Merge "Refactor tls certs for xmpp"
diff --git a/.kitchen.yml b/.kitchen.yml
index 7501126..d4e87cf 100644
--- a/.kitchen.yml
+++ b/.kitchen.yml
@@ -51,7 +51,7 @@
platforms:
- name: <%=ENV['PLATFORM'] || 'saltstack-ubuntu-xenial-salt-stable' %>
driver_config:
- image: <%=ENV['PLATFORM'] || 'epcim/salt:saltstack-ubuntu-xenial-salt-stable'%>
+ image: <%=ENV['PLATFORM'] || 'docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-xenial-salt-stable/salt:2018_11_19'%>
platform: ubuntu
suites:
diff --git a/.travis.yml b/.travis.yml
index 7edf724..32abc3c 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -9,84 +9,52 @@
- pip install PyYAML
- pip install virtualenv
- |
- test -e Gemfile || cat <<EOF > Gemfile
- source 'https://rubygems.org'
- gem 'rake'
- gem 'test-kitchen'
- gem 'kitchen-docker'
- gem 'kitchen-vagrant'
- gem 'kitchen-inspec'
- gem 'inspec', '<3.0.0'
- #Version was frozen, because of issues in the version of inspec >3.0.0 -- see https://mirantis.jira.com/browse/PROD-24324 for more info
- gem 'kitchen-salt', :git => 'https://github.com/salt-formulas/kitchen-salt.git'
+ if [ ! -e Gemfile ]; then
+ curl -s -o ./Gemfile 'https://gerrit.mcp.mirantis.com/gitweb?p=salt-formulas/salt-formulas-scripts.git;a=blob_plain;f=Gemfile;hb=refs/heads/master'
+ fi
- bundle install
env:
- - PLATFORM=epcim/salt:saltstack-ubuntu-trusty-salt-2016.3 OC_REPO=oc311 SUITE=single3
- - PLATFORM=epcim/salt:saltstack-ubuntu-trusty-salt-2016.3 OC_REPO=oc311 SUITE=analytics3
- - PLATFORM=epcim/salt:saltstack-ubuntu-trusty-salt-2016.3 OC_REPO=oc311 SUITE=control3
- - PLATFORM=epcim/salt:saltstack-ubuntu-trusty-salt-2016.3 OC_REPO=oc311 SUITE=cluster3
- - PLATFORM=epcim/salt:saltstack-ubuntu-xenial-salt-2016.3 OC_REPO=oc311 SUITE=vrouter3
- - PLATFORM=epcim/salt:saltstack-ubuntu-trusty-salt-2016.3 OC_REPO=oc323 SUITE=single3
- - PLATFORM=epcim/salt:saltstack-ubuntu-trusty-salt-2016.3 OC_REPO=oc323 SUITE=analytics3
- - PLATFORM=epcim/salt:saltstack-ubuntu-trusty-salt-2016.3 OC_REPO=oc323 SUITE=control3
- - PLATFORM=epcim/salt:saltstack-ubuntu-trusty-salt-2016.3 OC_REPO=oc323 SUITE=cluster3
- - PLATFORM=epcim/salt:saltstack-ubuntu-xenial-salt-2016.3 OC_REPO=oc323 SUITE=vrouter3
- - PLATFORM=epcim/salt:saltstack-ubuntu-xenial-salt-2016.3 OC_REPO=oc40 SUITE=single40
- - PLATFORM=epcim/salt:saltstack-ubuntu-xenial-salt-2016.3 OC_REPO=oc40 SUITE=analytics40
- - PLATFORM=epcim/salt:saltstack-ubuntu-xenial-salt-2016.3 OC_REPO=oc40 SUITE=control40
- - PLATFORM=epcim/salt:saltstack-ubuntu-xenial-salt-2016.3 OC_REPO=oc40 SUITE=cluster40
- - PLATFORM=epcim/salt:saltstack-ubuntu-xenial-salt-2016.3 OC_REPO=oc40 SUITE=vrouter40
- - PLATFORM=epcim/salt:saltstack-ubuntu-trusty-salt-2017.7 OC_REPO=oc311 SUITE=single3
- - PLATFORM=epcim/salt:saltstack-ubuntu-trusty-salt-2017.7 OC_REPO=oc311 SUITE=analytics3
- - PLATFORM=epcim/salt:saltstack-ubuntu-trusty-salt-2017.7 OC_REPO=oc311 SUITE=control3
- - PLATFORM=epcim/salt:saltstack-ubuntu-trusty-salt-2017.7 OC_REPO=oc311 SUITE=cluster3
- - PLATFORM=epcim/salt:saltstack-ubuntu-xenial-salt-2017.7 OC_REPO=oc311 SUITE=vrouter3
- - PLATFORM=epcim/salt:saltstack-ubuntu-trusty-salt-2017.7 OC_REPO=oc323 SUITE=single3
- - PLATFORM=epcim/salt:saltstack-ubuntu-trusty-salt-2017.7 OC_REPO=oc323 SUITE=analytics3
- - PLATFORM=epcim/salt:saltstack-ubuntu-trusty-salt-2017.7 OC_REPO=oc323 SUITE=control3
- - PLATFORM=epcim/salt:saltstack-ubuntu-trusty-salt-2017.7 OC_REPO=oc323 SUITE=cluster3
- - PLATFORM=epcim/salt:saltstack-ubuntu-xenial-salt-2017.7 OC_REPO=oc323 SUITE=vrouter3
- - PLATFORM=epcim/salt:saltstack-ubuntu-xenial-salt-2017.7 OC_REPO=oc40 SUITE=single40
- - PLATFORM=epcim/salt:saltstack-ubuntu-xenial-salt-2017.7 OC_REPO=oc40 SUITE=analytics40
- - PLATFORM=epcim/salt:saltstack-ubuntu-xenial-salt-2017.7 OC_REPO=oc40 SUITE=control40
- - PLATFORM=epcim/salt:saltstack-ubuntu-xenial-salt-2017.7 OC_REPO=oc40 SUITE=cluster40
- - PLATFORM=epcim/salt:saltstack-ubuntu-xenial-salt-2017.7 OC_REPO=oc40 SUITE=vrouter40
- - PLATFORM=epcim/salt:saltstack-ubuntu-trusty-salt-stable OC_REPO=oc323 SUITE=single3
- - PLATFORM=epcim/salt:saltstack-ubuntu-trusty-salt-stable OC_REPO=oc323 SUITE=analytics3
- - PLATFORM=epcim/salt:saltstack-ubuntu-trusty-salt-stable OC_REPO=oc323 SUITE=control3
- - PLATFORM=epcim/salt:saltstack-ubuntu-trusty-salt-stable OC_REPO=oc323 SUITE=cluster3
- - PLATFORM=epcim/salt:saltstack-ubuntu-xenial-salt-stable OC_REPO=oc323 SUITE=vrouter3
- - PLATFORM=epcim/salt:saltstack-ubuntu-xenial-salt-stable OC_REPO=oc40 SUITE=single40
- - PLATFORM=epcim/salt:saltstack-ubuntu-xenial-salt-stable OC_REPO=oc40 SUITE=analytics40
- - PLATFORM=epcim/salt:saltstack-ubuntu-xenial-salt-stable OC_REPO=oc40 SUITE=control40
- - PLATFORM=epcim/salt:saltstack-ubuntu-xenial-salt-stable OC_REPO=oc40 SUITE=cluster40
- - PLATFORM=epcim/salt:saltstack-ubuntu-xenial-salt-stable OC_REPO=oc40 SUITE=vrouter40
- # - PLATFORM=epcim/salt:saltstack-ubuntu-bionic-salt-2017.7 OC_REPO=oc311 SUITE=single3
- # - PLATFORM=epcim/salt:saltstack-ubuntu-bionic-salt-2017.7 OC_REPO=oc311 SUITE=analytics3
- # - PLATFORM=epcim/salt:saltstack-ubuntu-bionic-salt-2017.7 OC_REPO=oc311 SUITE=control3
- # - PLATFORM=epcim/salt:saltstack-ubuntu-bionic-salt-2017.7 OC_REPO=oc311 SUITE=cluster3
- # - PLATFORM=epcim/salt:saltstack-ubuntu-bionic-salt-2017.7 OC_REPO=oc311 SUITE=vrouter3
- # - PLATFORM=epcim/salt:saltstack-ubuntu-bionic-salt-2017.7 OC_REPO=oc323 SUITE=single3
- # - PLATFORM=epcim/salt:saltstack-ubuntu-bionic-salt-2017.7 OC_REPO=oc323 SUITE=analytics3
- # - PLATFORM=epcim/salt:saltstack-ubuntu-bionic-salt-2017.7 OC_REPO=oc323 SUITE=control3
- # - PLATFORM=epcim/salt:saltstack-ubuntu-bionic-salt-2017.7 OC_REPO=oc323 SUITE=cluster3
- # - PLATFORM=epcim/salt:saltstack-ubuntu-bionic-salt-2017.7 OC_REPO=oc323 SUITE=vrouter3
- # - PLATFORM=epcim/salt:saltstack-ubuntu-bionic-salt-2017.7 OC_REPO=oc40 SUITE=single40
- # - PLATFORM=epcim/salt:saltstack-ubuntu-bionic-salt-2017.7 OC_REPO=oc40 SUITE=analytics40
- # - PLATFORM=epcim/salt:saltstack-ubuntu-bionic-salt-2017.7 OC_REPO=oc40 SUITE=control40
- # - PLATFORM=epcim/salt:saltstack-ubuntu-bionic-salt-2017.7 OC_REPO=oc40 SUITE=cluster40
- # - PLATFORM=epcim/salt:saltstack-ubuntu-bionic-salt-2017.7 OC_REPO=oc40 SUITE=vrouter40
- # - PLATFORM=epcim/salt:saltstack-ubuntu-bionic-salt-2018.3 OC_REPO=oc323 SUITE=single3
- # - PLATFORM=epcim/salt:saltstack-ubuntu-bionic-salt-2018.3 OC_REPO=oc323 SUITE=analytics3
- # - PLATFORM=epcim/salt:saltstack-ubuntu-bionic-salt-2018.3 OC_REPO=oc323 SUITE=control3
- # - PLATFORM=epcim/salt:saltstack-ubuntu-bionic-salt-2018.3 OC_REPO=oc323 SUITE=cluster3
- # - PLATFORM=epcim/salt:saltstack-ubuntu-bionic-salt-2018.3 OC_REPO=oc323 SUITE=vrouter3
- # - PLATFORM=epcim/salt:saltstack-ubuntu-bionic-salt-2018.3 OC_REPO=oc40 SUITE=single40
- # - PLATFORM=epcim/salt:saltstack-ubuntu-bionic-salt-2018.3 OC_REPO=oc40 SUITE=analytics40
- # - PLATFORM=epcim/salt:saltstack-ubuntu-bionic-salt-2018.3 OC_REPO=oc40 SUITE=control40
- # - PLATFORM=epcim/salt:saltstack-ubuntu-bionic-salt-2018.3 OC_REPO=oc40 SUITE=cluster40
- # - PLATFORM=epcim/salt:saltstack-ubuntu-bionic-salt-2018.3 OC_REPO=oc40 SUITE=vrouter40
+ - PLATFORM=docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-trusty-salt-2016.3/salt:2018_11_19 OC_REPO=oc311 SUITE=single3
+ - PLATFORM=docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-trusty-salt-2016.3/salt:2018_11_19 OC_REPO=oc311 SUITE=analytics3
+ - PLATFORM=docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-trusty-salt-2016.3/salt:2018_11_19 OC_REPO=oc311 SUITE=control3
+ - PLATFORM=docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-trusty-salt-2016.3/salt:2018_11_19 OC_REPO=oc311 SUITE=cluster3
+ - PLATFORM=docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-xenial-salt-2016.3/salt:2018_11_19 OC_REPO=oc311 SUITE=vrouter3
+ - PLATFORM=docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-trusty-salt-2016.3/salt:2018_11_19 OC_REPO=oc323 SUITE=single3
+ - PLATFORM=docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-trusty-salt-2016.3/salt:2018_11_19 OC_REPO=oc323 SUITE=analytics3
+ - PLATFORM=docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-trusty-salt-2016.3/salt:2018_11_19 OC_REPO=oc323 SUITE=control3
+ - PLATFORM=docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-trusty-salt-2016.3/salt:2018_11_19 OC_REPO=oc323 SUITE=cluster3
+ - PLATFORM=docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-xenial-salt-2016.3/salt:2018_11_19 OC_REPO=oc323 SUITE=vrouter3
+ - PLATFORM=docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-xenial-salt-2016.3/salt:2018_11_19 OC_REPO=oc40 SUITE=single40
+ - PLATFORM=docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-xenial-salt-2016.3/salt:2018_11_19 OC_REPO=oc40 SUITE=analytics40
+ - PLATFORM=docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-xenial-salt-2016.3/salt:2018_11_19 OC_REPO=oc40 SUITE=control40
+ - PLATFORM=docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-xenial-salt-2016.3/salt:2018_11_19 OC_REPO=oc40 SUITE=cluster40
+ - PLATFORM=docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-xenial-salt-2016.3/salt:2018_11_19 OC_REPO=oc40 SUITE=vrouter40
+ - PLATFORM=docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-trusty-salt-2017.7/salt:2018_11_19 OC_REPO=oc311 SUITE=single3
+ - PLATFORM=docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-trusty-salt-2017.7/salt:2018_11_19 OC_REPO=oc311 SUITE=analytics3
+ - PLATFORM=docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-trusty-salt-2017.7/salt:2018_11_19 OC_REPO=oc311 SUITE=control3
+ - PLATFORM=docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-trusty-salt-2017.7/salt:2018_11_19 OC_REPO=oc311 SUITE=cluster3
+ - PLATFORM=docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-xenial-salt-2017.7/salt:2018_11_19 OC_REPO=oc311 SUITE=vrouter3
+ - PLATFORM=docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-trusty-salt-2017.7/salt:2018_11_19 OC_REPO=oc323 SUITE=single3
+ - PLATFORM=docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-trusty-salt-2017.7/salt:2018_11_19 OC_REPO=oc323 SUITE=analytics3
+ - PLATFORM=docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-trusty-salt-2017.7/salt:2018_11_19 OC_REPO=oc323 SUITE=control3
+ - PLATFORM=docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-trusty-salt-2017.7/salt:2018_11_19 OC_REPO=oc323 SUITE=cluster3
+ - PLATFORM=docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-xenial-salt-2017.7/salt:2018_11_19 OC_REPO=oc323 SUITE=vrouter3
+ - PLATFORM=docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-xenial-salt-2017.7/salt:2018_11_19 OC_REPO=oc40 SUITE=single40
+ - PLATFORM=docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-xenial-salt-2017.7/salt:2018_11_19 OC_REPO=oc40 SUITE=analytics40
+ - PLATFORM=docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-xenial-salt-2017.7/salt:2018_11_19 OC_REPO=oc40 SUITE=control40
+ - PLATFORM=docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-xenial-salt-2017.7/salt:2018_11_19 OC_REPO=oc40 SUITE=cluster40
+ - PLATFORM=docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-xenial-salt-2017.7/salt:2018_11_19 OC_REPO=oc40 SUITE=vrouter40
+ - PLATFORM=docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-trusty-salt-stable/salt:2018_11_19 OC_REPO=oc323 SUITE=single3
+ - PLATFORM=docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-trusty-salt-stable/salt:2018_11_19 OC_REPO=oc323 SUITE=analytics3
+ - PLATFORM=docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-trusty-salt-stable/salt:2018_11_19 OC_REPO=oc323 SUITE=control3
+ - PLATFORM=docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-trusty-salt-stable/salt:2018_11_19 OC_REPO=oc323 SUITE=cluster3
+ - PLATFORM=docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-xenial-salt-stable/salt:2018_11_19 OC_REPO=oc323 SUITE=vrouter3
+ - PLATFORM=docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-xenial-salt-stable/salt:2018_11_19 OC_REPO=oc40 SUITE=single40
+ - PLATFORM=docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-xenial-salt-stable/salt:2018_11_19 OC_REPO=oc40 SUITE=analytics40
+ - PLATFORM=docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-xenial-salt-stable/salt:2018_11_19 OC_REPO=oc40 SUITE=control40
+ - PLATFORM=docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-xenial-salt-stable/salt:2018_11_19 OC_REPO=oc40 SUITE=cluster40
+ - PLATFORM=docker-dev-local.docker.mirantis.net/epcim/salt/saltstack-ubuntu-xenial-salt-stable/salt:2018_11_19 OC_REPO=oc40 SUITE=vrouter40
before_script:
- set -o pipefail
diff --git a/Makefile b/Makefile
index d166862..fb69046 100644
--- a/Makefile
+++ b/Makefile
@@ -18,7 +18,11 @@
JOBS := 1
endif
+ifeq (,$(wildcard ./.kitchen.openstack.yml))
+KITCHEN_LOCAL_YAML?=.kitchen.openstack.yml
+else
KITCHEN_LOCAL_YAML?=.kitchen.yml
+endif
KITCHEN_OPTS?="--concurrency=$(JOBS)"
KITCHEN_OPTS_CREATE?=""
KITCHEN_OPTS_CONVERGE?=""
diff --git a/README.rst b/README.rst
index 1b642ba..49c542f 100644
--- a/README.rst
+++ b/README.rst
@@ -122,6 +122,11 @@
address: 127.0.0.1
master:
host: 127.0.0.1
+ contrail_cache:
+ engine: redis
+ host: 127.0.0.1
+ port: 6379
+ password: guest
discovery:
host: 127.0.0.1
data_ttl: 2
@@ -168,6 +173,7 @@
cache:
engine: redis
host: 127.0.0.1
+ password: guest
port: 6379
members:
- host: 127.0.0.1
@@ -280,6 +286,11 @@
address: 127.0.0.1
master:
host: 127.0.0.1
+ contrail_cache:
+ engine: redis
+ host: 127.0.0.1
+ port: 6379
+ password: guest
discovery:
host: 127.0.0.1
data_ttl: 1
@@ -332,6 +343,7 @@
cache:
engine: redis
host: 127.0.0.1
+ password: guest
port: 6379
members:
- host: 127.0.0.1
@@ -473,6 +485,7 @@
cache:
engine: redis
host: 127.0.0.1
+ password: guest
port: 6379
members:
- host: 127.0.0.1
@@ -515,6 +528,11 @@
enabled: true
bind:
address: 127.0.0.1
+ contrail_cache:
+ engine: redis
+ host: 127.0.0.1
+ password: guest
+ port: 6379
master:
host: 127.0.0.1
discovery:
diff --git a/metadata/service/control/analytics.yml b/metadata/service/control/analytics.yml
index 51e3694..b51a1fe 100644
--- a/metadata/service/control/analytics.yml
+++ b/metadata/service/control/analytics.yml
@@ -9,6 +9,7 @@
opencontrail_identity_version: '2.0'
keystone_admin_password: 'none'
keystone_service_token: 'none'
+ redis_password: 'none'
openstack_region: RegionOne
opencontrail:
common:
@@ -32,6 +33,11 @@
port: 9081
master:
host: ${_param:cluster_local_address}
+ contrail_cache:
+ engine: redis
+ host: ${_param:cluster_local_address}
+ port: 6379
+ password: ${_param:redis_password}
discovery:
host: ${_param:network_vip_address}
data_ttl: 1
diff --git a/metadata/service/control/cluster.yml b/metadata/service/control/cluster.yml
index aae62cf..d98a19e 100644
--- a/metadata/service/control/cluster.yml
+++ b/metadata/service/control/cluster.yml
@@ -9,6 +9,7 @@
opencontrail_identity_version: '2.0'
keystone_admin_password: 'none'
keystone_service_token: 'none'
+ redis_password: 'none'
openstack_region: RegionOne
opencontrail:
common:
@@ -101,6 +102,11 @@
port: 9081
master:
host: ${_param:cluster_local_address}
+ contrail_cache:
+ engine: redis
+ host: ${_param:cluster_local_address}
+ port: 6379
+ password: ${_param:redis_password}
discovery:
host: ${_param:cluster_vip_address}
data_ttl: 1
@@ -167,6 +173,7 @@
engine: redis
host: ${_param:cluster_local_address}
port: 6379
+ password: ${_param:redis_password}
members:
- host: ${_param:cluster_node01_address}
id: 1
diff --git a/metadata/service/control/control.yml b/metadata/service/control/control.yml
index 7cb3521..d033ccf 100644
--- a/metadata/service/control/control.yml
+++ b/metadata/service/control/control.yml
@@ -10,6 +10,7 @@
keystone_admin_password: 'none'
keystone_service_token: 'none'
openstack_region: RegionOne
+ redis_password: 'none'
opencontrail:
common:
version: ${_param:opencontrail_version}
@@ -132,6 +133,7 @@
cache:
engine: redis
host: ${_param:cluster_local_address}
+ password: ${_param:redis_password}
port: 6379
members:
- host: ${_param:cluster_node01_address}
diff --git a/metadata/service/control/single.yml b/metadata/service/control/single.yml
index f17d610..a63f28a 100644
--- a/metadata/service/control/single.yml
+++ b/metadata/service/control/single.yml
@@ -10,6 +10,7 @@
keystone_admin_password: 'none'
keystone_service_token: 'none'
openstack_region: RegionOne
+ redis_password: 'none'
opencontrail:
common:
version: ${_param:opencontrail_version}
@@ -85,6 +86,11 @@
port: 9081
master:
host: ${_param:single_address}
+ contrail_cache:
+ engine: redis
+ host: ${_param:single_address}
+ port: 6379
+ password: ${_param:redis_password}
discovery:
host: ${_param:single_address}
data_ttl: 1
@@ -141,6 +147,7 @@
engine: redis
host: ${_param:single_address}
port: 6379
+ password: ${_param:redis_password}
members:
- host: ${_param:single_address}
id: 1
diff --git a/opencontrail/files/4.0/config.global.js b/opencontrail/files/4.0/config.global.js
index e420435..2dd1b64 100644
--- a/opencontrail/files/4.0/config.global.js
+++ b/opencontrail/files/4.0/config.global.js
@@ -261,7 +261,7 @@
{%- else %}
config.redis_dump_file = '/var/lib/redis/dump-webui.rdb';
{%- endif %}
-config.redis_password = '';
+config.redis_password = '{{ web.cache.get("password", "") }}';
/* Cassandra Server */
config.cassandra = {};
diff --git a/opencontrail/files/4.0/contrail-alarm-gen.conf b/opencontrail/files/4.0/contrail-alarm-gen.conf
index e0c51a3..87ada20 100644
--- a/opencontrail/files/4.0/contrail-alarm-gen.conf
+++ b/opencontrail/files/4.0/contrail-alarm-gen.conf
@@ -30,6 +30,9 @@
[REDIS]
redis_server_port=6379
redis_uve_list = {% for member in collector.database.members %}{{ member.host }}:6379 {% endfor %}
+{%- if collector.get('contrail_cache', {}).get('password') %}
+redis_password = {{ collector.contrail_cache.password }}
+{%- endif %}
[SANDESH]
#sandesh_ssl_enable=False
diff --git a/opencontrail/files/4.0/contrail-analytics-api.conf b/opencontrail/files/4.0/contrail-analytics-api.conf
index 98544ae..6743e22 100644
--- a/opencontrail/files/4.0/contrail-analytics-api.conf
+++ b/opencontrail/files/4.0/contrail-analytics-api.conf
@@ -33,6 +33,9 @@
[REDIS]
redis_query_port = 6379
redis_uve_list = {% for member in collector.database.members %}{{ member.host }}:6379 {% endfor %}
+{%- if collector.get('contrail_cache', {}).get('password') %}
+redis_password = {{ collector.contrail_cache.password }}
+{%- endif %}
[SANDESH]
#sandesh_ssl_enable=False
diff --git a/opencontrail/files/4.0/contrail-collector.conf b/opencontrail/files/4.0/contrail-collector.conf
index 35f89cf..a8c8136 100644
--- a/opencontrail/files/4.0/contrail-collector.conf
+++ b/opencontrail/files/4.0/contrail-collector.conf
@@ -115,3 +115,6 @@
[REDIS]
port=6379
server=127.0.0.1
+{%- if collector.get('contrail_cache', {}).get('password') %}
+password={{ collector.contrail_cache.password }}
+{%- endif %}
diff --git a/opencontrail/files/4.0/contrail-query-engine.conf b/opencontrail/files/4.0/contrail-query-engine.conf
index 3cc9ef6..1e797bb 100644
--- a/opencontrail/files/4.0/contrail-query-engine.conf
+++ b/opencontrail/files/4.0/contrail-query-engine.conf
@@ -31,6 +31,9 @@
[REDIS]
port=6379
server=127.0.0.1
+{%- if collector.get('contrail_cache', {}).get('password') %}
+password={{ collector.contrail_cache.password }}
+{%- endif %}
[SANDESH]
# sandesh_ssl_enable=false
diff --git a/opencontrail/files/4.0/contrail-svc-monitor.conf b/opencontrail/files/4.0/contrail-svc-monitor.conf
index 8ebc4ee..d1e2dcc 100644
--- a/opencontrail/files/4.0/contrail-svc-monitor.conf
+++ b/opencontrail/files/4.0/contrail-svc-monitor.conf
@@ -44,7 +44,6 @@
#admin_user=
#admin_password=
#admin_tenant_name=
-#admin_token=
[SECURITY]
use_certs=False
diff --git a/opencontrail/files/4.0/contrail-vrouter-agent.conf b/opencontrail/files/4.0/contrail-vrouter-agent.conf
index 6a61247..ce2b28e 100644
--- a/opencontrail/files/4.0/contrail-vrouter-agent.conf
+++ b/opencontrail/files/4.0/contrail-vrouter-agent.conf
@@ -6,14 +6,14 @@
[CONTROL-NODE]
# List of IPAdress:Port of control-node's separated by space.(Mandatory)
# servers=10.0.0.1:5269 10.0.0.2:5260 10.0.0.3:5260
-servers={% for member in compute.control.members %}{{ member.host }}:5269 {% endfor %}
+servers={% for member in compute.control.members %}{{ member.host }}:5269{% if not loop.last %} {% endif %}{% endfor %}
[DEFAULT]
# Everything in this section is optional
# IP address and port to be used to connect to collector.
# Multiple IP:port strings separated by space can be provided
-collectors = {% for member in compute.collector.members %}{{ member.host }}:8086 {% endfor %}
+collectors = {% for member in compute.collector.members %}{{ member.host }}:8086{% if not loop.last %} {% endif %}{% endfor %}
# Agent mode : can be vrouter / tsn / tor (default is vrouter)
# agent_mode=
@@ -133,6 +133,7 @@
# List of IPAdress:Port of DNS Servers separated by space.
# servers=10.0.0.1:53 10.0.0.2:53 10.0.0.3:53
+servers={% for member in compute.control.members %}{{ member.host }}:53{% if not loop.last %} {% endif %}{% endfor %}
# Timeout for DNS server queries in milli-seconds
# dns_timeout=
diff --git a/opencontrail/files/4.0/contrail-webui-userauth.js b/opencontrail/files/4.0/contrail-webui-userauth.js
index 29424ea..1490f8c 100644
--- a/opencontrail/files/4.0/contrail-webui-userauth.js
+++ b/opencontrail/files/4.0/contrail-webui-userauth.js
@@ -6,18 +6,17 @@
/****************************************************************************
* Specify the authentication parameters for admin user
****************************************************************************/
- {%- if web.identity.engine == "keystone" %}
var auth = {};
+auth.admin_token = '';
+{%- if web.identity.engine == "keystone" %}
auth.admin_user = '{{ web.identity.user }}';
auth.admin_password = '{{ web.identity.password }}';
-auth.admin_token = '{{ web.identity.token }}';
auth.admin_tenant_name = '{{ web.identity.tenant }}';
+{%- else %}
+/* NOTE(ivasilevskaya) should be configured at the model level */
+auth.admin_user = 'admin';
+/* NOTE(ivasilevskaya) should be configured at the model level */
+auth.admin_password = 'contrail123';
+{%- endif %}
module.exports = auth;
-{%- else %}
-var auth = {};
-auth.admin_user = 'admin';
-auth.admin_password = 'contrail123';
-auth.admin_token = '';
-module.exports = auth;
-{%- endif %}
\ No newline at end of file
diff --git a/opencontrail/files/4.0/redis.conf b/opencontrail/files/4.0/redis.conf
index db9c433..3439922 100644
--- a/opencontrail/files/4.0/redis.conf
+++ b/opencontrail/files/4.0/redis.conf
@@ -193,6 +193,9 @@
# refuse the slave request.
#
# masterauth <master-password>
+{%- if collector.get('contrail_cache', {}).get("password") %}
+masterauth {{ collector.contrail_cache.password }}
+{%- endif %}
# When a slave loses its connection with the master, or when the replication
# is still in progress, the slave can act in two different ways:
@@ -329,6 +332,9 @@
# use a very strong password otherwise it will be very easy to break.
#
# requirepass foobared
+{%- if collector.get('contrail_cache', {}).get("password") %}
+requirepass {{ collector.contrail_cache.password }}
+{%- endif %}
# Command renaming.
#