Merge "Switch common.retry around enforceState to 'retries' parameter" into release/2019.2.0
diff --git a/src/com/mirantis/mcp/Validate.groovy b/src/com/mirantis/mcp/Validate.groovy
index 29402fe..23d974b 100644
--- a/src/com/mirantis/mcp/Validate.groovy
+++ b/src/com/mirantis/mcp/Validate.groovy
@@ -46,6 +46,7 @@
     def common = new com.mirantis.mk.Common()
     def variables = ''
     def entry_point = ''
+    def cluster_name = salt.getPillar(master, 'I@salt:master', '_param:cluster_name')['return'][0].values()[0]
     if ( salt.cmdRun(master, target, "docker ps -f name=${name} -q", false, null, false)['return'][0].values()[0] ) {
         salt.cmdRun(master, target, "docker rm -f ${name}")
     }
@@ -56,7 +57,8 @@
         entry_point = '--entrypoint /bin/bash'
     }
     salt.cmdRun(master, target, "docker run -tid --net=host --name=${name} " +
-                                "-u root ${entry_point} ${variables} ${dockerImageLink}")
+                                "-u root ${entry_point} ${variables} " +
+                                "-v /srv/salt/pki/${cluster_name}/:/etc/certs ${dockerImageLink}")
 }
 
 
@@ -98,9 +100,11 @@
         keystone.add("OS_AUTH_URL=${_pillar.auth.auth_url}/v3")
         keystone.add("OS_REGION_NAME=${_pillar.region_name}")
         keystone.add("OS_IDENTITY_API_VERSION=${_pillar.identity_api_version}")
-        keystone.add("OS_ENDPOINT_TYPE=admin")
+        keystone.add("OS_ENDPOINT_TYPE=internal")
         keystone.add("OS_PROJECT_DOMAIN_NAME=${_pillar.auth.project_domain_name}")
         keystone.add("OS_USER_DOMAIN_NAME=${_pillar.auth.user_domain_name}")
+        // we mount /srv/salt/pki/${cluster_name}/:/etc/certs with certs for cvp container
+        keystone.add("OS_CACERT='/etc/certs/proxy-with-chain.crt'")
         return keystone
     }
     else {
diff --git a/src/com/mirantis/mk/Orchestrate.groovy b/src/com/mirantis/mk/Orchestrate.groovy
index cecbfd1..64213ba 100644
--- a/src/com/mirantis/mk/Orchestrate.groovy
+++ b/src/com/mirantis/mk/Orchestrate.groovy
@@ -689,6 +689,13 @@
     salt.runSaltProcessStep(master, "I@kubernetes:pool and not I@kubernetes:master ${extra_tgt}", 'service.restart', ['kubelet'])
 }
 
+def installKubernetesClient(master, extra_tgt = '') {
+    def salt = new com.mirantis.mk.Salt()
+
+    // Install kubernetes client
+    salt.enforceStateWithTest([saltId: master, target: "I@kubernetes:client ${extra_tgt}", state: 'kubernetes.client'])
+}
+
 
 def installDockerSwarm(master, extra_tgt = '') {
     def salt = new com.mirantis.mk.Salt()