Config only
Change-Id: Ie154129c1a5aee23bdb32ac4f924cd2f2045dad3
diff --git a/README.rst b/README.rst
index bc1f622..e3a8576 100644
--- a/README.rst
+++ b/README.rst
@@ -1029,8 +1029,26 @@
- 10.10.10.10
ipf_port: 80
-Enforcing physical routers
+Configuring OpenStack default quotasx
+
+.. code-block:: yaml
+ config:
+ quota:
+ network: 5
+ subnet: 10
+ router: 10
+ floating_ip: 100
+ secgroup: 1000
+ secgroup_rule: 1000
+ port: 1000
+ pool: -1
+ member: -1
+ health_monitor: -1
+ vip: -1
+
+Enforcing physical routers
+h
.. code-block:: yaml
opencontrail:
@@ -1075,6 +1093,7 @@
virtual_network: 'virtual-network'
+
Usage
=====
diff --git a/metadata/service/control/analytics.yml b/metadata/service/control/analytics.yml
index 80046dc..14b8542 100644
--- a/metadata/service/control/analytics.yml
+++ b/metadata/service/control/analytics.yml
@@ -38,6 +38,16 @@
port: 9160
- host: ${_param:cluster_node03_address}
port: 9160
+ identity:
+ engine: keystone
+ version: '2.0'
+ region: RegionOne
+ host: ${_param:cluster_vip_address}
+ port: 35357
+ user: admin
+ password: '${_param:keystone_admin_password}'
+ token: '${_param:keystone_service_token}'
+ tenant: admin
database:
version: ${_param:opencontrail_version}
cassandra:
diff --git a/metadata/service/control/control.yml b/metadata/service/control/control.yml
index 62f8831..fe522cc 100644
--- a/metadata/service/control/control.yml
+++ b/metadata/service/control/control.yml
@@ -138,4 +138,4 @@
tenant: admin
network:
engine: neutron
- host: ${_param:cluster_vip_address}
\ No newline at end of file
+ host: ${_param:cluster_vip_address}
diff --git a/metadata/service/control/single.yml b/metadata/service/control/single.yml
index 8903522..ef579f7 100644
--- a/metadata/service/control/single.yml
+++ b/metadata/service/control/single.yml
@@ -125,7 +125,7 @@
id: 1
database:
engine: cassandra
- port: 9160
+ port: 9160
identity:
engine: keystone
version: '2.0'
@@ -137,4 +137,4 @@
tenant: admin
network:
engine: neutron
- host: ${_param:single_address}
\ No newline at end of file
+ host: ${_param:single_address}
diff --git a/opencontrail/collector.sls b/opencontrail/collector.sls
index 9a0dd28..bfb3f25 100644
--- a/opencontrail/collector.sls
+++ b/opencontrail/collector.sls
@@ -4,66 +4,74 @@
include:
- opencontrail.common
+{%- if not collector.get('config_only', False) %}
opencontrail_collector_packages:
pkg.installed:
- names: {{ collector.pkgs }}
- force_yes: True
+ - require_in:
+ - file: /etc/contrail/contrail-analytics-nodemgr.conf
+ - file: /etc/contrail/contrail-alarm-gen.conf
+ - file: /etc/contrail/contrail-snmp-collector.conf
+ - file: /etc/contrail/contrail-topology.conf
+ - file: {{ collector.redis_config }}
+ - file: /etc/contrail/contrail-collector.conf
+ - file: /etc/contrail/contrail-query-engine.conf
+ - file: /etc/contrail/contrail-analytics-api.conf
+ {%- if collector.version >= 3.0 and grains.get('init') != 'systemd' %}
+ - file: /etc/contrail/supervisord_analytics_files/contrail-analytics-nodemgr.ini
+ - file: /etc/contrail/supervisord_analytics.conf
+ {%- endif %}
+{%- endif %}
/etc/contrail/contrail-analytics-nodemgr.conf:
file.managed:
- source: salt://opencontrail/files/{{ collector.version }}/contrail-analytics-nodemgr.conf
- template: jinja
- - require:
- - pkg: opencontrail_collector_packages
/etc/contrail/contrail-alarm-gen.conf:
file.managed:
- source: salt://opencontrail/files/{{ collector.version }}/contrail-alarm-gen.conf
- template: jinja
- - require:
- - pkg: opencontrail_collector_packages
/etc/contrail/contrail-snmp-collector.conf:
file.managed:
- source: salt://opencontrail/files/{{ collector.version }}/contrail-snmp-collector.conf
- template: jinja
- - require:
- - pkg: opencontrail_collector_packages
/etc/contrail/contrail-topology.conf:
file.managed:
- source: salt://opencontrail/files/{{ collector.version }}/contrail-topology.conf
- template: jinja
- - require:
- - pkg: opencontrail_collector_packages
{{ collector.redis_config }}:
file.managed:
- - source: salt://opencontrail/files/{{ collector.version }}/collector/redis.conf
+ - source: salt://opencontrail/files/{{ collector.version }}/redis.conf
+ - template: jinja
- makedirs: True
- - require:
- - pkg: opencontrail_collector_packages
/etc/contrail/contrail-collector.conf:
file.managed:
- source: salt://opencontrail/files/{{ collector.version }}/contrail-collector.conf
- template: jinja
- - require:
- - pkg: opencontrail_collector_packages
/etc/contrail/contrail-query-engine.conf:
file.managed:
- source: salt://opencontrail/files/{{ collector.version }}/contrail-query-engine.conf
- template: jinja
- - require:
- - pkg: opencontrail_collector_packages
/etc/contrail/contrail-analytics-api.conf:
file.managed:
- source: salt://opencontrail/files/{{ collector.version }}/contrail-analytics-api.conf
- template: jinja
- - require:
- - pkg: opencontrail_collector_packages
+
+{%- if collector.version >= 4.0 and collector.identity.engine == "keystone" %}
+/etc/contrail/contrail-keystone-auth.conf_analytics:
+ file.managed:
+ - name: /etc/contrail/contrail-keystone-auth.conf
+ - source: salt://opencontrail/files/{{ collector.version }}/collector/contrail-keystone-auth.conf
+ - template: jinja
+{%- endif %}
{%- if collector.version >= 3.0 and grains.get('init') != 'systemd' %}
@@ -71,21 +79,15 @@
file.managed:
- source: salt://opencontrail/files/{{ collector.version }}/collector/contrail-analytics-nodemgr.ini
- makedirs: True
- - require:
- - pkg: opencontrail_collector_packages
- - require_in:
- - service: opencontrail_collector_services
/etc/contrail/supervisord_analytics.conf:
file.managed:
- source: salt://opencontrail/files/{{ collector.version }}/collector/supervisord_analytics.conf
- - require:
- - pkg: opencontrail_collector_packages
- - require_in:
- - service: opencontrail_collector_services
{%- endif %}
+{%- if not collector.get('config_only', False) %}
+
opencontrail_collector_services:
service.running:
- enable: true
@@ -102,6 +104,10 @@
- file: /etc/contrail/contrail-snmp-collector.conf
- file: /etc/contrail/contrail-analytics-nodemgr.conf
- file: /etc/contrail/contrail-alarm-gen.conf
+ {%- if collector.version >= 3.0 and grains.get('init') != 'systemd' %}
+ - file: /etc/contrail/supervisord_analytics_files/contrail-analytics-nodemgr.ini
+ - file: /etc/contrail/supervisord_analytics.conf
+ {%- endif %}
{%- if grains.get('virtual_subtype', None) == "Docker" %}
@@ -115,3 +121,5 @@
{%- endif %}
{%- endif %}
+
+{%- endif %}
diff --git a/opencontrail/common.sls b/opencontrail/common.sls
index cbaf5d2..020bc0e 100644
--- a/opencontrail/common.sls
+++ b/opencontrail/common.sls
@@ -1,8 +1,10 @@
{%- from "opencontrail/map.jinja" import common with context %}
+{%- if not common.get('config_only', False) %}
opencontrail_common_packages:
pkg.installed:
- names: {{ common.pkgs }}
+{% endif %}
/var/crashes:
diff --git a/opencontrail/config.sls b/opencontrail/config.sls
index 68d7901..1d659f1 100644
--- a/opencontrail/config.sls
+++ b/opencontrail/config.sls
@@ -4,10 +4,26 @@
include:
- opencontrail.common
+{%- if not config.get('config_only', False) %}
opencontrail_config_packages:
pkg.installed:
- names: {{ config.pkgs }}
- force_yes: True
+ - require_in:
+ - /etc/contrail/vnc_api_lib.ini
+ - /etc/contrail/contrail-api.conf
+ - /etc/contrail/contrail-device-manager.conf
+ - /etc/contrail/contrail-config-nodemgr.conf
+ {%- if config.identity.engine == "keystone" %}
+ - /etc/contrail/contrail-keystone-auth.conf
+ {%- endif %}
+ - /etc/contrail/contrail-schema.conf
+ - /etc/contrail/contrail-svc-monitor.conf
+ {%- if grains.get('init') != 'systemd' %}
+ - /etc/contrail/supervisord_config_files/contrail-api.ini
+ - /etc/init.d/contrail-api
+ {%- endif %}
+{%- endif %}
{% if config.version == 2.2 or config.version == 3.0 %}
@@ -77,14 +93,10 @@
file.managed:
- source: salt://opencontrail/files/{{ config.version }}/config/contrail-api.ini
- makedirs: true
- - require:
- - pkg: opencontrail_config_packages
/etc/init.d/contrail-api:
file.managed:
- source: salt://opencontrail/files/{{ config.version }}/config/contrail-api
- - require:
- - pkg: opencontrail_config_packages
{%- endif %}
@@ -92,65 +104,51 @@
file.managed:
- source: salt://opencontrail/files/{{ config.version }}/contrail-api.conf
- template: jinja
- - require:
- - pkg: opencontrail_config_packages
/etc/contrail/vnc_api_lib.ini:
file.managed:
- source: salt://opencontrail/files/{{ config.version }}/vnc_api_lib.ini
- template: jinja
- - require:
- - pkg: opencontrail_config_packages
/etc/contrail/contrail-device-manager.conf:
file.managed:
- source: salt://opencontrail/files/{{ config.version }}/contrail-device-manager.conf
- template: jinja
- - require:
- - pkg: opencontrail_config_packages
- - watch_in:
- - service: opencontrail_config_services
/etc/contrail/contrail-config-nodemgr.conf:
file.managed:
- source: salt://opencontrail/files/{{ config.version }}/contrail-config-nodemgr.conf
- template: jinja
- - require:
- - pkg: opencontrail_config_packages
- - watch_in:
- - service: opencontrail_config_services
-/etc/sudoers.d/contrail_sudoers:
- file.managed:
- - source: salt://opencontrail/files/{{ config.version }}/config/contrail_sudoers
- - template: jinja
- - require:
- - pkg: opencontrail_config_packages
{%- if config.identity.engine == "keystone" %}
/etc/contrail/contrail-keystone-auth.conf:
file.managed:
- source: salt://opencontrail/files/{{ config.version }}/contrail-keystone-auth.conf
- template: jinja
- - require:
- - pkg: opencontrail_config_packages
- - watch_in:
- - service: opencontrail_config_services
{%- endif %}
/etc/contrail/contrail-schema.conf:
file.managed:
- source: salt://opencontrail/files/{{ config.version }}/contrail-schema.conf
- template: jinja
- - require:
- - pkg: opencontrail_config_packages
+
/etc/contrail/contrail-svc-monitor.conf:
file.managed:
- source: salt://opencontrail/files/{{ config.version }}/contrail-svc-monitor.conf
- template: jinja
- - require:
- - pkg: opencontrail_config_packages
+
+{%- if config.get('config_only', False) %}
+opencontrail_config_doctrail:
+ file.managed:
+ - name: /usr/bin/doctrail
+ - template: jinja
+ - source: salt://opencontrail/files/{{ config.version }}/doctrail
+ - mode: 755
+{%- endif %}
+
+{%- if not config.get('config_only', False) %}
{%- if config.version >= 3.0 and grains.get('init') != 'systemd' %}
@@ -185,6 +183,15 @@
{%- endif %}
+
+/etc/sudoers.d/contrail_sudoers:
+ file.managed:
+ - source: salt://opencontrail/files/{{ config.version }}/config/contrail_sudoers
+ - template: jinja
+ - require:
+ - pkg: opencontrail_config_packages
+
+
opencontrail_config_services:
service.running:
- enable: true
@@ -202,6 +209,11 @@
- file: /etc/contrail/contrail-api.conf
- file: /etc/contrail/vnc_api_lib.ini
- file: /etc/sudoers.d/contrail_sudoers
+ - file: /etc/contrail/contrail-device-manager.conf
+ - file: /etc/contrail/contrail-config-nodemgr.conf
+ {%- if config.identity.engine == "keystone" %}
+ - file: /etc/contrail/contrail-keystone-auth.conf
+ {%- endif %}
{%- if grains.get('virtual_subtype', None) == "Docker" %}
@@ -215,3 +227,5 @@
{%- endif %}
{%- endif %}
+
+{%- endif %}
diff --git a/opencontrail/control.sls b/opencontrail/control.sls
index 8de19e4..d3a8bdb 100644
--- a/opencontrail/control.sls
+++ b/opencontrail/control.sls
@@ -4,44 +4,65 @@
include:
- opencontrail.common
+{%- if not control.get('config_only', False) %}
opencontrail_control_packages:
pkg.installed:
- names: {{ control.pkgs }}
- force_yes: True
+ - require_in:
+ - /etc/contrail/contrail-control-nodemgr.conf
+ - /etc/contrail/contrail-control.conf
+ - /etc/contrail/contrail-dns.conf
+ - /etc/contrail/dns
+ - /etc/contrail/dns/contrail-rndc.conf
+ {%- if control.version >= 3.0 and grains.get('init') != 'systemd' %}
+ - /etc/contrail/supervisord_control_files/contrail-control-nodemgr.ini
+ - /etc/contrail/supervisord_control.conf
+ {%- endif %}
+{%- endif %}
/etc/contrail/contrail-control-nodemgr.conf:
file.managed:
- source: salt://opencontrail/files/{{ control.version }}/contrail-control-nodemgr.conf
- template: jinja
- - require:
- - pkg: opencontrail_control_packages
/etc/contrail/contrail-control.conf:
file.managed:
- source: salt://opencontrail/files/{{ control.version }}/contrail-control.conf
- template: jinja
- - require:
- - pkg: opencontrail_control_packages
/etc/contrail/contrail-dns.conf:
file.managed:
- source: salt://opencontrail/files/{{ control.version }}/contrail-dns.conf
- template: jinja
- - require:
- - pkg: opencontrail_control_packages
+
+{%- if control.get('config_only', False) %}
+
+user_contrail:
+ user.present:
+ - name: contrail
+ - system: True
+ - require_in:
+ - /etc/contrail/dns
+
+opencontrail_control_doctrail:
+ file.managed:
+ - name: /usr/bin/doctrail
+ - template: jinja
+ - source: salt://opencontrail/files/{{ control.version }}/doctrail
+ - mode: 755
+
+{% endif %}
/etc/contrail/dns:
file.directory:
- user: contrail
- group: contrail
- - require:
- - pkg: opencontrail_control_packages
/etc/contrail/dns/contrail-rndc.conf:
file.managed:
- source: salt://opencontrail/files/{{ control.version }}/control/contrail-rndc.conf
- - require:
- - pkg: opencontrail_control_packages
+ - makedirs: True
{%- if control.version >= 3.0 and grains.get('init') != 'systemd' %}
@@ -49,21 +70,14 @@
file.managed:
- source: salt://opencontrail/files/{{ control.version }}/control/contrail-control-nodemgr.ini
- makedirs: true
- - require:
- - pkg: opencontrail_control_packages
- - require_in:
- - service: opencontrail_control_services
/etc/contrail/supervisord_control.conf:
file.managed:
- source: salt://opencontrail/files/{{ control.version }}/control/supervisord_control.conf
- - require:
- - pkg: opencontrail_control_packages
- - require_in:
- - service: opencontrail_control_services
{%- endif %}
+{%- if not control.get('config_only', False) %}
opencontrail_control_services:
service.running:
- enable: true
@@ -76,6 +90,9 @@
- file: /etc/contrail/contrail-dns.conf
- file: /etc/contrail/contrail-control.conf
- file: /etc/contrail/contrail-control-nodemgr.conf
+ - require:
+ - /etc/contrail/supervisord_control_files/contrail-control-nodemgr.ini
+ - /etc/contrail/supervisord_control.conf
{%- if grains.get('virtual_subtype', None) == "Docker" %}
@@ -85,8 +102,8 @@
- template: jinja
- source: salt://opencontrail/files/entrypoint.sh.control
- mode: 755
-
{%- endif %}
{%- endif %}
+{%- endif %}
diff --git a/opencontrail/database.sls b/opencontrail/database.sls
index e6afb49..2edfff5 100644
--- a/opencontrail/database.sls
+++ b/opencontrail/database.sls
@@ -1,4 +1,4 @@
-{%- from "opencontrail/map.jinja" import database,common with context %}
+{%- from "opencontrail/map.jinja" import database,common with context %}
{%- if database.enabled %}
include:
@@ -37,6 +37,32 @@
- pkg: opencontrail_database_packages
{% endif %}
+{% if database.version >= 4.0 %}
+
+{{ database.cassandra_config }}cassandra_analytics.yaml:
+ file.managed:
+ - source: salt://opencontrail/files/{{ database.version }}/cassandra_analytics.yaml
+ - template: jinja
+ - makedirs: True
+{% if grains.os_family == "RedHat" %}
+ - require:
+ - pkg: opencontrail_database_packages
+{% endif %}
+
+/usr/share/kafka/config/consumer.properties:
+ file.managed:
+ - source: salt://opencontrail/files/{{ database.version }}/consumer.properties
+ - template: jinja
+ - makedirs: true
+
+/usr/share/kafka/config/zookeeper.properties:
+ file.managed:
+ - source: salt://opencontrail/files/{{ database.version }}/zookeeper.properties
+ - template: jinja
+ - makedirs: true
+
+{% endif %}
+
{{ database.cassandra_config }}logback.xml:
file.managed:
- source: salt://opencontrail/files/{{ database.version }}/database/logback.xml
@@ -57,12 +83,46 @@
- pkg: opencontrail_database_packages
{% endif %}
+{% if database.version >= 4.0 %}
+{{ database.cassandra_config }}cassandra-env-analytics.sh:
+ file.managed:
+ - source: salt://opencontrail/files/{{ database.version }}/database/cassandra-env-analytics.sh
+ - template: jinja
+ - makedirs: True
+{% if grains.os_family == "RedHat" %}
+ - require:
+ - pkg: opencontrail_database_packages
{% endif %}
+{% endif %}
+
+{% endif %}
+
+{%- if database.get('config_only', False) %}
+opencontrail_database_doctrail:
+ file.managed:
+ - name: /usr/bin/doctrail
+ - template: jinja
+ - source: salt://opencontrail/files/{{ database.version }}/doctrail
+ - mode: 755
+{% endif %}
+
+{%- if not database.get('config_only', False) %}
opencontrail_database_packages:
pkg.installed:
- names: {{ database.pkgs }}
- force_yes: True
+ - require_in:
+ - /etc/zookeeper/conf/log4j.properties
+ - /etc/contrail/contrail-database-nodemgr.conf
+ - /etc/zookeeper/conf/zoo.cfg
+ - /etc/default/zookeeper
+ {%- if database.version >= 3.0 %}
+ - /usr/share/kafka/config/server.properties
+ {%- if database.version < 4.0 or grains.get('init') != 'systemd' %}
+ - /etc/contrail/supervisord_database_files/contrail-database-nodemgr.ini
+ {%- endif %}
+ {%- endif %}
{% if grains.os_family == "Debian" %}
- require:
- file: {{ database.cassandra_config }}cassandra.yaml
@@ -70,36 +130,47 @@
- file: {{ database.cassandra_config }}logback.xml
{% endif %}
+{% endif %}
+
/etc/zookeeper/conf/log4j.properties:
file.managed:
- source: salt://opencontrail/files/{{ database.version }}/database/log4j.properties
- - require:
- - pkg: opencontrail_database_packages
+ - makedirs: true
+
/etc/contrail/contrail-database-nodemgr.conf:
file.managed:
- source: salt://opencontrail/files/{{ database.version }}/contrail-database-nodemgr.conf
- template: jinja
- - require:
- - pkg: opencontrail_database_packages
/etc/zookeeper/conf/zoo.cfg:
file.managed:
- source: salt://opencontrail/files/{{ database.version }}/zoo.cfg
- template: jinja
- - require:
- - pkg: opencontrail_database_packages
+ - makedirs: true
/etc/default/zookeeper:
file.managed:
- - source: salt://opencontrail/files/{{ database.version }}/zookeeper
+ - source: salt://opencontrail/files/{{ database.version }}/zookeeper
+ - template: jinja
+
+{% if database.version >= 4.0 %}
+/etc/zookeeper/conf/zoo_analytics.cfg:
+ file.managed:
+ - source: salt://opencontrail/files/{{ database.version }}/zoo_analytics.cfg
- template: jinja
- - require:
- - pkg: opencontrail_database_packages
+ - makedirs: true
+
+/etc/default/zookeeper_analytics:
+ file.managed:
+ - source: salt://opencontrail/files/{{ database.version }}/zookeeper_analytics
+ - template: jinja
+{% endif %}
/var/lib/zookeeper/myid:
file.managed:
- contents: '{{ database.id }}'
+ - makedirs: true
{%- if database.version >= 3.0 %}
@@ -107,26 +178,18 @@
file.managed:
- source: salt://opencontrail/files/{{ database.version }}/server.properties
- template: jinja
- - require:
- - pkg: opencontrail_database_packages
- - require_in:
- - service: opencontrail_database_services
- - service: opencontrail_zookeeper_service
+ - makedirs: true
{%- if database.version < 4.0 or grains.get('init') != 'systemd' %}
-
+{%- if not database.get('config_only', False) %}
/etc/contrail/supervisord_database_files/contrail-database-nodemgr.ini:
file.managed:
- source: salt://opencontrail/files/{{ database.version }}/database/contrail-database-nodemgr.ini
- - require:
- - pkg: opencontrail_database_packages
- - require_in:
- - service: opencontrail_database_services
- - service: opencontrail_zookeeper_service
-
+{%- endif %}
{%- endif %}
{%- endif %}
+{%- if not database.get('config_only', False) %}
{% if grains.os_family == "Debian" %}
#Stop cassandra started by init script - replaced by contrail-database
disable-cassandra-service:
@@ -134,14 +197,15 @@
- name: cassandra
- enable: None
{% endif %}
+{% endif %}
+
+{%- if not database.get('config_only', False) %}
/var/lib/cassandra/data:
file.directory:
- user: cassandra
- group: cassandra
- makedirs: True
- - require_in:
- - service: opencontrail_database_services
/var/lib/cassandra:
file.directory:
@@ -183,6 +247,9 @@
- file: /etc/contrail/contrail-database-nodemgr.conf
- file: /var/lib/zookeeper/myid
- file: /etc/zookeeper/conf/log4j.properties
+ - file: /var/lib/cassandra/data
+ - file: /etc/contrail/supervisord_database_files/contrail-database-nodemgr.ini
+ - file: /usr/share/kafka/config/server.properties
opencontrail_zookeeper_service:
service.running:
@@ -195,6 +262,8 @@
- file: /etc/zookeeper/conf/zoo.cfg
- file: /etc/default/zookeeper
- file: /etc/zookeeper/conf/log4j.properties
+ - file: /etc/contrail/supervisord_database_files/contrail-database-nodemgr.ini
+ - file: /usr/share/kafka/config/server.properties
{%- if grains.get('virtual_subtype', None) == "Docker" %}
@@ -208,3 +277,5 @@
{%- endif %}
{%- endif %}
+
+{%- endif %}
diff --git a/opencontrail/files/2.2/contrail-api.conf b/opencontrail/files/2.2/contrail-api.conf
index ff92939..d124f3b 100644
--- a/opencontrail/files/2.2/contrail-api.conf
+++ b/opencontrail/files/2.2/contrail-api.conf
@@ -44,3 +44,40 @@
auth_url=http://{{ config.identity.host }}:{{ config.identity.port }}/v3
{%- endif %}
{%- endif %}
+
+{% if config.quota is defined %}
+[QUOTA]
+{%- if config.quota.network is defined %}
+virtual_network={{config.quota.network}}
+{%- endif %}
+{%- if config.quota.subnet is defined %}
+subnet={{config.quota.subnet}}
+{%- endif %}
+{%- if config.quota.floating_ip is defined %}
+floating_ip={{config.quota.floating_ip}}
+{%- endif %}
+{%- if config.quota.router is defined %}
+logical_router={{config.quota.router}}
+{%- endif %}
+{%- if config.quota.secgroup is defined %}
+security_group={{config.quota.secgroup}}
+{%- endif %}
+{%- if config.quota.secgroup_rule is defined %}
+security_group_rule={{config.quota.secgroup_rule}}
+{%- endif %}
+{%- if config.quota.port is defined %}
+virtual_machine_interface={{config.quota.port}}
+{%- endif %}
+{%- if config.quota.pool is defined %}
+loadbalancer_pool={{config.quota.pool}}
+{%- endif %}
+{%- if config.quota.member is defined %}
+loadbalancer_member={{config.quota.member}}
+{%- endif %}
+{%- if config.quota.health_monitor is defined %}
+loadbalancer_healthmonitor={{config.quota.health_monitor}}
+{%- endif %}
+{%- if config.quota.vip is defined %}
+virtual_ip={{config.quota.vip}}
+{%- endif %}
+{%- endif %}
diff --git a/opencontrail/files/3.0/contrail-api.conf b/opencontrail/files/3.0/contrail-api.conf
index ceadd64..be686aa 100644
--- a/opencontrail/files/3.0/contrail-api.conf
+++ b/opencontrail/files/3.0/contrail-api.conf
@@ -49,5 +49,43 @@
certfile=/etc/contrail/ssl/certs/apiserver.pem
ca_certs=/etc/contrail/ssl/certs/ca.pem
+{% if config.quota is defined %}
+[QUOTA]
+{%- if config.quota.network is defined %}
+virtual_network={{config.quota.network}}
+{%- endif %}
+{%- if config.quota.subnet is defined %}
+subnet={{config.quota.subnet}}
+{%- endif %}
+{%- if config.quota.floating_ip is defined %}
+floating_ip={{config.quota.floating_ip}}
+{%- endif %}
+{%- if config.quota.router is defined %}
+logical_router={{config.quota.router}}
+{%- endif %}
+{%- if config.quota.secgroup is defined %}
+security_group={{config.quota.secgroup}}
+{%- endif %}
+{%- if config.quota.secgroup_rule is defined %}
+security_group_rule={{config.quota.secgroup_rule}}
+{%- endif %}
+{%- if config.quota.port is defined %}
+virtual_machine_interface={{config.quota.port}}
+{%- endif %}
+{%- if config.quota.pool is defined %}
+loadbalancer_pool={{config.quota.pool}}
+{%- endif %}
+{%- if config.quota.member is defined %}
+loadbalancer_member={{config.quota.member}}
+{%- endif %}
+{%- if config.quota.health_monitor is defined %}
+loadbalancer_healthmonitor={{config.quota.health_monitor}}
+{%- endif %}
+{%- if config.quota.vip is defined %}
+virtual_ip={{config.quota.vip}}
+{%- endif %}
+{%- endif %}
+
[KEYSTONE]
keystone_sync_on_demand={{ config.identity.get('sync_on_demand', 'true') }}
+
diff --git a/opencontrail/files/3.0/collector/redis.conf b/opencontrail/files/3.0/redis.conf
similarity index 100%
rename from opencontrail/files/3.0/collector/redis.conf
rename to opencontrail/files/3.0/redis.conf
diff --git a/opencontrail/files/4.0/cassandra.yaml b/opencontrail/files/4.0/cassandra.yaml
index 0ffd86a..5aea775 100644
--- a/opencontrail/files/4.0/cassandra.yaml
+++ b/opencontrail/files/4.0/cassandra.yaml
@@ -1,5 +1,5 @@
{%- from "opencontrail/map.jinja" import database with context %}
-# Cassandra storage config YAML
+# Cassandra storage config YAML
# NOTE:
# See http://wiki.apache.org/cassandra/StorageConfiguration for
@@ -21,13 +21,13 @@
# Specifying initial_token will override this setting on the node's initial start,
# on subsequent starts, this setting will apply even if initial token is set.
#
-# If you already have a cluster with 1 token per node, and wish to migrate to
+# If you already have a cluster with 1 token per node, and wish to migrate to
# multiple tokens per node, see http://wiki.apache.org/cassandra/Operations
num_tokens: 256
# initial_token allows you to specify tokens manually. While you can use # it with
-# vnodes (num_tokens > 1, above) -- in which case you should provide a
-# comma-separated list -- it's primarily used when adding nodes # to legacy clusters
+# vnodes (num_tokens > 1, above) -- in which case you should provide a
+# comma-separated list -- it's primarily used when adding nodes # to legacy clusters
# that do not have vnodes enabled.
# initial_token:
@@ -213,7 +213,7 @@
# well as caches. Experiments show that JEMAlloc saves some memory
# than the native GCC allocator (i.e., JEMalloc is more
# fragmentation-resistant).
-#
+#
# Supported values are: NativeAllocator, JEMallocAllocator
#
# If you intend to use JEMallocAllocator you have to install JEMalloc as library and
@@ -226,8 +226,8 @@
# If not set, the default directory is $CASSANDRA_HOME/data/saved_caches.
saved_caches_directory: /var/lib/cassandra/saved_caches
-# commitlog_sync may be either "periodic" or "batch."
-#
+# commitlog_sync may be either "periodic" or "batch."
+#
# When in batch mode, Cassandra won't ack writes until the commit log
# has been fsynced to disk. It will wait
# commitlog_sync_batch_window_in_ms milliseconds between fsyncs.
@@ -240,14 +240,14 @@
#
# the other option is "periodic" where writes may be acked immediately
# and the CommitLog is simply synced every commitlog_sync_period_in_ms
-# milliseconds.
+# milliseconds.
commitlog_sync: periodic
commitlog_sync_period_in_ms: 10000
# The size of the individual commitlog file segments. A commitlog
# segment may be archived, deleted, or recycled once all the data
# in it (potentially from each columnfamily in the system) has been
-# flushed to sstables.
+# flushed to sstables.
#
# The default size is 32, which is almost always fine, but if you are
# archiving commitlog segments (see commitlog_archiving.properties),
@@ -258,7 +258,7 @@
# any class that implements the SeedProvider interface and has a
# constructor that takes a Map<String, String> of parameters will do.
seed_provider:
- # Addresses of hosts that are deemed contact points.
+ # Addresses of hosts that are deemed contact points.
# Cassandra nodes use this list of hosts to find each other and learn
# the topology of the ring. You must change this if you are running
# multiple nodes!
@@ -288,7 +288,7 @@
# the smaller of 1/4 of heap or 512MB.
# file_cache_size_in_mb: 512
-# Total permitted memory to use for memtables. Cassandra will stop
+# Total permitted memory to use for memtables. Cassandra will stop
# accepting writes when the limit is exceeded until a flush completes,
# and will trigger a flush based on memtable_cleanup_threshold
# If omitted, Cassandra will set both to 1/4 the size of the heap.
@@ -323,11 +323,11 @@
# This sets the amount of memtable flush writer threads. These will
# be blocked by disk io, and each one will hold a memtable in memory
-# while blocked.
+# while blocked.
#
# memtable_flush_writers defaults to the smaller of (number of disks,
# number of cores), with a minimum of 2 and a maximum of 8.
-#
+#
# If your data directories are backed by SSD, you should increase this
# to the number of cores.
#memtable_flush_writers: 8
@@ -356,12 +356,12 @@
# TCP port, for commands and data
# For security reasons, you should not expose this port to the internet. Firewall it if needed.
-storage_port: 7000
+storage_port: 7010
# SSL port, for encrypted communication. Unused unless enabled in
# encryption_options
# For security reasons, you should not expose this port to the internet. Firewall it if needed.
-ssl_storage_port: 7001
+ssl_storage_port: 7011
# Address or interface to bind to and tell other Cassandra nodes to connect to.
# You _must_ change this if you want multiple nodes to be able to communicate!
@@ -402,7 +402,7 @@
start_native_transport: true
# port for the CQL native transport to listen for clients on
# For security reasons, you should not expose this port to the internet. Firewall it if needed.
-native_transport_port: 9042
+native_transport_port: 9041
# The maximum threads for handling requests when the native transport is used.
# This is similar to rpc_max_threads though the default differs slightly (and
# there is no native_transport_min_threads, idle threads will always be stopped
@@ -448,7 +448,8 @@
rpc_address: {{ database.bind.host }}
{% endif %}
# port for Thrift to listen for clients on
-rpc_port: {{ database.bind.rpc_port }}
+rpc_port: 9161
+#rpc_port: {{ database.bind.rpc_port }}
# RPC address to broadcast to drivers and other Cassandra nodes. This cannot
# be set to 0.0.0.0. If left blank, this will be set to the value of
@@ -524,7 +525,7 @@
snapshot_before_compaction: false
# Whether or not a snapshot is taken of the data before keyspace truncation
-# or dropping of column families. The STRONGLY advised default of true
+# or dropping of column families. The STRONGLY advised default of true
# should be used to provide data safety. If you set this flag to false, you will
# lose data on truncation or drop.
auto_snapshot: true
@@ -568,7 +569,7 @@
#
# concurrent_compactors defaults to the smaller of (number of disks,
# number of cores), with a minimum of 2 and a maximum of 8.
-#
+#
# If your data directories are backed by SSD, you should increase this
# to the number of cores.
#concurrent_compactors: 1
@@ -586,7 +587,7 @@
# When compacting, the replacement sstable(s) can be opened before they
# are completely written, and used in place of the prior sstables for
-# any range that has been written. This helps to smoothly transfer reads
+# any range that has been written. This helps to smoothly transfer reads
# between the sstables, reducing page cache churn and keeping hot rows hot
sstable_preemptive_open_interval_in_mb: 50
@@ -624,7 +625,7 @@
# Enable operation timeout information exchange between nodes to accurately
# measure request timeouts. If disabled, replicas will assume that requests
# were forwarded to them instantly by the coordinator, which means that
-# under overload conditions we will waste that much extra time processing
+# under overload conditions we will waste that much extra time processing
# already-timed-out requests.
#
# Warning: before enabling this property make sure to ntp is installed
@@ -696,7 +697,7 @@
# controls how often to perform the more expensive part of host score
# calculation
-dynamic_snitch_update_interval_in_ms: 100
+dynamic_snitch_update_interval_in_ms: 100
# controls how often to reset all host scores, allowing a bad host to
# possibly recover
dynamic_snitch_reset_interval_in_ms: 600000
@@ -726,7 +727,7 @@
# NoScheduler - Has no options
# RoundRobin
# - throttle_limit -- The throttle_limit is the number of in-flight
-# requests per client. Requests beyond
+# requests per client. Requests beyond
# that limit are queued up until
# running requests can complete.
# The value of 80 here is twice the number of
diff --git a/opencontrail/files/4.0/cassandra_analytics.yaml b/opencontrail/files/4.0/cassandra_analytics.yaml
new file mode 100644
index 0000000..208096d
--- /dev/null
+++ b/opencontrail/files/4.0/cassandra_analytics.yaml
@@ -0,0 +1,807 @@
+{%- from "opencontrail/map.jinja" import database with context %}
+# Cassandra storage config YAML
+
+# NOTE:
+# See http://wiki.apache.org/cassandra/StorageConfiguration for
+# full explanations of configuration directives
+# /NOTE
+
+# The name of the cluster. This is mainly used to prevent machines in
+# one logical cluster from joining another.
+cluster_name: '{{ database.name }}'
+
+# This defines the number of tokens randomly assigned to this node on the ring
+# The more tokens, relative to other nodes, the larger the proportion of data
+# that this node will store. You probably want all nodes to have the same number
+# of tokens assuming they have equal hardware capability.
+#
+# If you leave this unspecified, Cassandra will use the default of 1 token for legacy compatibility,
+# and will use the initial_token as described below.
+#
+# Specifying initial_token will override this setting on the node's initial start,
+# on subsequent starts, this setting will apply even if initial token is set.
+#
+# If you already have a cluster with 1 token per node, and wish to migrate to
+# multiple tokens per node, see http://wiki.apache.org/cassandra/Operations
+num_tokens: 256
+
+# initial_token allows you to specify tokens manually. While you can use # it with
+# vnodes (num_tokens > 1, above) -- in which case you should provide a
+# comma-separated list -- it's primarily used when adding nodes # to legacy clusters
+# that do not have vnodes enabled.
+# initial_token:
+
+# See http://wiki.apache.org/cassandra/HintedHandoff
+# May either be "true" or "false" to enable globally, or contain a list
+# of data centers to enable per-datacenter.
+# hinted_handoff_enabled: DC1,DC2
+hinted_handoff_enabled: true
+# this defines the maximum amount of time a dead host will have hints
+# generated. After it has been dead this long, new hints for it will not be
+# created until it has been seen alive and gone down again.
+max_hint_window_in_ms: 10800000 # 3 hours
+# Maximum throttle in KBs per second, per delivery thread. This will be
+# reduced proportionally to the number of nodes in the cluster. (If there
+# are two nodes in the cluster, each delivery thread will use the maximum
+# rate; if there are three, each will throttle to half of the maximum,
+# since we expect two nodes to be delivering hints simultaneously.)
+hinted_handoff_throttle_in_kb: 1024
+# Number of threads with which to deliver hints;
+# Consider increasing this number when you have multi-dc deployments, since
+# cross-dc handoff tends to be slower
+max_hints_delivery_threads: 2
+
+# Maximum throttle in KBs per second, total. This will be
+# reduced proportionally to the number of nodes in the cluster.
+batchlog_replay_throttle_in_kb: 1024
+
+# Authentication backend, implementing IAuthenticator; used to identify users
+# Out of the box, Cassandra provides org.apache.cassandra.auth.{AllowAllAuthenticator,
+# PasswordAuthenticator}.
+#
+# - AllowAllAuthenticator performs no checks - set it to disable authentication.
+# - PasswordAuthenticator relies on username/password pairs to authenticate
+# users. It keeps usernames and hashed passwords in system_auth.credentials table.
+# Please increase system_auth keyspace replication factor if you use this authenticator.
+authenticator: AllowAllAuthenticator
+
+# Authorization backend, implementing IAuthorizer; used to limit access/provide permissions
+# Out of the box, Cassandra provides org.apache.cassandra.auth.{AllowAllAuthorizer,
+# CassandraAuthorizer}.
+#
+# - AllowAllAuthorizer allows any action to any user - set it to disable authorization.
+# - CassandraAuthorizer stores permissions in system_auth.permissions table. Please
+# increase system_auth keyspace replication factor if you use this authorizer.
+authorizer: AllowAllAuthorizer
+
+# Validity period for permissions cache (fetching permissions can be an
+# expensive operation depending on the authorizer, CassandraAuthorizer is
+# one example). Defaults to 2000, set to 0 to disable.
+# Will be disabled automatically for AllowAllAuthorizer.
+permissions_validity_in_ms: 2000
+
+# Refresh interval for permissions cache (if enabled).
+# After this interval, cache entries become eligible for refresh. Upon next
+# access, an async reload is scheduled and the old value returned until it
+# completes. If permissions_validity_in_ms is non-zero, then this must be
+# also.
+# Defaults to the same value as permissions_validity_in_ms.
+# permissions_update_interval_in_ms: 1000
+
+# The partitioner is responsible for distributing groups of rows (by
+# partition key) across nodes in the cluster. You should leave this
+# alone for new clusters. The partitioner can NOT be changed without
+# reloading all data, so when upgrading you should set this to the
+# same partitioner you were already using.
+#
+# Besides Murmur3Partitioner, partitioners included for backwards
+# compatibility include RandomPartitioner, ByteOrderedPartitioner, and
+# OrderPreservingPartitioner.
+#
+partitioner: org.apache.cassandra.dht.Murmur3Partitioner
+
+# Directories where Cassandra should store data on disk. Cassandra
+# will spread data evenly across them, subject to the granularity of
+# the configured compaction strategy.
+# If not set, the default directory is $CASSANDRA_HOME/data/data.
+data_file_directories:
+ - /var/lib/cassandra/data
+
+# commit log. when running on magnetic HDD, this should be a
+# separate spindle than the data directories.
+# If not set, the default directory is $CASSANDRA_HOME/data/commitlog.
+commitlog_directory: /var/lib/cassandra/commitlog
+
+# policy for data disk failures:
+# die: shut down gossip and Thrift and kill the JVM for any fs errors or
+# single-sstable errors, so the node can be replaced.
+# stop_paranoid: shut down gossip and Thrift even for single-sstable errors.
+# stop: shut down gossip and Thrift, leaving the node effectively dead, but
+# can still be inspected via JMX.
+# best_effort: stop using the failed disk and respond to requests based on
+# remaining available sstables. This means you WILL see obsolete
+# data at CL.ONE!
+# ignore: ignore fatal errors and let requests fail, as in pre-1.2 Cassandra
+disk_failure_policy: stop
+
+# policy for commit disk failures:
+# die: shut down gossip and Thrift and kill the JVM, so the node can be replaced.
+# stop: shut down gossip and Thrift, leaving the node effectively dead, but
+# can still be inspected via JMX.
+# stop_commit: shutdown the commit log, letting writes collect but
+# continuing to service reads, as in pre-2.0.5 Cassandra
+# ignore: ignore fatal errors and let the batches fail
+commit_failure_policy: stop
+
+# Maximum size of the key cache in memory.
+#
+# Each key cache hit saves 1 seek and each row cache hit saves 2 seeks at the
+# minimum, sometimes more. The key cache is fairly tiny for the amount of
+# time it saves, so it's worthwhile to use it at large numbers.
+# The row cache saves even more time, but must contain the entire row,
+# so it is extremely space-intensive. It's best to only use the
+# row cache if you have hot rows or static rows.
+#
+# NOTE: if you reduce the size, you may not get you hottest keys loaded on startup.
+#
+# Default value is empty to make it "auto" (min(5% of Heap (in MB), 100MB)). Set to 0 to disable key cache.
+key_cache_size_in_mb:
+
+# Duration in seconds after which Cassandra should
+# save the key cache. Caches are saved to saved_caches_directory as
+# specified in this configuration file.
+#
+# Saved caches greatly improve cold-start speeds, and is relatively cheap in
+# terms of I/O for the key cache. Row cache saving is much more expensive and
+# has limited use.
+#
+# Default is 14400 or 4 hours.
+key_cache_save_period: 14400
+
+# Number of keys from the key cache to save
+# Disabled by default, meaning all keys are going to be saved
+# key_cache_keys_to_save: 100
+
+# Maximum size of the row cache in memory.
+# NOTE: if you reduce the size, you may not get you hottest keys loaded on startup.
+#
+# Default value is 0, to disable row caching.
+row_cache_size_in_mb: 0
+
+# Duration in seconds after which Cassandra should
+# save the row cache. Caches are saved to saved_caches_directory as specified
+# in this configuration file.
+#
+# Saved caches greatly improve cold-start speeds, and is relatively cheap in
+# terms of I/O for the key cache. Row cache saving is much more expensive and
+# has limited use.
+#
+# Default is 0 to disable saving the row cache.
+row_cache_save_period: 0
+
+# Number of keys from the row cache to save
+# Disabled by default, meaning all keys are going to be saved
+# row_cache_keys_to_save: 100
+
+# Maximum size of the counter cache in memory.
+#
+# Counter cache helps to reduce counter locks' contention for hot counter cells.
+# In case of RF = 1 a counter cache hit will cause Cassandra to skip the read before
+# write entirely. With RF > 1 a counter cache hit will still help to reduce the duration
+# of the lock hold, helping with hot counter cell updates, but will not allow skipping
+# the read entirely. Only the local (clock, count) tuple of a counter cell is kept
+# in memory, not the whole counter, so it's relatively cheap.
+#
+# NOTE: if you reduce the size, you may not get you hottest keys loaded on startup.
+#
+# Default value is empty to make it "auto" (min(2.5% of Heap (in MB), 50MB)). Set to 0 to disable counter cache.
+# NOTE: if you perform counter deletes and rely on low gcgs, you should disable the counter cache.
+counter_cache_size_in_mb:
+
+# Duration in seconds after which Cassandra should
+# save the counter cache (keys only). Caches are saved to saved_caches_directory as
+# specified in this configuration file.
+#
+# Default is 7200 or 2 hours.
+counter_cache_save_period: 7200
+
+# Number of keys from the counter cache to save
+# Disabled by default, meaning all keys are going to be saved
+# counter_cache_keys_to_save: 100
+
+# The off-heap memory allocator. Affects storage engine metadata as
+# well as caches. Experiments show that JEMAlloc saves some memory
+# than the native GCC allocator (i.e., JEMalloc is more
+# fragmentation-resistant).
+#
+# Supported values are: NativeAllocator, JEMallocAllocator
+#
+# If you intend to use JEMallocAllocator you have to install JEMalloc as library and
+# modify cassandra-env.sh as directed in the file.
+#
+# Defaults to NativeAllocator
+# memory_allocator: NativeAllocator
+
+# saved caches
+# If not set, the default directory is $CASSANDRA_HOME/data/saved_caches.
+saved_caches_directory: /var/lib/cassandra/saved_caches
+
+# commitlog_sync may be either "periodic" or "batch."
+#
+# When in batch mode, Cassandra won't ack writes until the commit log
+# has been fsynced to disk. It will wait
+# commitlog_sync_batch_window_in_ms milliseconds between fsyncs.
+# This window should be kept short because the writer threads will
+# be unable to do extra work while waiting. (You may need to increase
+# concurrent_writes for the same reason.)
+#
+# commitlog_sync: batch
+# commitlog_sync_batch_window_in_ms: 2
+#
+# the other option is "periodic" where writes may be acked immediately
+# and the CommitLog is simply synced every commitlog_sync_period_in_ms
+# milliseconds.
+commitlog_sync: periodic
+commitlog_sync_period_in_ms: 10000
+
+# The size of the individual commitlog file segments. A commitlog
+# segment may be archived, deleted, or recycled once all the data
+# in it (potentially from each columnfamily in the system) has been
+# flushed to sstables.
+#
+# The default size is 32, which is almost always fine, but if you are
+# archiving commitlog segments (see commitlog_archiving.properties),
+# then you probably want a finer granularity of archiving; 8 or 16 MB
+# is reasonable.
+commitlog_segment_size_in_mb: 32
+
+# any class that implements the SeedProvider interface and has a
+# constructor that takes a Map<String, String> of parameters will do.
+seed_provider:
+ # Addresses of hosts that are deemed contact points.
+ # Cassandra nodes use this list of hosts to find each other and learn
+ # the topology of the ring. You must change this if you are running
+ # multiple nodes!
+ - class_name: org.apache.cassandra.locator.SimpleSeedProvider
+ parameters:
+ # seeds is actually a comma-delimited list of addresses.
+ # Ex: "<ip1>,<ip2>,<ip3>"
+ - seeds: "{%- for member in database.members %}{{ member.host }},{%- endfor %}"
+
+# For workloads with more data than can fit in memory, Cassandra's
+# bottleneck will be reads that need to fetch data from
+# disk. "concurrent_reads" should be set to (16 * number_of_drives) in
+# order to allow the operations to enqueue low enough in the stack
+# that the OS and drives can reorder them. Same applies to
+# "concurrent_counter_writes", since counter writes read the current
+# values before incrementing and writing them back.
+#
+# On the other hand, since writes are almost never IO bound, the ideal
+# number of "concurrent_writes" is dependent on the number of cores in
+# your system; (8 * number_of_cores) is a good rule of thumb.
+concurrent_reads: 32
+concurrent_writes: 32
+concurrent_counter_writes: 32
+
+
+# Total memory to use for sstable-reading buffers. Defaults to
+# the smaller of 1/4 of heap or 512MB.
+# file_cache_size_in_mb: 512
+
+# Total permitted memory to use for memtables. Cassandra will stop
+# accepting writes when the limit is exceeded until a flush completes,
+# and will trigger a flush based on memtable_cleanup_threshold
+# If omitted, Cassandra will set both to 1/4 the size of the heap.
+# memtable_heap_space_in_mb: 2048
+# memtable_offheap_space_in_mb: 2048
+
+# Ratio of occupied non-flushing memtable size to total permitted size
+# that will trigger a flush of the largest memtable. Lager mct will
+# mean larger flushes and hence less compaction, but also less concurrent
+# flush activity which can make it difficult to keep your disks fed
+# under heavy write load.
+#
+# memtable_cleanup_threshold defaults to 1 / (memtable_flush_writers + 1)
+# memtable_cleanup_threshold: 0.11
+
+# Specify the way Cassandra allocates and manages memtable memory.
+# Options are:
+# heap_buffers: on heap nio buffers
+# offheap_buffers: off heap (direct) nio buffers
+# offheap_objects: native memory, eliminating nio buffer heap overhead
+memtable_allocation_type: heap_buffers
+
+# Total space to use for commitlogs. Since commitlog segments are
+# mmapped, and hence use up address space, the default size is 32
+# on 32-bit JVMs, and 8192 on 64-bit JVMs.
+#
+# If space gets above this value (it will round up to the next nearest
+# segment multiple), Cassandra will flush every dirty CF in the oldest
+# segment and remove it. So a small total commitlog space will tend
+# to cause more flush activity on less-active columnfamilies.
+# commitlog_total_space_in_mb: 8192
+
+# This sets the amount of memtable flush writer threads. These will
+# be blocked by disk io, and each one will hold a memtable in memory
+# while blocked.
+#
+# memtable_flush_writers defaults to the smaller of (number of disks,
+# number of cores), with a minimum of 2 and a maximum of 8.
+#
+# If your data directories are backed by SSD, you should increase this
+# to the number of cores.
+#memtable_flush_writers: 8
+
+# A fixed memory pool size in MB for for SSTable index summaries. If left
+# empty, this will default to 5% of the heap size. If the memory usage of
+# all index summaries exceeds this limit, SSTables with low read rates will
+# shrink their index summaries in order to meet this limit. However, this
+# is a best-effort process. In extreme conditions Cassandra may need to use
+# more than this amount of memory.
+index_summary_capacity_in_mb:
+
+# How frequently index summaries should be resampled. This is done
+# periodically to redistribute memory from the fixed-size pool to sstables
+# proportional their recent read rates. Setting to -1 will disable this
+# process, leaving existing index summaries at their current sampling level.
+index_summary_resize_interval_in_minutes: 60
+
+# Whether to, when doing sequential writing, fsync() at intervals in
+# order to force the operating system to flush the dirty
+# buffers. Enable this to avoid sudden dirty buffer flushing from
+# impacting read latencies. Almost always a good idea on SSDs; not
+# necessarily on platters.
+trickle_fsync: false
+trickle_fsync_interval_in_kb: 10240
+
+# TCP port, for commands and data
+# For security reasons, you should not expose this port to the internet. Firewall it if needed.
+storage_port: 7000
+
+# SSL port, for encrypted communication. Unused unless enabled in
+# encryption_options
+# For security reasons, you should not expose this port to the internet. Firewall it if needed.
+ssl_storage_port: 7001
+
+# Address or interface to bind to and tell other Cassandra nodes to connect to.
+# You _must_ change this if you want multiple nodes to be able to communicate!
+#
+# Set listen_address OR listen_interface, not both. Interfaces must correspond
+# to a single address, IP aliasing is not supported.
+#
+# Leaving it blank leaves it up to InetAddress.getLocalHost(). This
+# will always do the Right Thing _if_ the node is properly configured
+# (hostname, name resolution, etc), and the Right Thing is to use the
+# address associated with the hostname (it might not be).
+#
+# Setting listen_address to 0.0.0.0 is always wrong.
+#
+# If you choose to specify the interface by name and the interface has an ipv4 and an ipv6 address
+# you can specify which should be chosen using listen_interface_prefer_ipv6. If false the first ipv4
+# address will be used. If true the first ipv6 address will be used. Defaults to false preferring
+# ipv4. If there is only one address it will be selected regardless of ipv4/ipv6.
+{% if database.bind.interface is defined %}
+listen_interface: {{ database.bind.interface }}
+{% else %}
+listen_address: {{ database.bind.host }}
+# listen_interface: eth0
+{% endif %}
+# listen_interface_prefer_ipv6: false
+
+# Address to broadcast to other Cassandra nodes
+# Leaving this blank will set it to the same value as listen_address
+# broadcast_address: 1.2.3.4
+
+# Internode authentication backend, implementing IInternodeAuthenticator;
+# used to allow/disallow connections from peer nodes.
+# internode_authenticator: org.apache.cassandra.auth.AllowAllInternodeAuthenticator
+
+# Whether to start the native transport server.
+# Please note that the address on which the native transport is bound is the
+# same as the rpc_address. The port however is different and specified below.
+start_native_transport: true
+# port for the CQL native transport to listen for clients on
+# For security reasons, you should not expose this port to the internet. Firewall it if needed.
+native_transport_port: 9042
+# The maximum threads for handling requests when the native transport is used.
+# This is similar to rpc_max_threads though the default differs slightly (and
+# there is no native_transport_min_threads, idle threads will always be stopped
+# after 30 seconds).
+# native_transport_max_threads: 128
+#
+# The maximum size of allowed frame. Frame (requests) larger than this will
+# be rejected as invalid. The default is 256MB.
+# native_transport_max_frame_size_in_mb: 256
+
+# The maximum number of concurrent client connections.
+# The default is -1, which means unlimited.
+# native_transport_max_concurrent_connections: -1
+
+# The maximum number of concurrent client connections per source ip.
+# The default is -1, which means unlimited.
+# native_transport_max_concurrent_connections_per_ip: -1
+
+# Whether to start the thrift rpc server.
+start_rpc: true
+
+# The address or interface to bind the Thrift RPC service and native transport
+# server to.
+#
+# Set rpc_address OR rpc_interface, not both. Interfaces must correspond
+# to a single address, IP aliasing is not supported.
+#
+# Leaving rpc_address blank has the same effect as on listen_address
+# (i.e. it will be based on the configured hostname of the node).
+#
+# Note that unlike listen_address, you can specify 0.0.0.0, but you must also
+# set broadcast_rpc_address to a value other than 0.0.0.0.
+#
+# For security reasons, you should not expose this port to the internet. Firewall it if needed.
+#
+# If you choose to specify the interface by name and the interface has an ipv4 and an ipv6 address
+# you can specify which should be chosen using rpc_interface_prefer_ipv6. If false the first ipv4
+# address will be used. If true the first ipv6 address will be used. Defaults to false preferring
+# ipv4. If there is only one address it will be selected regardless of ipv4/ipv6.
+{% if database.bind.interface is defined %}
+rpc_interface: {{ database.bind.interface }}
+{% else %}
+rpc_address: {{ database.bind.host }}
+{% endif %}
+# port for Thrift to listen for clients on
+rpc_port: 9160
+# rpc_port: {{ database.bind.rpc_port }}
+
+# RPC address to broadcast to drivers and other Cassandra nodes. This cannot
+# be set to 0.0.0.0. If left blank, this will be set to the value of
+# rpc_address. If rpc_address is set to 0.0.0.0, broadcast_rpc_address must
+# be set.
+# broadcast_rpc_address: 1.2.3.4
+
+# enable or disable keepalive on rpc/native connections
+rpc_keepalive: true
+
+# Cassandra provides two out-of-the-box options for the RPC Server:
+#
+# sync -> One thread per thrift connection. For a very large number of clients, memory
+# will be your limiting factor. On a 64 bit JVM, 180KB is the minimum stack size
+# per thread, and that will correspond to your use of virtual memory (but physical memory
+# may be limited depending on use of stack space).
+#
+# hsha -> Stands for "half synchronous, half asynchronous." All thrift clients are handled
+# asynchronously using a small number of threads that does not vary with the amount
+# of thrift clients (and thus scales well to many clients). The rpc requests are still
+# synchronous (one thread per active request). If hsha is selected then it is essential
+# that rpc_max_threads is changed from the default value of unlimited.
+#
+# The default is sync because on Windows hsha is about 30% slower. On Linux,
+# sync/hsha performance is about the same, with hsha of course using less memory.
+#
+# Alternatively, can provide your own RPC server by providing the fully-qualified class name
+# of an o.a.c.t.TServerFactory that can create an instance of it.
+rpc_server_type: sync
+
+# Uncomment rpc_min|max_thread to set request pool size limits.
+#
+# Regardless of your choice of RPC server (see above), the number of maximum requests in the
+# RPC thread pool dictates how many concurrent requests are possible (but if you are using the sync
+# RPC server, it also dictates the number of clients that can be connected at all).
+#
+# The default is unlimited and thus provides no protection against clients overwhelming the server. You are
+# encouraged to set a maximum that makes sense for you in production, but do keep in mind that
+# rpc_max_threads represents the maximum number of client requests this server may execute concurrently.
+#
+# rpc_min_threads: 16
+# rpc_max_threads: 2048
+
+# uncomment to set socket buffer sizes on rpc connections
+# rpc_send_buff_size_in_bytes:
+# rpc_recv_buff_size_in_bytes:
+
+# Uncomment to set socket buffer size for internode communication
+# Note that when setting this, the buffer size is limited by net.core.wmem_max
+# and when not setting it it is defined by net.ipv4.tcp_wmem
+# See:
+# /proc/sys/net/core/wmem_max
+# /proc/sys/net/core/rmem_max
+# /proc/sys/net/ipv4/tcp_wmem
+# /proc/sys/net/ipv4/tcp_wmem
+# and: man tcp
+# internode_send_buff_size_in_bytes:
+# internode_recv_buff_size_in_bytes:
+
+# Frame size for thrift (maximum message length).
+thrift_framed_transport_size_in_mb: 15
+
+# Set to true to have Cassandra create a hard link to each sstable
+# flushed or streamed locally in a backups/ subdirectory of the
+# keyspace data. Removing these links is the operator's
+# responsibility.
+incremental_backups: false
+
+# Whether or not to take a snapshot before each compaction. Be
+# careful using this option, since Cassandra won't clean up the
+# snapshots for you. Mostly useful if you're paranoid when there
+# is a data format change.
+snapshot_before_compaction: false
+
+# Whether or not a snapshot is taken of the data before keyspace truncation
+# or dropping of column families. The STRONGLY advised default of true
+# should be used to provide data safety. If you set this flag to false, you will
+# lose data on truncation or drop.
+auto_snapshot: true
+
+# When executing a scan, within or across a partition, we need to keep the
+# tombstones seen in memory so we can return them to the coordinator, which
+# will use them to make sure other replicas also know about the deleted rows.
+# With workloads that generate a lot of tombstones, this can cause performance
+# problems and even exaust the server heap.
+# (http://www.datastax.com/dev/blog/cassandra-anti-patterns-queues-and-queue-like-datasets)
+# Adjust the thresholds here if you understand the dangers and want to
+# scan more tombstones anyway. These thresholds may also be adjusted at runtime
+# using the StorageService mbean.
+tombstone_warn_threshold: 1000
+tombstone_failure_threshold: 100000
+
+# Granularity of the collation index of rows within a partition.
+# Increase if your rows are large, or if you have a very large
+# number of rows per partition. The competing goals are these:
+# 1) a smaller granularity means more index entries are generated
+# and looking up rows withing the partition by collation column
+# is faster
+# 2) but, Cassandra will keep the collation index in memory for hot
+# rows (as part of the key cache), so a larger granularity means
+# you can cache more hot rows
+column_index_size_in_kb: 64
+
+
+# Log WARN on any batch size exceeding this value. 5kb per batch by default.
+# Caution should be taken on increasing the size of this threshold as it can lead to node instability.
+batch_size_warn_threshold_in_kb: 5
+
+# Number of simultaneous compactions to allow, NOT including
+# validation "compactions" for anti-entropy repair. Simultaneous
+# compactions can help preserve read performance in a mixed read/write
+# workload, by mitigating the tendency of small sstables to accumulate
+# during a single long running compactions. The default is usually
+# fine and if you experience problems with compaction running too
+# slowly or too fast, you should look at
+# compaction_throughput_mb_per_sec first.
+#
+# concurrent_compactors defaults to the smaller of (number of disks,
+# number of cores), with a minimum of 2 and a maximum of 8.
+#
+# If your data directories are backed by SSD, you should increase this
+# to the number of cores.
+#concurrent_compactors: 1
+{% if database.concurrent_compactors is defined %}
+concurrent_compactors: {{ database.concurrent_compactors }}
+{% endif %}
+
+# Throttles compaction to the given total throughput across the entire
+# system. The faster you insert data, the faster you need to compact in
+# order to keep the sstable count down, but in general, setting this to
+# 16 to 32 times the rate you are inserting data is more than sufficient.
+# Setting this to 0 disables throttling. Note that this account for all types
+# of compaction, including validation compaction.
+compaction_throughput_mb_per_sec: {{ database.compaction_throughput_mb_per_sec }}
+
+# When compacting, the replacement sstable(s) can be opened before they
+# are completely written, and used in place of the prior sstables for
+# any range that has been written. This helps to smoothly transfer reads
+# between the sstables, reducing page cache churn and keeping hot rows hot
+sstable_preemptive_open_interval_in_mb: 50
+
+# Throttles all outbound streaming file transfers on this node to the
+# given total throughput in Mbps. This is necessary because Cassandra does
+# mostly sequential IO when streaming data during bootstrap or repair, which
+# can lead to saturating the network connection and degrading rpc performance.
+# When unset, the default is 200 Mbps or 25 MB/s.
+# stream_throughput_outbound_megabits_per_sec: 200
+
+# Throttles all streaming file transfer between the datacenters,
+# this setting allows users to throttle inter dc stream throughput in addition
+# to throttling all network stream traffic as configured with
+# stream_throughput_outbound_megabits_per_sec
+# inter_dc_stream_throughput_outbound_megabits_per_sec:
+
+# How long the coordinator should wait for read operations to complete
+read_request_timeout_in_ms: 10000
+# How long the coordinator should wait for seq or index scans to complete
+range_request_timeout_in_ms: 10000
+# How long the coordinator should wait for writes to complete
+write_request_timeout_in_ms: 10000
+# How long the coordinator should wait for counter writes to complete
+counter_write_request_timeout_in_ms: 5000
+# How long a coordinator should continue to retry a CAS operation
+# that contends with other proposals for the same row
+cas_contention_timeout_in_ms: 1000
+# How long the coordinator should wait for truncates to complete
+# (This can be much longer, because unless auto_snapshot is disabled
+# we need to flush first so we can snapshot before removing the data.)
+truncate_request_timeout_in_ms: 60000
+# The default timeout for other, miscellaneous operations
+request_timeout_in_ms: 10000
+
+# Enable operation timeout information exchange between nodes to accurately
+# measure request timeouts. If disabled, replicas will assume that requests
+# were forwarded to them instantly by the coordinator, which means that
+# under overload conditions we will waste that much extra time processing
+# already-timed-out requests.
+#
+# Warning: before enabling this property make sure to ntp is installed
+# and the times are synchronized between the nodes.
+cross_node_timeout: false
+
+# Enable socket timeout for streaming operation.
+# When a timeout occurs during streaming, streaming is retried from the start
+# of the current file. This _can_ involve re-streaming an important amount of
+# data, so you should avoid setting the value too low.
+# Default value is 0, which never timeout streams.
+# streaming_socket_timeout_in_ms: 0
+
+# phi value that must be reached for a host to be marked down.
+# most users should never need to adjust this.
+# phi_convict_threshold: 8
+
+# endpoint_snitch -- Set this to a class that implements
+# IEndpointSnitch. The snitch has two functions:
+# - it teaches Cassandra enough about your network topology to route
+# requests efficiently
+# - it allows Cassandra to spread replicas around your cluster to avoid
+# correlated failures. It does this by grouping machines into
+# "datacenters" and "racks." Cassandra will do its best not to have
+# more than one replica on the same "rack" (which may not actually
+# be a physical location)
+#
+# IF YOU CHANGE THE SNITCH AFTER DATA IS INSERTED INTO THE CLUSTER,
+# YOU MUST RUN A FULL REPAIR, SINCE THE SNITCH AFFECTS WHERE REPLICAS
+# ARE PLACED.
+#
+# Out of the box, Cassandra provides
+# - SimpleSnitch:
+# Treats Strategy order as proximity. This can improve cache
+# locality when disabling read repair. Only appropriate for
+# single-datacenter deployments.
+# - GossipingPropertyFileSnitch
+# This should be your go-to snitch for production use. The rack
+# and datacenter for the local node are defined in
+# cassandra-rackdc.properties and propagated to other nodes via
+# gossip. If cassandra-topology.properties exists, it is used as a
+# fallback, allowing migration from the PropertyFileSnitch.
+# - PropertyFileSnitch:
+# Proximity is determined by rack and data center, which are
+# explicitly configured in cassandra-topology.properties.
+# - Ec2Snitch:
+# Appropriate for EC2 deployments in a single Region. Loads Region
+# and Availability Zone information from the EC2 API. The Region is
+# treated as the datacenter, and the Availability Zone as the rack.
+# Only private IPs are used, so this will not work across multiple
+# Regions.
+# - Ec2MultiRegionSnitch:
+# Uses public IPs as broadcast_address to allow cross-region
+# connectivity. (Thus, you should set seed addresses to the public
+# IP as well.) You will need to open the storage_port or
+# ssl_storage_port on the public IP firewall. (For intra-Region
+# traffic, Cassandra will switch to the private IP after
+# establishing a connection.)
+# - RackInferringSnitch:
+# Proximity is determined by rack and data center, which are
+# assumed to correspond to the 3rd and 2nd octet of each node's IP
+# address, respectively. Unless this happens to match your
+# deployment conventions, this is best used as an example of
+# writing a custom Snitch class and is provided in that spirit.
+#
+# You can use a custom Snitch by setting this to the full class name
+# of the snitch, which will be assumed to be on your classpath.
+endpoint_snitch: SimpleSnitch
+
+# controls how often to perform the more expensive part of host score
+# calculation
+dynamic_snitch_update_interval_in_ms: 100
+# controls how often to reset all host scores, allowing a bad host to
+# possibly recover
+dynamic_snitch_reset_interval_in_ms: 600000
+# if set greater than zero and read_repair_chance is < 1.0, this will allow
+# 'pinning' of replicas to hosts in order to increase cache capacity.
+# The badness threshold will control how much worse the pinned host has to be
+# before the dynamic snitch will prefer other replicas over it. This is
+# expressed as a double which represents a percentage. Thus, a value of
+# 0.2 means Cassandra would continue to prefer the static snitch values
+# until the pinned host was 20% worse than the fastest.
+dynamic_snitch_badness_threshold: 0.1
+
+# request_scheduler -- Set this to a class that implements
+# RequestScheduler, which will schedule incoming client requests
+# according to the specific policy. This is useful for multi-tenancy
+# with a single Cassandra cluster.
+# NOTE: This is specifically for requests from the client and does
+# not affect inter node communication.
+# org.apache.cassandra.scheduler.NoScheduler - No scheduling takes place
+# org.apache.cassandra.scheduler.RoundRobinScheduler - Round robin of
+# client requests to a node with a separate queue for each
+# request_scheduler_id. The scheduler is further customized by
+# request_scheduler_options as described below.
+request_scheduler: org.apache.cassandra.scheduler.NoScheduler
+
+# Scheduler Options vary based on the type of scheduler
+# NoScheduler - Has no options
+# RoundRobin
+# - throttle_limit -- The throttle_limit is the number of in-flight
+# requests per client. Requests beyond
+# that limit are queued up until
+# running requests can complete.
+# The value of 80 here is twice the number of
+# concurrent_reads + concurrent_writes.
+# - default_weight -- default_weight is optional and allows for
+# overriding the default which is 1.
+# - weights -- Weights are optional and will default to 1 or the
+# overridden default_weight. The weight translates into how
+# many requests are handled during each turn of the
+# RoundRobin, based on the scheduler id.
+#
+# request_scheduler_options:
+# throttle_limit: 80
+# default_weight: 5
+# weights:
+# Keyspace1: 1
+# Keyspace2: 5
+
+# request_scheduler_id -- An identifier based on which to perform
+# the request scheduling. Currently the only valid option is keyspace.
+# request_scheduler_id: keyspace
+
+# Enable or disable inter-node encryption
+# Default settings are TLS v1, RSA 1024-bit keys (it is imperative that
+# users generate their own keys) TLS_RSA_WITH_AES_128_CBC_SHA as the cipher
+# suite for authentication, key exchange and encryption of the actual data transfers.
+# Use the DHE/ECDHE ciphers if running in FIPS 140 compliant mode.
+# NOTE: No custom encryption options are enabled at the moment
+# The available internode options are : all, none, dc, rack
+#
+# If set to dc cassandra will encrypt the traffic between the DCs
+# If set to rack cassandra will encrypt the traffic between the racks
+#
+# The passwords used in these options must match the passwords used when generating
+# the keystore and truststore. For instructions on generating these files, see:
+# http://download.oracle.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html#CreateKeystore
+#
+server_encryption_options:
+ internode_encryption: none
+ keystore: conf/.keystore
+ keystore_password: cassandra
+ truststore: conf/.truststore
+ truststore_password: cassandra
+ # More advanced defaults below:
+ # protocol: TLS
+ # algorithm: SunX509
+ # store_type: JKS
+ # cipher_suites: [TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA]
+ # require_client_auth: false
+
+# enable or disable client/server encryption.
+client_encryption_options:
+ enabled: false
+ keystore: conf/.keystore
+ keystore_password: cassandra
+ # require_client_auth: false
+ # Set trustore and truststore_password if require_client_auth is true
+ # truststore: conf/.truststore
+ # truststore_password: cassandra
+ # More advanced defaults below:
+ # protocol: TLS
+ # algorithm: SunX509
+ # store_type: JKS
+ # cipher_suites: [TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA]
+
+# internode_compression controls whether traffic between nodes is
+# compressed.
+# can be: all - all traffic is compressed
+# dc - traffic between different datacenters is compressed
+# none - nothing is compressed.
+internode_compression: all
+
+# Enable or disable tcp_nodelay for inter-dc communication.
+# Disabling it will result in larger (but fewer) network packets being sent,
+# reducing overhead from the TCP protocol itself, at the cost of increasing
+# latency if you block for cross-datacenter responses.
+inter_dc_tcp_nodelay: true
diff --git a/opencontrail/files/4.0/collector/contrail-keystone-auth.conf b/opencontrail/files/4.0/collector/contrail-keystone-auth.conf
new file mode 100644
index 0000000..4af7b62
--- /dev/null
+++ b/opencontrail/files/4.0/collector/contrail-keystone-auth.conf
@@ -0,0 +1,20 @@
+{%- from "opencontrail/map.jinja" import collector with context -%}
+[KEYSTONE]
+auth_host={{ collector.identity.host }}
+auth_protocol=http
+auth_port={{ collector.identity.port }}
+admin_user={{ collector.identity.user }}
+admin_password={{ collector.identity.password }}
+admin_tenant_name={{ collector.identity.tenant }}
+insecure=True
+{%- if collector.cache is defined %}
+#memcache_servers=127.0.0.1:11211
+memcache_servers={% for member in collector.cache.members %}{{ member.host }}:{{ member.port }}{% if not loop.last %},{% endif %}{% endfor %}
+{%- endif %}
+{%- if collector.identity.version == "3" %}
+project_name={{ collector.identity.tenant }}
+project_domain_name={{ collector.identity.get('domain', 'default')|lower}}
+auth_url=http://{{ collector.identity.host }}:{{ collector.identity.port }}/v3
+{%- else %}
+auth_url=http://{{ collector.identity.host }}:{{ collector.identity.port }}/v2.0
+{%- endif %}
diff --git a/opencontrail/files/4.0/consumer.properties b/opencontrail/files/4.0/consumer.properties
new file mode 100644
index 0000000..1cb16a0
--- /dev/null
+++ b/opencontrail/files/4.0/consumer.properties
@@ -0,0 +1,30 @@
+{%- from "opencontrail/map.jinja" import database with context %}
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# see kafka.consumer.ConsumerConfig for more details
+
+# Zookeeper connection string
+# comma separated host:port pairs, each corresponding to a zk
+# server. e.g. "127.0.0.1:3000,127.0.0.1:3001,127.0.0.1:3002"
+zookeeper.connect={% for member in database.members %}{{ member.host }}:2182{% if not loop.last %},{% endif %}{% endfor %}
+
+# timeout in ms for connecting to zookeeper
+zookeeper.connection.timeout.ms=6000
+
+#consumer group id
+group.id=test-consumer-group
+
+#consumer timeout
+#consumer.timeout.ms=5000
diff --git a/opencontrail/files/4.0/contrail-alarm-gen.conf b/opencontrail/files/4.0/contrail-alarm-gen.conf
index 41d6690..ad2fbbf 100644
--- a/opencontrail/files/4.0/contrail-alarm-gen.conf
+++ b/opencontrail/files/4.0/contrail-alarm-gen.conf
@@ -9,7 +9,7 @@
log_file = /var/log/contrail/contrail-alarm-gen.log
kafka_broker_list = {% for member in collector.database.members %}{{ member.host }}:9092 {% endfor %}
partitions=30
-zk_list = {% for member in collector.database.members %}{{ member.host }}:2181 {% endfor %}
+zk_list = {% for member in collector.database.members %}{{ member.host }}:2182 {% endfor %}
#rabbitmq_server_list = xx.xx.xx.xx
rabbitmq_server_list = {{ collector.message_queue.host }}
rabbitmq_port = 5672
diff --git a/opencontrail/files/4.0/contrail-analytics-api.conf b/opencontrail/files/4.0/contrail-analytics-api.conf
index 1ee1f61..98544ae 100644
--- a/opencontrail/files/4.0/contrail-analytics-api.conf
+++ b/opencontrail/files/4.0/contrail-analytics-api.conf
@@ -5,7 +5,7 @@
cassandra_server_list={% for member in collector.database.members %}{{ member.host }}:9042 {% endfor %}
http_server_port = 8090
api_server={% for member in collector.config.members %}{{ member.host }}:9100 {% endfor %}
-zk_list={% for member in collector.database.members %}{{ member.host }}:2181 {% endfor %}
+zk_list={% for member in collector.database.members %}{{ member.host }}:2182 {% endfor %}
rest_api_port = {{ collector.bind.get('port', '8081') }}
rest_api_ip = 0.0.0.0
log_local = 1
diff --git a/opencontrail/files/4.0/contrail-api.conf b/opencontrail/files/4.0/contrail-api.conf
index acb2fc9..b51dec0 100644
--- a/opencontrail/files/4.0/contrail-api.conf
+++ b/opencontrail/files/4.0/contrail-api.conf
@@ -1,7 +1,7 @@
{%- from "opencontrail/map.jinja" import config with context %}
[DEFAULTS]
collectors = {% for member in config.analytics.members %}{{ member.host }}:8086 {% endfor %}
-cassandra_server_list={% for member in config.database.members %}{{ member.host }}:9160 {% endfor %}
+cassandra_server_list={% for member in config.database.members %}{{ member.host }}:9161 {% endfor %}
listen_ip_addr=0.0.0.0
listen_port={{ config.bind.get('api_port', '8082') }}
aaa_mode={{ config.get('aaa_mode', 'cloud-admin') }}
@@ -54,6 +54,43 @@
certfile=/etc/contrail/ssl/certs/apiserver.pem
ca_certs=/etc/contrail/ssl/certs/ca.pem
+{% if config.quota is defined %}
+[QUOTA]
+{%- if config.quota.network is defined %}
+virtual_network={{config.quota.network}}
+{%- endif %}
+{%- if config.quota.subnet is defined %}
+subnet={{config.quota.subnet}}
+{%- endif %}
+{%- if config.quota.floating_ip is defined %}
+floating_ip={{config.quota.floating_ip}}
+{%- endif %}
+{%- if config.quota.router is defined %}
+logical_router={{config.quota.router}}
+{%- endif %}
+{%- if config.quota.secgroup is defined %}
+security_group={{config.quota.secgroup}}
+{%- endif %}
+{%- if config.quota.secgroup_rule is defined %}
+security_group_rule={{config.quota.secgroup_rule}}
+{%- endif %}
+{%- if config.quota.port is defined %}
+virtual_machine_interface={{config.quota.port}}
+{%- endif %}
+{%- if config.quota.pool is defined %}
+loadbalancer_pool={{config.quota.pool}}
+{%- endif %}
+{%- if config.quota.member is defined %}
+loadbalancer_member={{config.quota.member}}
+{%- endif %}
+{%- if config.quota.health_monitor is defined %}
+loadbalancer_healthmonitor={{config.quota.health_monitor}}
+{%- endif %}
+{%- if config.quota.vip is defined %}
+virtual_ip={{config.quota.vip}}
+{%- endif %}
+{%- endif %}
+
[SANDESH]
#sandesh_ssl_enable=false
#introspect_ssl_enable=false
@@ -61,5 +98,7 @@
#sandesh_certfile=/etc/contrail/ssl/certs/server.pem
#sandesh_ca_cert=/etc/contrail/ssl/certs/ca-cert.pem
+
[KEYSTONE]
keystone_sync_on_demand={{ config.identity.get('sync_on_demand', 'true') }}
+
diff --git a/opencontrail/files/4.0/contrail-collector.conf b/opencontrail/files/4.0/contrail-collector.conf
index cd2ca0a..35f89cf 100644
--- a/opencontrail/files/4.0/contrail-collector.conf
+++ b/opencontrail/files/4.0/contrail-collector.conf
@@ -27,7 +27,7 @@
# IP address and port to be used to connect to zookeeper.
# Multiple IP:port are specified as single string separated by comma
-zookeeper_server_list={% for member in collector.database.members %}{{ member.host }}:2181{% if not loop.last %},{% endif %}{% endfor %}
+zookeeper_server_list={% for member in collector.database.members %}{{ member.host }}:2182{% if not loop.last %},{% endif %}{% endfor %}
# Disable flow collection
disable_flow_collection={{ collector.get('disable_flow_collection', 'false')|lower }}
@@ -115,4 +115,3 @@
[REDIS]
port=6379
server=127.0.0.1
-
diff --git a/opencontrail/files/4.0/contrail-control.conf b/opencontrail/files/4.0/contrail-control.conf
index ae5be90..23a39f6 100644
--- a/opencontrail/files/4.0/contrail-control.conf
+++ b/opencontrail/files/4.0/contrail-control.conf
@@ -12,7 +12,7 @@
# gr_helper_bgp_disable=0
# gr_helper_xmpp_disable=0
hostip={{ control.bind.address }} # Resolved IP of `hostname`
-#hostname=ctl-oc-1 # Retrieved as `hostname`
+#hostname=ctl-oc-1 # Retrieved as `hostname`
{%- if control.name is defined %}
hostname={{ control.name }}
{%- else %}
@@ -50,7 +50,7 @@
# rabbitmq_ssl_certfile=
# rabbitmq_ssl_ca_certs=
#
-config_db_server_list={% for member in control.database.members %}{{ member.host }}:9042 {% endfor %}
+config_db_server_list={% for member in control.database.members %}{{ member.host }}:9041 {% endfor %}
# config_db_username=
# config_db_password=
diff --git a/opencontrail/files/4.0/contrail-database-nodemgr.conf b/opencontrail/files/4.0/contrail-database-nodemgr.conf
index 492fd8f..5d85520 100644
--- a/opencontrail/files/4.0/contrail-database-nodemgr.conf
+++ b/opencontrail/files/4.0/contrail-database-nodemgr.conf
@@ -1,5 +1,5 @@
{%- from "opencontrail/map.jinja" import database with context %}
-[DEFAULT]
+[DEFAULTS]
hostip={{ database.bind.host }}
minimum_diskGB={{ database.minimum_disk }}
{%- if pillar.opencontrail.control is defined %}
diff --git a/opencontrail/files/4.0/contrail-device-manager.conf b/opencontrail/files/4.0/contrail-device-manager.conf
index 9d4ac45..caaae67 100644
--- a/opencontrail/files/4.0/contrail-device-manager.conf
+++ b/opencontrail/files/4.0/contrail-device-manager.conf
@@ -20,7 +20,7 @@
api_server_port=8082
zk_server_ip={% for member in config.database.members %}{{ member.host }}:2181{% if not loop.last %},{% endif %}{% endfor %}
log_file=/var/log/contrail/contrail-device-manager.log
-cassandra_server_list={% for member in config.database.members %}{{ member.host }}:9160 {% endfor %}
+cassandra_server_list={% for member in config.database.members %}{{ member.host }}:9161 {% endfor %}
collectors = {% for member in config.analytics.members %}{{ member.host }}:8086 {% endfor %}
log_local=1
log_level=SYS_NOTICE
diff --git a/opencontrail/files/4.0/contrail-dns.conf b/opencontrail/files/4.0/contrail-dns.conf
index 93e5b72..2517778 100644
--- a/opencontrail/files/4.0/contrail-dns.conf
+++ b/opencontrail/files/4.0/contrail-dns.conf
@@ -54,7 +54,7 @@
# rabbitmq_ssl_certfile=
# rabbitmq_ssl_ca_certs=
#
-config_db_server_list={% for member in control.database.members %}{{ member.host }}:9042 {% endfor %}
+config_db_server_list={% for member in control.database.members %}{{ member.host }}:9041 {% endfor %}
# config_db_username=
# config_db_password=
diff --git a/opencontrail/files/4.0/contrail-schema.conf b/opencontrail/files/4.0/contrail-schema.conf
index 40c06fa..af77e9e 100644
--- a/opencontrail/files/4.0/contrail-schema.conf
+++ b/opencontrail/files/4.0/contrail-schema.conf
@@ -5,7 +5,7 @@
#zk_server_ip=10.0.102.31:2181,10.0.102.32:2181,10.0.102.33:2181
zk_server_ip={% for member in config.database.members %}{{ member.host }}:2181{% if not loop.last %},{% endif %}{% endfor %}
log_file=/var/log/contrail/contrail-schema.log
-cassandra_server_list={% for member in config.database.members %}{{ member.host }}:9160 {% endfor %}
+cassandra_server_list={% for member in config.database.members %}{{ member.host }}:9161 {% endfor %}
log_local=1
log_level=SYS_NOTICE
{%- if config.message_queue.members is defined %}
diff --git a/opencontrail/files/4.0/contrail-snmp-collector.conf b/opencontrail/files/4.0/contrail-snmp-collector.conf
index cdfe630..0d229a6 100644
--- a/opencontrail/files/4.0/contrail-snmp-collector.conf
+++ b/opencontrail/files/4.0/contrail-snmp-collector.conf
@@ -6,7 +6,7 @@
log_local=1
log_level=SYS_NOTICE
log_file=/var/log/contrail/contrail-snmp-collector.log
-zookeeper = {% for member in collector.database.members %}{{ member.host }}:2181{% if not loop.last %},{% endif %}{% endfor %}
+zookeeper = {% for member in collector.database.members %}{{ member.host }}:2182{% if not loop.last %},{% endif %}{% endfor %}
#scan_frequency=600
[API_SERVER]
diff --git a/opencontrail/files/4.0/contrail-svc-monitor.conf b/opencontrail/files/4.0/contrail-svc-monitor.conf
index d86f2dd..3078cc3 100644
--- a/opencontrail/files/4.0/contrail-svc-monitor.conf
+++ b/opencontrail/files/4.0/contrail-svc-monitor.conf
@@ -6,7 +6,7 @@
#zk_server_ip=10.0.102.31:2181,10.0.102.32:2181,10.0.102.33:2181
zk_server_ip={% for member in config.database.members %}{{ member.host }}:2181{% if not loop.last %},{% endif %}{% endfor %}
log_file=/var/log/contrail/contrail-svc-monitor.log
-cassandra_server_list={% for member in config.database.members %}{{ member.host }}:9160 {% endfor %}
+cassandra_server_list={% for member in config.database.members %}{{ member.host }}:9161 {% endfor %}
region_name=RegionOne
#nova_endpoint_type=publicURL
log_local=1
diff --git a/opencontrail/files/4.0/contrail-topology.conf b/opencontrail/files/4.0/contrail-topology.conf
index 976c5b1..f146173 100644
--- a/opencontrail/files/4.0/contrail-topology.conf
+++ b/opencontrail/files/4.0/contrail-topology.conf
@@ -8,11 +8,11 @@
log_local=1
log_level=SYS_NOTICE
log_file=/var/log/contrail/contrail-topology.log
-zookeeper = {% for member in collector.database.members %}{{ member.host }}:2181{% if not loop.last %},{% endif %}{% endfor %}
+zookeeper = {% for member in collector.database.members %}{{ member.host }}:2182{% if not loop.last %},{% endif %}{% endfor %}
#scan_frequency=60
-#zookeeper=127.0.0.1:2181
+#zookeeper=127.0.0.1:2182
[API_SERVER]
# List of api-servers in ip:port format separated by space
diff --git a/opencontrail/files/4.0/contrail-webui-jobserver.service b/opencontrail/files/4.0/contrail-webui-jobserver.service
new file mode 100644
index 0000000..f40f23d
--- /dev/null
+++ b/opencontrail/files/4.0/contrail-webui-jobserver.service
@@ -0,0 +1,14 @@
+[Unit]
+Description=Contrail WebUI Job Server
+ConditionPathExists=/etc/contrail/config.global.js
+
+[Service]
+WorkingDirectory=/var/lib/contrail-webui/contrail-web-core
+User=contrail
+Group=contrail
+ExecStart=/usr/bin/node jobServerStart.js
+PIDFile=/var/run/contrail-web-jobserver.pid
+KillMode=process
+Restart=on-failure
+RestartPreventExitStatus=255
+Type=notify
diff --git a/opencontrail/files/4.0/contrail-webui-webserver.service b/opencontrail/files/4.0/contrail-webui-webserver.service
new file mode 100644
index 0000000..dfb915d
--- /dev/null
+++ b/opencontrail/files/4.0/contrail-webui-webserver.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=Contrail WebUI Web Server
+ConditionPathExists=/etc/contrail/config.global.js
+[Service]
+WorkingDirectory=/var/lib/contrail-webui/contrail-web-core
+User=contrail
+Group=contrail
+ExecStart=/usr/bin/node webServerStart.js
+PIDFile=/var/run/contrail-web-webserver.pid
+KillMode=process
+Restart=on-failure
+RestartPreventExitStatus=255
diff --git a/opencontrail/files/4.0/database/cassandra-env-analytics.sh b/opencontrail/files/4.0/database/cassandra-env-analytics.sh
new file mode 100644
index 0000000..d84863a
--- /dev/null
+++ b/opencontrail/files/4.0/database/cassandra-env-analytics.sh
@@ -0,0 +1,316 @@
+{%- from "opencontrail/map.jinja" import database with context %}# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+calculate_heap_sizes()
+{
+ case "`uname`" in
+ Linux)
+ system_memory_in_mb=`free -m | awk '/:/ {print $2;exit}'`
+ system_cpu_cores=`egrep -c 'processor([[:space:]]+):.*' /proc/cpuinfo`
+ ;;
+ FreeBSD)
+ system_memory_in_bytes=`sysctl hw.physmem | awk '{print $2}'`
+ system_memory_in_mb=`expr $system_memory_in_bytes / 1024 / 1024`
+ system_cpu_cores=`sysctl hw.ncpu | awk '{print $2}'`
+ ;;
+ SunOS)
+ system_memory_in_mb=`prtconf | awk '/Memory size:/ {print $3}'`
+ system_cpu_cores=`psrinfo | wc -l`
+ ;;
+ Darwin)
+ system_memory_in_bytes=`sysctl hw.memsize | awk '{print $2}'`
+ system_memory_in_mb=`expr $system_memory_in_bytes / 1024 / 1024`
+ system_cpu_cores=`sysctl hw.ncpu | awk '{print $2}'`
+ ;;
+ *)
+ # assume reasonable defaults for e.g. a modern desktop or
+ # cheap server
+ system_memory_in_mb="2048"
+ system_cpu_cores="2"
+ ;;
+ esac
+
+ # some systems like the raspberry pi don't report cores, use at least 1
+ if [ "$system_cpu_cores" -lt "1" ]
+ then
+ system_cpu_cores="1"
+ fi
+
+ # set max heap size based on the following
+ # max(min(1/2 ram, 1024MB), min(1/4 ram, 8GB))
+ # calculate 1/2 ram and cap to 1024MB
+ # calculate 1/4 ram and cap to 8192MB
+ # pick the max
+ half_system_memory_in_mb=`expr $system_memory_in_mb / 2`
+ quarter_system_memory_in_mb=`expr $half_system_memory_in_mb / 2`
+ if [ "$half_system_memory_in_mb" -gt "1024" ]
+ then
+ half_system_memory_in_mb="1024"
+ fi
+ if [ "$quarter_system_memory_in_mb" -gt "8192" ]
+ then
+ quarter_system_memory_in_mb="8192"
+ fi
+ if [ "$half_system_memory_in_mb" -gt "$quarter_system_memory_in_mb" ]
+ then
+ max_heap_size_in_mb="$half_system_memory_in_mb"
+ else
+ max_heap_size_in_mb="$quarter_system_memory_in_mb"
+ fi
+ MAX_HEAP_SIZE="${max_heap_size_in_mb}M"
+
+ # Young gen: min(max_sensible_per_modern_cpu_core * num_cores, 1/4 * heap size)
+ max_sensible_yg_per_core_in_mb="100"
+ max_sensible_yg_in_mb=`expr $max_sensible_yg_per_core_in_mb "*" $system_cpu_cores`
+
+ desired_yg_in_mb=`expr $max_heap_size_in_mb / 4`
+
+ if [ "$desired_yg_in_mb" -gt "$max_sensible_yg_in_mb" ]
+ then
+ HEAP_NEWSIZE="${max_sensible_yg_in_mb}M"
+ else
+ HEAP_NEWSIZE="${desired_yg_in_mb}M"
+ fi
+}
+
+# Determine the sort of JVM we'll be running on.
+
+java_ver_output=`"${JAVA:-java}" -version 2>&1`
+
+jvmver=`echo "$java_ver_output" | grep '[openjdk|java] version' | awk -F'"' 'NR==1 {print $2}'`
+JVM_VERSION=${jvmver%_*}
+JVM_PATCH_VERSION=${jvmver#*_}
+
+if [ "$JVM_VERSION" -lt "1.7" ] ; then
+ echo "Cassandra 2.0 and later require Java 7u25 or later."
+ exit 1;
+fi
+
+if [ "$JVM_VERSION" -lt "1.8" ] && [ "$JVM_PATCH_VERSION" -lt "25" ] ; then
+ echo "Cassandra 2.0 and later require Java 7u25 or later."
+ exit 1;
+fi
+
+
+jvm=`echo "$java_ver_output" | grep -A 1 'java version' | awk 'NR==2 {print $1}'`
+case "$jvm" in
+ OpenJDK)
+ JVM_VENDOR=OpenJDK
+ # this will be "64-Bit" or "32-Bit"
+ JVM_ARCH=`echo "$java_ver_output" | awk 'NR==3 {print $2}'`
+ ;;
+ "Java(TM)")
+ JVM_VENDOR=Oracle
+ # this will be "64-Bit" or "32-Bit"
+ JVM_ARCH=`echo "$java_ver_output" | awk 'NR==3 {print $3}'`
+ ;;
+ *)
+ # Help fill in other JVM values
+ JVM_VENDOR=other
+ JVM_ARCH=unknown
+ ;;
+esac
+
+
+# Override these to set the amount of memory to allocate to the JVM at
+# start-up. For production use you may wish to adjust this for your
+# environment. MAX_HEAP_SIZE is the total amount of memory dedicated
+# to the Java heap; HEAP_NEWSIZE refers to the size of the young
+# generation. Both MAX_HEAP_SIZE and HEAP_NEWSIZE should be either set
+# or not (if you set one, set the other).
+#
+# The main trade-off for the young generation is that the larger it
+# is, the longer GC pause times will be. The shorter it is, the more
+# expensive GC will be (usually).
+#
+# The example HEAP_NEWSIZE assumes a modern 8-core+ machine for decent pause
+# times. If in doubt, and if you do not particularly want to tweak, go with
+# 100 MB per physical CPU core.
+
+#MAX_HEAP_SIZE="4G"
+#HEAP_NEWSIZE="800M"
+
+{%- if database.max_heap_size is defined %}
+MAX_HEAP_SIZE="{{ database.max_heap_size }}"
+{%- endif %}
+{%- if database.heap_newsize is defined %}
+HEAP_NEWSIZE="{{ database.heap_newsize }}"
+{%- endif %}
+
+# Set this to control the amount of arenas per-thread in glibc
+#export MALLOC_ARENA_MAX=4
+
+if [ "x$MAX_HEAP_SIZE" = "x" ] && [ "x$HEAP_NEWSIZE" = "x" ]; then
+ calculate_heap_sizes
+else
+ if [ "x$MAX_HEAP_SIZE" = "x" ] || [ "x$HEAP_NEWSIZE" = "x" ]; then
+ echo "please set or unset MAX_HEAP_SIZE and HEAP_NEWSIZE in pairs (see cassandra-env.sh)"
+ exit 1
+ fi
+fi
+
+if [ "x$MALLOC_ARENA_MAX" = "x" ]
+then
+ export MALLOC_ARENA_MAX=4
+fi
+
+# Specifies the default port over which Cassandra will be available for
+# JMX connections.
+# For security reasons, you should not expose this port to the internet. Firewall it if needed.
+JMX_PORT="7199"
+
+
+# Here we create the arguments that will get passed to the jvm when
+# starting cassandra.
+
+# enable assertions. disabling this in production will give a modest
+# performance benefit (around 5%).
+JVM_OPTS="$JVM_OPTS -ea"
+
+# add the jamm javaagent
+JVM_OPTS="$JVM_OPTS -javaagent:$CASSANDRA_HOME/lib/jamm-0.3.0.jar"
+
+# some JVMs will fill up their heap when accessed via JMX, see CASSANDRA-6541
+JVM_OPTS="$JVM_OPTS -XX:+CMSClassUnloadingEnabled"
+
+# enable thread priorities, primarily so we can give periodic tasks
+# a lower priority to avoid interfering with client workload
+JVM_OPTS="$JVM_OPTS -XX:+UseThreadPriorities"
+# allows lowering thread priority without being root. see
+# http://tech.stolsvik.com/2010/01/linux-java-thread-priorities-workaround.html
+JVM_OPTS="$JVM_OPTS -XX:ThreadPriorityPolicy=42"
+
+# min and max heap sizes should be set to the same value to avoid
+# stop-the-world GC pauses during resize, and so that we can lock the
+# heap in memory on startup to prevent any of it from being swapped
+# out.
+JVM_OPTS="$JVM_OPTS -Xms${MAX_HEAP_SIZE}"
+JVM_OPTS="$JVM_OPTS -Xmx${MAX_HEAP_SIZE}"
+JVM_OPTS="$JVM_OPTS -Xmn${HEAP_NEWSIZE}"
+JVM_OPTS="$JVM_OPTS -XX:+HeapDumpOnOutOfMemoryError"
+
+# set jvm HeapDumpPath with CASSANDRA_HEAPDUMP_DIR
+if [ "x$CASSANDRA_HEAPDUMP_DIR" != "x" ]; then
+ JVM_OPTS="$JVM_OPTS -XX:HeapDumpPath=$CASSANDRA_HEAPDUMP_DIR/cassandra-`date +%s`-pid$$.hprof"
+fi
+
+
+startswith() { [ "${1#$2}" != "$1" ]; }
+
+# Per-thread stack size.
+JVM_OPTS="$JVM_OPTS -Xss256k"
+
+# Larger interned string table, for gossip's benefit (CASSANDRA-6410)
+JVM_OPTS="$JVM_OPTS -XX:StringTableSize=1000003"
+
+# GC tuning options
+JVM_OPTS="$JVM_OPTS -XX:+UseParNewGC"
+JVM_OPTS="$JVM_OPTS -XX:+UseConcMarkSweepGC"
+JVM_OPTS="$JVM_OPTS -XX:+CMSParallelRemarkEnabled"
+JVM_OPTS="$JVM_OPTS -XX:SurvivorRatio=8"
+JVM_OPTS="$JVM_OPTS -XX:MaxTenuringThreshold=1"
+JVM_OPTS="$JVM_OPTS -XX:CMSInitiatingOccupancyFraction=75"
+JVM_OPTS="$JVM_OPTS -XX:+UseCMSInitiatingOccupancyOnly"
+JVM_OPTS="$JVM_OPTS -XX:+UseTLAB"
+JVM_OPTS="$JVM_OPTS -XX:CompileCommandFile=$CASSANDRA_CONF/hotspot_compiler"
+JVM_OPTS="$JVM_OPTS -XX:CMSWaitDuration=10000"
+
+# note: bash evals '1.7.x' as > '1.7' so this is really a >= 1.7 jvm check
+if { [ "$JVM_VERSION" -gt "1.7" ] && [ "$JVM_VERSION" -lt "1.8.0" ] && [ "$JVM_PATCH_VERSION" -ge "60" ]; } || [ "$JVM_VERSION" -gt "1.8" ] ; then
+ JVM_OPTS="$JVM_OPTS -XX:+CMSParallelInitialMarkEnabled -XX:+CMSEdenChunksRecordAlways -XX:CMSWaitDuration=10000"
+fi
+
+if [ "$JVM_ARCH" = "64-Bit" ] ; then
+ JVM_OPTS="$JVM_OPTS -XX:+UseCondCardMark"
+fi
+
+{% set cassandra_gc_logging = database.get('cassandra_gc_logging', 'rotation') %}
+{% if cassandra_gc_logging %}
+# GC logging options -- uncomment to enable
+JVM_OPTS="$JVM_OPTS -XX:+PrintGCDetails"
+JVM_OPTS="$JVM_OPTS -XX:+PrintGCDateStamps"
+JVM_OPTS="$JVM_OPTS -XX:+PrintHeapAtGC"
+JVM_OPTS="$JVM_OPTS -XX:+PrintTenuringDistribution"
+JVM_OPTS="$JVM_OPTS -XX:+PrintGCApplicationStoppedTime"
+JVM_OPTS="$JVM_OPTS -XX:+PrintPromotionFailure"
+JVM_OPTS="$JVM_OPTS -XX:PrintFLSStatistics=1"
+{% if cassandra_gc_logging == 'legacy' %}
+JVM_OPTS="$JVM_OPTS -Xloggc:/var/log/cassandra/gc-`date +%s`.log"
+{% elif cassandra_gc_logging == 'rotation' %}
+#JVM_OPTS="$JVM_OPTS -Xloggc:/var/log/cassandra/gc-`date +%s`.log"
+
+# If you are using JDK 6u34 7u2 or later you can enable GC log rotation
+# don't stick the date in the log name if rotation is on.
+JVM_OPTS="$JVM_OPTS -Xloggc:/var/log/cassandra/gc.log"
+JVM_OPTS="$JVM_OPTS -XX:+UseGCLogFileRotation"
+JVM_OPTS="$JVM_OPTS -XX:NumberOfGCLogFiles=10"
+JVM_OPTS="$JVM_OPTS -XX:GCLogFileSize=10M"
+{% endif %}
+{% endif %}
+
+# Configure the following for JEMallocAllocator and if jemalloc is not available in the system
+# library path (Example: /usr/local/lib/). Usually "make install" will do the right thing.
+# export LD_LIBRARY_PATH=<JEMALLOC_HOME>/lib/
+# JVM_OPTS="$JVM_OPTS -Djava.library.path=<JEMALLOC_HOME>/lib/"
+
+# uncomment to have Cassandra JVM listen for remote debuggers/profilers on port 1414
+# JVM_OPTS="$JVM_OPTS -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=1414"
+
+# uncomment to have Cassandra JVM log internal method compilation (developers only)
+# JVM_OPTS="$JVM_OPTS -XX:+UnlockDiagnosticVMOptions -XX:+LogCompilation"
+
+# Prefer binding to IPv4 network intefaces (when net.ipv6.bindv6only=1). See
+# http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6342561 (short version:
+# comment out this entry to enable IPv6 support).
+JVM_OPTS="$JVM_OPTS -Djava.net.preferIPv4Stack=true"
+
+# jmx: metrics and administration interface
+#
+# add this if you're having trouble connecting:
+# JVM_OPTS="$JVM_OPTS -Djava.rmi.server.hostname=<public name>"
+#
+# see
+# https://blogs.oracle.com/jmxetc/entry/troubleshooting_connection_problems_in_jconsole
+# for more on configuring JMX through firewalls, etc. (Short version:
+# get it working with no firewall first.)
+#
+# Cassandra ships with JMX accessible *only* from localhost.
+# To enable remote JMX connections, uncomment lines below
+# with authentication and/or ssl enabled. See https://wiki.apache.org/cassandra/JmxSecurity
+#
+LOCAL_JMX=yes
+
+if [ "$LOCAL_JMX" = "yes" ]; then
+ JVM_OPTS="$JVM_OPTS -Dcassandra.jmx.local.port=$JMX_PORT -XX:+DisableExplicitGC"
+else
+ JVM_OPTS="$JVM_OPTS -Dcom.sun.management.jmxremote.port=$JMX_PORT"
+ JVM_OPTS="$JVM_OPTS -Dcom.sun.management.jmxremote.rmi.port=$JMX_PORT"
+ JVM_OPTS="$JVM_OPTS -Dcom.sun.management.jmxremote.ssl=false"
+ JVM_OPTS="$JVM_OPTS -Dcom.sun.management.jmxremote.authenticate=true"
+ JVM_OPTS="$JVM_OPTS -Dcom.sun.management.jmxremote.password.file=/etc/cassandra/jmxremote.password"
+fi
+
+# To use mx4j, an HTML interface for JMX, add mx4j-tools.jar to the lib/
+# directory.
+# See http://wiki.apache.org/cassandra/Operations#Monitoring_with_MX4J
+# By default mx4j listens on 0.0.0.0:8081. Uncomment the following lines
+# to control its listen address and port.
+#MX4J_ADDRESS="-Dmx4jaddress=127.0.0.1"
+#MX4J_PORT="-Dmx4jport=8081"
+
+JVM_OPTS="$JVM_OPTS $MX4J_ADDRESS"
+JVM_OPTS="$JVM_OPTS $MX4J_PORT"
+JVM_OPTS="$JVM_OPTS $JVM_EXTRA_OPTS"
diff --git a/opencontrail/files/4.0/database/cassandra-env.sh b/opencontrail/files/4.0/database/cassandra-env.sh
index 2eb5fbd..6b70455 100644
--- a/opencontrail/files/4.0/database/cassandra-env.sh
+++ b/opencontrail/files/4.0/database/cassandra-env.sh
@@ -170,7 +170,7 @@
# Specifies the default port over which Cassandra will be available for
# JMX connections.
# For security reasons, you should not expose this port to the internet. Firewall it if needed.
-JMX_PORT="7199"
+JMX_PORT="7198"
# Here we create the arguments that will get passed to the jvm when
@@ -217,10 +217,10 @@
JVM_OPTS="$JVM_OPTS -XX:StringTableSize=1000003"
# GC tuning options
-JVM_OPTS="$JVM_OPTS -XX:+UseParNewGC"
-JVM_OPTS="$JVM_OPTS -XX:+UseConcMarkSweepGC"
-JVM_OPTS="$JVM_OPTS -XX:+CMSParallelRemarkEnabled"
-JVM_OPTS="$JVM_OPTS -XX:SurvivorRatio=8"
+JVM_OPTS="$JVM_OPTS -XX:+UseParNewGC"
+JVM_OPTS="$JVM_OPTS -XX:+UseConcMarkSweepGC"
+JVM_OPTS="$JVM_OPTS -XX:+CMSParallelRemarkEnabled"
+JVM_OPTS="$JVM_OPTS -XX:SurvivorRatio=8"
JVM_OPTS="$JVM_OPTS -XX:MaxTenuringThreshold=1"
JVM_OPTS="$JVM_OPTS -XX:CMSInitiatingOccupancyFraction=75"
JVM_OPTS="$JVM_OPTS -XX:+UseCMSInitiatingOccupancyOnly"
@@ -261,8 +261,8 @@
{% endif %}
{% endif %}
-# Configure the following for JEMallocAllocator and if jemalloc is not available in the system
-# library path (Example: /usr/local/lib/). Usually "make install" will do the right thing.
+# Configure the following for JEMallocAllocator and if jemalloc is not available in the system
+# library path (Example: /usr/local/lib/). Usually "make install" will do the right thing.
# export LD_LIBRARY_PATH=<JEMALLOC_HOME>/lib/
# JVM_OPTS="$JVM_OPTS -Djava.library.path=<JEMALLOC_HOME>/lib/"
@@ -287,9 +287,9 @@
# for more on configuring JMX through firewalls, etc. (Short version:
# get it working with no firewall first.)
#
-# Cassandra ships with JMX accessible *only* from localhost.
+# Cassandra ships with JMX accessible *only* from localhost.
# To enable remote JMX connections, uncomment lines below
-# with authentication and/or ssl enabled. See https://wiki.apache.org/cassandra/JmxSecurity
+# with authentication and/or ssl enabled. See https://wiki.apache.org/cassandra/JmxSecurity
#
LOCAL_JMX=yes
diff --git a/opencontrail/files/4.0/doctrail b/opencontrail/files/4.0/doctrail
new file mode 100644
index 0000000..6b508d8
--- /dev/null
+++ b/opencontrail/files/4.0/doctrail
@@ -0,0 +1,40 @@
+#!/bin/bash
+
+if [ "$1" == "-h" ] || [ "$1" == "--help" ]; then
+ echo -e "\nUsage: $0 {analytics|analyticsdb|controller|all} {<command_to_send>|console}\n"
+ echo "Examples: "
+ echo "$0 controller contrail-status"
+ echo "$0 controller service contrail-database restart"
+ echo "$0 all contrail-status"
+ echo "$0 controller console "
+ echo -e "\n"
+ exit 0
+fi
+
+NODES=("analytics" "analyticsdb" "controller")
+
+if [ "$1" == "all" ] ; then
+ for el in ${NODES[*]}; do
+ NODE=$(docker ps | grep _"$el"_ | awk '{print $1}')
+ if [[ -n $NODE ]] ; then
+ echo -e "\n\n FOR NODE $el\n*****************************************\n"
+ docker exec $NODE ${@:2}
+ fi
+ done
+else
+ CORRECT=$(echo ${NODES[@]} | grep -o $1 | wc -w)
+
+ if [ "$CORRECT" -gt 0 ] && [ "$1" != "all" ]; then
+ if [ "$2" == "console" ]; then
+ echo "Starting console:"
+ NODE=$(docker ps | grep _$1_ | awk '{print $1}')
+ docker exec -it $NODE bash
+ else
+ NODE=$(docker ps | grep _$1_ | awk '{print $1}')
+ docker exec $NODE ${@:2}
+ fi
+ else
+ echo "Unknow target, use -h or --help paramater for help"
+ exit 0
+ fi
+fi
diff --git a/opencontrail/files/4.0/collector/redis.conf b/opencontrail/files/4.0/redis.conf
similarity index 99%
rename from opencontrail/files/4.0/collector/redis.conf
rename to opencontrail/files/4.0/redis.conf
index a196902..db9c433 100644
--- a/opencontrail/files/4.0/collector/redis.conf
+++ b/opencontrail/files/4.0/redis.conf
@@ -1,3 +1,4 @@
+{%- from "opencontrail/map.jinja" import collector with context %}
# Redis configuration file example
# Note on units: when memory size is needed, it is possible to specify
@@ -52,7 +53,7 @@
# Examples:
#
# bind 192.168.1.100 10.0.0.1
-#bind 127.0.0.1
+bind 127.0.0.1 {{ collector.bind.address }}
# Specify the path for the unix socket that will be used to listen for
# incoming connections. There is no default, so Redis will not listen
@@ -171,9 +172,9 @@
#
# The DB will be written inside this directory, with the filename specified
# above using the 'dbfilename' configuration directive.
-#
+#
# The Append Only File will also be created inside this directory.
-#
+#
# Note that you must specify a directory here, not a file name.
dir /var/lib/redis
@@ -322,7 +323,7 @@
#
# This should stay commented out for backward compatibility and because most
# people do not need auth (e.g. they run their own servers).
-#
+#
# Warning: since Redis is pretty fast an outside user can try up to
# 150k passwords per second against a good box. This means that you should
# use a very strong password otherwise it will be very easy to break.
@@ -388,14 +389,14 @@
# MAXMEMORY POLICY: how Redis will select what to remove when maxmemory
# is reached. You can select among five behaviors:
-#
+#
# volatile-lru -> remove the key with an expire set using an LRU algorithm
# allkeys-lru -> remove any key accordingly to the LRU algorithm
# volatile-random -> remove a random key with an expire set
# allkeys-random -> remove a random key, any key
# volatile-ttl -> remove the key with the nearest expire time (minor TTL)
# noeviction -> don't expire at all, just return an error on write operations
-#
+#
# Note: with any of the above policies, Redis will return an error on write
# operations, when there are not suitable keys for eviction.
#
@@ -444,7 +445,7 @@
appendfilename "appendonly.aof"
# The fsync() call tells the Operating System to actually write data on disk
-# instead to wait for more data in the output buffer. Some OS will really flush
+# instead to wait for more data in the output buffer. Some OS will really flush
# data on disk, some other OS will just try to do it ASAP.
#
# Redis supports three different modes:
@@ -485,7 +486,7 @@
# the same as "appendfsync none". In practical terms, this means that it is
# possible to lose up to 30 seconds of log in the worst scenario (with the
# default Linux settings).
-#
+#
# If you have latency problems turn this to "yes". Otherwise leave it as
# "no" that is the safest pick from the point of view of durability.
@@ -494,7 +495,7 @@
# Automatic rewrite of the append only file.
# Redis is able to automatically rewrite the log file implicitly calling
# BGREWRITEAOF when the AOF log size grows by the specified percentage.
-#
+#
# This is how it works: Redis remembers the size of the AOF file after the
# latest rewrite (if no rewrite has happened since the restart, the size of
# the AOF at startup is used).
@@ -537,7 +538,7 @@
# but just the time needed to actually execute the command (this is the only
# stage of command execution where the thread is blocked and can not serve
# other requests in the meantime).
-#
+#
# You can configure the slow log with two parameters: one tells Redis
# what is the execution time, in microseconds, to exceed in order for the
# command to get logged, and the other parameter is the length of the
@@ -557,7 +558,7 @@
# Redis can notify Pub/Sub clients about events happening in the key space.
# This feature is documented at http://redis.io/topics/keyspace-events
-#
+#
# For instance if keyspace events notification is enabled, and a client
# performs a DEL operation on key "foo" stored in the Database 0, two
# messages will be published via Pub/Sub:
@@ -633,7 +634,7 @@
# that is rehashing, the more rehashing "steps" are performed, so if the
# server is idle the rehashing is never complete and some more memory is used
# by the hash table.
-#
+#
# The default is to use this millisecond 10 times every second in order to
# active rehashing the main dictionaries, freeing memory when possible.
#
@@ -705,4 +706,3 @@
# in order to commit the file to the disk more incrementally and avoid
# big latency spikes.
aof-rewrite-incremental-fsync yes
-
diff --git a/opencontrail/files/4.0/server.properties b/opencontrail/files/4.0/server.properties
index 98b8c71..eacd666 100644
--- a/opencontrail/files/4.0/server.properties
+++ b/opencontrail/files/4.0/server.properties
@@ -115,7 +115,7 @@
# You can also append an optional chroot string to the urls to specify the
# root directory for all kafka znodes.
#zookeeper.connect=10.0.102.211:2181
-zookeeper.connect={% for member in database.members %}{{ member.host }}:2181{% if not loop.last %},{% endif %}{% endfor %}
+zookeeper.connect={% for member in database.members %}{{ member.host }}:2182{% if not loop.last %},{% endif %}{% endfor %}
# Timeout in ms for connecting to zookeeper
log.cleanup.policy=delete
diff --git a/opencontrail/files/4.0/zoo_analytics.cfg b/opencontrail/files/4.0/zoo_analytics.cfg
new file mode 100644
index 0000000..48a3663
--- /dev/null
+++ b/opencontrail/files/4.0/zoo_analytics.cfg
@@ -0,0 +1,61 @@
+{%- from "opencontrail/map.jinja" import database with context %}
+# http://hadoop.apache.org/zookeeper/docs/current/zookeeperAdmin.html
+
+# The number of milliseconds of each tick
+tickTime=2000
+# The number of ticks that the initial
+# synchronization phase can take
+initLimit=10
+# The number of ticks that can pass between
+# sending a request and getting an acknowledgement
+syncLimit=5
+# the directory where the snapshot is stored.
+dataDir=/var/lib/zookeeper
+# Place the dataLogDir to a separate physical disc for better performance
+# dataLogDir=/disk2/zookeeper
+
+# the port at which the clients will connect
+clientPort=2182
+
+# specify all zookeeper servers
+# The fist port is used by followers to connect to the leader
+# The second one is used for leader election
+#server.1=zookeeper1:2888:3888
+#server.2=zookeeper2:2888:3888
+#server.3=zookeeper3:2888:3888
+
+
+# To avoid seeks ZooKeeper allocates space in the transaction log file in
+# blocks of preAllocSize kilobytes. The default block size is 64M. One reason
+# for changing the size of the blocks is to reduce the block size if snapshots
+# are taken more often. (Also, see snapCount).
+#preAllocSize=65536
+
+# Clients can submit requests faster than ZooKeeper can process them,
+# especially if there are a lot of clients. To prevent ZooKeeper from running
+# out of memory due to queued requests, ZooKeeper will throttle clients so that
+# there is no more than globalOutstandingLimit outstanding requests in the
+# system. The default limit is 1,000.ZooKeeper logs transactions to a
+# transaction log. After snapCount transactions are written to a log file a
+# snapshot is started and a new transaction log file is started. The default
+# snapCount is 10,000.
+#snapCount=1000
+
+# If this option is defined, requests will be will logged to a trace file named
+# traceFile.year.month.day.
+#traceFile=
+
+# Leader accepts client connections. Default value is "yes". The leader machine
+# coordinates updates. For higher update throughput at thes slight expense of
+# read throughput the leader can be configured to not accept clients and focus
+# on coordination.
+#leaderServes=yes
+
+maxSessionTimeout=120000
+autopurge.purgeInterval=3
+{%- for member in database.members %}
+server.{{ member.id }}={{ member.host }}:2889:3889
+{%- endfor %}
+#server.1=10.0.222.2:2889:3889
+#server.2=10.0.222.3:2889:3889
+#server.3=10.0.222.4:2889:3889
diff --git a/opencontrail/files/4.0/zookeeper b/opencontrail/files/4.0/zookeeper
index a7dc0e7..b1ed501 100644
--- a/opencontrail/files/4.0/zookeeper
+++ b/opencontrail/files/4.0/zookeeper
@@ -4,7 +4,7 @@
# by default we allow local JMX connections
#JMXLOCALONLY=false
-JAVA_OPTS="-Djava.rmi.server.hostname=127.0.0.1 -Dcom.sun.management.jmxremote.host=127.0.0.1 -Dcom.sun.management.jmxremote.port=7188 -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false -Dzookeeper.jmx.log4j.disable=false"
+JAVA_OPTS="-Djava.rmi.server.hostname=127.0.0.1 -Dcom.sun.management.jmxremote.host=127.0.0.1 -Dcom.sun.management.jmxremote.port=7199 -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false -Dzookeeper.jmx.log4j.disable=false"
# Make sure to include the original classpath since it contains the zookeeper
# jars
diff --git a/opencontrail/files/4.0/zookeeper.properties b/opencontrail/files/4.0/zookeeper.properties
new file mode 100644
index 0000000..3f18f01
--- /dev/null
+++ b/opencontrail/files/4.0/zookeeper.properties
@@ -0,0 +1,20 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# the directory where the snapshot is stored.
+dataDir=/tmp/zookeeper
+# the port at which the clients will connect
+clientPort=2182
+# disable the per-ip limit on the number of connections since this is a non-production config
+maxClientCnxns=0
diff --git a/opencontrail/files/4.0/zookeeper_analytics b/opencontrail/files/4.0/zookeeper_analytics
new file mode 100644
index 0000000..42b22b4
--- /dev/null
+++ b/opencontrail/files/4.0/zookeeper_analytics
@@ -0,0 +1,11 @@
+# See the following page for extensive details on setting
+# up the JVM to accept JMX remote management:
+# http://java.sun.com/javase/6/docs/technotes/guides/management/agent.html
+# by default we allow local JMX connections
+#JMXLOCALONLY=false
+
+JAVA_OPTS="-Djava.rmi.server.hostname=127.0.0.1 -Dcom.sun.management.jmxremote.host=127.0.0.1 -Dcom.sun.management.jmxremote.port=7198 -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false -Dzookeeper.jmx.log4j.disable=false"
+
+# Make sure to include the original classpath since it contains the zookeeper
+# jars
+#CLASSPATH="$CLASSPATH:YOURCLASSPATH"
diff --git a/opencontrail/web.sls b/opencontrail/web.sls
index 00c72bd..8e6273b 100644
--- a/opencontrail/web.sls
+++ b/opencontrail/web.sls
@@ -1,26 +1,27 @@
{%- from "opencontrail/map.jinja" import web with context %}
{%- if web.enabled %}
+{%- if not web.get('config_only', False) %}
opencontrail_web_packages:
pkg.installed:
- names: {{ web.pkgs }}
- force_yes: True
+ - require_in:
+ - /etc/contrail/contrail-webui-userauth.js
+ - /etc/contrail/config.global.js
+{%- endif %}
/etc/contrail/config.global.js:
file.managed:
- source: salt://opencontrail/files/{{ web.version }}/config.global.js
- template: jinja
- - require:
- - pkg: opencontrail_web_packages
/etc/contrail/contrail-webui-userauth.js:
file.managed:
- source: salt://opencontrail/files/{{ web.version }}/contrail-webui-userauth.js
- template: jinja
- - require:
- - pkg: opencontrail_web_packages
- - watch_in:
- - service: opencontrail_web_services
+
+{%- if not web.get('config_only', False) %}
opencontrail_web_services:
service.running:
@@ -29,8 +30,9 @@
{%- if grains.get('noservices') %}
- onlyif: /bin/false
{%- endif %}
- - watch:
+ - watch:
- file: /etc/contrail/config.global.js
+ - file: /etc/contrail/contrail-webui-userauth.js
{%- if grains.get('virtual_subtype', None) == "Docker" %}
@@ -44,3 +46,17 @@
{%- endif %}
{%- endif %}
+
+{%- if web.version >= 4.0 and web.get('config_only', False) %}
+/lib/systemd/system/contrail-webui-jobserver.service:
+ file.managed:
+ - source: salt://opencontrail/files/{{ web.version }}/contrail-webui-jobserver.service
+ - template: jinja
+
+/lib/systemd/system/contrail-webui-webserver.service:
+ file.managed:
+ - source: salt://opencontrail/files/{{ web.version }}/contrail-webui-webserver.service
+ - template: jinja
+{%- endif %}
+
+{%- endif %}
diff --git a/tests/pillar/analytics40.sls b/tests/pillar/analytics40.sls
index 9ab5628..34bc5eb 100644
--- a/tests/pillar/analytics40.sls
+++ b/tests/pillar/analytics40.sls
@@ -1,6 +1,7 @@
opencontrail:
common:
version: 4.0
+ config_only: true
identity:
engine: keystone
host: 127.0.0.1
@@ -12,7 +13,18 @@
host: 127.0.0.1
port: 9696
collector:
+ identity:
+ engine: keystone
+ version: '2.0'
+ region: RegionOne
+ host: 127.0.0.1
+ port: 35357
+ user: admin
+ password: password
+ token: token
+ tenant: admin
version: 4.0
+ config_only: true
enabled: true
bind:
address: 127.0.0.1
@@ -45,6 +57,7 @@
- host: 127.0.0.1
database:
version: 4.0
+ config_only: true
cassandra:
version: 2
enabled: true
diff --git a/tests/pillar/cluster40.sls b/tests/pillar/cluster40.sls
index 387b934..4cdac34 100644
--- a/tests/pillar/cluster40.sls
+++ b/tests/pillar/cluster40.sls
@@ -1,6 +1,7 @@
opencontrail:
common:
version: 4.0
+ config_only: true
identity:
engine: keystone
host: 127.0.0.1
@@ -13,6 +14,7 @@
port: 9696
config:
version: 4.0
+ config_only: true
enabled: true
api:
host: 127.0.0.1
@@ -66,6 +68,7 @@
id: 3
control:
version: 4.0
+ config_only: true
enabled: true
name: ntw-01
bind:
@@ -95,7 +98,18 @@
- host: 127.0.0.1
- host: 127.0.0.1
collector:
+ identity:
+ engine: keystone
+ version: '2.0'
+ region: RegionOne
+ host: 127.0.0.1
+ port: 35357
+ user: admin
+ password: password
+ token: token
+ tenant: admin
version: 4.0
+ config_only: true
enabled: true
bind:
address: 127.0.0.1
@@ -128,6 +142,7 @@
- host: 127.0.0.1
database:
version: 4.0
+ config_only: true
cassandra:
version: 2
enabled: true
@@ -155,6 +170,7 @@
- host: 127.0.0.1
web:
version: 4.0
+ config_only: true
enabled: True
network:
host: 127.0.0.1
diff --git a/tests/pillar/control40.sls b/tests/pillar/control40.sls
index 907dee7..5351ef8 100644
--- a/tests/pillar/control40.sls
+++ b/tests/pillar/control40.sls
@@ -1,6 +1,7 @@
opencontrail:
common:
version: 4.0
+ config_only: true
identity:
engine: keystone
host: 127.0.0.1
@@ -13,6 +14,7 @@
port: 9696
config:
version: 4.0
+ config_only: true
enabled: true
api:
host: 127.0.0.1
@@ -67,6 +69,7 @@
list_optimization_enabled: true
control:
version: 4.0
+ config_only: true
enabled: true
name: ntw-01
bind:
@@ -97,6 +100,7 @@
id: 3
database:
version: 4.0
+ config_only: true
cassandra:
version: 2
enabled: true
@@ -124,6 +128,7 @@
- host: 127.0.0.1
web:
version: 4.0
+ config_only: true
enabled: True
network:
host: 127.0.0.1
diff --git a/tests/pillar/repo_opencontrail_oc40.sls b/tests/pillar/repo_opencontrail_oc40.sls
index 4e856d1..98f3056 100644
--- a/tests/pillar/repo_opencontrail_oc40.sls
+++ b/tests/pillar/repo_opencontrail_oc40.sls
@@ -10,10 +10,3 @@
- pin: 'release a=nightly'
priority: 1100
package: '*'
- package:
- librdkafka1:
- version: 0.9.0-0contrail0
- hold: true
- python-kafka:
- version: 1.0.1-0contrail1
- hold: true
diff --git a/tests/pillar/single40.sls b/tests/pillar/single40.sls
index 5edb3dd..008a004 100644
--- a/tests/pillar/single40.sls
+++ b/tests/pillar/single40.sls
@@ -73,6 +73,16 @@
- host: 127.0.0.1
id: 1
collector:
+ identity:
+ engine: keystone
+ version: '2.0'
+ region: RegionOne
+ host: 127.0.0.1
+ port: 35357
+ user: admin
+ password: password
+ token: token
+ tenant: admin
version: 4.0
enabled: true
bind: