/release
value: pxc
- type: replace
path: /instance_groups/name=database/jobs/name=proxy/properties
value:
api_password: ((cf_mysql_proxy_api_password))
api_port: 8083
consul_enabled: true
consul_service_name: sql-db
- type: replace
path: /instance_groups/name=database/jobs/-
value:
name: route_registrar
properties:
route_registrar:
routes:
- name: cf-mysql-proxy
port: 8083
prepend_instance_index: true
registration_interval: 10s
uris:
- proxy.((system_domain))
- name: cf-mysql-proxy-aggregator
port: 8082
registration_interval: 10s
uris:
- proxy.((system_domain))
release: routing
- type: replace
path: /instance_groups/name=database/jobs/name=proxy/properties/api_uri?
value: proxy.((system_domain))
- type: replace
path: /instance_groups/name=database/jobs/-
value:
name: bootstrap
release: pxc
- type: replace
path: /variables/-
value:
name: pxc_galera_ca
options:
common_name: pxc_galera_ca
is_ca: true
type: certificate
- type: replace
path: /variables/-
value:
name: pxc_server_ca
options:
common_name: pxc_server_ca
is_ca: true
type: certificate
- type: replace
path: /variables/-
value:
name: galera_server_certificate
options:
ca: pxc_galera_ca
common_name: galera_server_certificate
extended_key_usage:
- server_auth
- client_auth
type: certificate
- type: replace
path: /variables/-
value:
name: mysql_server_certificate
options:
ca: pxc_server_ca
common_name: sql-db.service.cf.internal
type: certificate
- type: replace
path: /instance_groups/name=api/jobs/name=cloud_controller_ng/properties/ccdb/address?
value: sql-db.service.cf.internal
- type: replace
path: /instance_groups/name=cc-worker/jobs/name=cloud_controller_worker/properties/ccdb/address?
value: sql-db.service.cf.internal
- type: replace
path: /instance_groups/name=scheduler/jobs/name=cloud_controller_clock/properties/ccdb/address?
value: sql-db.service.cf.internal
- type: replace
path: /instance_groups/name=api/jobs/name=routing-api/properties/routing_api/sqldb/ca_cert?
value: ((pxc_server_ca.certificate))
- type: replace
path: /instance_groups/name=api/jobs/name=cloud_controller_ng/properties/ccdb/ca_cert?
value: ((pxc_server_ca.certificate))
- type: replace
path: /instance_groups/name=cc-worker/jobs/name=cloud_controller_worker/properties/ccdb/ca_cert?
value: ((pxc_server_ca.certificate))
- type: replace
path: /instance_groups/name=scheduler/jobs/name=cloud_controller_clock/properties/ccdb/ca_cert?
value: ((pxc_server_ca.certificate))
- type: replace
path: /instance_groups/name=diego-api/jobs/name=bbs/properties/diego/bbs/sql/ca_cert?
value: ((pxc_server_ca.certificate))
- type: replace
path: /instance_groups/name=diego-api/jobs/name=bbs/properties/diego/bbs/sql/require_ssl?
value: true
- type: replace
path: /instance_groups/name=diego-api/jobs/name=locket/properties/diego/locket/sql/ca_cert?
value: ((pxc_server_ca.certificate))
- type: replace
path: /instance_groups/name=diego-api/jobs/name=locket/properties/diego/locket/sql/require_ssl?
value: true