| classes: |
| - service.docker.host |
| - system.aptly.server.docker |
| - system.aptly.client.publisher |
| - system.debmirror.mirror_mirantis_com |
| - system.git.server.single |
| - system.docker.client |
| - system.docker.swarm.stack.aptly |
| - system.docker.swarm.manager |
| - system.docker.swarm.master |
| parameters: |
| _param: |
| aptly_gpg_keypair_id: A8272E04 |
| aptly_gpg_passphrase: "" |
| aptly_server_secure: true |
| docker_stack_aptly_public_replicas: 1 |
| docker_registry_http_secret: 'Thoh0unuaeSeeT9i' |
| # Upstream mirrors: |
| #mcp_docker_registry: 'docker-prod-local.artifactory.mirantis.com' |
| #vcp_images_mirror: 'http://images.mirantis.com' |
| default_local_mirrror_content: |
| # List of repos, to be placed into offline image, during separate image build process |
| # By default, will be avaible http_server |
| # WARNING: file path and names - must be exactly same as in any other place in reclass-system or model! |
| git_server_repos: |
| - name: mk-pipelines |
| url: https://gerrit.mcp.mirantis.com/mk/mk-pipelines |
| - name: pipeline-library |
| url: https://gerrit.mcp.mirantis.com/mcp-ci/pipeline-library |
| - name: reclass-system |
| url: https://gerrit.mcp.mirantis.com/salt-models/reclass-system |
| - name: cvp-sanity-checks |
| url: https://gerrit.mcp.mirantis.com/mcp/cvp-sanity-checks |
| - name: stacklight-pytest |
| url: https://gerrit.mcp.mirantis.com/mcp/stacklight-pytest |
| # 2 lines below should be replaced by pipeline |
| https_user: %STACKLIGHT_PYTEST_GIT_HTTPS_USER% |
| https_pass: %STACKLIGHT_PYTEST_GIT_HTTPS_PASS% |
| - name: cvp-configuration |
| url: https://gerrit.mcp.mirantis.com/mcp/cvp-configuration |
| mcp_static_images_url: 'http://images.mcp.mirantis.net/' |
| mcp_docker_registry: 'docker-prod-local.docker.mirantis.net' |
| aptly_gpg_private_key: | |
| -----BEGIN PGP PRIVATE KEY BLOCK----- |
| Version: GnuPG v1 |
| |
| lQOYBFnU98YBCACdTxOkxAJJQaQ4B9sEsh9s4MMOMxPSCwvzgGbk6HECDBhz2auF |
| FfVydNbjLfoih8qdaLSmBQg8+FtdYJHEG1lekeiUETOxJnkhUFXq85KGNj9BbGBr |
| m3/6Jo58pdMNdUMurAs807STvH3iTAhYymggX1u9GyjKbv24p2KMGuK1gC3W04NG |
| qOQX3iwjmBWq87fX7tNLafptCq5A9TAv4Dvt1XZgGCiLI+EcPyfgNB1W/+EOOkFu |
| jFdM43nm0YE3Bf4uuVR/u0REprYJfChdS6qYYgI3n2LuPyi9WMVVee+1RZmTwFcB |
| cS53h+gq1GHOhj+YOwm3+ctmIoTNi26siutdABEBAAEAB/wP10AzpddTGCyYxdW8 |
| zdETTjjmK6eRzbH45dO2tl925M/rjp5SiwkJ6xEelGktY/43xqz2UOho91t/9jMH |
| i/d+afQBQRAzBRxKigP04m09XaYWCPtWqrSC9LIBhFNR9h57SzDggbMb8227xYtL |
| oapFpEShMOR1KiMbnqNyV1zACQ1pHOZZOWzat8nFuKDeqA3n3Y/Cm8OCrX4QSGIU |
| FEqdQs7jgNhhxKEsmFUJfxF8KtTAyrdB0PVC6iyY3wifbpNZUk2IBfTa738LHcOo |
| Fc+griAsOPFCS1hLejZQphUX8NmyvE3nbzhsB8rNJqyKFgtFlIj7VpPMiYzK7P0h |
| 1NdjBADF/vZSnwMX2FQ2BKiWd35wHGLtwKGIKCWUTfnoRaRrMnl80vhX2IBwIsvO |
| cp7APojM8RfWwhMl/yvQ0QcuDNev47+s/9ix8SPJnnd2WvXACIq6JMtrhceVnLZO |
| 4KEp97S5+J/klbobB+GCNTFV+YG6uPLJ1oEorDhQbufgADqhswQAy2S4iMNuPxA/ |
| VAh1yYNewn0/64JiREjt1t6AiGMDj6iCi+Wdz+/eipZIF6o1m/diO0mq4YIWCk3p |
| 88tibIQSJvaFjyBTB+fGk1SfxTxeMJlasO5XPDuyzgnJW8sLP9B1jzBzr8dQmJ1b |
| TkepOdjps2CoNzJPGtFyhagi9qirFq8EAJjNe79JwozC3l8IStJOBiVUWa4cD+87 |
| XeZMAPn+4iRzS8vcGiXMSvz6fYVXlYe/kF9APjGQe+PDSMgSd3Sz5cqyDBANi2Sp |
| m5dNn4njwrNjMGghMCZ9y8iVPTy+RYgcpHJKLHwPoNtTpt845JmOU0z7f43Py71F |
| 3h5lsrjCilnKSO60Kk1pcmFudGlzIE9mZmxpbmUgQXB0bHkgPGluZm9AbWlyYW50 |
| aXMuY29tPokBOAQTAQIAIgUCWdT3xgIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgEC |
| F4AACgkQpIXB3agnLgS9wQf7B2LiR4wQh7VqVwx1dKrhj0AXF7jSYfYJ/vtV6mXb |
| 0AxAxC3BVoW+KLPB+W9lHCXBRYXf1pJZIYcxv0rTGeqzpcxVmMIT1E4OAmZp8pFl |
| BsFNTERG2z01kdnd3oddF3GSiP1cTg2+c9hJUGJR0tAbPXDm0dXhuDD428IuSx5o |
| 4bdNdCshPYRe/P3CGG+KrySLL0/06UU2I5Mxf4pctRouWfrQDA6sIS+P58NKwIpX |
| dWj1pPogJzVUJqHHyAUM8Ri+AZoXtKjqXAqNQNCd/xPaL9dtGxKTMDDKHvqyF5Mp |
| U3eYcEFIi79nunfC6Iaw+Izo+hYpiBlb2s6QkCgR2y/f150DmARZ1PfGAQgA1NqQ |
| orh2cvogoU4DbRwnQKZDCCt4WnbvcJf8WZw7sINbqJm3pd/UjVwcPG0GFe9w7/eE |
| dKv6N/fVMJYo/Dj34j2waN46sIBBaXi8pPuCrs/fV+KFGmdXNrOED8LeJ835+6eA |
| m3W/930P1o/Rncfi7ANQr4nuSkzCoXhwo9n8RX70L1pYtGw1v3qMaDBKHGpZ0ZqS |
| ewSlQYclWG5EKg6ecR0wnLK9W62b5uExbexh7d+W22NTZ9j7SVfwHG4IleZ03B+a |
| k0NqlKpdEA9+8QLdrQsqFN8qDHqJ46ag+5xtpAPmw1S2va7Gkr0BMxzdxwA5d4Za |
| uevaEKTi5NLGdNZuHQARAQABAAf7BFUmmIlUr+Zzf5UM8M2f5ur7dlEcNAszuID/ |
| e/t4I5Go7fejC1dRBkeXs4sskom7LMdHBPDzOOxshH6p+uhV8176FkhfvXP+4Ny6 |
| SklsUY6dpzZPK0hrOAvTZla7GuhQbFTugzuUWr9K8T0gMSv+bHtsywXtuclyNMM0 |
| 18D6J5fycwEoO4mlRg7TS1xBqzumZiIZCQp6y1KUwtDKOcvg/Xf15kHsiXJ/nNAA |
| z8Nkghk9mEF/ve7zsUPKgwcs69wdLeVOUtSqe990gLmKbRKm8LqbHVsgZXkUNUpC |
| 0vQrhM74WGrkIlo+Qf/SLKs6J1I09FQ6mRIsmI1LySZlaQwwQQQA4/nfrkkZB4kW |
| 9PaADnJz/c6rIIAIrIiO/CflyjRmz4+RTeJ3bNHlf+EmecTVmPaFUoweeWCaLzr5 |
| ZgWnBCe/gW7Cp/tmZZw+jVhTMhP73utFusvVTBQA4fOU24XPOkoh9Lm2jmAvmG6n |
| JbKqJWtTG3Ek0Pl2lGECxLT4Wzleh2UEAO8Ez6I51kmFDPmpz4H/rqhuTmfIaif4 |
| CKYLAY9XH2fDCwwjC5Hn//ErCFGcxJkWfUCRdTZATK+c3HipEXxdEN/Z4z0GmBDD |
| 2eRoqagXiwXIxFA0REDgx6FXm4laXEUzyrIPIzuzZbtV9x6S/FlzyXdZcLZoavkr |
| PX7SK0t7pCxZA/0UcBegcuKSlHtLkBAD/1cdj2OlgteGqbpRP3d4FLADrsBw+iCN |
| h8lVfNtjKvcpY46ihqHZjZMcfaeI9p49N7HqwuuRaqKi7mE8QOuBM1oTAJ72CwV/ |
| bx+zDYDiL+2EQbZh58yPjwnLn7PcTNpMZ7RT58iGw6xXaJTkJTqiFthcG0B/iQEf |
| BBgBAgAJBQJZ1PfGAhsMAAoJEKSFwd2oJy4E5R4H/3XjYvsalh2g4iYEOjZ1Ld55 |
| AA+NDlnpeXJfEOlhxdnAvkTc1CfKdT3qaN5hG0m7sVowaeVbf4cDNwIQy+R75V73 |
| h2DQpno3746DDC0C2jRzDBwKrUU9Y/du3REcq4kMCnhtVBMSX6rbJoxSFdCzLu/X |
| Jd9oeXbbkObIeoe9FWIrswFB4NUhTHLn1bk5p8zsVbsRm3jl6ofoQmFKFoK6Fauu |
| NeB+Fc/1UdMpUb1Y9dpE/akgRm/79NRHKA4plQ2X/CGZu+KIw4XVn/0ilU8FbsX+ |
| KXcp8ui0XRqg8z44wtlroFTrnR+DgqplsellsrM+xGtZb9VrjFLeP89jzhrBWgE= |
| =QgPA |
| -----END PGP PRIVATE KEY BLOCK----- |
| aptly_gpg_public_key: | |
| -----BEGIN PGP PUBLIC KEY BLOCK----- |
| Version: GnuPG v1 |
| |
| mQENBFnU98YBCACdTxOkxAJJQaQ4B9sEsh9s4MMOMxPSCwvzgGbk6HECDBhz2auF |
| FfVydNbjLfoih8qdaLSmBQg8+FtdYJHEG1lekeiUETOxJnkhUFXq85KGNj9BbGBr |
| m3/6Jo58pdMNdUMurAs807STvH3iTAhYymggX1u9GyjKbv24p2KMGuK1gC3W04NG |
| qOQX3iwjmBWq87fX7tNLafptCq5A9TAv4Dvt1XZgGCiLI+EcPyfgNB1W/+EOOkFu |
| jFdM43nm0YE3Bf4uuVR/u0REprYJfChdS6qYYgI3n2LuPyi9WMVVee+1RZmTwFcB |
| cS53h+gq1GHOhj+YOwm3+ctmIoTNi26siutdABEBAAG0Kk1pcmFudGlzIE9mZmxp |
| bmUgQXB0bHkgPGluZm9AbWlyYW50aXMuY29tPokBOAQTAQIAIgUCWdT3xgIbAwYL |
| CQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQpIXB3agnLgS9wQf7B2LiR4wQh7Vq |
| Vwx1dKrhj0AXF7jSYfYJ/vtV6mXb0AxAxC3BVoW+KLPB+W9lHCXBRYXf1pJZIYcx |
| v0rTGeqzpcxVmMIT1E4OAmZp8pFlBsFNTERG2z01kdnd3oddF3GSiP1cTg2+c9hJ |
| UGJR0tAbPXDm0dXhuDD428IuSx5o4bdNdCshPYRe/P3CGG+KrySLL0/06UU2I5Mx |
| f4pctRouWfrQDA6sIS+P58NKwIpXdWj1pPogJzVUJqHHyAUM8Ri+AZoXtKjqXAqN |
| QNCd/xPaL9dtGxKTMDDKHvqyF5MpU3eYcEFIi79nunfC6Iaw+Izo+hYpiBlb2s6Q |
| kCgR2y/f17kBDQRZ1PfGAQgA1NqQorh2cvogoU4DbRwnQKZDCCt4WnbvcJf8WZw7 |
| sINbqJm3pd/UjVwcPG0GFe9w7/eEdKv6N/fVMJYo/Dj34j2waN46sIBBaXi8pPuC |
| rs/fV+KFGmdXNrOED8LeJ835+6eAm3W/930P1o/Rncfi7ANQr4nuSkzCoXhwo9n8 |
| RX70L1pYtGw1v3qMaDBKHGpZ0ZqSewSlQYclWG5EKg6ecR0wnLK9W62b5uExbexh |
| 7d+W22NTZ9j7SVfwHG4IleZ03B+ak0NqlKpdEA9+8QLdrQsqFN8qDHqJ46ag+5xt |
| pAPmw1S2va7Gkr0BMxzdxwA5d4ZauevaEKTi5NLGdNZuHQARAQABiQEfBBgBAgAJ |
| BQJZ1PfGAhsMAAoJEKSFwd2oJy4E5R4H/3XjYvsalh2g4iYEOjZ1Ld55AA+NDlnp |
| eXJfEOlhxdnAvkTc1CfKdT3qaN5hG0m7sVowaeVbf4cDNwIQy+R75V73h2DQpno3 |
| 746DDC0C2jRzDBwKrUU9Y/du3REcq4kMCnhtVBMSX6rbJoxSFdCzLu/XJd9oeXbb |
| kObIeoe9FWIrswFB4NUhTHLn1bk5p8zsVbsRm3jl6ofoQmFKFoK6FauuNeB+Fc/1 |
| UdMpUb1Y9dpE/akgRm/79NRHKA4plQ2X/CGZu+KIw4XVn/0ilU8FbsX+KXcp8ui0 |
| XRqg8z44wtlroFTrnR+DgqplsellsrM+xGtZb9VrjFLeP89jzhrBWgE= |
| =GLje |
| -----END PGP PUBLIC KEY BLOCK----- |
| aptly: |
| server: |
| mirror_update: |
| enabled: False |
| repo: |
| mcp_xenial_updates: |
| distribution: ubuntu-xenial |
| component: updates |
| architectures: amd64 |
| # Dummy repo |
| comment: "Local Xenial updates repository." |
| publisher: |
| component: updates |
| distributions: |
| - ubuntu-xenial/${_param:mcp_version} |
| - ubuntu-xenial/stable |
| docker: |
| host: |
| pkgs: |
| - docker-ce |
| - python-docker |
| insecure_registries: |
| - ${_param:default_local_mirrror_content:docker_client_registry_target_registry} |
| options: |
| bip: 10.99.0.1/16 |
| fixed-cidr: 10.99.0.1/17 |
| storage-driver: overlay2 |
| client: |
| registry: |
| target_registry: ${_param:default_local_mirrror_content:docker_client_registry_target_registry} |
| # List of images now at reclass-system/defaults |
| image: |
| ${_param:default_local_mirrror_content:docker_client_registry_image} |
| git: |
| server: |
| directory: /srv/git/ |
| repos: ${_param:default_local_mirrror_content:git_server_repos} |
| nginx: |
| server: |
| site: |
| http_server: |
| enabled: true |
| type: nginx_static |
| name: http_server |
| root: /srv/http |
| autoindex: True |
| access_policy: |
| allow: |
| - all |
| host: |
| name: http.${_param:cluster_domain} |
| port: 8078 |
| aptly_public: |
| enabled: true |
| type: nginx_proxy |
| name: aptly_public |
| proxy: |
| host: 127.0.0.1 |
| port: 18085 |
| protocol: http |
| size: 1G |
| host: |
| name: aptly.${_param:cluster_domain} |
| port: 80 |
| aptly_api: |
| enabled: true |
| type: nginx_proxy |
| name: aptly_api |
| proxy: |
| host: 127.0.0.1 |
| port: 18084 |
| protocol: http |
| size: 1G |
| host: |
| name: aptly-api.${_param:cluster_domain} |
| port: 8080 |
| docker_registry: |
| enabled: true |
| type: nginx_proxy |
| name: docker_registry |
| proxy: |
| host: 127.0.0.1 |
| port: 15000 |
| protocol: http |
| size: 1G |
| host: |
| name: registry.${_param:cluster_domain} |
| port: 5000 |
| linux: |
| system: |
| # List of files now at reclass-system/defaults |
| file: |
| ${_param:default_local_mirrror_content:linux_system_file} |
| profile: |
| locales: | |
| export LC_ALL=C |
| directory: |
| /srv/http/images: |
| user: www-data |
| group: www-data |
| mode: 755 |
| makedirs: true |
| /srv/scripts/: |
| user: www-data |
| group: www-data |
| mode: 755 |
| makedirs: true |
| maas: |
| mirror: |
| enabled: true |
| image: |
| sections: |
| ${_param:default_local_mirrror_content:maas_mirror_image_sections} |