initial commit
diff --git a/system/billometer/server/single.yml b/system/billometer/server/single.yml
new file mode 100644
index 0000000..be13be2
--- /dev/null
+++ b/system/billometer/server/single.yml
@@ -0,0 +1,38 @@
+classes:
+- service.billometer.server.single
+- service.git.client
+- service.postgresql.server.local
+- service.python.environment
+- service.rabbitmq.server.single
+- service.supervisor.server.single
+parameters:
+ _param:
+ billometer_secret_key: billometer
+ keystone_billometer_address: localhost
+ keystone_billometer_password: password
+ postgresql_billometer_password: password
+ postgresql_graphite_password: password
+ rabbitmq_admin_name: admin
+ rabbitmq_admin_password: password
+ rabbitmq_secret_key: rabbitmq
+ rabbitmq_billometer_password: password
+ rabbitmq_graphite_password: password
+ postgresql:
+ server:
+ database:
+ billometer:
+ encoding: UTF8
+ locale: cs_CZ
+ users:
+ - name: billometer
+ createdb: true
+ password: ${_param:postgresql_billometer_password}
+ host: 127.0.0.1
+ rights: all privileges
+ rabbitmq:
+ server:
+ host:
+ '/billometer':
+ enabled: true
+ user: billometer
+ password: ${_param:rabbitmq_billometer_password}
diff --git a/system/ceilometer/compute/cluster.yml b/system/ceilometer/compute/cluster.yml
new file mode 100644
index 0000000..86b044e
--- /dev/null
+++ b/system/ceilometer/compute/cluster.yml
@@ -0,0 +1,8 @@
+classes:
+- service.ceilometer.agent.cluster
+- service.ceilometer.agent.publisher.graphite
+parameters:
+ nova:
+ compute:
+ notification:
+ driver: messagingv2
diff --git a/system/cinder/control/cluster.yml b/system/cinder/control/cluster.yml
new file mode 100644
index 0000000..0f5b06d
--- /dev/null
+++ b/system/cinder/control/cluster.yml
@@ -0,0 +1,57 @@
+classes:
+- service.cinder.control.cluster_control
+- service.haproxy.proxy.single
+- service.keepalived.cluster.single
+- system.haproxy.proxy.listen.openstack.cinder
+parameters:
+ cinder:
+ volume:
+ enabled: false
+ default_volume_type: ""
+ backend: {}
+ logging:
+ heka:
+ enabled: true
+ cinder:
+ controller:
+ enabled: true
+ default_volume_type: ""
+ backend: {}
+ version: ${_param:cinder_version}
+ osapi:
+ host: ${_param:cluster_local_address}
+ database:
+ engine: mysql
+ host: ${_param:openstack_database_address}
+ port: 3306
+ name: cinder
+ user: cinder
+ password: ${_param:mysql_cinder_password}
+ identity:
+ engine: keystone
+ region: ${_param:openstack_region}
+ host: ${_param:cluster_vip_address}
+ port: 35357
+ tenant: service
+ user: cinder
+ password: ${_param:keystone_cinder_password}
+ glance:
+ host: ${_param:cluster_vip_address}
+ port: 9292
+ message_queue:
+ engine: rabbitmq
+ host: ${_param:openstack_message_queue_address}
+ port: 5672
+ user: openstack
+ password: ${_param:rabbitmq_openstack_password}
+ virtual_host: '/openstack'
+ cache:
+ engine: memcached
+ members:
+ - host: ${_param:cluster_node01_address}
+ port: 11211
+ - host: ${_param:cluster_node02_address}
+ port: 11211
+ - host: ${_param:cluster_node03_address}
+ port: 11211
+
diff --git a/system/cinder/control/single.yml b/system/cinder/control/single.yml
new file mode 100644
index 0000000..58156cb
--- /dev/null
+++ b/system/cinder/control/single.yml
@@ -0,0 +1,12 @@
+classes:
+- service.cinder.control.single
+parameters:
+ cinder:
+ volume:
+ enabled: false
+ controller:
+ backend: {}
+ default_volume_type: ''
+ database:
+ host: ${_param:single_address}
+
diff --git a/system/cinder/volume/single.yml b/system/cinder/volume/single.yml
new file mode 100644
index 0000000..dd4c835
--- /dev/null
+++ b/system/cinder/volume/single.yml
@@ -0,0 +1,6 @@
+classes:
+- service.cinder.volume.single
+parameters:
+ cinder:
+ controller:
+ enabled: false
diff --git a/system/collectd/client/local.yml b/system/collectd/client/local.yml
new file mode 100644
index 0000000..b1c8843
--- /dev/null
+++ b/system/collectd/client/local.yml
@@ -0,0 +1,2 @@
+classes:
+- service.collectd.client
diff --git a/system/collectd/client/output/carbon.yml b/system/collectd/client/output/carbon.yml
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/system/collectd/client/output/carbon.yml
diff --git a/system/collectd/client/output/heka.yml b/system/collectd/client/output/heka.yml
new file mode 100644
index 0000000..5efb3ac
--- /dev/null
+++ b/system/collectd/client/output/heka.yml
@@ -0,0 +1,16 @@
+classes:
+- service.collectd.client
+parameters:
+ _param:
+ collectd_metric_collector_host: 127.0.0.1
+ collectd_metric_collector_port: 8325
+ collectd:
+ client:
+ enabled: true
+ backend:
+ metric_collector:
+ engine: http
+ host: ${_param:collectd_metric_collector_host}
+ port: ${_param:collectd_metric_collector_port}
+ read_interval: 10
+ use_fqdn: false
diff --git a/system/collectd/remote_client/cluster.yml b/system/collectd/remote_client/cluster.yml
new file mode 100644
index 0000000..1edced0
--- /dev/null
+++ b/system/collectd/remote_client/cluster.yml
@@ -0,0 +1,18 @@
+classes:
+- system.collectd.remote_client.output.heka
+- service.collectd.remote_client.cluster
+parameters:
+ collectd:
+ remote_client:
+ automatic_starting: false
+ keepalived:
+ cluster:
+ instance:
+ stacklight_monitor_vip:
+ notify_action:
+ master:
+ - service remote_collectd start
+ backup:
+ - service remote_collectd stop
+ fault:
+ - service remote_collectd stop
diff --git a/system/collectd/remote_client/output/heka.yml b/system/collectd/remote_client/output/heka.yml
new file mode 100644
index 0000000..ec3b5e0
--- /dev/null
+++ b/system/collectd/remote_client/output/heka.yml
@@ -0,0 +1,14 @@
+parameters:
+ _param:
+ collectd_remote_collector_port: 8326
+ collectd:
+ remote_client:
+ enabled: true
+ backend:
+ remote_collector:
+ engine: http
+ host: ${_param:collectd_remote_collector_host}
+ port: ${_param:collectd_remote_collector_port}
+ timeout: 5
+ read_interval: 10
+ use_fqdn: false
diff --git a/system/collectd/remote_client/single.yml b/system/collectd/remote_client/single.yml
new file mode 100644
index 0000000..f49e40d
--- /dev/null
+++ b/system/collectd/remote_client/single.yml
@@ -0,0 +1,7 @@
+classes:
+- system.collectd.remote_client.output.heka
+- service.collectd.remote_client.single
+parameters:
+ collectd:
+ remote_client:
+ automatic_starting: true
diff --git a/system/elasticsearch/client/single.yml b/system/elasticsearch/client/single.yml
new file mode 100644
index 0000000..8407e2d
--- /dev/null
+++ b/system/elasticsearch/client/single.yml
@@ -0,0 +1,8 @@
+classes:
+- service.elasticsearch.client
+parameters:
+ elasticsearch:
+ client:
+ enabled: true
+ server:
+ host: ${_param:stacklight_monitor_address}
diff --git a/system/elasticsearch/server/cluster.yml b/system/elasticsearch/server/cluster.yml
new file mode 100644
index 0000000..56a0469
--- /dev/null
+++ b/system/elasticsearch/server/cluster.yml
@@ -0,0 +1,78 @@
+classes:
+- service.elasticsearch.server.cluster
+- service.java.environment
+- service.glusterfs.server
+- service.glusterfs.client
+parameters:
+ _param:
+ java_environment_version: "8"
+ java_environment_platform: openjdk
+ linux:
+ system:
+ sysctl:
+ vm.max_map_count: 262144
+ vm.swappiness: 0
+ repo:
+ tcpcloud_elasticsearch:
+ source: "deb [arch=amd64] http://apt.tcpcloud.eu/nightly/ xenial elastic"
+ architectures: amd64
+ key_url: "http://apt.tcpcloud.eu/public.gpg"
+ java:
+ environment:
+ headless: true
+ elasticsearch:
+ server:
+ enabled: true
+ master: true
+ data: true
+ mlockall: true
+ bind:
+ address: ${_param:single_address}
+ port: 9200
+ index:
+ replicas: 2
+ threadpool:
+ bulk:
+ queue_size: 1000
+ gateway:
+ expected_nodes: 3
+ recover_after_nodes: 2
+ recover_after_time: 5m
+ cluster:
+ multicast: false
+ minimum_master_nodes: 2
+ members:
+ - host: ${_param:cluster_node01_address}
+ - host: ${_param:cluster_node02_address}
+ - host: ${_param:cluster_node03_address}
+ snapshot:
+ repo:
+ path: /var/lib/elasticsearch/repo
+ glusterfs:
+ server:
+ peers:
+ - ${_param:cluster_node01_address}
+ - ${_param:cluster_node02_address}
+ - ${_param:cluster_node03_address}
+ volumes:
+ elasticrepo:
+ storage: /srv/glusterfs/elasticrepo
+ replica: 3
+ bricks:
+ - ${_param:cluster_node01_address}:/srv/glusterfs/elasticrepo
+ - ${_param:cluster_node02_address}:/srv/glusterfs/elasticrepo
+ - ${_param:cluster_node03_address}:/srv/glusterfs/elasticrepo
+ options:
+ cluster.readdir-optimize: On
+ cluster.lookup-optimize: On
+ nfs.disable: On
+ network.remote-dio: On
+ diagnostics.client-log-level: WARNING
+ diagnostics.brick-log-level: WARNING
+ client:
+ volumes:
+ elasticrepo:
+ path: /var/lib/elasticsearch/repo
+ server: ${_param:cluster_node01_address}
+ user: elasticsearch
+ group: elasticsearch
diff --git a/system/elasticsearch/server/curator.yml b/system/elasticsearch/server/curator.yml
new file mode 100644
index 0000000..c0e9300
--- /dev/null
+++ b/system/elasticsearch/server/curator.yml
@@ -0,0 +1,87 @@
+parameters:
+ elasticsearch:
+ server:
+ curator:
+ timeout: 900
+ logfile: /var/log/elasticsearch/curator.log
+ logformat: json
+ actions:
+ - action: delete_indices
+ description: >-
+ Delete indices older than month (based on index name).
+ Ignore the error if the filter does not result in an actionable
+ list of indices (ignore_empty_list) and exit cleanly.
+ options:
+ ignore_empty_list: True
+ continue_if_exception: False
+ disable_action: False
+ filters:
+ - filtertype: pattern
+ kind: regex
+ value: 'netflow\-\d\d\d\d\.\d\d\.\d\d$'
+ - filtertype: age
+ source: name
+ direction: older
+ timestring: '%Y.%m.%d'
+ unit: days
+ unit_count: 30
+ - action: delete_indices
+ description: >-
+ Delete indices older than 6 months (based on index name).
+ Ignore the error if the filter does not result in an actionable
+ list of indices (ignore_empty_list) and exit cleanly.
+ options:
+ ignore_empty_list: True
+ continue_if_exception: False
+ disable_action: False
+ filters:
+ - filtertype: pattern
+ kind: regex
+ value: '.*\-\d\d\d\d\.\d\d\.\d\d$'
+ - filtertype: age
+ source: name
+ direction: older
+ timestring: '%Y.%m.%d'
+ unit: days
+ unit_count: 180
+ - action: replicas
+ description: >-
+ Reduce the replica count to 0 for indices older than 60 days
+ (based on index creation_date)
+ options:
+ count: 0
+ wait_for_completion: False
+ continue_if_exception: False
+ disable_action: False
+ filters:
+ - filtertype: pattern
+ kind: regex
+ value: '.*\-\d\d\d\d\.\d\d\.\d\d$'
+ - filtertype: age
+ source: creation_date
+ direction: older
+ unit: days
+ unit_count: 90
+ - action: forcemerge
+ description: >-
+ forceMerge indices older than 2 days (based on index
+ creation_date) to 2 segments per shard. Delay 120 seconds
+ between each forceMerge operation to allow the cluster to
+ quiesce.
+ This action will ignore indices already forceMerged to the same
+ or fewer number of segments per shard, so the 'forcemerged'
+ filter is unneeded.
+ options:
+ max_num_segments: 2
+ delay: 120
+ continue_if_exception: False
+ disable_action: False
+ filters:
+ - filtertype: pattern
+ kind: regex
+ value: '.*\-\d\d\d\d\.\d\d\.\d\d$'
+ - filtertype: age
+ source: creation_date
+ direction: older
+ unit: days
+ unit_count: 2
diff --git a/system/elasticsearch/server/single.yml b/system/elasticsearch/server/single.yml
new file mode 100644
index 0000000..d5c0538
--- /dev/null
+++ b/system/elasticsearch/server/single.yml
@@ -0,0 +1,59 @@
+classes:
+- service.java.environment.openjdk8
+- service.elasticsearch.server.single
+parameters:
+ linux:
+ system:
+ sysctl:
+ vm.max_map_count: 262144
+ vm.swappiness: 0
+ repo:
+ tcpcloud_elasticsearch:
+ source: "deb [arch=amd64] http://apt.tcpcloud.eu/nightly/ xenial elastic"
+ architectures: amd64
+ key_url: "http://apt.tcpcloud.eu/public.gpg"
+ java:
+ environment:
+ headless: true
+ elasticsearch:
+ server:
+ enabled: true
+ bind:
+ address: ${_param:single_address}
+ port: 9200
+ mlockall: true
+ threadpool:
+ bulk:
+ queue_size: 1000
+ gateway:
+ expected_nodes: 1
+ recover_after_nodes: 1
+ recover_after_time: 5m
+ cluster:
+ multicast: false
+ minimum_master_nodes: 1
+ members:
+ - host: ${_param:cluster_node01_address}
+ curator:
+ timeout: 30
+ logfile: /var/log/elasticsearch/curator.log
+ logformat: default
+ loglevel: INFO
+ actions:
+ - action: delete_indices
+ description: >-
+ Delete indices older than 31 days (based on index name).
+ options:
+ ignore_empty_list: True
+ continue_if_exception: False
+ disable_action: False
+ filters:
+ - filtertype: pattern
+ kind: regex
+ value: "^log|notification-.*$"
+ - filtertype: age
+ source: name
+ direction: older
+ timestring: '%Y.%m.%d'
+ unit: days
+ unit_count: 31
diff --git a/system/galera/server/cluster.yml b/system/galera/server/cluster.yml
new file mode 100644
index 0000000..f1c3a48
--- /dev/null
+++ b/system/galera/server/cluster.yml
@@ -0,0 +1,4 @@
+classes:
+- service.keepalived.cluster.single
+- service.haproxy.proxy.single
+- system.haproxy.proxy.listen.openstack.galera
\ No newline at end of file
diff --git a/system/galera/server/database/ceilometer.yml b/system/galera/server/database/ceilometer.yml
new file mode 100644
index 0000000..b33c8f9
--- /dev/null
+++ b/system/galera/server/database/ceilometer.yml
@@ -0,0 +1,15 @@
+parameters:
+ mysql:
+ server:
+ database:
+ ceilometer:
+ encoding: utf8
+ users:
+ - name: ceilometer
+ password: ${_param:mysql_ceilometer_password}
+ host: '%'
+ rights: all
+ - name: ceilometer
+ password: ${_param:mysql_ceilometer_password}
+ host: ${_param:cluster_local_address}
+ rights: all
diff --git a/system/galera/server/database/cinder.yml b/system/galera/server/database/cinder.yml
new file mode 100644
index 0000000..08b6ddb
--- /dev/null
+++ b/system/galera/server/database/cinder.yml
@@ -0,0 +1,15 @@
+parameters:
+ mysql:
+ server:
+ database:
+ cinder:
+ encoding: utf8
+ users:
+ - name: cinder
+ password: ${_param:mysql_cinder_password}
+ host: '%'
+ rights: all
+ - name: cinder
+ password: ${_param:mysql_cinder_password}
+ host: ${_param:cluster_local_address}
+ rights: all
diff --git a/system/galera/server/database/glance.yml b/system/galera/server/database/glance.yml
new file mode 100644
index 0000000..7e5e443
--- /dev/null
+++ b/system/galera/server/database/glance.yml
@@ -0,0 +1,15 @@
+parameters:
+ mysql:
+ server:
+ database:
+ glance:
+ encoding: utf8
+ users:
+ - name: glance
+ password: ${_param:mysql_glance_password}
+ host: '%'
+ rights: all
+ - name: glance
+ password: ${_param:mysql_glance_password}
+ host: ${_param:cluster_local_address}
+ rights: all
diff --git a/system/galera/server/database/grafana.yml b/system/galera/server/database/grafana.yml
new file mode 100644
index 0000000..fa4742e
--- /dev/null
+++ b/system/galera/server/database/grafana.yml
@@ -0,0 +1,16 @@
+parameters:
+ mysql:
+ server:
+ database:
+ grafana:
+ encoding: utf8
+ users:
+ - name: grafana
+ password: ${_param:mysql_grafana_password}
+ host: '%'
+ rights: all
+ - name: grafana
+ password: ${_param:mysql_grafana_password}
+ host: ${_param:cluster_local_address}
+ rights: all
+
diff --git a/system/galera/server/database/graphite.yml b/system/galera/server/database/graphite.yml
new file mode 100644
index 0000000..8ba6efd
--- /dev/null
+++ b/system/galera/server/database/graphite.yml
@@ -0,0 +1,11 @@
+parameters:
+ mysql:
+ server:
+ database:
+ graphite:
+ encoding: 'utf8'
+ users:
+ - name: 'graphite'
+ password: '${_param:mysql_graphite_password}'
+ host: '%'
+ rights: 'all'
diff --git a/system/galera/server/database/heat.yml b/system/galera/server/database/heat.yml
new file mode 100644
index 0000000..0d716d8
--- /dev/null
+++ b/system/galera/server/database/heat.yml
@@ -0,0 +1,15 @@
+parameters:
+ mysql:
+ server:
+ database:
+ heat:
+ encoding: utf8
+ users:
+ - name: heat
+ password: ${_param:mysql_heat_password}
+ host: '%'
+ rights: all
+ - name: heat
+ password: ${_param:mysql_heat_password}
+ host: ${_param:cluster_local_address}
+ rights: all
diff --git a/system/galera/server/database/keystone.yml b/system/galera/server/database/keystone.yml
new file mode 100644
index 0000000..fc2c5eb
--- /dev/null
+++ b/system/galera/server/database/keystone.yml
@@ -0,0 +1,15 @@
+parameters:
+ mysql:
+ server:
+ database:
+ keystone:
+ encoding: utf8
+ users:
+ - name: keystone
+ password: ${_param:mysql_keystone_password}
+ host: '%'
+ rights: all
+ - name: keystone
+ password: ${_param:mysql_keystone_password}
+ host: ${_param:cluster_local_address}
+ rights: all
diff --git a/system/galera/server/database/neutron.yml b/system/galera/server/database/neutron.yml
new file mode 100644
index 0000000..58dd012
--- /dev/null
+++ b/system/galera/server/database/neutron.yml
@@ -0,0 +1,15 @@
+parameters:
+ mysql:
+ server:
+ database:
+ neutron:
+ encoding: 'utf8'
+ users:
+ - name: 'neutron'
+ password: '${_param:mysql_neutron_password}'
+ host: '%'
+ rights: 'all'
+ - name: 'neutron'
+ password: '${_param:mysql_neutron_password}'
+ host: '${_param:cluster_local_address}'
+ rights: 'all'
diff --git a/system/galera/server/database/nova.yml b/system/galera/server/database/nova.yml
new file mode 100644
index 0000000..619c5df
--- /dev/null
+++ b/system/galera/server/database/nova.yml
@@ -0,0 +1,26 @@
+parameters:
+ mysql:
+ server:
+ database:
+ nova:
+ encoding: utf8
+ users:
+ - name: nova
+ password: ${_param:mysql_nova_password}
+ host: '%'
+ rights: all
+ - name: nova
+ password: ${_param:mysql_nova_password}
+ host: ${_param:cluster_local_address}
+ rights: all
+ nova_api:
+ encoding: utf8
+ users:
+ - name: nova
+ password: ${_param:mysql_nova_password}
+ host: '%'
+ rights: all
+ - name: nova
+ password: ${_param:mysql_nova_password}
+ host: ${_param:cluster_local_address}
+ rights: all
diff --git a/system/glance/control/cluster.yml b/system/glance/control/cluster.yml
new file mode 100644
index 0000000..a552dfc
--- /dev/null
+++ b/system/glance/control/cluster.yml
@@ -0,0 +1,46 @@
+classes:
+- service.glance.control.cluster
+- service.keepalived.cluster.single
+- service.haproxy.proxy.single
+- system.glance.control.storage.glusterfs
+- system.haproxy.proxy.listen.openstack.glance
+parameters:
+ glance:
+ server:
+ enabled: true
+ version: ${_param:glance_version}
+ workers: 8
+ database:
+ engine: mysql
+ host: ${_param:openstack_database_address}
+ port: 3306
+ name: glance
+ user: glance
+ password: ${_param:mysql_glance_password}
+ registry:
+ host: ${_param:cluster_vip_address}
+ port: 9191
+ bind:
+ address: ${_param:cluster_local_address}
+ port: 9292
+ identity:
+ engine: keystone
+ host: ${_param:cluster_vip_address}
+ port: 35357
+ user: glance
+ password: ${_param:keystone_glance_password}
+ region: ${_param:openstack_region}
+ tenant: service
+ message_queue:
+ engine: rabbitmq
+ port: 5672
+ user: openstack
+ password: ${_param:rabbitmq_openstack_password}
+ virtual_host: '/openstack'
+ members:
+ - host: ${_param:openstack_message_queue_node01_address}
+ - host: ${_param:openstack_message_queue_node02_address}
+ - host: ${_param:openstack_message_queue_node03_address}
+ storage:
+ engine: file
+ images: []
\ No newline at end of file
diff --git a/system/glance/control/single.yml b/system/glance/control/single.yml
new file mode 100644
index 0000000..13f4434
--- /dev/null
+++ b/system/glance/control/single.yml
@@ -0,0 +1,7 @@
+classes:
+- service.glance.control.single
+parameters:
+ glance:
+ server:
+ database:
+ host: ${_param:single_address}
diff --git a/system/glance/control/storage/glusterfs.yml b/system/glance/control/storage/glusterfs.yml
new file mode 100644
index 0000000..ae0e84d
--- /dev/null
+++ b/system/glance/control/storage/glusterfs.yml
@@ -0,0 +1,36 @@
+classes:
+- service.glusterfs.server
+- service.glusterfs.client
+parameters:
+ glusterfs:
+ server:
+ peers:
+ - ${_param:cluster_node01_address}
+ - ${_param:cluster_node02_address}
+ - ${_param:cluster_node03_address}
+ volumes:
+ glance:
+ storage: /srv/glusterfs/glance
+ replica: 3
+ bricks:
+ - ${_param:cluster_node01_address}:/srv/glusterfs/glance
+ - ${_param:cluster_node02_address}:/srv/glusterfs/glance
+ - ${_param:cluster_node03_address}:/srv/glusterfs/glance
+ options:
+ cluster.readdir-optimize: On
+ nfs.disable: On
+ network.remote-dio: On
+ diagnostics.client-log-level: WARNING
+ diagnostics.brick-log-level: WARNING
+ client:
+ volumes:
+ glance:
+ path: /var/lib/glance/images
+ server: ${_param:glusterfs_service_host}
+ user: glance
+ group: glance
+ glance:
+ server:
+ storage:
+ engine: file
+ images: []
diff --git a/system/grafana/client/single.yml b/system/grafana/client/single.yml
new file mode 100644
index 0000000..c36d4ff
--- /dev/null
+++ b/system/grafana/client/single.yml
@@ -0,0 +1,23 @@
+classes:
+- service.grafana.client.single
+parameters:
+ grafana:
+ client:
+ enabled: true
+ server:
+ protocol: http
+ host: ${_param:stacklight_monitor_address}
+ port: 3000
+ user: ${_param:grafana_user}
+ password: ${_param:grafana_password}
+ remote_data:
+ engine: 'salt_mine'
+ datasource:
+ lma:
+ type: influxdb
+ host: ${_param:grafana_influxdb_host}
+ port: ${_param:influxdb_port}
+ user: ${_param:influxdb_user}
+ password: ${_param:influxdb_password}
+ database: ${_param:influxdb_database}
+ is_default: true
diff --git a/system/grafana/server/single.yml b/system/grafana/server/single.yml
new file mode 100644
index 0000000..911f32f
--- /dev/null
+++ b/system/grafana/server/single.yml
@@ -0,0 +1,35 @@
+classes:
+- service.grafana.server.single
+parameters:
+ _param:
+ grafana_port: 3000
+ grafana_user: admin
+ grafana_password: admin
+ linux:
+ system:
+ repo:
+ grafana:
+ enabled: true
+ source: 'deb https://packagecloud.io/grafana/stable/debian/ jessie main'
+ key_url: 'https://packagecloud.io/gpg.key'
+ grafana:
+ server:
+ enabled: true
+ bind:
+ address: ${_param:single_address}
+ port: ${_param:grafana_port}
+ database:
+ engine: mysql
+ host: ${_param:openstack_database_address}
+ port: 3306
+ name: grafana
+ user: grafana
+ password: ${_param:mysql_grafana_password}
+ auth:
+ engine: basic
+ admin:
+ user: ${_param:grafana_user}
+ password: ${_param:grafana_password}
+ dashboards:
+ enabled: false
+ path: /var/lib/grafana/dashboards
diff --git a/system/graphite/collector/single.yml b/system/graphite/collector/single.yml
new file mode 100644
index 0000000..5ca5715
--- /dev/null
+++ b/system/graphite/collector/single.yml
@@ -0,0 +1,9 @@
+classes:
+- service.memcached.server.local
+- service.graphite.collector.single
+parameters:
+ _param:
+ rabbitmq_monitor_password: password
+ carbon:
+ relay:
+ enabled: false
diff --git a/system/graphite/server/single.yml b/system/graphite/server/single.yml
new file mode 100644
index 0000000..b6d507a
--- /dev/null
+++ b/system/graphite/server/single.yml
@@ -0,0 +1,40 @@
+classes:
+- service.memcached.server.local
+- service.postgresql.server.local
+- service.graphite.server.single
+- service.apache.server.single
+- service.supervisor.server.single
+parameters:
+ _param:
+ graphite_secret_key: secret
+ postgresql_graphite_password: password
+ apache2_site_graphite_host: ${_param:single_address}
+ rabbitmq_graphite_password: password
+ rabbitmq_monitor_password: password
+ rabbitmq_admin_password: password
+ rabbitmq_secret_key: password
+ apache:
+ server:
+ modules:
+ - wsgi
+ site:
+ graphite_server:
+ enabled: true
+ type: graphite
+ name: server
+ host:
+ name: ${_param:apache2_site_graphite_host}
+ postgresql:
+ server:
+ database:
+ graphite:
+ encoding: UTF8
+ locale: cs_CZ
+ users:
+ - name: graphite
+ password: ${_param:postgresql_graphite_password}
+ host: 127.0.0.1
+ rights: all privileges
+ supervisor:
+ server:
+ enabled: false
diff --git a/system/haproxy/proxy/listen/elasticsearch.yml b/system/haproxy/proxy/listen/elasticsearch.yml
new file mode 100644
index 0000000..cb1a8e5
--- /dev/null
+++ b/system/haproxy/proxy/listen/elasticsearch.yml
@@ -0,0 +1,29 @@
+parameters:
+ haproxy:
+ proxy:
+ listen:
+ elasticsearch:
+ mode: http
+ service_name: elasticsearch
+ options:
+ - forwardfor
+ - httpchk
+ - httpclose
+ - httplog
+ balance: roundrobin
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 9200
+ servers:
+ - name: ${_param:cluster_node01_hostname}
+ host: ${_param:cluster_node01_address}
+ port: 9200
+ params: check
+ - name: ${_param:cluster_node02_hostname}
+ host: ${_param:cluster_node02_address}
+ port: 9200
+ params: check
+ - name: ${_param:cluster_node03_hostname}
+ host: ${_param:cluster_node03_address}
+ port: 9200
+ params: check
diff --git a/system/haproxy/proxy/listen/kibana.yml b/system/haproxy/proxy/listen/kibana.yml
new file mode 100644
index 0000000..a2180cb
--- /dev/null
+++ b/system/haproxy/proxy/listen/kibana.yml
@@ -0,0 +1,29 @@
+parameters:
+ haproxy:
+ proxy:
+ listen:
+ kibana:
+ mode: http
+ service_name: kibana
+ options:
+ - forwardfor
+# - httpchk
+ - httpclose
+ - httplog
+ balance: source
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 80
+ servers:
+ - name: ${_param:cluster_node01_hostname}
+ host: ${_param:cluster_node01_address}
+ port: 5601
+ params: check
+ - name: ${_param:cluster_node02_hostname}
+ host: ${_param:cluster_node02_address}
+ port: 5601
+ params: check
+ - name: ${_param:cluster_node03_hostname}
+ host: ${_param:cluster_node03_address}
+ port: 5601
+ params: check
diff --git a/system/haproxy/proxy/listen/logging.yml b/system/haproxy/proxy/listen/logging.yml
new file mode 100644
index 0000000..48a4b5c
--- /dev/null
+++ b/system/haproxy/proxy/listen/logging.yml
@@ -0,0 +1,6 @@
+classes:
+ - service.haproxy.proxy.single
+ - service.haproxy.proxy.stats
+ # Services
+ - system.haproxy.proxy._kibana
+ - system.haproxy.proxy._elasticsearch
diff --git a/system/haproxy/proxy/listen/monitoring.yml b/system/haproxy/proxy/listen/monitoring.yml
new file mode 100644
index 0000000..a59d84a
--- /dev/null
+++ b/system/haproxy/proxy/listen/monitoring.yml
@@ -0,0 +1,8 @@
+classes:
+ - service.haproxy.proxy.single
+ - service.haproxy.proxy.stats
+ # Services
+ - system.haproxy.proxy._rabbitmq
+ - system.haproxy.proxy._uchiwa
+ - system.haproxy.proxy._sensu
+ - system.haproxy.proxy._redis
diff --git a/system/haproxy/proxy/listen/opencontrail/analytics.yml b/system/haproxy/proxy/listen/opencontrail/analytics.yml
new file mode 100644
index 0000000..6ed6841
--- /dev/null
+++ b/system/haproxy/proxy/listen/opencontrail/analytics.yml
@@ -0,0 +1,50 @@
+parameters:
+ haproxy:
+ proxy:
+ listen:
+ contrail_analytics:
+ type: contrail-analytics
+ service_name: contrail
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 8081
+ servers:
+ - name: nal01
+ host: ${_param:cluster_node01_address}
+ port: 9081
+ params: check inter 2000 rise 2 fall 3
+ - name: nal02
+ host: ${_param:cluster_node02_address}
+ port: 9081
+ params: check inter 2000 rise 2 fall 3
+ - name: nal03
+ host: ${_param:cluster_node03_address}
+ port: 9081
+ params: check inter 2000 rise 2 fall 3
+ contrail_config_stats:
+ type: contrail-config
+ service_name: contrail
+ format: listen
+ binds:
+ - address: '*'
+ port: 5937
+ user: haproxy
+ password: ${_param:opencontrail_stats_password}
+ contrail_openstack_stats:
+ type: contrail-config
+ service_name: contrail
+ format: listen
+ binds:
+ - address: '*'
+ port: 5936
+ user: haproxy
+ password: ${_param:opencontrail_stats_password}
+ contrail_collector_stats:
+ type: contrail-config
+ service_name: contrail
+ format: listen
+ binds:
+ - address: '*'
+ port: 5938
+ user: haproxy
+ password: ${_param:opencontrail_stats_password}
diff --git a/system/haproxy/proxy/listen/opencontrail/control.yml b/system/haproxy/proxy/listen/opencontrail/control.yml
new file mode 100644
index 0000000..431626a
--- /dev/null
+++ b/system/haproxy/proxy/listen/opencontrail/control.yml
@@ -0,0 +1,70 @@
+parameters:
+ haproxy:
+ proxy:
+ listen:
+ contrail_api:
+ type: contrail-api
+ service_name: contrail
+ check: false
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 8082
+ servers:
+ - name: ntw01
+ host: ${_param:cluster_node01_address}
+ port: 9100
+ params: check inter 2000 rise 2 fall 3
+ - name: ntw02
+ host: ${_param:cluster_node02_address}
+ port: 9100
+ params: check inter 2000 rise 2 fall 3
+ - name: ntw03
+ host: ${_param:cluster_node03_address}
+ port: 9100
+ params: check inter 2000 rise 2 fall 3
+ contrail_discovery:
+ type: contrail-api
+ service_name: contrail
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 5998
+ servers:
+ - name: ntw01
+ host: ${_param:cluster_node01_address}
+ port: 9110
+ params: check inter 2000 rise 2 fall 3
+ - name: ntw02
+ host: ${_param:cluster_node02_address}
+ port: 9110
+ params: check inter 2000 rise 2 fall 3
+ - name: ntw03
+ host: ${_param:cluster_node03_address}
+ port: 9110
+ params: check inter 2000 rise 2 fall 3
+ contrail_config_stats:
+ type: contrail-config
+ service_name: contrail
+ format: listen
+ binds:
+ - address: '*'
+ port: 5937
+ user: haproxy
+ password: ${_param:opencontrail_stats_password}
+ contrail_openstack_stats:
+ type: contrail-config
+ service_name: contrail
+ format: listen
+ binds:
+ - address: '*'
+ port: 5936
+ user: haproxy
+ password: ${_param:opencontrail_stats_password}
+ contrail_collector_stats:
+ type: contrail-config
+ service_name: contrail
+ format: listen
+ binds:
+ - address: '*'
+ port: 5938
+ user: haproxy
+ password: ${_param:opencontrail_stats_password}
diff --git a/system/haproxy/proxy/listen/openstack/cinder.yml b/system/haproxy/proxy/listen/openstack/cinder.yml
new file mode 100644
index 0000000..a693e6e
--- /dev/null
+++ b/system/haproxy/proxy/listen/openstack/cinder.yml
@@ -0,0 +1,23 @@
+parameters:
+ haproxy:
+ proxy:
+ listen:
+ cinder_api:
+ type: openstack-service
+ service_name: cinder
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 8776
+ servers:
+ - name: ctl01
+ host: ${_param:cluster_node01_address}
+ port: 8776
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ctl02
+ host: ${_param:cluster_node02_address}
+ port: 8776
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ctl03
+ host: ${_param:cluster_node03_address}
+ port: 8776
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
\ No newline at end of file
diff --git a/system/haproxy/proxy/listen/openstack/galera.yml b/system/haproxy/proxy/listen/openstack/galera.yml
new file mode 100644
index 0000000..56182d6
--- /dev/null
+++ b/system/haproxy/proxy/listen/openstack/galera.yml
@@ -0,0 +1,23 @@
+parameters:
+ haproxy:
+ proxy:
+ listen:
+ mysql_cluster:
+ type: mysql
+ service_name: mysql
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 3306
+ servers:
+ - name: ${_param:cluster_node01_hostname}
+ host: ${_param:cluster_node01_address}
+ port: 3306
+ params: check
+ - name: ${_param:cluster_node02_hostname}
+ host: ${_param:cluster_node02_address}
+ port: 3306
+ params: backup check
+ - name: ${_param:cluster_node03_hostname}
+ host: ${_param:cluster_node03_address}
+ port: 3306
+ params: backup check
\ No newline at end of file
diff --git a/system/haproxy/proxy/listen/openstack/glance.yml b/system/haproxy/proxy/listen/openstack/glance.yml
new file mode 100644
index 0000000..d8795c3
--- /dev/null
+++ b/system/haproxy/proxy/listen/openstack/glance.yml
@@ -0,0 +1,43 @@
+parameters:
+ haproxy:
+ proxy:
+ listen:
+ glance_api:
+ type: openstack-service
+ service_name: glance
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 9292
+ servers:
+ - name: ctl01
+ host: ${_param:cluster_node01_address}
+ port: 9292
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ctl02
+ host: ${_param:cluster_node02_address}
+ port: 9292
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ctl03
+ host: ${_param:cluster_node03_address}
+ port: 9292
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ glance_registry_api:
+ type: general-service
+ service_name: glance
+ check: false
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 9191
+ servers:
+ - name: ctl01
+ host: ${_param:cluster_node01_address}
+ port: 9191
+ params: check
+ - name: ctl02
+ host: ${_param:cluster_node02_address}
+ port: 9191
+ params: check
+ - name: ctl03
+ host: ${_param:cluster_node03_address}
+ port: 9191
+ params: check
diff --git a/system/haproxy/proxy/listen/openstack/heat.yml b/system/haproxy/proxy/listen/openstack/heat.yml
new file mode 100644
index 0000000..440a018
--- /dev/null
+++ b/system/haproxy/proxy/listen/openstack/heat.yml
@@ -0,0 +1,61 @@
+parameters:
+ haproxy:
+ proxy:
+ listen:
+ heat_cloudwatch_api:
+ type: openstack-service
+ service_name: heat
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 8000
+ servers:
+ - name: ctl01
+ host: ${_param:cluster_node01_address}
+ port: 8000
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ctl02
+ host: ${_param:cluster_node02_address}
+ port: 8000
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ctl03
+ host: ${_param:cluster_node03_address}
+ port: 8000
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ heat_api:
+ type: openstack-service
+ service_name: heat
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 8004
+ servers:
+ - name: ctl01
+ host: ${_param:cluster_node01_address}
+ port: 8004
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ctl02
+ host: ${_param:cluster_node02_address}
+ port: 8004
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ctl03
+ host: ${_param:cluster_node03_address}
+ port: 8004
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ heat_cfn_api:
+ type: openstack-service
+ service_name: heat
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 8003
+ servers:
+ - name: ctl01
+ host: ${_param:cluster_node01_address}
+ port: 8003
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ctl02
+ host: ${_param:cluster_node02_address}
+ port: 8003
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ctl03
+ host: ${_param:cluster_node03_address}
+ port: 8003
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
\ No newline at end of file
diff --git a/system/haproxy/proxy/listen/openstack/horizon.yml b/system/haproxy/proxy/listen/openstack/horizon.yml
new file mode 100644
index 0000000..9bf838c
--- /dev/null
+++ b/system/haproxy/proxy/listen/openstack/horizon.yml
@@ -0,0 +1,23 @@
+parameters:
+ haproxy:
+ proxy:
+ listen:
+ horizon_web:
+ type: general-service
+ check: false
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 8078
+ servers:
+ - name: ctl01
+ host: ${_param:cluster_node01_address}
+ port: 8078
+ params: check
+ - name: ctl02
+ host: ${_param:cluster_node02_address}
+ port: 8078
+ params: check
+ - name: ctl03
+ host: ${_param:cluster_node03_address}
+ port: 8078
+ params: check
\ No newline at end of file
diff --git a/system/haproxy/proxy/listen/openstack/keystone.yml b/system/haproxy/proxy/listen/openstack/keystone.yml
new file mode 100644
index 0000000..17e537e
--- /dev/null
+++ b/system/haproxy/proxy/listen/openstack/keystone.yml
@@ -0,0 +1,42 @@
+parameters:
+ haproxy:
+ proxy:
+ listen:
+ keystone_public_api:
+ type: openstack-service
+ service_name: keystone
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 5000
+ servers:
+ - name: ctl01
+ host: ${_param:cluster_node01_address}
+ port: 5000
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ctl02
+ host: ${_param:cluster_node02_address}
+ port: 5000
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ctl03
+ host: ${_param:cluster_node03_address}
+ port: 5000
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ keystone_admin_api:
+ type: openstack-service
+ service_name: keystone
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 35357
+ servers:
+ - name: ctl01
+ host: ${_param:cluster_node01_address}
+ port: 35357
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ctl02
+ host: ${_param:cluster_node02_address}
+ port: 35357
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ctl03
+ host: ${_param:cluster_node03_address}
+ port: 35357
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
\ No newline at end of file
diff --git a/system/haproxy/proxy/listen/openstack/neutron.yml b/system/haproxy/proxy/listen/openstack/neutron.yml
new file mode 100644
index 0000000..1f8b4d5
--- /dev/null
+++ b/system/haproxy/proxy/listen/openstack/neutron.yml
@@ -0,0 +1,23 @@
+parameters:
+ haproxy:
+ proxy:
+ listen:
+ neutron_api:
+ type: openstack-service
+ service_name: neutron
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 9696
+ servers:
+ - name: ctl01
+ host: ${_param:cluster_node01_address}
+ port: 9696
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ctl02
+ host: ${_param:cluster_node02_address}
+ port: 9696
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ctl03
+ host: ${_param:cluster_node03_address}
+ port: 9696
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
\ No newline at end of file
diff --git a/system/haproxy/proxy/listen/openstack/nova.yml b/system/haproxy/proxy/listen/openstack/nova.yml
new file mode 100644
index 0000000..3865a82
--- /dev/null
+++ b/system/haproxy/proxy/listen/openstack/nova.yml
@@ -0,0 +1,61 @@
+parameters:
+ haproxy:
+ proxy:
+ listen:
+ nova_ec2_api:
+ type: general-service
+ service_name: nova
+ check: false
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 8773
+ servers:
+ - name: ctl01
+ host: ${_param:cluster_node01_address}
+ port: 8773
+ params: check
+ - name: ctl02
+ host: ${_param:cluster_node02_address}
+ port: 8773
+ params: check
+ - name: ctl03
+ host: ${_param:cluster_node03_address}
+ port: 8773
+ params: check
+ nova_api:
+ type: openstack-service
+ service_name: nova
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 8774
+ servers:
+ - name: ctl01
+ host: ${_param:cluster_node01_address}
+ port: 8774
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ctl02
+ host: ${_param:cluster_node02_address}
+ port: 8774
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ctl03
+ host: ${_param:cluster_node03_address}
+ port: 8774
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ nova_metadata_api:
+ type: openstack-service
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 8775
+ servers:
+ - name: ctl01
+ host: ${_param:cluster_node01_address}
+ port: 8775
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ctl02
+ host: ${_param:cluster_node02_address}
+ port: 8775
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ctl03
+ host: ${_param:cluster_node03_address}
+ port: 8775
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
diff --git a/system/haproxy/proxy/listen/rabbitmq.yml b/system/haproxy/proxy/listen/rabbitmq.yml
new file mode 100644
index 0000000..83992dd
--- /dev/null
+++ b/system/haproxy/proxy/listen/rabbitmq.yml
@@ -0,0 +1,34 @@
+parameters:
+ haproxy:
+ proxy:
+ listen:
+ rabbitmq:
+ type: rabbitmq
+ service_name: rabbitmq
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 5672
+ servers:
+ - name: ${_param:cluster_node01_hostname}
+ host: ${_param:cluster_node01_address}
+ port: 5672
+ params: check
+ - name: ${_param:cluster_node02_hostname}
+ host: ${_param:cluster_node02_address}
+ port: 5672
+ params: backup check
+ rabbitmq_management:
+ type: rabbitmq
+ service_name: rabbitmq
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 15672
+ servers:
+ - name: ${_param:cluster_node01_hostname}
+ host: ${_param:cluster_node01_address}
+ port: 15672
+ params: check
+ - name: ${_param:cluster_node02_hostname}
+ host: ${_param:cluster_node02_address}
+ port: 15672
+ params: backup check
diff --git a/system/haproxy/proxy/listen/redis.yml b/system/haproxy/proxy/listen/redis.yml
new file mode 100644
index 0000000..fc46953
--- /dev/null
+++ b/system/haproxy/proxy/listen/redis.yml
@@ -0,0 +1,20 @@
+parameters:
+ haproxy:
+ proxy:
+ listen:
+ redis:
+ mode: tcp
+ service_name: redis
+ balance: source
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 6379
+ servers:
+ - name: ${_param:cluster_node01_hostname}
+ host: ${_param:cluster_node01_address}
+ port: 6379
+ params: check
+ - name: ${_param:cluster_node02_hostname}
+ host: ${_param:cluster_node02_address}
+ port: 6379
+ params: backup check
diff --git a/system/haproxy/proxy/listen/sensu.yml b/system/haproxy/proxy/listen/sensu.yml
new file mode 100644
index 0000000..739916c
--- /dev/null
+++ b/system/haproxy/proxy/listen/sensu.yml
@@ -0,0 +1,24 @@
+parameters:
+ haproxy:
+ proxy:
+ listen:
+ sensu:
+ mode: http
+ options:
+ - forwardfor
+ - httpchk
+ - httpclose
+ - httplog
+ balance: source
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 4567
+ servers:
+ - name: ${_param:cluster_node01_hostname}
+ host: ${_param:cluster_node01_address}
+ port: 4567
+ params: check
+ - name: ${_param:cluster_node02_hostname}
+ host: ${_param:cluster_node02_address}
+ port: 4567
+ params: backup check
diff --git a/system/haproxy/proxy/listen/stacklight/elasticsearch.yml b/system/haproxy/proxy/listen/stacklight/elasticsearch.yml
new file mode 100644
index 0000000..531d647
--- /dev/null
+++ b/system/haproxy/proxy/listen/stacklight/elasticsearch.yml
@@ -0,0 +1,28 @@
+parameters:
+ haproxy:
+ proxy:
+ listen:
+ elasticsearch:
+ mode: http
+ options:
+ - httplog
+ - http-keep-alive
+ - prefer-last-server
+ - dontlog-normal
+ balance: roundrobin
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 9200
+ servers:
+ - name: ${_param:cluster_node01_hostname}
+ host: ${_param:cluster_node01_address}
+ port: 9200
+ params: 'check inter 10s fastinter 2s downinter 3s rise 3 fall 3'
+ - name: ${_param:cluster_node02_hostname}
+ host: ${_param:cluster_node02_address}
+ port: 9200
+ params: 'check inter 10s fastinter 2s downinter 3s rise 3 fall 3'
+ - name: ${_param:cluster_node03_hostname}
+ host: ${_param:cluster_node03_address}
+ port: 9200
+ params: 'check inter 10s fastinter 2s downinter 3s rise 3 fall 3'
diff --git a/system/haproxy/proxy/listen/stacklight/grafana.yml b/system/haproxy/proxy/listen/stacklight/grafana.yml
new file mode 100644
index 0000000..3f59ce2
--- /dev/null
+++ b/system/haproxy/proxy/listen/stacklight/grafana.yml
@@ -0,0 +1,26 @@
+parameters:
+ haproxy:
+ proxy:
+ listen:
+ grafana:
+ mode: http
+ options:
+ - httplog
+ - dontlog-normal
+ balance: source
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: ${_param:cluster_grafana_port}
+ servers:
+ - name: ${_param:cluster_node01_hostname}
+ host: ${_param:cluster_node01_address}
+ port: 3000
+ params: 'check'
+ - name: ${_param:cluster_node02_hostname}
+ host: ${_param:cluster_node02_address}
+ port: 3000
+ params: 'check'
+ - name: ${_param:cluster_node03_hostname}
+ host: ${_param:cluster_node03_address}
+ port: 3000
+ params: 'check'
diff --git a/system/haproxy/proxy/listen/stacklight/kibana.yml b/system/haproxy/proxy/listen/stacklight/kibana.yml
new file mode 100644
index 0000000..e92e38a
--- /dev/null
+++ b/system/haproxy/proxy/listen/stacklight/kibana.yml
@@ -0,0 +1,28 @@
+parameters:
+ haproxy:
+ proxy:
+ listen:
+ kibana:
+ mode: http
+ options:
+ - httplog
+ - http-keep-alive
+ - prefer-last-server
+ - dontlog-normal
+ balance: roundrobin
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 5601
+ servers:
+ - name: ${_param:cluster_node01_hostname}
+ host: ${_param:cluster_node01_address}
+ port: 5601
+ params: 'check inter 10s fastinter 2s downinter 3s rise 3 fall 3'
+ - name: ${_param:cluster_node02_hostname}
+ host: ${_param:cluster_node02_address}
+ port: 5601
+ params: 'check inter 10s fastinter 2s downinter 3s rise 3 fall 3'
+ - name: ${_param:cluster_node03_hostname}
+ host: ${_param:cluster_node03_address}
+ port: 5601
+ params: 'check inter 10s fastinter 2s downinter 3s rise 3 fall 3'
diff --git a/system/haproxy/proxy/listen/uchiwa.yml b/system/haproxy/proxy/listen/uchiwa.yml
new file mode 100644
index 0000000..1f25bc4
--- /dev/null
+++ b/system/haproxy/proxy/listen/uchiwa.yml
@@ -0,0 +1,24 @@
+parameters:
+ haproxy:
+ proxy:
+ listen:
+ uchiwa:
+ mode: http
+ options:
+ - forwardfor
+ - httpchk
+ - httpclose
+ - httplog
+ balance: source
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 80
+ servers:
+ - name: ${_param:cluster_node01_hostname}
+ host: ${_param:cluster_node01_address}
+ port: 3000
+ params: check
+ - name: ${_param:cluster_node02_hostname}
+ host: ${_param:cluster_node02_address}
+ port: 3000
+ params: check
diff --git a/system/haproxy/proxy/single.yml b/system/haproxy/proxy/single.yml
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/system/haproxy/proxy/single.yml
diff --git a/system/heat/server/cluster.yml b/system/heat/server/cluster.yml
new file mode 100644
index 0000000..43b1ba3
--- /dev/null
+++ b/system/heat/server/cluster.yml
@@ -0,0 +1,55 @@
+classes:
+- service.heat.server.cluster
+- service.haproxy.proxy.single
+- service.keepalived.cluster.single
+- system.haproxy.proxy.listen.openstack.heat
+parameters:
+ heat:
+ server:
+ stack_domain_admin:
+ name: heat_domain_admin
+ password: ${_param:heat_domain_admin_password}
+ domain: heat
+ enabled: true
+ region: RegionOne
+ version: ${_param:heat_version}
+ bind:
+ api_cfn:
+ address: ${_param:cluster_local_address}
+ api_cloudwatch:
+ address: ${_param:cluster_local_address}
+ api:
+ address: ${_param:cluster_local_address}
+ database:
+ engine: mysql
+ host: ${_param:openstack_database_address}
+ port: 3306
+ name: heat
+ user: heat
+ password: ${_param:mysql_heat_password}
+ metadata:
+ host: ${_param:cluster_vip_address}
+ port: 8000
+ waitcondition:
+ host: ${_param:cluster_vip_address}
+ port: 8000
+ watch:
+ host: ${_param:cluster_vip_address}
+ port: 8003
+ identity:
+ engine: keystone
+ host: ${_param:cluster_vip_address}
+ port: 35357
+ tenant: service
+ user: heat
+ password: ${_param:keystone_heat_password}
+ message_queue:
+ engine: rabbitmq
+ port: 5672
+ user: openstack
+ password: ${_param:rabbitmq_openstack_password}
+ virtual_host: '/openstack'
+ members:
+ - host: ${_param:openstack_message_queue_node01_address}
+ - host: ${_param:openstack_message_queue_node02_address}
+ - host: ${_param:openstack_message_queue_node03_address}
\ No newline at end of file
diff --git a/system/heat/server/single.yml b/system/heat/server/single.yml
new file mode 100644
index 0000000..3c4b5f3
--- /dev/null
+++ b/system/heat/server/single.yml
@@ -0,0 +1,10 @@
+classes:
+- service.heat.server.single
+parameters:
+ heat:
+ server:
+ notification: true
+ stack_domain_admin:
+ name: heat_domain_admin
+ password: ${_param:heat_domain_admin_password}
+ domain: heat
diff --git a/system/heka/aggregator/cluster.yml b/system/heka/aggregator/cluster.yml
new file mode 100644
index 0000000..e2ee129
--- /dev/null
+++ b/system/heka/aggregator/cluster.yml
@@ -0,0 +1,30 @@
+classes:
+- service.heka.aggregator.cluster
+parameters:
+ _param:
+ nagios_default_host_alarm_clusters: 00-clusters
+ nagios_host_dimension_key: nagios_host
+ heka:
+ aggregator:
+ influxdb_host: ${_param:heka_influxdb_host}
+ influxdb_port: ${_param:influxdb_port}
+ influxdb_database: ${_param:influxdb_database}
+ influxdb_username: ${_param:influxdb_user}
+ influxdb_password: ${_param:influxdb_password}
+ nagios_host: ${_param:nagios_host}
+ nagios_username: ${_param:nagios_username}
+ nagios_password: ${_param:nagios_password}
+ nagios_port: ${_param:nagios_status_port}
+ nagios_default_host_alarm_clusters: ${_param:nagios_default_host_alarm_clusters}
+ nagios_host_dimension_key: ${_param:nagios_host_dimension_key}
+ keepalived:
+ cluster:
+ instance:
+ stacklight_monitor_vip:
+ notify_action:
+ master:
+ - service aggregator start
+ backup:
+ - service aggregator stop
+ fault:
+ - service aggregator stop
diff --git a/system/heka/aggregator/single.yml b/system/heka/aggregator/single.yml
new file mode 100644
index 0000000..c252bd6
--- /dev/null
+++ b/system/heka/aggregator/single.yml
@@ -0,0 +1,19 @@
+classes:
+- service.heka.aggregator.single
+parameters:
+ _param:
+ nagios_default_host_alarm_clusters: 00-clusters
+ nagios_host_dimension_key: nagios_host
+ heka:
+ aggregator:
+ influxdb_host: ${_param:heka_influxdb_host}
+ influxdb_port: ${_param:influxdb_port}
+ influxdb_database: ${_param:influxdb_database}
+ influxdb_username: ${_param:influxdb_user}
+ influxdb_password: ${_param:influxdb_password}
+ nagios_host: ${_param:nagios_host}
+ nagios_username: ${_param:nagios_username}
+ nagios_password: ${_param:nagios_password}
+ nagios_port: ${_param:nagios_status_port}
+ nagios_default_host_alarm_clusters: ${_param:nagios_default_host_alarm_clusters}
+ nagios_host_dimension_key: ${_param:nagios_host_dimension_key}
diff --git a/system/heka/alarm/openstack_compute.yml b/system/heka/alarm/openstack_compute.yml
new file mode 100644
index 0000000..d4fda7d
--- /dev/null
+++ b/system/heka/alarm/openstack_compute.yml
@@ -0,0 +1,90 @@
+parameters:
+ heka:
+ metric_collector:
+ trigger:
+ # Override the linux_system_cpu_critical and linux_system_cpu_warning
+ # triggers to use specific rules on control nodes
+ linux_system_cpu_critical:
+ description: 'The CPU usage is too high (compute node)'
+ severity: critical
+ rules:
+ - metric: cpu_wait
+ relational_operator: '>='
+ threshold: 30
+ window: 120
+ periods: 0
+ function: avg
+ linux_system_cpu_warning:
+ description: 'The CPU usage is high (compute node)'
+ severity: 'warning'
+ enabled: 'true'
+ rules:
+ - metric: cpu_wait
+ relational_operator: '>='
+ threshold: 20
+ window: 120
+ periods: 0
+ function: avg
+ alarm:
+ # Tag all the system alarm metrics with "node_role: compute". This
+ # to be able to create an alarm cluster for compute nodes.
+ linux_system_cpu:
+ alerting: enabled
+ triggers:
+ - linux_system_cpu_critical
+ - linux_system_cpu_warning
+ dimension:
+ node_role: compute
+ linux_system_swap:
+ alerting: enabled
+ triggers:
+ - linux_system_swap_usage_critical
+ - linux_system_swap_activity_warning
+ - linux_system_swap_usage_warning
+ dimension:
+ node_role: compute
+ linux_system_root_fs:
+ alerting: enabled
+ triggers:
+ - linux_system_root_fs_critical
+ - linux_system_root_fs_warning
+ dimension:
+ node_role: compute
+ linux_system_network_rx:
+ alerting: enabled
+ triggers:
+ - linux_system_network_critical_dropped_rx
+ - linux_system_network_warning_dropped_rx
+ dimension:
+ node_role: compute
+ linux_system_network_tx:
+ alerting: enabled
+ triggers:
+ - linux_system_network_critical_dropped_tx
+ - linux_system_network_warning_dropped_tx
+ dimension:
+ node_role: compute
+ linux_system_hdd_errors:
+ alerting: enabled_with_notification
+ triggers:
+ - linux_system_hdd_errors_critical
+ dimension:
+ node_role: compute
+ aggregator:
+ alarm_cluster:
+ compute_nodes:
+ policy: majority_of_members
+ alerting: enabled_with_notification
+ group_by: hostname
+ match:
+ node_role: compute
+ members:
+ - linux_system_cpu
+ - linux_system_swap
+ - linux_system_root_fs
+ - linux_system_network_rx
+ - linux_system_network_tx
+ - linux_system_hdd_errors
+ dimension:
+ cluster_name: compute
+ nagios_host: 01-node-clusters
diff --git a/system/heka/alarm/openstack_control.yml b/system/heka/alarm/openstack_control.yml
new file mode 100644
index 0000000..7dcb331
--- /dev/null
+++ b/system/heka/alarm/openstack_control.yml
@@ -0,0 +1,102 @@
+parameters:
+ heka:
+ metric_collector:
+ trigger:
+ # Override the linux_system_cpu_critical and linux_system_cpu_warning
+ # triggers to use specific rules on control nodes
+ linux_system_cpu_critical:
+ description: 'The CPU usage is too high (controller node)'
+ severity: critical
+ rules:
+ - metric: cpu_idle
+ relational_operator: '<='
+ threshold: 5
+ window: 120
+ periods: 0
+ function: avg
+ - metric: cpu_wait
+ relational_operator: '>='
+ threshold: 35
+ window: 120
+ periods: 0
+ function: avg
+ linux_system_cpu_warning:
+ description: 'The CPU usage is high (controller node)'
+ severity: 'warning'
+ enabled: 'true'
+ rules:
+ - metric: cpu_idle
+ relational_operator: '<='
+ threshold: 15
+ window: 120
+ periods: 0
+ function: avg
+ - metric: cpu_wait
+ relational_operator: '>='
+ threshold: 25
+ window: 120
+ periods: 0
+ function: avg
+ alarm:
+ # Tag all the system alarm metrics with "node_role: control". This
+ # to be able to create an alarm cluster for control nodes.
+ linux_system_cpu:
+ alerting: enabled
+ triggers:
+ - linux_system_cpu_critical
+ - linux_system_cpu_warning
+ dimension:
+ node_role: control
+ linux_system_swap:
+ alerting: enabled
+ triggers:
+ - linux_system_swap_usage_critical
+ - linux_system_swap_activity_warning
+ - linux_system_swap_usage_warning
+ dimension:
+ node_role: control
+ linux_system_root_fs:
+ alerting: enabled
+ triggers:
+ - linux_system_root_fs_critical
+ - linux_system_root_fs_warning
+ dimension:
+ node_role: control
+ linux_system_network_rx:
+ alerting: enabled
+ triggers:
+ - linux_system_network_critical_dropped_rx
+ - linux_system_network_warning_dropped_rx
+ dimension:
+ node_role: control
+ linux_system_network_tx:
+ alerting: enabled
+ triggers:
+ - linux_system_network_critical_dropped_tx
+ - linux_system_network_warning_dropped_tx
+ dimension:
+ node_role: control
+ linux_system_hdd_errors:
+ alerting: enabled_with_notification
+ triggers:
+ - linux_system_hdd_errors_critical
+ dimension:
+ node_role: control
+ aggregator:
+ alarm_cluster:
+ control_nodes:
+ policy: majority_of_members
+ alerting: enabled_with_notification
+ group_by: hostname
+ match:
+ node_role: control
+ members:
+ - linux_system_cpu
+ - linux_system_swap
+ - linux_system_root_fs
+ - linux_system_network_rx
+ - linux_system_network_tx
+ - linux_system_hdd_errors
+ dimension:
+ cluster_name: control
+ nagios_host: 01-node-clusters
diff --git a/system/heka/log_collector/single.yml b/system/heka/log_collector/single.yml
new file mode 100644
index 0000000..73463e4
--- /dev/null
+++ b/system/heka/log_collector/single.yml
@@ -0,0 +1,7 @@
+classes:
+- service.heka.log_collector.single
+parameters:
+ heka:
+ log_collector:
+ elasticsearch_host: ${_param:heka_elasticsearch_host}
+ elasticsearch_port: 9200
diff --git a/system/heka/metric_collector/single.yml b/system/heka/metric_collector/single.yml
new file mode 100644
index 0000000..960d271
--- /dev/null
+++ b/system/heka/metric_collector/single.yml
@@ -0,0 +1,17 @@
+classes:
+- service.heka.metric_collector.single
+parameters:
+ heka:
+ metric_collector:
+ aggregator_host: ${_param:stacklight_monitor_address}
+ aggregator_port: ${_param:aggregator_port}
+ influxdb_database: lma
+ influxdb_host: ${_param:heka_influxdb_host}
+ influxdb_password: ${_param:influxdb_stacklight_password}
+ influxdb_port: 8086
+ influxdb_time_precision: ms
+ influxdb_username: lma
+ nagios_host: ${_param:nagios_host}
+ nagios_username: ${_param:nagios_username}
+ nagios_password: ${_param:nagios_password}
+ nagios_port: ${_param:nagios_status_port}
diff --git a/system/heka/remote_collector/cluster.yml b/system/heka/remote_collector/cluster.yml
new file mode 100644
index 0000000..f3344c4
--- /dev/null
+++ b/system/heka/remote_collector/cluster.yml
@@ -0,0 +1,23 @@
+classes:
+- service.heka.remote_collector.cluster
+parameters:
+ heka:
+ remote_collector:
+ influxdb_host: ${_param:heka_influxdb_host}
+ influxdb_port: ${_param:influxdb_port}
+ influxdb_database: ${_param:influxdb_database}
+ influxdb_username: ${_param:influxdb_user}
+ influxdb_password: ${_param:influxdb_password}
+ aggregator_host: ${_param:heka_aggregator_host}
+ aggregator_port: ${_param:aggregator_port}
+ keepalived:
+ cluster:
+ instance:
+ stacklight_monitor_vip:
+ notify_action:
+ master:
+ - service remote_collector start
+ backup:
+ - service remote_collector stop
+ fault:
+ - service remote_collector stop
diff --git a/system/heka/remote_collector/single.yml b/system/heka/remote_collector/single.yml
new file mode 100644
index 0000000..df33055
--- /dev/null
+++ b/system/heka/remote_collector/single.yml
@@ -0,0 +1,12 @@
+classes:
+- service.heka.remote_collector.single
+parameters:
+ heka:
+ remote_collector:
+ influxdb_host: ${_param:heka_influxdb_host}
+ influxdb_port: ${_param:influxdb_port}
+ influxdb_database: ${_param:influxdb_database}
+ influxdb_username: ${_param:influxdb_user}
+ influxdb_password: ${_param:influxdb_password}
+ aggregator_host: ${_param:heka_aggregator_host}
+ aggregator_port: ${_param:aggregator_port}
diff --git a/system/heka/router/single.yml b/system/heka/router/single.yml
new file mode 100644
index 0000000..8801e42
--- /dev/null
+++ b/system/heka/router/single.yml
@@ -0,0 +1,27 @@
+classes:
+- service.rabbitmq.server.single
+- service.heka.server.amqp.router
+parameters:
+ _param:
+ heka_router_input_exchange: heka
+ heka_router_input_host: ${_param:heka_amqp_host}
+ heka_router_input_password: ${_param:heka_amqp_password}
+ heka_router_input_vhost: log
+ heka_router_input_user: log
+ heka_router_output_host: ${_param:heka_elasticsearch_host}
+ heka_router_prefetch_count: 20
+ rabbitmq_secret_key: secret_key
+ rabbitmq_admin_name: admin
+ rabbitmq_admin_password: workshoplearning42
+ kibana_elasticsearch_host: localhost
+ heka:
+ shipper:
+ enabled: false
+ rabbitmq:
+ server:
+ host:
+ 'log':
+ enabled: true
+ user: log
+ password: ${_param:heka_amqp_password}
+
diff --git a/system/heka/shipper/single.yml b/system/heka/shipper/single.yml
new file mode 100644
index 0000000..0aee02c
--- /dev/null
+++ b/system/heka/shipper/single.yml
@@ -0,0 +1,10 @@
+classes:
+- service.heka.server.amqp.shipper
+parameters:
+ _param:
+ heka_shipper_output_exchange: heka
+ heka_shipper_output_host: ${_param:heka_amqp_host}
+ heka_shipper_output_password: ${_param:heka_amqp_password}
+ heka_shipper_output_vhost: log
+ heka_shipper_output_user: log
+
diff --git a/system/horizon/server/app/tcpcloud_kilo.yml b/system/horizon/server/app/tcpcloud_kilo.yml
new file mode 100644
index 0000000..9c7422d
--- /dev/null
+++ b/system/horizon/server/app/tcpcloud_kilo.yml
@@ -0,0 +1,71 @@
+parameters:
+ _param:
+ nginx_site_horizon_tcpcloud_kilo_host: _
+ horizon_tcpcloud_kilo_secret_key: workshop
+ nginx:
+ server:
+ site:
+ horizon_tcpcloud_kilo:
+ enabled: true
+ type: horizon
+ name: tcpcloud_kilo
+ host:
+ name: _
+ supervisor:
+ server:
+ service:
+ horizon_tcpcloud_kilo:
+ type: horizon
+ name: tcpcloud_kilo
+ horizon:
+ server:
+ app:
+ tcpcloud_kilo:
+ version: kilo
+ branding: "Mk20 Lab Dashboard"
+ bind:
+ address: 0.0.0.0
+ port: 8078
+ secret_key: ${_param:horizon_tcpcloud_kilo_secret_key}
+ source:
+ engine: git
+ address: git@git.tcpcloud.eu:python-apps/horizon.git
+ revision: stable/kilo
+ cache:
+ engine: 'memcached'
+ host: '127.0.0.1'
+ port: 11211
+ prefix: 'CACHE_TCPCLOUD_KILO'
+ identity:
+ engine: keystone
+ host: ${_param:cluster_vip_address}
+ encryption: none
+ port: 5000
+ api_version: 3
+ api_versions:
+ identity: 3
+ plugin:
+ horizon_overrides:
+ app: horizon_overrides
+ override: true
+ overrides:
+ - contrail_openstack_dashboard
+ source:
+ engine: git
+ address: git@git.tcpcloud.eu:horizon-modules/horizon-overrides-plugin.git
+ revision: develop
+ contrail:
+ app: contrail_openstack_dashboard
+ source:
+ engine: git
+ address: git@git.tcpcloud.eu:horizon-modules/horizon-contrail-panels.git
+ revision: stable/kilo
+ horizon_theme:
+ app: horizon_theme
+ theme_name: tcp
+ source:
+ engine: git
+ address: git@git.tcpcloud.eu:horizon-themes/horizon-tcp-theme.git
+ revision: stable/kilo
+ mail:
+ engine: console
diff --git a/system/horizon/server/cluster.yml b/system/horizon/server/cluster.yml
new file mode 100644
index 0000000..830a32a
--- /dev/null
+++ b/system/horizon/server/cluster.yml
@@ -0,0 +1,31 @@
+classes:
+- service.keepalived.cluster.single
+- service.horizon.server.single
+- service.haproxy.proxy.single
+- system.haproxy.proxy.listen.openstack.horizon
+parameters:
+ horizon:
+ server:
+ branding: "OpenStack Dashboard"
+ bind:
+ address: ${_param:single_address}
+ port: 8078
+ plugin:
+ contrail:
+ source:
+ engine: pkg
+ name: openstack-dashboard-contrail-panels
+ horizon_overrides:
+ override: true
+ overrides:
+ - contrail_openstack_dashboard
+ app: horizon_overrides
+ source:
+ engine: pkg
+ name: python-horizon-overrides-plugin
+ horizon_theme:
+ app: horizon_theme
+ theme_name: mirantis-theme
+ source:
+ engine: pkg
+ name: openstack-dashboard-mirantis-theme
diff --git a/system/horizon/server/multi.yml b/system/horizon/server/multi.yml
new file mode 100644
index 0000000..f41a371
--- /dev/null
+++ b/system/horizon/server/multi.yml
@@ -0,0 +1,12 @@
+classes:
+- service.git.client
+- service.horizon.server.multi
+- service.nginx.server.single
+- service.nginx.server.stats
+- service.memcached.server.local
+- service.python.environment
+- service.supervisor.server.single
+parameters:
+ python:
+ environment:
+ development: true
diff --git a/system/horizon/server/single.yml b/system/horizon/server/single.yml
new file mode 100644
index 0000000..e745f56
--- /dev/null
+++ b/system/horizon/server/single.yml
@@ -0,0 +1,28 @@
+classes:
+- service.horizon.server.single
+parameters:
+ horizon:
+ server:
+ branding: "OpenStack Dashboard"
+ bind:
+ address: 0.0.0.0
+ port: 8078
+ plugin:
+ contrail:
+ source:
+ engine: pkg
+ name: openstack-dashboard-contrail-panels
+ horizon_overrides:
+ override: true
+ overrides:
+ - contrail_openstack_dashboard
+ app: horizon_overrides
+ source:
+ engine: pkg
+ name: python-horizon-overrides-plugin
+ horizon_theme:
+ app: horizon_theme
+ theme_name: mirantis-theme
+ source:
+ engine: pkg
+ name: openstack-dashboard-mirantis-theme
diff --git a/system/influxdb/server/cluster.yml b/system/influxdb/server/cluster.yml
new file mode 100644
index 0000000..bfdf4d4
--- /dev/null
+++ b/system/influxdb/server/cluster.yml
@@ -0,0 +1,27 @@
+classes:
+- service.influxdb.server.single
+parameters:
+ linux:
+ system:
+ repo:
+ influxdb:
+ enabled: true
+ source: 'deb https://repos.influxdata.com/ubuntu xenial stable'
+ key_url: 'https://repos.influxdata.com/influxdb.key'
+ influxdb:
+ server:
+ enabled: true
+ meta:
+ bind:
+ address: 0.0.0.0
+ port: 8088
+ http_address: 0.0.0.0
+ http_port: 8091
+ cluster:
+ members:
+ - host: idb01.local
+ port: 8091
+ - host: idb02.local
+ port: 8091
+ - host: idb03.local
+ port: 8091
diff --git a/system/influxdb/server/single.yml b/system/influxdb/server/single.yml
new file mode 100644
index 0000000..308b7be
--- /dev/null
+++ b/system/influxdb/server/single.yml
@@ -0,0 +1,43 @@
+classes:
+- service.influxdb.server.single
+- system.influxdb.server.tmpfs_wal
+parameters:
+ linux:
+ system:
+ repo:
+ influxdb:
+ enabled: true
+ source: 'deb https://repos.influxdata.com/ubuntu xenial stable'
+ key_url: 'https://repos.influxdata.com/influxdb.key'
+ influxdb:
+ server:
+ enabled: true
+ http:
+ enabled: true
+ bind:
+ address: ${_param:single_address}
+ port: 8086
+ admin:
+ enabled: true
+ bind:
+ address: ${_param:single_address}
+ port: 8083
+ user:
+ enabled: true
+ name: 'root'
+ password: ${_param:influxdb_admin_password}
+ database:
+ lma:
+ enabled: true
+ name: lma
+ user:
+ lma:
+ enabled: true
+ name: lma
+ password: ${_param:influxdb_stacklight_password}
+ grant:
+ grant_lma_all:
+ enabled: true
+ user: lma
+ database: lma
+ privilege: all
diff --git a/system/influxdb/server/tmpfs_wal.yml b/system/influxdb/server/tmpfs_wal.yml
new file mode 100644
index 0000000..4844b2c
--- /dev/null
+++ b/system/influxdb/server/tmpfs_wal.yml
@@ -0,0 +1,27 @@
+parameters:
+ _param:
+ influxdb_home_directory: /var/lib/influxdb
+ influxdb_wal_directory: ${_param:influxdb_home_directory}/wal
+ influxdb_wal_size: 10%
+ linux:
+ system:
+ user:
+ influxdb:
+ enabled: true
+ system: true
+ group: influxdb
+ home: ${_param:influxdb_home_directory}
+ storage:
+ mount:
+ tmpfs:
+ enabled: true
+ device: tmpfs
+ file_system: tmpfs
+ path: ${_param:influxdb_wal_directory}
+ opts: size=${_param:influxdb_wal_size},rw
+ user: influxdb
+ group: influxdb
+ influxdb:
+ server:
+ data:
+ wal_dir: ${_param:influxdb_wal_directory}
diff --git a/system/keepalived/cluster/instance/stacklight_monitor_vip.yml b/system/keepalived/cluster/instance/stacklight_monitor_vip.yml
new file mode 100644
index 0000000..28a6b69
--- /dev/null
+++ b/system/keepalived/cluster/instance/stacklight_monitor_vip.yml
@@ -0,0 +1,15 @@
+applications:
+- keepalived
+classes:
+- service.keepalived.support
+parameters:
+ keepalived:
+ cluster:
+ enabled: true
+ instance:
+ stacklight_monitor_vip:
+ address: ${_param:keepalived_stacklight_monitor_vip_address}
+ password: ${_param:keepalived_stacklight_monitor_vip_password}
+ interface: ${_param:keepalived_stacklight_monitor_vip_interface}
+ virtual_router_id: 100
+ priority: 101
diff --git a/system/keystone/client/service/billometer.yml b/system/keystone/client/service/billometer.yml
new file mode 100644
index 0000000..86a153f
--- /dev/null
+++ b/system/keystone/client/service/billometer.yml
@@ -0,0 +1,27 @@
+parameters:
+ keystone:
+ client:
+ server:
+ identity:
+ project:
+ service:
+ user:
+ billometer:
+ is_admin: true
+ password: ${_param:keystone_billometer_password}
+ email: ${_param:admin_email}
+ service:
+ billometer:
+ type: billing
+ description: OpenStack Billing Service
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:billometer_service_host}
+ public_port: 9753
+ public_path: '/v1'
+ internal_address: ${_param:billometer_service_host}
+ internal_port: 9753
+ internal_path: '/v1'
+ admin_address: ${_param:billometer_service_host}
+ admin_port: 9753
+ admin_path: '/v1'
diff --git a/system/keystone/client/service/ceilometer.yml b/system/keystone/client/service/ceilometer.yml
new file mode 100644
index 0000000..c40383a
--- /dev/null
+++ b/system/keystone/client/service/ceilometer.yml
@@ -0,0 +1,27 @@
+parameters:
+ keystone:
+ client:
+ server:
+ identity:
+ project:
+ service:
+ user:
+ ceilometer:
+ is_admin: true
+ password: ${_param:keystone_ceilometer_password}
+ email: ${_param:admin_email}
+ service:
+ ceilometer:
+ type: metering
+ description: OpenStack Telemetry Service
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:ceilometer_service_host}
+ public_port: 8777
+ public_path: '/'
+ internal_address: ${_param:ceilometer_service_host}
+ internal_port: 8777
+ internal_path: '/'
+ admin_address: ${_param:ceilometer_service_host}
+ admin_port: 8777
+ admin_path: '/'
diff --git a/system/keystone/client/service/cinder.yml b/system/keystone/client/service/cinder.yml
new file mode 100644
index 0000000..329c7ac
--- /dev/null
+++ b/system/keystone/client/service/cinder.yml
@@ -0,0 +1,27 @@
+parameters:
+ keystone:
+ client:
+ server:
+ identity:
+ project:
+ service:
+ user:
+ cinder:
+ is_admin: true
+ password: ${_param:keystone_cinder_password}
+ email: ${_param:admin_email}
+ service:
+ cinder:
+ type: volume
+ description: OpenStack Volume Service
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:cinder_service_host}
+ public_port: 8776
+ public_path: '/v1/$(tenant_id)s'
+ internal_address: ${_param:cinder_service_host}
+ internal_port: 8776
+ internal_path: '/v1/$(tenant_id)s'
+ admin_address: ${_param:cinder_service_host}
+ admin_port: 8776
+ admin_path: '/v1/$(tenant_id)s'
diff --git a/system/keystone/client/service/cinder2.yml b/system/keystone/client/service/cinder2.yml
new file mode 100644
index 0000000..a24f06a
--- /dev/null
+++ b/system/keystone/client/service/cinder2.yml
@@ -0,0 +1,27 @@
+parameters:
+ keystone:
+ client:
+ server:
+ identity:
+ project:
+ service:
+ user:
+ cinder:
+ is_admin: true
+ password: ${_param:keystone_cinder_password}
+ email: ${_param:admin_email}
+ service:
+ cinderv2:
+ type: volumev2
+ description: OpenStack Volume Service v2
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:cinder_service_host}
+ public_port: 8776
+ public_path: '/v2/$(tenant_id)s'
+ internal_address: ${_param:cinder_service_host}
+ internal_port: 8776
+ internal_path: '/v2/$(tenant_id)s'
+ admin_address: ${_param:cinder_service_host}
+ admin_port: 8776
+ admin_path: '/v2/$(tenant_id)s'
diff --git a/system/keystone/client/service/glance.yml b/system/keystone/client/service/glance.yml
new file mode 100644
index 0000000..33d90c7
--- /dev/null
+++ b/system/keystone/client/service/glance.yml
@@ -0,0 +1,27 @@
+parameters:
+ keystone:
+ client:
+ server:
+ identity:
+ project:
+ service:
+ user:
+ glance:
+ is_admin: true
+ password: ${_param:keystone_glance_password}
+ email: ${_param:admin_email}
+ service:
+ glance:
+ type: image
+ description: OpenStack Image Service
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:glance_service_host}
+ public_port: 9292
+ public_path: ''
+ internal_address: ${_param:glance_service_host}
+ internal_port: 9292
+ internal_path: ''
+ admin_address: ${_param:glance_service_host}
+ admin_port: 9292
+ admin_path: ''
diff --git a/system/keystone/client/service/heat-cfn.yml b/system/keystone/client/service/heat-cfn.yml
new file mode 100644
index 0000000..3bb5449
--- /dev/null
+++ b/system/keystone/client/service/heat-cfn.yml
@@ -0,0 +1,20 @@
+parameters:
+ keystone:
+ client:
+ server:
+ identity:
+ service:
+ heat-cfn:
+ type: cloudformation
+ description: OpenStack CloudFormation Service
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:heat_service_host}
+ public_port: 8000
+ public_path: '/v1'
+ internal_address: ${_param:heat_service_host}
+ internal_port: 8000
+ internal_path: '/v1'
+ admin_address: ${_param:heat_service_host}
+ admin_port: 8000
+ admin_path: '/v1'
diff --git a/system/keystone/client/service/heat.yml b/system/keystone/client/service/heat.yml
new file mode 100644
index 0000000..233cc75
--- /dev/null
+++ b/system/keystone/client/service/heat.yml
@@ -0,0 +1,30 @@
+parameters:
+ keystone:
+ client:
+ server:
+ identity:
+ roles:
+ - heat_stack_user
+ - heat_stack_owner
+ project:
+ service:
+ user:
+ heat:
+ is_admin: true
+ password: ${_param:keystone_heat_password}
+ email: ${_param:admin_email}
+ service:
+ heat:
+ type: orchestration
+ description: OpenStack Orchestration Service
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:heat_service_host}
+ public_port: 8004
+ public_path: '/v1/%(tenant_id)s'
+ internal_address: ${_param:heat_service_host}
+ internal_port: 8004
+ internal_path: '/v1/%(tenant_id)s'
+ admin_address: ${_param:heat_service_host}
+ admin_port: 8004
+ admin_path: '/v1/%(tenant_id)s'
diff --git a/system/keystone/client/service/keystone.yml b/system/keystone/client/service/keystone.yml
new file mode 100644
index 0000000..914777c
--- /dev/null
+++ b/system/keystone/client/service/keystone.yml
@@ -0,0 +1,20 @@
+parameters:
+ keystone:
+ client:
+ server:
+ identity:
+ service:
+ keystone:
+ type: identity
+ description: OpenStack Identity Service
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:keystone_service_host}
+ public_port: 5000
+ public_path: '/v2.0'
+ internal_address: ${_param:keystone_service_host}
+ internal_port: 5000
+ internal_path: '/v2.0'
+ admin_address: ${_param:keystone_service_host}
+ admin_port: 35357
+ admin_path: '/v2.0'
diff --git a/system/keystone/client/service/keystone3.yml b/system/keystone/client/service/keystone3.yml
new file mode 100644
index 0000000..9aaedc2
--- /dev/null
+++ b/system/keystone/client/service/keystone3.yml
@@ -0,0 +1,20 @@
+parameters:
+ keystone:
+ client:
+ server:
+ identity:
+ service:
+ keystone3:
+ type: identity
+ description: OpenStack Identity Service v3
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:keystone_service_host}
+ public_port: 5000
+ public_path: '/v3'
+ internal_address: ${_param:keystone_service_host}
+ internal_port: 5000
+ internal_path: '/v3'
+ admin_address: ${_param:keystone_service_host}
+ admin_port: 35357
+ admin_path: '/v3'
diff --git a/system/keystone/client/service/neutron.yml b/system/keystone/client/service/neutron.yml
new file mode 100644
index 0000000..48ca372
--- /dev/null
+++ b/system/keystone/client/service/neutron.yml
@@ -0,0 +1,27 @@
+parameters:
+ keystone:
+ client:
+ server:
+ identity:
+ project:
+ service:
+ user:
+ neutron:
+ is_admin: true
+ password: ${_param:keystone_neutron_password}
+ email: ${_param:admin_email}
+ service:
+ neutron:
+ type: network
+ description: OpenStack Networking Service
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:neutron_service_host}
+ public_port: 9696
+ public_path: '/'
+ internal_address: ${_param:neutron_service_host}
+ internal_port: 9696
+ internal_path: '/'
+ admin_address: ${_param:neutron_service_host}
+ admin_port: 9696
+ admin_path: '/'
diff --git a/system/keystone/client/service/nova-ec2.yml b/system/keystone/client/service/nova-ec2.yml
new file mode 100644
index 0000000..b729061
--- /dev/null
+++ b/system/keystone/client/service/nova-ec2.yml
@@ -0,0 +1,20 @@
+parameters:
+ keystone:
+ client:
+ server:
+ identity:
+ service:
+ nova-ec2:
+ type: ec2
+ description: OpenStack EC2 Service
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:nova_service_host}
+ public_port: 8773
+ public_path: '/services/Cloud'
+ internal_address: ${_param:nova_service_host}
+ internal_port: 8773
+ internal_path: '/services/Cloud'
+ admin_address: ${_param:nova_service_host}
+ admin_port: 8773
+ admin_path: '/services/Admin'
diff --git a/system/keystone/client/service/nova.yml b/system/keystone/client/service/nova.yml
new file mode 100644
index 0000000..1497d69
--- /dev/null
+++ b/system/keystone/client/service/nova.yml
@@ -0,0 +1,27 @@
+parameters:
+ keystone:
+ client:
+ server:
+ identity:
+ project:
+ service:
+ user:
+ nova:
+ is_admin: true
+ password: ${_param:keystone_nova_password}
+ email: ${_param:admin_email}
+ service:
+ nova:
+ type: compute
+ description: OpenStack Compute Service
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:nova_service_host}
+ public_port: 8774
+ public_path: '/v2/$(tenant_id)s'
+ internal_address: ${_param:nova_service_host}
+ internal_port: 8774
+ internal_path: '/v2/$(tenant_id)s'
+ admin_address: ${_param:nova_service_host}
+ admin_port: 8774
+ admin_path: '/v2/$(tenant_id)s'
diff --git a/system/keystone/client/service/nova21.yml b/system/keystone/client/service/nova21.yml
new file mode 100644
index 0000000..e09a9df
--- /dev/null
+++ b/system/keystone/client/service/nova21.yml
@@ -0,0 +1,41 @@
+parameters:
+ keystone:
+ client:
+ server:
+ identity:
+ project:
+ service:
+ user:
+ nova:
+ is_admin: true
+ password: ${_param:keystone_nova_password}
+ email: ${_param:admin_email}
+ service:
+ nova20:
+ type: compute_legacy
+ description: OpenStack Compute Service
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:nova_service_host}
+ public_port: 8774
+ public_path: '/v2/$(tenant_id)s'
+ internal_address: ${_param:nova_service_host}
+ internal_port: 8774
+ internal_path: '/v2/$(tenant_id)s'
+ admin_address: ${_param:nova_service_host}
+ admin_port: 8774
+ admin_path: '/v2/$(tenant_id)s'
+ nova:
+ type: compute
+ description: OpenStack Compute Service v2.1
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:nova_service_host}
+ public_port: 8774
+ public_path: '/v2.1'
+ internal_address: ${_param:nova_service_host}
+ internal_port: 8774
+ internal_path: '/v2.1'
+ admin_address: ${_param:nova_service_host}
+ admin_port: 8774
+ admin_path: '/v2.1'
diff --git a/system/keystone/client/single.yml b/system/keystone/client/single.yml
new file mode 100644
index 0000000..6d7a4c6
--- /dev/null
+++ b/system/keystone/client/single.yml
@@ -0,0 +1,40 @@
+classes:
+- system.keystone.client.service.cinder
+- system.keystone.client.service.cinder2
+- system.keystone.client.service.glance
+- system.keystone.client.service.heat
+- system.keystone.client.service.heat-cfn
+- system.keystone.client.service.keystone
+- system.keystone.client.service.neutron
+- system.keystone.client.service.nova-ec2
+parameters:
+ linux:
+ system:
+ job:
+ keystone_job_rotate:
+ command: '/usr/bin/keystone-manage fernet_rotate --keystone-user keystone --keystone-group keystone >> /var/log/key_rotation_log 2>> /var/log/key_rotation_log'
+ enabled: true
+ user: root
+ minute: 0
+ keystone:
+ client:
+ enabled: true
+ server:
+ identity:
+ admin:
+ host: ${_param:keystone_service_host}
+ port: 35357
+ token: ${_param:keystone_service_token}
+ roles:
+ - admin
+ - Member
+ project:
+ service:
+ description: "OpenStack Service tenant"
+ admin:
+ description: "OpenStack Admin tenant"
+ user:
+ admin:
+ is_admin: true
+ password: ${_param:keystone_admin_password}
+ email: ${_param:admin_email}
diff --git a/system/keystone/server/cluster.yml b/system/keystone/server/cluster.yml
new file mode 100644
index 0000000..f21d31d
--- /dev/null
+++ b/system/keystone/server/cluster.yml
@@ -0,0 +1,42 @@
+classes:
+- service.keystone.server.cluster
+- service.keepalived.cluster.single
+- system.keystone.server.storage.glusterfs
+- system.haproxy.proxy.listen.openstack.keystone
+parameters:
+ keystone:
+ server:
+ enabled: true
+ version: ${_param:keystone_version}
+ service_token: ${_param:keystone_service_token}
+ service_tenant: service
+ admin_tenant: admin
+ admin_name: admin
+ admin_password: ${_param:keystone_admin_password}
+ admin_email: ${_param:admin_email}
+ bind:
+ address: ${_param:cluster_local_address}
+ private_address: ${_param:cluster_vip_address}
+ private_port: 35357
+ public_address: ${_param:cluster_vip_address}
+ public_port: 5000
+ region: ${_param:openstack_region}
+ database:
+ engine: mysql
+ host: ${_param:openstack_database_address}
+ name: keystone
+ password: ${_param:mysql_keystone_password}
+ user: keystone
+ tokens:
+ engine: fernet
+ expiration: 3600
+ max_active_keys: 3
+ location: /var/lib/keystone/fernet-keys
+ message_queue:
+ engine: rabbitmq
+ host: ${_param:openstack_message_queue_address}
+ port: 5672
+ user: openstack
+ password: ${_param:rabbitmq_openstack_password}
+ virtual_host: '/openstack'
+ ha_queues: true
\ No newline at end of file
diff --git a/system/keystone/server/single.yml b/system/keystone/server/single.yml
new file mode 100644
index 0000000..38be60f
--- /dev/null
+++ b/system/keystone/server/single.yml
@@ -0,0 +1,17 @@
+classes:
+- service.keystone.server.single
+parameters:
+ _param:
+ keystone_service_token: token
+ keystone_admin_password: password
+ mysql_admin_user: root
+ mysql_admin_password: password
+ mysql_keystone_password: password
+ keystone:
+ server:
+ roles:
+ - admin
+ - Member
+ - image_manager
+ database:
+ host: 127.0.0.1
diff --git a/system/keystone/server/storage/glusterfs.yml b/system/keystone/server/storage/glusterfs.yml
new file mode 100644
index 0000000..54a4197
--- /dev/null
+++ b/system/keystone/server/storage/glusterfs.yml
@@ -0,0 +1,35 @@
+classes:
+- service.glusterfs.server
+- service.glusterfs.client
+parameters:
+ glusterfs:
+ server:
+ peers:
+ - ${_param:cluster_node01_address}
+ - ${_param:cluster_node02_address}
+ - ${_param:cluster_node03_address}
+ volumes:
+ keystone-keys:
+ storage: /srv/glusterfs/keystone-keys
+ replica: 3
+ bricks:
+ - ${_param:cluster_node01_address}:/srv/glusterfs/keystone-keys
+ - ${_param:cluster_node02_address}:/srv/glusterfs/keystone-keys
+ - ${_param:cluster_node03_address}:/srv/glusterfs/keystone-keys
+ options:
+ cluster.readdir-optimize: On
+ nfs.disable: On
+ network.remote-dio: On
+ diagnostics.client-log-level: WARNING
+ diagnostics.brick-log-level: WARNING
+ client:
+ volumes:
+ keystone-keys:
+ path: /var/lib/keystone/fernet-keys
+ server: ${_param:glusterfs_service_host}
+ user: keystone
+ group: keystone
+ keystone:
+ server:
+ tokens:
+ location: /var/lib/keystone/fernet-keys
diff --git a/system/kibana/client/single.yml b/system/kibana/client/single.yml
new file mode 100644
index 0000000..d2322c6
--- /dev/null
+++ b/system/kibana/client/single.yml
@@ -0,0 +1,9 @@
+classes:
+- service.kibana.client
+parameters:
+ kibana:
+ client:
+ enabled: true
+ server:
+ host: ${_param:stacklight_monitor_address}
+ port: 9200
diff --git a/system/kibana/server/single.yml b/system/kibana/server/single.yml
new file mode 100644
index 0000000..e8ec886
--- /dev/null
+++ b/system/kibana/server/single.yml
@@ -0,0 +1,16 @@
+classes:
+- service.kibana.server.single
+parameters:
+ _param:
+ kibana_port: 5601
+ kibana:
+ server:
+ enabled: true
+ bind:
+ address: ${_param:single_address}
+ port: 5601
+ database:
+ engine: elasticsearch
+ host: ${_param:kibana_elasticsearch_host}
+ port: 9200
+
diff --git a/system/linux/network/interface/ovs_lab_dvr.yml b/system/linux/network/interface/ovs_lab_dvr.yml
new file mode 100644
index 0000000..482bd02
--- /dev/null
+++ b/system/linux/network/interface/ovs_lab_dvr.yml
@@ -0,0 +1,67 @@
+parameters:
+ _param:
+ primary_interface: eth1
+ tenant_interface: eth2
+ external_interface: eth3
+ interface_mtu: 9000
+ linux:
+ network:
+ bridge: openvswitch
+ interface:
+ primary_interface:
+ enabled: true
+ name: ${_param:primary_interface}
+ type: eth
+ mtu: ${_param:interface_mtu}
+ proto: manual
+ tenant_interface:
+ enabled: true
+ name: ${_param:tenant_interface}
+ type: eth
+ mtu: ${_param:interface_mtu}
+ proto: manual
+ external_interface:
+ enabled: true
+ name: ${_param:external_interface}
+ type: eth
+ mtu: ${_param:interface_mtu}
+ proto: manual
+ br-int:
+ enabled: true
+ mtu: ${_param:interface_mtu}
+ type: ovs_bridge
+ br-floating:
+ enabled: true
+ mtu: ${_param:interface_mtu}
+ type: ovs_bridge
+ float-to-ex:
+ enabled: true
+ type: ovs_port
+ mtu: 65000
+ bridge: br-floating
+ br-mgmt:
+ enabled: true
+ type: bridge
+ mtu: ${_param:interface_mtu}
+ address: ${_param:single_address}
+ netmask: 255.255.255.0
+ use_interfaces:
+ - ${_param:primary_interface}
+ br-mesh:
+ enabled: true
+ type: bridge
+ mtu: ${_param:interface_mtu}
+ address: ${_param:tenant_address}
+ netmask: 255.255.255.0
+ use_interfaces:
+ - ${_param:tenant_interface}
+ br-ex:
+ enabled: true
+ type: bridge
+ mtu: ${_param:interface_mtu}
+ address: ${_param:external_address}
+ netmask: 255.255.255.0
+ use_interfaces:
+ - ${_param:external_interface}
+ use_ovs_ports:
+ - float-to-ex
\ No newline at end of file
diff --git a/system/linux/network/interface/primary_dhcp.yml b/system/linux/network/interface/primary_dhcp.yml
new file mode 100644
index 0000000..c3a69ab
--- /dev/null
+++ b/system/linux/network/interface/primary_dhcp.yml
@@ -0,0 +1,9 @@
+parameters:
+ linux:
+ network:
+ interface:
+ primary_interface:
+ enabled: true
+ name: ${_param:primary_interface}
+ type: eth
+ proto: dhcp
diff --git a/system/linux/network/interface/primary_static.yml b/system/linux/network/interface/primary_static.yml
new file mode 100644
index 0000000..18f46a2
--- /dev/null
+++ b/system/linux/network/interface/primary_static.yml
@@ -0,0 +1,10 @@
+parameters:
+ linux:
+ network:
+ interface:
+ primary_interface:
+ enabled: true
+ name: ${_param:primary_interface}
+ type: eth
+ proto: manual
+ address: ${_param:single_address}
\ No newline at end of file
diff --git a/system/linux/system/lowmem.yml b/system/linux/system/lowmem.yml
new file mode 100644
index 0000000..e1f1193
--- /dev/null
+++ b/system/linux/system/lowmem.yml
@@ -0,0 +1,17 @@
+parameters:
+ linux:
+ storage:
+ swap:
+ swap01:
+ enabled: true
+ engine: file
+ device: /var/tmp/swap01
+ size: 2048
+# opencontrail:
+# database:
+# max_heap_size: "1G"
+# heap_newsize: "200M"
+# rabbitmq:
+# server:
+# memory:
+# vm_high_watermark: 0.2
diff --git a/system/linux/system/repo/contrail.yml b/system/linux/system/repo/contrail.yml
new file mode 100644
index 0000000..08069af
--- /dev/null
+++ b/system/linux/system/repo/contrail.yml
@@ -0,0 +1,8 @@
+parameters:
+ linux:
+ system:
+ repo:
+ tcpcloud_opencontrail:
+ source: "deb [arch=amd64] http://apt.tcpcloud.eu/nightly/ ${_param:linux_system_codename} extra oc30"
+ architectures: amd64
+ key_url: "http://apt.tcpcloud.eu/public.gpg"
diff --git a/system/linux/system/repo/kibana.yml b/system/linux/system/repo/kibana.yml
new file mode 100644
index 0000000..425141d
--- /dev/null
+++ b/system/linux/system/repo/kibana.yml
@@ -0,0 +1,7 @@
+parameters:
+ linux:
+ system:
+ repo:
+ kibana:
+ source: "deb https://packages.elastic.co/kibana/4.6/debian stable main"
+ key_url: "https://packages.elastic.co/GPG-KEY-elasticsearch"
diff --git a/system/linux/system/repo/mos8.yml b/system/linux/system/repo/mos8.yml
new file mode 100644
index 0000000..86ad931
--- /dev/null
+++ b/system/linux/system/repo/mos8.yml
@@ -0,0 +1,24 @@
+parameters:
+ linux:
+ system:
+ repo:
+ mirantis_openstack:
+ source: "deb http://mirror.fuel-infra.org/mos-repos/ubuntu/8.0-mu-3/ mos8.0 main restricted"
+ architectures: amd64
+ key_url: "http://mirror.fuel-infra.org/mos-repos/ubuntu/8.0-mu-3/archive-mos8.0.key"
+ mirantis_openstack_hotfix:
+ source: "deb http://mirror.fuel-infra.org/mos-repos/ubuntu/8.0-mu-3/ mos8.0-hotfix main restricted"
+ architectures: amd64
+ key_url: "http://mirror.fuel-infra.org/mos-repos/ubuntu/8.0-mu-3/archive-mos8.0.key"
+ mirantis_openstack_proposed:
+ source: "deb http://mirror.fuel-infra.org/mos-repos/ubuntu/8.0-mu-3/ mos8.0-proposed main restricted"
+ architectures: amd64
+ key_url: "http://mirror.fuel-infra.org/mos-repos/ubuntu/8.0-mu-3/archive-mos8.0.key"
+ mirantis_openstack_security:
+ source: "deb http://mirror.fuel-infra.org/mos-repos/ubuntu/8.0-mu-3/ mos8.0-security main restricted"
+ architectures: amd64
+ key_url: "http://mirror.fuel-infra.org/mos-repos/ubuntu/8.0-mu-3/archive-mos8.0.key"
+ mirantis_openstack_updates:
+ source: "deb http://mirror.fuel-infra.org/mos-repos/ubuntu/8.0-mu-3/ mos8.0-updates main restricted"
+ architectures: amd64
+ key_url: "http://mirror.fuel-infra.org/mos-repos/ubuntu/8.0-mu-3/archive-mos8.0.key"
diff --git a/system/linux/system/repo/mos9.yml b/system/linux/system/repo/mos9.yml
new file mode 100644
index 0000000..70cb2d2
--- /dev/null
+++ b/system/linux/system/repo/mos9.yml
@@ -0,0 +1,24 @@
+parameters:
+ linux:
+ system:
+ repo:
+ mirantis_openstack:
+ source: "deb http://mirror.fuel-infra.org/mos-repos/ubuntu/9.0/ mos9.0 main restricted"
+ architectures: amd64
+ key_url: "http://mirror.fuel-infra.org/mos-repos/ubuntu/9.0/archive-mos9.0.key"
+ mirantis_openstack_hotfix:
+ source: "deb http://mirror.fuel-infra.org/mos-repos/ubuntu/9.0/ mos9.0-hotfix main restricted"
+ architectures: amd64
+ key_url: "http://mirror.fuel-infra.org/mos-repos/ubuntu/9.0/archive-mos9.0.key"
+ mirantis_openstack_proposed:
+ source: "deb http://mirror.fuel-infra.org/mos-repos/ubuntu/9.0/ mos9.0-proposed main restricted"
+ architectures: amd64
+ key_url: "http://mirror.fuel-infra.org/mos-repos/ubuntu/9.0/archive-mos9.0.key"
+ mirantis_openstack_security:
+ source: "deb http://mirror.fuel-infra.org/mos-repos/ubuntu/9.0/ mos9.0-security main restricted"
+ architectures: amd64
+ key_url: "http://mirror.fuel-infra.org/mos-repos/ubuntu/9.0/archive-mos9.0.key"
+ mirantis_openstack_updates:
+ source: "deb http://mirror.fuel-infra.org/mos-repos/ubuntu/9.0/ mos9.0-updates main restricted"
+ architectures: amd64
+ key_url: "http://mirror.fuel-infra.org/mos-repos/ubuntu/9.0/archive-mos9.0.key"
diff --git a/system/linux/system/repo/saltstack_2016_3_trusty.yml b/system/linux/system/repo/saltstack_2016_3_trusty.yml
new file mode 100644
index 0000000..19e4814
--- /dev/null
+++ b/system/linux/system/repo/saltstack_2016_3_trusty.yml
@@ -0,0 +1,7 @@
+parameters:
+ linux:
+ system:
+ repo:
+ salt:
+ source: "deb http://repo.saltstack.com/apt/ubuntu/14.04/amd64/2016.3 trusty main"
+ key_url: "http://repo.saltstack.com/apt/ubuntu/14.04/amd64/2016.3/SALTSTACK-GPG-KEY.pub"
\ No newline at end of file
diff --git a/system/linux/system/repo/saltstack_2016_3_xenial.yml b/system/linux/system/repo/saltstack_2016_3_xenial.yml
new file mode 100644
index 0000000..6fed4c5
--- /dev/null
+++ b/system/linux/system/repo/saltstack_2016_3_xenial.yml
@@ -0,0 +1,7 @@
+parameters:
+ linux:
+ system:
+ repo:
+ salt:
+ source: "deb http://repo.saltstack.com/apt/ubuntu/16.04/amd64/2016.3 xenial main"
+ key_url: "http://repo.saltstack.com/apt/ubuntu/16.04/amd64/2016.3/SALTSTACK-GPG-KEY.pub"
\ No newline at end of file
diff --git a/system/linux/system/repo/tcp_base.yml b/system/linux/system/repo/tcp_base.yml
new file mode 100644
index 0000000..2baea0d
--- /dev/null
+++ b/system/linux/system/repo/tcp_base.yml
@@ -0,0 +1,9 @@
+parameters:
+ linux:
+ system:
+ repo:
+ tcpcloud:
+ source: "deb [arch=amd64] http://apt.tcpcloud.eu/nightly/ ${_param:linux_system_codename} main security tcp"
+ architectures: amd64
+ default: true
+ key_url: "http://apt.tcpcloud.eu/public.gpg"
diff --git a/system/linux/system/repo/tcp_elastic.yml b/system/linux/system/repo/tcp_elastic.yml
new file mode 100644
index 0000000..a7ac202
--- /dev/null
+++ b/system/linux/system/repo/tcp_elastic.yml
@@ -0,0 +1,8 @@
+parameters:
+ linux:
+ system:
+ repo:
+ elastic:
+ source: "deb [arch=amd64] http://apt.tcpcloud.eu/nightly/ ${_param:linux_system_codename} elastic"
+ architectures: amd64
+ key_url: "http://apt.tcpcloud.eu/public.gpg"
diff --git a/system/linux/system/repo/tcp_extra.yml b/system/linux/system/repo/tcp_extra.yml
new file mode 100644
index 0000000..8e74058
--- /dev/null
+++ b/system/linux/system/repo/tcp_extra.yml
@@ -0,0 +1,8 @@
+parameters:
+ linux:
+ system:
+ repo:
+ tcpcloud_salt:
+ source: "deb [arch=amd64] http://apt.tcpcloud.eu/nightly/ ${_param:linux_system_codename} extra"
+ architectures: amd64
+ key_url: "http://apt.tcpcloud.eu/public.gpg"
diff --git a/system/linux/system/repo/tcp_mk20.yml b/system/linux/system/repo/tcp_mk20.yml
new file mode 100644
index 0000000..c3b5eee
--- /dev/null
+++ b/system/linux/system/repo/tcp_mk20.yml
@@ -0,0 +1,8 @@
+parameters:
+ linux:
+ system:
+ repo:
+ tcpcloud_openstack:
+ source: "deb [arch=amd64] http://apt.tcpcloud.eu/nightly/ ${_param:linux_system_codename} ${_param:openstack_version}"
+ architectures: amd64
+ key_url: "http://apt.tcpcloud.eu/public.gpg"
diff --git a/system/linux/system/repo/tcp_salt.yml b/system/linux/system/repo/tcp_salt.yml
new file mode 100644
index 0000000..01ff6e8
--- /dev/null
+++ b/system/linux/system/repo/tcp_salt.yml
@@ -0,0 +1,8 @@
+parameters:
+ linux:
+ system:
+ repo:
+ tcpcloud_salt:
+ source: "deb [arch=amd64] http://apt.tcpcloud.eu/nightly/ ${_param:linux_system_codename} tcp-salt"
+ architectures: amd64
+ key_url: "http://apt.tcpcloud.eu/public.gpg"
diff --git a/system/linux/system/repo/ubuntu.yml b/system/linux/system/repo/ubuntu.yml
new file mode 100644
index 0000000..b4137bd
--- /dev/null
+++ b/system/linux/system/repo/ubuntu.yml
@@ -0,0 +1,22 @@
+parameters:
+ linux:
+ system:
+ repo:
+ ubuntu:
+ source: "deb http://archive.ubuntu.com/ubuntu/ ${_param:linux_system_codename} main restricted universe"
+ architectures: amd64
+ default: true
+ key_id: 437D05B5
+ key_server: keyserver.ubuntu.com
+ ubuntu_updates:
+ source: "deb http://archive.ubuntu.com/ubuntu/ ${_param:linux_system_codename}-updates main restricted universe"
+ architectures: amd64
+ default: true
+ key_id: 437D05B5
+ key_server: keyserver.ubuntu.com
+ ubuntu_security:
+ source: "deb http://archive.ubuntu.com/ubuntu/ ${_param:linux_system_codename}-security main restricted universe"
+ architectures: amd64
+ default: true
+ key_id: 437D05B5
+ key_server: keyserver.ubuntu.com
\ No newline at end of file
diff --git a/system/linux/system/single.yml b/system/linux/system/single.yml
new file mode 100644
index 0000000..2c34541
--- /dev/null
+++ b/system/linux/system/single.yml
@@ -0,0 +1,55 @@
+classes:
+- service.linux.system
+- service.salt.minion.master
+- system.openssh.server.single
+- system.ntp.client.single
+- system.linux.system.repo.tcp_base
+parameters:
+ linux:
+ system:
+ package:
+ python-msgpack:
+ version: latest
+ cloud-init:
+ version: purged
+ kernel:
+ sysctl:
+ net.ipv4.tcp_keepalive_intvl: 3
+ net.ipv4.tcp_keepalive_time: 30
+ net.ipv4.tcp_keepalive_probes: 8
+ fs.file-max: 124165
+ net.core.somaxconn: 4096
+ vm.swappiness: 10
+ net.nf_conntrack_max: 1048576
+ net.ipv4.tcp_retries2: 5
+ net.ipv4.tcp_max_syn_backlog: 8192
+ net.ipv4.neigh.default.gc_thresh1: 4096
+ net.ipv4.neigh.default.gc_thresh2: 8192
+ net.ipv4.neigh.default.gc_thresh3: 16384
+ net.core.netdev_max_backlog: 261144
+ kernel.panic: 60
+ timezone: UTC
+ locale:
+ en_US.UTF-8:
+ enabled: true
+ default: true
+ cs_CZ.UTF-8:
+ enabled: true
+ limit:
+ default:
+ enabled: true
+ domain: "*"
+ limits:
+ - type: hard
+ item: nofile
+ value: 102400
+ - type: soft
+ item: nofile
+ value: 102400
+ - type: soft
+ item: noproc
+ value: 102400
+ - type: hard
+ item: noproc
+ value: 102400
+
diff --git a/system/memcached/server/single.yml b/system/memcached/server/single.yml
new file mode 100644
index 0000000..7577e89
--- /dev/null
+++ b/system/memcached/server/single.yml
@@ -0,0 +1,2 @@
+classes:
+- service.memcached.server.single
diff --git a/system/mysql/client/database/ceilometer.yml b/system/mysql/client/database/ceilometer.yml
new file mode 100644
index 0000000..436bf97
--- /dev/null
+++ b/system/mysql/client/database/ceilometer.yml
@@ -0,0 +1,17 @@
+parameters:
+ mysql:
+ client:
+ server:
+ database:
+ database:
+ ceilometer:
+ encoding: utf8
+ users:
+ - name: ceilometer
+ password: ${_param:mysql_ceilometer_password}
+ host: '%'
+ rights: all
+ - name: ceilometer
+ password: ${_param:mysql_ceilometer_password}
+ host: ${_param:single_address}
+ rights: all
diff --git a/system/mysql/client/database/cinder.yml b/system/mysql/client/database/cinder.yml
new file mode 100644
index 0000000..4d6783b
--- /dev/null
+++ b/system/mysql/client/database/cinder.yml
@@ -0,0 +1,17 @@
+parameters:
+ mysql:
+ client:
+ server:
+ database:
+ database:
+ cinder:
+ encoding: utf8
+ users:
+ - name: cinder
+ password: ${_param:mysql_cinder_password}
+ host: '%'
+ rights: all
+ - name: cinder
+ password: ${_param:mysql_cinder_password}
+ host: ${_param:single_address}
+ rights: all
diff --git a/system/mysql/client/database/glance.yml b/system/mysql/client/database/glance.yml
new file mode 100644
index 0000000..b93b343
--- /dev/null
+++ b/system/mysql/client/database/glance.yml
@@ -0,0 +1,17 @@
+parameters:
+ mysql:
+ client:
+ server:
+ database:
+ database:
+ glance:
+ encoding: utf8
+ users:
+ - name: glance
+ password: ${_param:mysql_glance_password}
+ host: '%'
+ rights: all
+ - name: glance
+ password: ${_param:mysql_glance_password}
+ host: ${_param:single_address}
+ rights: all
diff --git a/system/mysql/client/database/grafana.yml b/system/mysql/client/database/grafana.yml
new file mode 100644
index 0000000..a2899f0
--- /dev/null
+++ b/system/mysql/client/database/grafana.yml
@@ -0,0 +1,17 @@
+parameters:
+ mysql:
+ client:
+ server:
+ database:
+ database:
+ grafana:
+ encoding: utf8
+ users:
+ - name: grafana
+ password: ${_param:mysql_grafana_password}
+ host: '%'
+ rights: all
+ - name: grafana
+ password: ${_param:mysql_grafana_password}
+ host: ${_param:single_address}
+ rights: all
diff --git a/system/mysql/client/database/heat.yml b/system/mysql/client/database/heat.yml
new file mode 100644
index 0000000..51aae8f
--- /dev/null
+++ b/system/mysql/client/database/heat.yml
@@ -0,0 +1,17 @@
+parameters:
+ mysql:
+ client:
+ server:
+ database:
+ database:
+ heat:
+ encoding: utf8
+ users:
+ - name: heat
+ password: ${_param:mysql_heat_password}
+ host: '%'
+ rights: all
+ - name: heat
+ password: ${_param:mysql_heat_password}
+ host: ${_param:single_address}
+ rights: all
diff --git a/system/mysql/client/database/keystone.yml b/system/mysql/client/database/keystone.yml
new file mode 100644
index 0000000..09885dd
--- /dev/null
+++ b/system/mysql/client/database/keystone.yml
@@ -0,0 +1,17 @@
+parameters:
+ mysql:
+ client:
+ server:
+ database:
+ database:
+ keystone:
+ encoding: utf8
+ users:
+ - name: keystone
+ password: ${_param:mysql_keystone_password}
+ host: '%'
+ rights: all
+ - name: keystone
+ password: ${_param:mysql_keystone_password}
+ host: ${_param:single_address}
+ rights: all
diff --git a/system/mysql/client/database/nova.yml b/system/mysql/client/database/nova.yml
new file mode 100644
index 0000000..930b280
--- /dev/null
+++ b/system/mysql/client/database/nova.yml
@@ -0,0 +1,17 @@
+parameters:
+ mysql:
+ client:
+ server:
+ database:
+ database:
+ nova:
+ encoding: utf8
+ users:
+ - name: nova
+ password: ${_param:mysql_nova_password}
+ host: '%'
+ rights: all
+ - name: nova
+ password: ${_param:mysql_nova_password}
+ host: ${_param:single_address}
+ rights: all
diff --git a/system/mysql/client/database/nova_api.yml b/system/mysql/client/database/nova_api.yml
new file mode 100644
index 0000000..9380445
--- /dev/null
+++ b/system/mysql/client/database/nova_api.yml
@@ -0,0 +1,17 @@
+parameters:
+ mysql:
+ client:
+ server:
+ database:
+ database:
+ nova_api:
+ encoding: utf8
+ users:
+ - name: nova
+ password: ${_param:mysql_nova_password}
+ host: '%'
+ rights: all
+ - name: nova
+ password: ${_param:mysql_nova_password}
+ host: ${_param:single_address}
+ rights: all
diff --git a/system/mysql/client/single.yml b/system/mysql/client/single.yml
new file mode 100644
index 0000000..e226e65
--- /dev/null
+++ b/system/mysql/client/single.yml
@@ -0,0 +1,20 @@
+classes:
+- system.mysql.client.database.ceilometer
+- system.mysql.client.database.cinder
+- system.mysql.client.database.glance
+- system.mysql.client.database.heat
+- system.mysql.client.database.keystone
+- system.mysql.client.database.nova
+- system.mysql.client.database.nova_api
+parameters:
+ mysql:
+ client:
+ enabled: true
+ server:
+ database:
+ admin:
+ host: ${_param:cluster_vip_address}
+ port: 3306
+ user: ${_param:mysql_admin_user}
+ password: ${_param:mysql_admin_password}
+ encoding: utf8
diff --git a/system/nagios/server/cluster.yml b/system/nagios/server/cluster.yml
new file mode 100644
index 0000000..932afbf
--- /dev/null
+++ b/system/nagios/server/cluster.yml
@@ -0,0 +1,18 @@
+classes:
+- service.nagios.server.cluster
+- system.nagios.server
+parameters:
+ _param:
+ nagios_ui_bind: ${_param:stacklight_monitor_address}
+ nagios_status_bind: ${_param:stacklight_monitor_address}
+ keepalived:
+ cluster:
+ instance:
+ stacklight_monitor_vip:
+ notify_action:
+ master:
+ - service nagios3 start
+ backup:
+ - service nagios3 stop
+ fault:
+ - service nagios3 stop
diff --git a/system/nagios/server/init.yml b/system/nagios/server/init.yml
new file mode 100644
index 0000000..49fae4d
--- /dev/null
+++ b/system/nagios/server/init.yml
@@ -0,0 +1,115 @@
+parameters:
+ _param:
+ nagios_notification_email: root@localhost
+ nagios_host_dimension_key: nagios_host
+ nagios_default_host_alarm_clusters: 00-clusters
+ nagios :
+ server:
+ enabled: true
+ check_external_commands: 1
+ command_check_interval: 15s
+ log_external_commands: 1
+ log_passive_checks: 1
+ log_rotation_method: d
+ accept_passive_service_checks: 1
+ accept_passive_host_checks: 0
+ enable_notifications: 1
+ execute_service_checks: 1
+ execute_host_checks: 1
+ process_performance_data: 0
+ check_service_freshness: 1
+ check_host_freshness: 0
+ purge_distribution_config: true
+ ui:
+ enabled: true
+ port: ${_param:nagios_ui_port}
+ basic_auth:
+ username: ${_param:nagios_username}
+ password: ${_param:nagios_password}
+ wsgi:
+ port: ${_param:nagios_status_port}
+ notification:
+ smtp:
+ host: ${_param:nagios_notification_smtp_server}
+ from: ${_param:nagios_notification_from}
+ dynamic:
+ enabled: true
+ grain_hostname: 'host'
+ hostgroups:
+ - target: '*'
+ name: All
+ expr_from: glob
+ - target: 'G@roles:nova.controller'
+ expr_from: compound # the default
+ name: Nova Controller
+ - target: 'G@roles:nova.compute'
+ name: Nova Compute
+ - target: 'G@roles:keystone.server'
+ name: Keystone server
+ - target: 'G@roles:influxdb.server'
+ name: InfluxDB server
+ - target: 'G@roles:elasticsearch.server'
+ name: Elasticsearchserver
+ hosts:
+ - target: 'G@services:openssh'
+ contact_groups: Operator
+ use: generic_host_tpl
+ interface:
+ - eth0
+ - ens3
+ - p4p1.602
+ services:
+ - target: 'G@roles:openssh.server'
+ name: SSH
+ use: generic_service_tpl
+ check_command: check_ssh
+ stacklight_alarms:
+ enabled: true
+ service_template: generic_service_tpl
+ stacklight_alarm_clusters:
+ enabled: true
+ service_template: generic_service_tpl
+ host_template: generic_host_tpl
+ dimension_key: ${_param:nagios_host_dimension_key}
+ default_host: ${_param:nagios_default_host_alarm_clusters}
+ objects:
+ contactgroups:
+ operator:
+ contactgroup_name: Operator
+ contacts:
+ operator:
+ alias: 'root_at_localhost'
+ contact_name: Operator
+ contactgroups:
+ - Operator
+ email: ${_param:nagios_notification_email}
+ host_notifications_enabled: 1
+ host_notification_period: 24x7
+ host_notification_options: 'd,r'
+ host_notification_commands: notify-host-by-smtp
+ service_notifications_enabled: 1
+ service_notification_period: 24x7
+ service_notification_options: 'w,u,c,r'
+ service_notification_commands: notify-service-by-smtp
+ hosts:
+ generic_host_tpl:
+ notifications_enabled: 1
+ event_handler_enabled: 1
+ flap_detection_enabled: 1
+ failure_prediction_enabled: 1
+ process_perf_data: 0
+ retain_status_information: 1
+ retain_nonstatus_information: 1
+ max_check_attempts: 10
+ notification_interval: 0
+ notification_period: 24x7
+ notification_options: d,u,r
+ contact_groups: Operator
+ register: 0
+ services:
+ generic_service_tpl:
+ register: 0
+ contact_groups: Operator
+ process_perf_data: 0
+ max_check_attempts: 3
+
diff --git a/system/nagios/server/single.yml b/system/nagios/server/single.yml
new file mode 100644
index 0000000..d9435d8
--- /dev/null
+++ b/system/nagios/server/single.yml
@@ -0,0 +1,3 @@
+classes:
+- service.nagios.server.single
+- system.nagios.server
diff --git a/system/neutron/compute/cluster.yml b/system/neutron/compute/cluster.yml
new file mode 100644
index 0000000..36f7e4b
--- /dev/null
+++ b/system/neutron/compute/cluster.yml
@@ -0,0 +1,10 @@
+classes:
+- service.neutron.compute.single
+parameters:
+ neutron:
+ compute:
+ dvr: ${_param:neutron_compute_dvr}
+ agent_mode: ${_param:neutron_compute_agent_mode}
+ external_access: ${_param:neutron_compute_external_access}
+ backend:
+ tenant_network_types: ${_param:neutron_tenant_network_types}"
\ No newline at end of file
diff --git a/system/neutron/control/cluster.yml b/system/neutron/control/cluster.yml
new file mode 100644
index 0000000..dd1d3ee
--- /dev/null
+++ b/system/neutron/control/cluster.yml
@@ -0,0 +1,45 @@
+classes:
+- service.keepalived.cluster.single
+- service.haproxy.proxy.single
+- service.neutron.control.cluster
+- system.haproxy.proxy.listen.openstack.neutron
+parameters:
+ mysql:
+ server:
+ database:
+ neutron:
+ encoding: utf8
+ users:
+ - name: neutron
+ password: ${_param:mysql_neutron_password}
+ host: '%'
+ rights: all
+ - name: neutron
+ password: ${_param:mysql_neutron_password}
+ host: ${_param:cluster_local_address}
+ rights: all
+ haproxy:
+ proxy:
+ listen:
+ neutron_api:
+ type: openstack-service
+ service_name: neutron
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 9696
+ servers:
+ - name: ctl01
+ host: ${_param:cluster_node01_address}
+ port: 9696
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ctl02
+ host: ${_param:cluster_node02_address}
+ port: 9696
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ctl03
+ host: ${_param:cluster_node03_address}
+ port: 9696
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ neutron:
+ server:
+ plugin: contrail
diff --git a/system/neutron/control/opencontrail/cluster.yml b/system/neutron/control/opencontrail/cluster.yml
new file mode 100644
index 0000000..05b7e33
--- /dev/null
+++ b/system/neutron/control/opencontrail/cluster.yml
@@ -0,0 +1,66 @@
+classes:
+- service.keepalived.cluster.single
+- service.haproxy.proxy.single
+- service.neutron.control.cluster
+- system.haproxy.proxy.listen.openstack.neutron
+parameters:
+ mysql:
+ server:
+ database:
+ neutron:
+ encoding: utf8
+ users:
+ - name: neutron
+ password: ${_param:mysql_neutron_password}
+ host: '%'
+ rights: all
+ - name: neutron
+ password: ${_param:mysql_neutron_password}
+ host: ${_param:cluster_local_address}
+ rights: all
+ neutron:
+ server:
+ enabled: true
+ dns_domain: ${_param:cluster_domain}
+ version: ${_param:neutron_version}
+ bind:
+ address: ${_param:cluster_local_address}
+ port: 9696
+ database:
+ engine: mysql
+ host: ${_param:openstack_database_address}
+ port: 3306
+ name: neutron
+ user: neutron
+ password: ${_param:mysql_neutron_password}
+ identity:
+ engine: keystone
+ region: RegionOne
+ host: ${_param:openstack_control_address}
+ port: 35357
+ user: neutron
+ password: ${_param:keystone_neutron_password}
+ tenant: service
+ message_queue:
+ engine: rabbitmq
+ port: 5672
+ user: openstack
+ password: ${_param:rabbitmq_openstack_password}
+ virtual_host: '/openstack'
+ members:
+ - host: ${_param:openstack_message_queue_node01_address}
+ - host: ${_param:openstack_message_queue_node02_address}
+ - host: ${_param:openstack_message_queue_node03_address}
+ compute:
+ host: ${_param:openstack_control_address}
+ region: ${_param:openstack_region}
+ user: nova
+ password: ${_param:keystone_nova_password}
+ tenant: service
+ plugin: contrail
+ tunnel_type: vxlan
+ public_networks: []
+ contrail:
+ version: ${_param:opencontrail_version}
+
+
diff --git a/system/neutron/control/openvswitch/cluster.yml b/system/neutron/control/openvswitch/cluster.yml
new file mode 100644
index 0000000..a6d9d95
--- /dev/null
+++ b/system/neutron/control/openvswitch/cluster.yml
@@ -0,0 +1,60 @@
+classes:
+- service.keepalived.cluster.single
+- service.haproxy.proxy.single
+- service.neutron.control.cluster
+parameters:
+ _param:
+ neutron_control_dvr: True
+ neutron_l3_ha: False
+ neutron_global_physnet_mtu: 1500
+ neutron_external_mtu: 1500
+ neutron_tenant_network_types: "flat,vxlan"
+ neutron:
+ server:
+ plugin: ml2
+ global_physnet_mtu: ${_param:neutron_global_physnet_mtu}
+ l3_ha: ${_param:neutron_l3_ha}
+ dvr: ${_param:neutron_control_dvr}
+ backend:
+ engine: ml2
+ tenant_network_types: "${_param:neutron_tenant_network_types}"
+ external_mtu: ${_param:neutron_external_mtu}
+ mechanism:
+ ovs:
+ driver: openvswitch
+ mysql:
+ server:
+ database:
+ neutron:
+ encoding: utf8
+ users:
+ - name: neutron
+ password: ${_param:mysql_neutron_password}
+ host: '%'
+ rights: all
+ - name: neutron
+ password: ${_param:mysql_neutron_password}
+ host: ${_param:cluster_local_address}
+ rights: all
+ haproxy:
+ proxy:
+ listen:
+ neutron_api:
+ type: openstack-service
+ service_name: neutron
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 9696
+ servers:
+ - name: ctl01
+ host: ${_param:cluster_node01_address}
+ port: 9696
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ctl02
+ host: ${_param:cluster_node02_address}
+ port: 9696
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ctl03
+ host: ${_param:cluster_node03_address}
+ port: 9696
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
\ No newline at end of file
diff --git a/system/neutron/control/single.yml b/system/neutron/control/single.yml
new file mode 100644
index 0000000..663ec32
--- /dev/null
+++ b/system/neutron/control/single.yml
@@ -0,0 +1,22 @@
+classes:
+- service.neutron.control.single
+parameters:
+ neutron:
+ server:
+ database:
+ host: ${_param:single_address}
+ mysql:
+ server:
+ database:
+ neutron:
+ encoding: utf8
+ users:
+ - name: neutron
+ password: ${_param:mysql_neutron_password}
+ host: '%'
+ rights: all
+ - name: neutron
+ password: ${_param:mysql_neutron_password}
+ host: ${_param:single_address}
+ rights: all
+
diff --git a/system/neutron/gateway/cluster.yml b/system/neutron/gateway/cluster.yml
new file mode 100644
index 0000000..ece9580
--- /dev/null
+++ b/system/neutron/gateway/cluster.yml
@@ -0,0 +1,9 @@
+classes:
+- service.neutron.gateway.single
+parameters:
+ neutron:
+ gateway:
+ dvr: ${_param:neutron_gateway_dvr}
+ agent_mode: ${_param:neutron_gateway_agent_mode}
+ backend:
+ tenant_network_types: ${_param:neutron_tenant_network_types}"
diff --git a/system/nginx/server/proxy/grafana_web.yml b/system/nginx/server/proxy/grafana_web.yml
new file mode 100644
index 0000000..7ad1af0
--- /dev/null
+++ b/system/nginx/server/proxy/grafana_web.yml
@@ -0,0 +1,18 @@
+parameters:
+ nginx:
+ server:
+ enabled: true
+ site:
+ nginx_proxy_grafana:
+ enabled: true
+ type: nginx_proxy
+ name: grafana
+ proxy:
+ host: mon
+ port: 3000
+ protocol: http
+ host:
+ name: ${_param:cluster_public_host}
+ port: 8084
+ protocol: https
+ ssl: ${_param:nginx_proxy_ssl}
diff --git a/system/nginx/server/proxy/graphite_web.yml b/system/nginx/server/proxy/graphite_web.yml
new file mode 100644
index 0000000..02035cd
--- /dev/null
+++ b/system/nginx/server/proxy/graphite_web.yml
@@ -0,0 +1,18 @@
+parameters:
+ nginx:
+ server:
+ enabled: true
+ site:
+ nginx_proxy_graphite:
+ enabled: true
+ type: nginx_proxy
+ name: graphite
+ proxy:
+ host: mon
+ port: 80
+ protocol: http
+ host:
+ name: ${_param:cluster_public_host}
+ port: 8080
+ protocol: https
+ ssl: ${_param:nginx_proxy_ssl}
diff --git a/system/nginx/server/proxy/kibana_web.yml b/system/nginx/server/proxy/kibana_web.yml
new file mode 100644
index 0000000..b83ae25
--- /dev/null
+++ b/system/nginx/server/proxy/kibana_web.yml
@@ -0,0 +1,18 @@
+parameters:
+ nginx:
+ server:
+ enabled: true
+ site:
+ nginx_proxy_kibana:
+ enabled: true
+ type: nginx_proxy
+ name: kibana
+ proxy:
+ host: mon01
+ port: 5601
+ protocol: http
+ host:
+ name: ${_param:cluster_public_host}
+ port: 5601
+ protocol: https
+ ssl: ${_param:nginx_proxy_ssl}
diff --git a/system/nginx/server/proxy/nagios_web.yml b/system/nginx/server/proxy/nagios_web.yml
new file mode 100644
index 0000000..d1a54f8
--- /dev/null
+++ b/system/nginx/server/proxy/nagios_web.yml
@@ -0,0 +1,18 @@
+parameters:
+ nginx:
+ server:
+ enabled: true
+ site:
+ nginx_proxy_nagios:
+ enabled: true
+ type: nginx_proxy
+ name: nagios
+ proxy:
+ host: mon01
+ port: 8001
+ protocol: http
+ host:
+ name: ${_param:cluster_public_host}
+ port: 8001
+ protocol: https
+ ssl: ${_param:nginx_proxy_ssl}
diff --git a/system/nginx/server/proxy/opencontrail_web.yml b/system/nginx/server/proxy/opencontrail_web.yml
new file mode 100644
index 0000000..02f75bd
--- /dev/null
+++ b/system/nginx/server/proxy/opencontrail_web.yml
@@ -0,0 +1,18 @@
+parameters:
+ nginx:
+ server:
+ enabled: true
+ site:
+ nginx_proxy_contrail:
+ enabled: true
+ type: nginx_proxy
+ name: contrail
+ proxy:
+ host: ${_param:cluster_vip_address}
+ port: 8143
+ protocol: https
+ host:
+ name: ${_param:cluster_public_host}
+ port: 8143
+ protocol: https
+ ssl: ${_param:nginx_proxy_ssl}
diff --git a/system/nginx/server/proxy/openstack_api.yml b/system/nginx/server/proxy/openstack_api.yml
new file mode 100644
index 0000000..34898ba
--- /dev/null
+++ b/system/nginx/server/proxy/openstack_api.yml
@@ -0,0 +1,134 @@
+parameters:
+ _param:
+ nginx_proxy_openstack_api_host: ${_param:cluster_public_host}
+ nginx_proxy_openstack_api_proxy_host: ${_param:cluster_vip_address}
+ nginx:
+ server:
+ enabled: true
+ site:
+ nginx_proxy_openstack_api_keystone:
+ enabled: true
+ type: nginx_proxy
+ name: openstack_api_keystone
+ proxy:
+ host: ${_param:nginx_proxy_openstack_api_proxy_host}
+ port: 5000
+ protocol: http
+ filter:
+ search: ${_param:nginx_proxy_openstack_api_proxy_host}
+ replace: '$server_addr'
+ host:
+ name: ${_param:nginx_proxy_openstack_api_host}
+ port: 5000
+ nginx_proxy_openstack_api_keystone_private:
+ enabled: true
+ type: nginx_proxy
+ name: openstack_api_keystone_private
+ proxy:
+ host: ${_param:nginx_proxy_openstack_api_proxy_host}
+ port: 35357
+ protocol: http
+ filter:
+ search: ${_param:nginx_proxy_openstack_api_proxy_host}
+ replace: '$server_addr'
+ host:
+ name: ${_param:nginx_proxy_openstack_api_host}
+ port: 35357
+ nginx_proxy_openstack_api_nova:
+ enabled: true
+ type: nginx_proxy
+ name: openstack_api_nova
+ proxy:
+ host: ${_param:nginx_proxy_openstack_api_proxy_host}
+ port: 8774
+ protocol: http
+ filter:
+ search: ${_param:nginx_proxy_openstack_api_proxy_host}
+ replace: '$server_addr'
+ host:
+ name: ${_param:nginx_proxy_openstack_api_host}
+ port: 8774
+ nginx_proxy_openstack_api_cinder:
+ enabled: true
+ type: nginx_proxy
+ name: openstack_api_cinder
+ proxy:
+ host: ${_param:nginx_proxy_openstack_api_proxy_host}
+ port: 8776
+ protocol: http
+ filter:
+ search: ${_param:nginx_proxy_openstack_api_proxy_host}
+ replace: '$server_addr'
+ host:
+ name: ${_param:nginx_proxy_openstack_api_host}
+ port: 8776
+ nginx_proxy_openstack_api_glance:
+ enabled: true
+ type: nginx_proxy
+ name: openstack_api_glance
+ proxy:
+ host: ${_param:nginx_proxy_openstack_api_proxy_host}
+ port: 9292
+ protocol: http
+ filter:
+ search: ${_param:nginx_proxy_openstack_api_proxy_host}
+ replace: '$server_addr'
+ host:
+ name: ${_param:nginx_proxy_openstack_api_host}
+ port: 9292
+ nginx_proxy_openstack_api_neutron:
+ enabled: true
+ type: nginx_proxy
+ name: openstack_api_neutron
+ proxy:
+ host: ${_param:nginx_proxy_openstack_api_proxy_host}
+ port: 9696
+ protocol: http
+ filter:
+ search: ${_param:nginx_proxy_openstack_api_proxy_host}
+ replace: '$server_addr'
+ host:
+ name: ${_param:nginx_proxy_openstack_api_host}
+ port: 9696
+ nginx_proxy_openstack_api_heat_cfn:
+ enabled: true
+ type: nginx_proxy
+ name: openstack_api_heat_cfn
+ proxy:
+ host: ${_param:nginx_proxy_openstack_api_proxy_host}
+ port: 8000
+ protocol: http
+ filter:
+ search: ${_param:nginx_proxy_openstack_api_proxy_host}
+ replace: '$server_addr'
+ host:
+ name: ${_param:nginx_proxy_openstack_api_host}
+ port: 8000
+ nginx_proxy_openstack_api_heat:
+ enabled: true
+ type: nginx_proxy
+ name: openstack_api_heat
+ proxy:
+ host: ${_param:nginx_proxy_openstack_api_proxy_host}
+ port: 8004
+ protocol: http
+ filter:
+ search: ${_param:nginx_proxy_openstack_api_proxy_host}
+ replace: '$server_addr'
+ host:
+ name: ${_param:nginx_proxy_openstack_api_host}
+ port: 8004
+ nginx_proxy_openstack_api_nova_ec2:
+ enabled: true
+ type: nginx_proxy
+ name: openstack_api_nova_ec2
+ proxy:
+ host: ${_param:nginx_proxy_openstack_api_proxy_host}
+ port: 8773
+ protocol: http
+ filter:
+ search: ${_param:nginx_proxy_openstack_api_proxy_host}
+ replace: '$server_addr'
+ host:
+ name: ${_param:nginx_proxy_openstack_api_host}
+ port: 8773
diff --git a/system/nginx/server/proxy/openstack_vnc.yml b/system/nginx/server/proxy/openstack_vnc.yml
new file mode 100644
index 0000000..1ca89cd
--- /dev/null
+++ b/system/nginx/server/proxy/openstack_vnc.yml
@@ -0,0 +1,17 @@
+parameters:
+ nginx:
+ server:
+ enabled: true
+ site:
+ nginx_proxy_novnc:
+ enabled: true
+ type: nginx_proxy
+ name: novnc
+ proxy:
+ host: ${_param:cluster_vip_address}
+ port: 6080
+ protocol: http
+ websocket: true
+ host:
+ name: ${_param:cluster_public_host}
+ port: 6080
diff --git a/system/nginx/server/proxy/openstack_web.yml b/system/nginx/server/proxy/openstack_web.yml
new file mode 100644
index 0000000..c699bdc
--- /dev/null
+++ b/system/nginx/server/proxy/openstack_web.yml
@@ -0,0 +1,29 @@
+parameters:
+ _param:
+ nginx_proxy_openstack_web_host: ${_param:cluster_public_host}
+ nginx_proxy_openstack_web_proxy_host: ${_param:cluster_vip_address}
+ nginx:
+ server:
+ enabled: true
+ site:
+ nginx_proxy_openstack_web:
+ enabled: true
+ type: nginx_proxy
+ name: openstack_web
+ proxy:
+ host: prx
+ port: 8078
+ protocol: http
+ websocket: true
+ host:
+ name: ${_param:nginx_proxy_openstack_web_host}
+ port: 443
+ protocol: https
+ ssl: ${_param:nginx_proxy_ssl}
+ nginx_ssl_redirect_openstack_web:
+ enabled: true
+ type: nginx_redirect
+ name: openstack_web_redirect
+ host:
+ name: ${_param:nginx_proxy_openstack_web_host}
+ port: 80
diff --git a/system/nginx/server/proxy/sensu_web.yml b/system/nginx/server/proxy/sensu_web.yml
new file mode 100644
index 0000000..e06120d
--- /dev/null
+++ b/system/nginx/server/proxy/sensu_web.yml
@@ -0,0 +1,18 @@
+parameters:
+ nginx:
+ server:
+ enabled: true
+ site:
+ nginx_proxy_sensu:
+ enabled: true
+ type: nginx_proxy
+ name: sensu
+ proxy:
+ host: mon
+ port: 3000
+ protocol: http
+ host:
+ name: ${_param:cluster_public_host}
+ port: 8088
+ protocol: https
+ ssl: ${_param:nginx_proxy_ssl}
diff --git a/system/nginx/server/proxy/sphinx_web.yml b/system/nginx/server/proxy/sphinx_web.yml
new file mode 100644
index 0000000..5f733ac
--- /dev/null
+++ b/system/nginx/server/proxy/sphinx_web.yml
@@ -0,0 +1,18 @@
+parameters:
+ nginx:
+ server:
+ enabled: true
+ site:
+ nginx_proxy_sphinx:
+ enabled: true
+ type: nginx_proxy
+ name: sphinx
+ proxy:
+ host: prx
+ port: 8090
+ protocol: http
+ host:
+ name: ${_param:cluster_public_host}
+ port: 8088
+ protocol: https
+ ssl: ${_param:nginx_proxy_ssl}
diff --git a/system/nginx/server/single.yml b/system/nginx/server/single.yml
new file mode 100644
index 0000000..b77a76f
--- /dev/null
+++ b/system/nginx/server/single.yml
@@ -0,0 +1,10 @@
+classes:
+- service.nginx.server.single
+- service.nginx.server.stats
+parameters:
+ nginx:
+ server:
+ logging:
+ heka:
+ enabled: true
+
diff --git a/system/nova/compute/cluster.yml b/system/nova/compute/cluster.yml
new file mode 100644
index 0000000..a08d1af
--- /dev/null
+++ b/system/nova/compute/cluster.yml
@@ -0,0 +1,53 @@
+classes:
+- service.nova.compute.kvm
+parameters:
+ _param:
+ nova_compute_virtualization: kvm
+ nova:
+ compute:
+ version: ${_param:nova_version}
+ enabled: true
+ virtualization: ${_param:nova_compute_virtualization}
+ heal_instance_info_cache_interval: 60
+ vncproxy_url: http://${_param:cluster_vip_address}:6080
+ bind:
+ vnc_address: ${_param:cluster_local_address}
+ vnc_port: 6080
+ vnc_name: 0.0.0.0
+ database:
+ engine: mysql
+ host: ${_param:openstack_database_address}
+ port: 3306
+ name: nova
+ user: nova
+ password: ${_param:mysql_nova_password}
+ identity:
+ engine: keystone
+ region: ${_param:openstack_region}
+ host: ${_param:cluster_vip_address}
+ port: 35357
+ user: nova
+ password: ${_param:keystone_nova_password}
+ tenant: service
+ message_queue:
+ engine: rabbitmq
+ port: 5672
+ user: openstack
+ password: ${_param:rabbitmq_openstack_password}
+ virtual_host: '/openstack'
+ members:
+ - host: ${_param:openstack_message_queue_node01_address}
+ - host: ${_param:openstack_message_queue_node02_address}
+ - host: ${_param:openstack_message_queue_node03_address}
+ image:
+ engine: glance
+ host: ${_param:cluster_vip_address}
+ port: 9292
+ network:
+ engine: neutron
+ region: ${_param:openstack_region}
+ host: ${_param:opencontrail_control_address}
+ port: 9696
+ user: neutron
+ tenant: service
+ password: ${_param:keystone_neutron_password}
diff --git a/system/nova/compute/single.yml b/system/nova/compute/single.yml
new file mode 100644
index 0000000..5fa45e4
--- /dev/null
+++ b/system/nova/compute/single.yml
@@ -0,0 +1,51 @@
+applications:
+- nova
+classes:
+- service.nova.compute.kvm
+parameters:
+ nova:
+ compute:
+ version: ${_param:nova_version}
+ disable_flow_collection: true
+ enabled: true
+ virtualization: kvm
+ vncproxy_url: http://${_param:control_address}:6080
+ bind:
+ vnc_address: ${_param:control_address}
+ vnc_port: 6080
+ vnc_name: 0.0.0.0
+ database:
+ engine: mysql
+ host: ${_param:control_address}
+ port: 3306
+ name: nova
+ user: nova
+ password: ${_param:mysql_nova_password}
+ identity:
+ engine: keystone
+ host: ${_param:control_address}
+ port: 35357
+ user: nova
+ password: ${_param:keystone_nova_password}
+ tenant: service
+ message_queue:
+ engine: rabbitmq
+ host: ${_param:control_address}
+ port: 5672
+ user: openstack
+ password: ${_param:rabbitmq_openstack_password}
+ virtual_host: '/openstack'
+ image:
+ engine: glance
+ host: ${_param:control_address}
+ port: 9292
+ network:
+ engine: neutron
+ host: ${_param:control_address}
+ port: 9696
+ cache:
+ engine: memcached
+ members:
+ - host: 127.0.0.1
+ port: 11211
+
diff --git a/system/nova/control/cluster.yml b/system/nova/control/cluster.yml
new file mode 100644
index 0000000..6805c67
--- /dev/null
+++ b/system/nova/control/cluster.yml
@@ -0,0 +1,67 @@
+classes:
+- service.haproxy.proxy.single
+- service.nova.control.cluster
+- service.keepalived.cluster.single
+- system.haproxy.proxy.listen.openstack.nova
+parameters:
+ nova:
+ controller:
+ enabled: true
+ version: ${_param:nova_version}
+ vncproxy_url: http://${_param:cluster_vip_address}:6080
+ security_group: false
+ dhcp_domain: novalocal
+ scheduler_default_filters: "DifferentHostFilter,RetryFilter,AvailabilityZoneFilter,RamFilter,CoreFilter,DiskFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter"
+ cpu_allocation_ratio: 16.0
+ ram_allocation_ratio: 1.5
+ disk_allocation_ratio: 1.0
+ workers: 8
+ logging:
+ - engine: syslog
+ facility: local0
+ heka:
+ enabled: true
+ bind:
+ private_address: ${_param:cluster_local_address}
+ public_address: ${_param:cluster_vip_address}
+ public_name: ${_param:cluster_vip_address}
+ novncproxy_port: 6080
+ database:
+ engine: mysql
+ host: ${_param:openstack_database_address}
+ port: 3306
+ name: nova
+ user: nova
+ password: ${_param:mysql_nova_password}
+ identity:
+ engine: keystone
+ region: ${_param:openstack_region}
+ host: ${_param:cluster_vip_address}
+ port: 35357
+ user: nova
+ password: ${_param:keystone_nova_password}
+ tenant: service
+ message_queue:
+ engine: rabbitmq
+ port: 5672
+ user: openstack
+ password: ${_param:rabbitmq_openstack_password}
+ virtual_host: '/openstack'
+ members:
+ - host: ${_param:openstack_message_queue_node01_address}
+ - host: ${_param:openstack_message_queue_node02_address}
+ - host: ${_param:openstack_message_queue_node03_address}
+ glance:
+ host: ${_param:cluster_vip_address}
+ port: 9292
+ network:
+ engine: neutron
+ region: ${_param:openstack_region}
+ host: ${_param:opencontrail_control_address}
+ user: neutron
+ password: ${_param:keystone_neutron_password}
+ port: 9696
+ mtu: 1500
+ tenant: service
+ metadata:
+ password: metadataPass
\ No newline at end of file
diff --git a/system/nova/control/single.yml b/system/nova/control/single.yml
new file mode 100644
index 0000000..00182a3
--- /dev/null
+++ b/system/nova/control/single.yml
@@ -0,0 +1,7 @@
+classes:
+- service.nova.control.single
+parameters:
+ nova:
+ controller:
+ database:
+ host: ${_param:single_address}
diff --git a/system/ntp/client/single.yml b/system/ntp/client/single.yml
new file mode 100644
index 0000000..80e70d9
--- /dev/null
+++ b/system/ntp/client/single.yml
@@ -0,0 +1,6 @@
+classes:
+- service.ntp.client
+parameters:
+ ntp:
+ client:
+ mode7: true
diff --git a/system/opencontrail/compute/cluster.yml b/system/opencontrail/compute/cluster.yml
new file mode 100644
index 0000000..1f6eaf3
--- /dev/null
+++ b/system/opencontrail/compute/cluster.yml
@@ -0,0 +1,32 @@
+parameters:
+ _param:
+ opencontrail_compute_iface_mask: 24
+ opencontrail:
+ common:
+ version: ${_param:opencontrail_version}
+ identity:
+ engine: keystone
+ host: ${_param:openstack_control_address}
+ port: 35357
+ token: ${_param:keystone_service_token}
+ password: ${_param:keystone_admin_password}
+ network:
+ engine: neutron
+ host: ${_param:opencontrail_control_address}
+ port: 9696
+ compute:
+ version: ${_param:opencontrail_version}
+ disable_flow_collection: true
+ enabled: True
+ discovery:
+ host: ${_param:opencontrail_control_address}
+ interface:
+ address: ${_param:opencontrail_compute_address}
+ dev: ${_param:opencontrail_compute_iface}
+ gateway: ${_param:opencontrail_compute_gateway}
+ mask: ${_param:opencontrail_compute_iface_mask}
+ dns: ${_param:opencontrail_compute_dns}
+ mtu: 9000
+ nova:
+ compute:
+ networking: contrail
diff --git a/system/opencontrail/compute/single.yml b/system/opencontrail/compute/single.yml
new file mode 100644
index 0000000..d3caa45
--- /dev/null
+++ b/system/opencontrail/compute/single.yml
@@ -0,0 +1,50 @@
+applications:
+- opencontrail
+parameters:
+ _param:
+ opencontrail_compute_iface_mask: 24
+ opencontrail:
+ common:
+ version: ${_param:opencontrail_version}
+ identity:
+ engine: keystone
+ host: ${_param:control_address}
+ port: 35357
+ token: ${_param:keystone_service_token}
+ password: ${_param:keystone_admin_password}
+ network:
+ engine: neutron
+ host: ${_param:control_address}
+ port: 9696
+ compute:
+ version: ${_param:opencontrail_version}
+ enabled: True
+ discovery:
+ host: ${_param:control_address}
+ interface:
+ address: ${_param:opencontrail_compute_address}
+ dev: ${_param:opencontrail_compute_iface}
+ gateway: ${_param:opencontrail_compute_gateway}
+ mask: ${_param:opencontrail_compute_iface_mask}
+ dns: ${_param:opencontrail_compute_dns}
+ mtu: 9000
+ nova:
+ compute:
+ networking: contrail
+ network:
+ engine: keystone
+ host: ${_param:control_address}
+ user: neutron
+ password: ${_param:keystone_neutron_password}
+ tenant: service
+ neutron:
+ switch:
+ enabled: false
+ identity:
+ engine: keystone
+ host: ${_param:control_address}
+ port: 35357
+ user: neutron
+ password: ${_param:keystone_neutron_password}
+ tenant: service
+
diff --git a/system/opencontrail/control/analytics.yml b/system/opencontrail/control/analytics.yml
new file mode 100644
index 0000000..6fbc85a
--- /dev/null
+++ b/system/opencontrail/control/analytics.yml
@@ -0,0 +1,55 @@
+classes:
+- service.haproxy.proxy.single
+- service.keepalived.cluster.single
+- service.opencontrail.control.analytics
+- system.haproxy.proxy.listen.opencontrail.analytics
+parameters:
+# Temprorary fix for MOS9 packages to pin old version of kafka
+ linux:
+ system:
+ package:
+ librdkafka1:
+ version: 0.9.0-0contrail0
+ python-kafka:
+ version: 1.0.1-0contrail1
+ opencontrail:
+ common:
+ version: ${_param:opencontrail_version}
+ identity:
+ engine: keystone
+ host: ${_param:openstack_control_address}
+ port: 35357
+ token: '${_param:keystone_service_token}'
+ password: '${_param:keystone_admin_password}'
+ network:
+ engine: neutron
+ host: ${_param:opencontrail_control_address}
+ port: 9696
+ collector:
+ version: ${_param:opencontrail_version}
+ enabled: true
+ bind:
+ address: ${_param:cluster_local_address}
+ port: 9081
+ master:
+ host: ${_param:cluster_local_address}
+ discovery:
+ host: ${_param:opencontrail_control_address}
+ data_ttl: 1
+ database:
+ version: ${_param:opencontrail_version}
+ cassandra:
+ version: 2
+ enabled: true
+ name: 'Contrail'
+ minimum_disk: 10
+ original_token: 0
+ data_dirs:
+ - /var/lib/cassandra
+ id: ${_param:opencontrail_database_id}
+ discovery:
+ host: ${_param:opencontrail_control_address}
+ bind:
+ host: ${_param:cluster_local_address}
+ port: 9042
+ rpc_port: 9160
\ No newline at end of file
diff --git a/system/opencontrail/control/cluster.yml b/system/opencontrail/control/cluster.yml
new file mode 100644
index 0000000..b3f1052
--- /dev/null
+++ b/system/opencontrail/control/cluster.yml
@@ -0,0 +1,16 @@
+classes:
+- service.haproxy.proxy.single
+- service.keepalived.cluster.single
+- service.opencontrail.control.cluster
+- system.haproxy.proxy.listen.opencontrail.control
+parameters:
+# Temprorary fix for MOS9 packages to pin old version of kafka
+ linux:
+ system:
+ package:
+ librdkafka1:
+ version: 0.9.0-0contrail0
+ python-kafka:
+ version: 1.0.1-0contrail1
+ contrail-api-cli:
+ version: latest
diff --git a/system/opencontrail/control/control.yml b/system/opencontrail/control/control.yml
new file mode 100644
index 0000000..ea9f1ab
--- /dev/null
+++ b/system/opencontrail/control/control.yml
@@ -0,0 +1,102 @@
+classes:
+- service.keepalived.cluster.single
+- service.opencontrail.control.control
+- system.haproxy.proxy.listen.opencontrail.control
+parameters:
+ _param:
+ multi_tenancy: false
+ opencontrail:
+ common:
+ version: ${_param:opencontrail_version}
+ identity:
+ engine: keystone
+ host: ${_param:openstack_control_address}
+ port: 35357
+ token: '${_param:keystone_service_token}'
+ password: '${_param:keystone_admin_password}'
+ network:
+ engine: neutron
+ host: ${_param:cluster_vip_address}
+ port: 9696
+ config:
+ version: ${_param:opencontrail_version}
+ enabled: true
+ multi_tenancy: ${_param:multi_tenancy}
+ network:
+ engine: neutron
+ host: ${_param:cluster_vip_address}
+ port: 9696
+ discovery:
+ host: ${_param:cluster_vip_address}
+ analytics:
+ host: ${_param:opencontrail_analytics_address}
+ bind:
+ address: ${_param:cluster_local_address}
+ api_port: 9100
+ discovery_port: 9110
+ message_queue:
+ engine: rabbitmq
+ host: ${_param:openstack_message_queue_address}
+ port: 5672
+ identity:
+ engine: keystone
+ version: '2.0'
+ region: RegionOne
+ host: ${_param:openstack_control_address}
+ port: 35357
+ user: admin
+ password: '${_param:keystone_admin_password}'
+ token: '${_param:keystone_service_token}'
+ tenant: admin
+ control:
+ version: ${_param:opencontrail_version}
+ enabled: true
+ id: ${_param:opencontrail_database_id}
+ bind:
+ address: ${_param:cluster_local_address}
+ discovery:
+ host: ${_param:cluster_vip_address}
+ master:
+ host: ${_param:cluster_local_address}
+ database:
+ version: ${_param:opencontrail_version}
+ cassandra:
+ version: 2
+ enabled: true
+ name: 'Contrail'
+ minimum_disk: 10
+ original_token: 0
+ data_dirs:
+ - /var/lib/cassandra
+ id: ${_param:opencontrail_database_id}
+ discovery:
+ host: ${_param:cluster_vip_address}
+ bind:
+ host: ${_param:cluster_local_address}
+ port: 9042
+ rpc_port: 9160
+ web:
+ version: ${_param:opencontrail_version}
+ enabled: True
+ bind:
+ address: ${_param:cluster_local_address}
+ analytics:
+ host: ${_param:opencontrail_analytics_address}
+ master:
+ host: ${_param:cluster_vip_address}
+ cache:
+ engine: redis
+ host: ${_param:cluster_local_address}
+ port: 6379
+ identity:
+ engine: keystone
+ version: '2.0'
+ host: ${_param:openstack_control_address}
+ port: 35357
+ user: admin
+ password: '${_param:keystone_admin_password}'
+ token: '${_param:keystone_service_token}'
+ tenant: admin
+ network:
+ engine: neutron
+ host: ${_param:cluster_vip_address}
\ No newline at end of file
diff --git a/system/opencontrail/control/single.yml b/system/opencontrail/control/single.yml
new file mode 100644
index 0000000..5d3a32d
--- /dev/null
+++ b/system/opencontrail/control/single.yml
@@ -0,0 +1,67 @@
+classes:
+- service.opencontrail.control.single
+- service.haproxy.proxy.single
+parameters:
+# Temprorary fix for MOS9 packages to pin old version of kafka
+ linux:
+ system:
+ package:
+ librdkafka1:
+ version: 0.9.0-0contrail0
+ python-kafka:
+ version: 1.0.1-0contrail1
+ contrail-api-cli:
+ version: latest
+ haproxy:
+ proxy:
+ listen:
+ contrail_api:
+ type: contrail-api
+ service_name: contrail
+ check: false
+ binds:
+ - address: ${_param:single_address}
+ port: 8082
+ servers:
+ - name: ctl01
+ host: ${_param:single_address}
+ port: 9100
+ params: check inter 2000 rise 2 fall 3
+ contrail_discovery:
+ type: contrail-api
+ service_name: contrail
+ binds:
+ - address: ${_param:single_address}
+ port: 5998
+ servers:
+ - name: ctl01
+ host: ${_param:single_address}
+ port: 9110
+ params: check inter 2000 rise 2 fall 3
+ contrail_config_stats:
+ type: contrail-config
+ service_name: contrail
+ format: listen
+ binds:
+ - address: '*'
+ port: 5937
+ user: haproxy
+ password: ${_param:opencontrail_stats_password}
+ contrail_openstack_stats:
+ type: contrail-config
+ service_name: contrail
+ format: listen
+ binds:
+ - address: '*'
+ port: 5936
+ user: haproxy
+ password: ${_param:opencontrail_stats_password}
+ contrail_collector_stats:
+ type: contrail-config
+ service_name: contrail
+ format: listen
+ binds:
+ - address: '*'
+ port: 5938
+ user: haproxy
+ password: ${_param:opencontrail_stats_password}
diff --git a/system/openssh/client/lab.yml b/system/openssh/client/lab.yml
new file mode 100644
index 0000000..fc91b82
--- /dev/null
+++ b/system/openssh/client/lab.yml
@@ -0,0 +1,49 @@
+applications:
+- openssh
+parameters:
+ openssh:
+ client:
+ enabled: true
+ user:
+ root:
+ enabled: true
+ user: ${linux:system:user:root}
+ private_key: ${private_keys:workshop}
+ known_hosts:
+ - ${known_hosts:git.tcpcloud.eu}
+ known_hosts:
+ git.tcpcloud.eu:
+ name: git.tcpcloud.eu
+ type: ecdsa
+ fingerprint: fc:77:72:6c:65:c0:e1:26:0d:68:b8:a8:4a:56:38:22
+ private_keys:
+ workshop:
+ type: rsa
+ key: |
+ -----BEGIN RSA PRIVATE KEY-----
+ MIIEogIBAAKCAQEAqdHr4zmivHPEimCuK9vtATe4PvGEr0Np/JxYDlEQsr5Cajh4
+ tajxmZrjdAnJWFXVbmYl21sN1cUW0ltxB+9+lc4GNVNCZqE4kmpsyx2lrF7xCFvF
+ Qou26JYud/UCT9IpCYgWjQIGSC8gq1TzfgOpn6rWnLNSl3WdM5TKtQT7RXIkdSUw
+ kXFbObz9lsM+ULWNozCId2osJHj4zE0D3H5odU5DpcWLuSG0MmdxtWoQNJjSiPWt
+ HbRdvNmr/xeqcAfzdUdZxGf/VbXDdiNZn9TVv7UxxBHE812KNUf/Cvb5agDfEL7x
+ i2bWXbhr4jVTaDVr6MWl8Q7fAj79gdjQnUBWaQIDAQABAoIBAFU3kU6yIna9BViH
+ UX+S2ijtRBjZ68JjavEnp4xvo5h+nydcdT57q9lv/0nAi3g3gmXm/oJH+/ZU87HV
+ zy+zP+t+umDSChUkPBZFL5jxpKyN7BhMrP1KzRuEGYd6vJE/nfY5g095P5vDgnpX
+ o+SNg/YqrY1u8zgr/hnfRaV2/XyIDEEcQXTHseWTnnMQnULFU88xL8yq8ACT5GhK
+ 7A9m5ukfcU6d/fs/psz5Yqw5IQsWbv1yJ3/FKufPHlo2Nzh3/3eDAZUXvaBgf1so
+ FWFpHtkry3OXOGaZ98HgF9hL0twS0pzMvuypdGUQAt6nyB1N5re4LK/MAOddqwEc
+ 1+NQzfECgYEA2ryEf0GLJdtiYs3F4HbwTwJVIXdyWv7kjYGeMkutzzAjXl6wx8aq
+ kfqLJ7x7UkR5unZ1ajEbKBciAlSuFA+Gikn6a4Lv8h87aSnHpPd/2VSitRlI/gW7
+ w4U4CL3Br1JyonU5WA7VYfTow7KnHBhdwm27RMA9uosyIpveQRpqSG0CgYEAxsAS
+ wCQKrhuPq2YtGtFR7K4BL+N+0E1Vq6h49u1ukcgUe0GHVD3VzBypNCv7rWEVHzAg
+ biCVi7PCjzZYW4fYZmzVD4JbFLVGOUu7aJwLaE4wDe72DNr6YZhcS+Ta98BP+x0q
+ Wt34JNPDabRPfhXfhiCqnWjjod+4Zqx4VJVNgG0CgYB5EXL8xJhyAbW5Hk/x56Mm
+ +BGKjoR7HS3/rMiU6hJv5SMObrbGPI3YcqZm/gn8BO6jaEGg30E6tWMbiyc270j2
+ be/vZe/NQcAuevOHuX3IGvJb7nzaLO46UBgtrmnv0mCkzuFIfh1ZNKdI+i9Ie6wZ
+ m4bVjNod0EGVqlQgELDXGQKBgB+NNmzSS++/6FrpaZesSzkrlnynvOYMoOETacCp
+ iLgT70xx5q308w/oLORfZyDrHJNK7JsPCS6YZvadRgGh2zTHajuAEj2DWZaW8zV0
+ MEtqvi44FU+NI9qCeYSC3FAgc5IF20d5nX8bLxaEzWnSxx1f6jX7BMgZ4AhMsP2c
+ hiUxAoGAFaxn+t9blIjqUiuh0smSYFhLBVPZveYHQDmQYERjktptBd3X95fGnSKh
+ iDe2iPGyud2+Yu4X/VjHLh/MRru+ZXvPXw1XwEqX93q8a1n283ul0Rl9+KKKOVHR
+ eecTjI/BfXBf33mPRKny3xuHw6uwta2T3OXky9IhqYS1kkHiZWA=
+ -----END RSA PRIVATE KEY-----
diff --git a/system/openssh/server/single.yml b/system/openssh/server/single.yml
new file mode 100644
index 0000000..24e6829
--- /dev/null
+++ b/system/openssh/server/single.yml
@@ -0,0 +1,25 @@
+classes:
+- service.openssh.server
+parameters:
+ linux:
+ system:
+ user:
+ root:
+ enabled: true
+ name: root
+ home: /root
+ openssh:
+ server:
+ permit_root_login: true
+ user:
+ root:
+ enabled: true
+ user: ${linux:system:user:root}
+ public_keys:
+ - ${public_keys:user}
+ - ${public_keys:admin}
+ public_keys:
+ user:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCp0evjOaK8c8SKYK4r2+0BN7g+8YSvQ2n8nFgOURCyvkJqOHi1qPGZmuN0CclYVdVuZiXbWw3VxRbSW3EH736VzgY1U0JmoTiSamzLHaWsXvEIW8VCi7boli539QJP0ikJiBaNAgZILyCrVPN+A6mfqtacs1KXdZ0zlMq1BPtFciR1JTCRcVs5vP2Wwz5QtY2jMIh3aiwkePjMTQPcfmh1TkOlxYu5IbQyZ3G1ahA0mNKI9a0dtF282av/F6pwB/N1R1nEZ/9VtcN2I1mf1NW/tTHEEcTzXYo1R/8K9vlqAN8QvvGLZtZduGviNVNoNWvoxaXxDt8CPv2B2NCdQFZp
+ admin:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC3odU+3V2uDA2ptAFL9hrJRPNEEdAyztWOZFQ5Oyd9oerTGOU3p4xmrgWWjfKFKbYGhiiIUcYAol5PkTfKukGEkkjCHYA1t023soCaaAj85wCZCnw2zQNAziwxTYmAzTqgxiSvtZNMMrtJvFHRIRDzJ3M1lV0prWNWkMM1/3FAd4W49y6VT3fkMCo8uqG7CfGdgR2DgBCxf9KaNPfW5eDEPOgmE5lK8tVSEI6T+Cg7hbcTf4lFYnlFBnlQgp/0JstsM4Vbwb4B34LOpOsf2S8rrWk2xQMjwaMHXkc2s/E8iW3F5nVFuyEXYISFQIiAHw8dzC6CHgLcyHUVWwznKawZ
diff --git a/system/openssh/server/team/qa_scale.yml b/system/openssh/server/team/qa_scale.yml
new file mode 100644
index 0000000..51fb260
--- /dev/null
+++ b/system/openssh/server/team/qa_scale.yml
@@ -0,0 +1,23 @@
+parameters:
+ linux:
+ system:
+ user:
+ dburnazyan:
+ enabled: true
+ name: dburnazyan
+ sudo: true
+ full_name: David Burnazyan
+ home: /home/dburnazyan
+ email: dburnazyan@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ dburnazyan:
+ enabled: true
+ public_keys:
+ - ${public_keys:dburnazyan}
+ user: ${linux:system:user:dburnazyan}
+ public_keys:
+ dburnazyan:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC4xJvnHle7Omjhnv8AsqfXlp1Sg4Ixq/p0Dpcj5SlGN5YTnIs+eRXwy7WHICCgWC1OA+o4omzWQI486u0C4qMkdv+nvuAsvJQVRGNiGVp4gi48x3KqMxlEzeCScMH5oj+W5LJLcb2czHulBPXRluKlITOlF4i5+z3GbFwb8Dg5hBnnbxhhRyh6XyUOh8WQvBqXAk2EqY8vqYAZxV9DXI8OSIYsvpM9jQo/26YrSoTWZ4caCNmL6zVVH7eXaqEzVwDHxpXHLvzSP4bIl85dKygJI1DyN9mZ1B77z1lNZnk7Fu8yQP05Guln5Hzg+VqycAZxOk6ysjRXiYNu56DVZuc3 dburnazyan@dburnazyan-pc.msk.mirantis.net
\ No newline at end of file
diff --git a/system/openssh/server/team/stacklight.yml b/system/openssh/server/team/stacklight.yml
new file mode 100644
index 0000000..7dd7b62
--- /dev/null
+++ b/system/openssh/server/team/stacklight.yml
@@ -0,0 +1,95 @@
+parameters:
+ linux:
+ system:
+ user:
+ newt:
+ enabled: true
+ name: newt
+ sudo: true
+ full_name: Ales Komarek
+ home: /home/newt
+ email: mail@newt.cz
+ elemoine:
+ enabled: true
+ name: elemoine
+ sudo: true
+ full_name: Eric Lemoine
+ home: /home/elemoine
+ email: elemoine@mirantis.com
+ gthouvenin:
+ enabled: true
+ name: gthouvenin
+ sudo: true
+ full_name: Guillaume Thouvenin
+ home: /home/gthouvenin
+ email: gthouvenin@mirantis.com
+ spasquier:
+ enabled: true
+ name: spasquier
+ sudo: true
+ full_name: Simon Pasquier
+ home: /home/spasquier
+ email: spasquier@mirantis.com
+ scroiset:
+ enabled: true
+ name: scroiset
+ sudo: true
+ full_name: Swann Croiset
+ home: /home/scroiset
+ email: scroiset@mirantis.com
+ ppetit:
+ enabled: true
+ name: ppetit
+ sudo: true
+ full_name: Patrick Petit
+ home: /home/ppetit
+ email: ppetit@mirantis.com
+ openssh:
+ client:
+ enabled: true
+ server:
+ enabled: true
+ user:
+ newt:
+ enabled: true
+ public_keys:
+ - ${public_keys:newt}
+ user: ${linux:system:user:newt}
+ elemoine:
+ enable: true
+ public_keys:
+ - ${public_keys:elemoine}
+ user: ${linux:system:user:elemoine}
+ gthouvenin:
+ enabled: true
+ public_keys:
+ - ${public_keys:gthouvenin}
+ user: ${linux:system:user:gthouvenin}
+ spasquier:
+ enabled: true
+ public_keys:
+ - ${public_keys:spasquier}
+ user: ${linux:system:user:spasquier}
+ scroiset:
+ enabled: true
+ public_keys:
+ - ${public_keys:scroiset}
+ user: ${linux:system:user:scroiset}
+ ppetit:
+ enabled: true
+ public_keys:
+ - ${public_keys:ppetit}
+ user: ${linux:system:user:ppetit}
+ public_keys:
+ newt:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC3odU+3V2uDA2ptAFL9hrJRPNEEdAyztWOZFQ5Oyd9oerTGOU3p4xmrgWWjfKFKbYGhiiIUcYAol5PkTfKukGEkkjCHYA1t023soCaaAj85wCZCnw2zQNAziwxTYmAzTqgxiSvtZNMMrtJvFHRIRDzJ3M1lV0prWNWkMM1/3FAd4W49y6VT3fkMCo8uqG7CfGdgR2DgBCxf9KaNPfW5eDEPOgmE5lK8tVSEI6T+Cg7hbcTf4lFYnlFBnlQgp/0JstsM4Vbwb4B34LOpOsf2S8rrWk2xQMjwaMHXkc2s/E8iW3F5nVFuyEXYISFQIiAHw8dzC6CHgLcyHUVWwznKawZ newt@newt-dev1
+ elemoine:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGN7U3NfIU4uWbj8frsH2wz9FeXS/1XxmpQAS9eqgfMLy7ptOeFHFAIXHC0RSxbcZuQ/+C3IuNHCKBDxFx8ozBFACh6qwWQjfkOZjwYMdyOyz+hkNnTagxQmLOtbz0G5Dm01AfiNeNpiSeqlinMltC7M/Ge/xnPseQiJgVhe47Ybwh+jtJPfbJjO0tQYPC/cXJGEUJjrooEdtN8daDVBR+YVfgowXzC25LTSs5oUUtUUoRCVqF6CzzHgiGxlKCG7fZ9rc2raSldDcOZAR75NHdTOluMsXatm7UkRgZ3kcEEgjs7MaZFHb4z94pz0qGnwsA1WcErMFC7EbYpO8p3gLH elemoine@elemoine
+ gthouvenin:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC/5rr0LPVsChG0hzpa39JNwX1JdDH/WJL1sFjAG05Y9XDRAri5CYRGWwDdxyN2MA2+ULVojzV5QeV541fnIU6gSpc6Yytm6Ug8DjQ3TwNUY+92GQv5tZj9i/yB8aGpujleVXMDPT5yPDwOnc/q4f/fQWgrXipatkj+lNqL5Z7Ifai0BgmZS1/31LGkGmC1rne6UwszPz6dkswfu6urfKNuQXilcXvYqORlV3U0XD2nLDjNivGVbIArkYGVsgLCGM57cCCF1g1q7QZCNFPzxr+uxMvY2fGgS9ysMkRTr29LtwKMOl8H3cof5alLCIWukpv5qs50NlVEkGu1zKsa9jUj guillaume@Lenovo-PC
+ spasquier:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCXBHKQaGUNB92DsnyvflmCbmuXnkiuNahZiue3hnyXqLA2q8jmQmzBbxReAJzexnVfJhrUCTw8IPJUpMUP27u3igvGdkhfctdUuxVf9yGJErtGNgHK/aGbeLCvUOmhw6X/xbf3IbyFL1gwxOJ2cmmjlSptYU9E1W2xFY+IMFWBhzO3vso5EABgPVli/UUMfeXUUd++lIZpoyYe2Hkri1QGNhzfbZcFjEO78+vNiLZrvjJEtkXWu7iZTYK6eE365CiFJzqFL7N6Ichb28qakcmVqR/foreuz3cOMqMGssKoOQk1213x8w4fE0yLwf9Ft8L7GMf+vXQvuNt0ZKBPWqn7 spasquier@mirantis.com
+ scroiset:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDUfVxx6qi4fay4znw8M6yLJJcRr3pdvPPihTAszioFJP9V/GBbqfkofTfeKdpdvJ4j25p40boiDt43Ek7LfcRmKMP9+2SEfk9W7ec/umM8Mer+h4ocnShVQm69weELVUfr9q4G+qWf14ANc9D097bclqQ6FP/cjy8HodVPgQ+i1lpMjwP6xvAAERJJH353lCFsxkh2N8aOi9YcP9M2lQeKWM+eYFsdcmTFAPHbgPq0K4ma6/YXw5UibEBClYu1u4OJTFZSI3z8kERb2cU0aFGYAduiynDMBKM7y7YAoksgBOVprq0huEMFUqJ3vsrZbPn55GIpzmBga+EGnNbSCadt swann@scroiset
+ ppetit:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCUGCb+mGidT4FRa4rJxoYx39NX2vCjRw+CmCQJW/Uf6xc0NNp5WRWJ0hnyIMRVVfehvfjdXPo4bO4cXIwmo06C1Wx+DMyvjI9NvuHtt52p3QTsh+PYZe5t4hFuGh7veWQw3LuLtDLVlVS633FQMgT/BXDaBc65yfN9CuV6lHqZ6KPKoGAi3ADlcQFqhFttO+GsVkxd6uGtelnbYXsDMwylCIKop0C/obu6wG85d/8Q2/Zts5CvUcCiCNfZtl8otgNMrpfnuhC0xAsmgwDxqK2kshxUujclyFfO7ixl+E9Plc7kUJvodNbzOcAmY3YpuHVoJQkHx/Ou81/q+JOVtFxz ppetit@baobab
diff --git a/system/openssh/server/team/tcpcloud.yml b/system/openssh/server/team/tcpcloud.yml
new file mode 100644
index 0000000..f906003
--- /dev/null
+++ b/system/openssh/server/team/tcpcloud.yml
@@ -0,0 +1,189 @@
+parameters:
+ linux:
+ system:
+ user:
+ root:
+ enabled: true
+ name: root
+ home: /root
+ askotnicky:
+ enabled: true
+ name: askotnicky
+ sudo: true
+ full_name: Adam Skotnicky
+ home: /home/askotnicky
+ alholanova:
+ enabled: true
+ name: alholanova
+ sudo: true
+ full_name: Alenka Aja Sfinga Holanova
+ home: /home/alholanova
+ vmikes:
+ enabled: true
+ name: vmikes
+ sudo: true
+ full_name: Vlasta Mikes
+ home: /home/vmikes
+ newt:
+ enabled: true
+ name: newt
+ sudo: true
+ full_name: Ales Komarek
+ home: /home/newt
+ email: mail@newt.cz
+ jpavlik:
+ enabled: true
+ name: jpavlik
+ sudo: true
+ full_name: Jakub Pavlik
+ home: /home/jpavlik
+ tux:
+ enabled: true
+ name: tux
+ sudo: true
+ full_name: Adam Tengler
+ home: /home/tux
+ marco:
+ enabled: true
+ name: marco
+ sudo: true
+ full_name: Marek Celoud
+ home: /home/marco
+ filip:
+ enabled: true
+ name: filip
+ sudo: true
+ full_name: Filip Pytloun
+ home: /home/filip
+ email: filip@pytloun.cz
+ vzach:
+ enabled: true
+ name: vzach
+ sudo: true
+ full_name: Vlastimil Zach
+ home: /home/vzach
+ osmola:
+ enabled: true
+ name: osmola
+ sudo: true
+ full_name: Ondrej Smola
+ home: /home/osmola
+ jkonecny:
+ enabled: true
+ name: jkonecny
+ sudo: true
+ full_name: Jiri Konecny
+ home: /home/jkonecny
+ pcizinsky:
+ enabled: true
+ name: pcizinsky
+ sudo: true
+ full_name: Pavel Cizinsky
+ home: /home/pcizinsky
+ pmichalec:
+ enabled: true
+ name: pmichalec
+ sudo: true
+ full_name: Petr Michalec
+ home: /home/pmichalec
+ group:
+ libvirtd:
+ enabled: true
+ name: libvirtd
+ openssh:
+ server:
+ enabled: true
+ user:
+ askotnicky:
+ enabled: true
+ public_keys:
+ - ${public_keys:askotnicky}
+ user: ${linux:system:user:askotnicky}
+ alholanova:
+ enabled: true
+ public_keys:
+ - ${public_keys:alholanova}
+ user: ${linux:system:user:alholanova}
+ vmikes:
+ enabled: true
+ public_keys:
+ - ${public_keys:vmikes}
+ user: ${linux:system:user:vmikes}
+ newt:
+ enabled: true
+ public_keys:
+ - ${public_keys:newt}
+ user: ${linux:system:user:newt}
+ jpavlik:
+ enabled: true
+ public_keys:
+ - ${public_keys:jpavlik}
+ user: ${linux:system:user:jpavlik}
+ tux:
+ enabled: true
+ public_keys:
+ - ${public_keys:tux}
+ user: ${linux:system:user:tux}
+ marco:
+ enabled: true
+ public_keys:
+ - ${public_keys:marco}
+ user: ${linux:system:user:marco}
+ filip:
+ enabled: true
+ public_keys:
+ - ${public_keys:filip}
+ user: ${linux:system:user:filip}
+ vzach:
+ enabled: true
+ public_keys:
+ - ${public_keys:vzach}
+ user: ${linux:system:user:vzach}
+ osmola:
+ enabled: true
+ public_keys:
+ - ${public_keys:osmola}
+ user: ${linux:system:user:osmola}
+ jkonecny:
+ enabled: true
+ public_keys:
+ - ${public_keys:jkonecny}
+ user: ${linux:system:user:jkonecny}
+ pcizinsky:
+ enabled: true
+ public_keys:
+ - ${public_keys:pcizinsky}
+ user: ${linux:system:user:pcizinsky}
+ pmichalec:
+ enabled: true
+ public_keys:
+ - ${public_keys:pmichalec}
+ user: ${linux:system:user:pmichalec}
+ public_keys:
+ askotnicky:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDO6EnDYaGdF/Nn6lntxDNnKanCsheZRdh8kA/6ImyeRSjT2cgepm1Fsgv7wXBYoy0OxhB5wgCp5Az/Pj4oLkG3g+G05sUPUxxGCGRiwjcnyQ/FTz4TzHglAVqgbdgWoQYf9Hg6EKZovvPcH3STbEwcl+MhLqvxz0wm5+StE+wvp6I9dEfRV+2/e1uepauOTZ1+Ui1DMNXiMefTlbiIBHzUk7RiwJWgqzQXBndgunmbJWSed8zC0Ug97waDOFIX/oKZmAmsv0NLJ2e/kC3oUTuziGT74F9sh7Pqiw/9HZxvP45hJwEvytfUjfuiikIBbmYdF7Je93czaG/qjXGN8YvP== a.skotnicky@tcpisek.cz
+ alholanova:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDqBL5wlpl0HgT6ekRc9IGxMSCylAU1oZTqBl7h9+1g7EnJjhxq8/KR+6jmWl9wn0c2jvd2pPeMnqm3DKe0793RKW6b730QTyckwDpfoIkUtoukiuTgIXg0g6dNlWSPqhiYM1tretBhfEhZrvUfweZZfpOdZ5DxlDP/34cmwXxJRMNHSLK/SPpXthhp+2j/H/U6I6B/YUZkKABwSyJ/AuXfU9NvVXct5W2+i44FuB7ske7vRXJgbfTwRd5HgzF7JQTVBDLezN/am2dR0mCnuDkDRmYW0tOwF0NzwswBwMGfqFlQhNW/5HmanEfU1gBL/sv/M6QiN0MkrzY1fA6DiCER alena.holanova@tcpcloud.eu
+ vmikes:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCXng0oUbSGMlZCamlSWuc4jzgTym+p9u0ukbQvaWW2cneOhLw6QbVkOgRETBIfXitiIB+5nNqTYy7lrYqc3wofjZJzonR07oFoNcyhITLnKjLHV9eZ8aRhwKL2PONyp8d61cdm5zqeth1tMP8uBB+SOn+aD12Hu5tfTJjQeH286p+Xt75Llo/bHybfYmt2HaV9Ts6qb/Kw3Eom0Jkjh8837navek/PnFF7WAkM8GvP5Taqzp4Tmu2UfLeMv4459q+ZiS56WRbcixBQGb7uUUy4jkuis0batBNoY0pwMaaTj8KzSwrQ8shc/LuU2QhR7xwXVIgZR/Yqa/Ojw/U36N4t v.mikes@tcpisek.cz
+ newt:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC3odU+3V2uDA2ptAFL9hrJRPNEEdAyztWOZFQ5Oyd9oerTGOU3p4xmrgWWjfKFKbYGhiiIUcYAol5PkTfKukGEkkjCHYA1t023soCaaAj85wCZCnw2zQNAziwxTYmAzTqgxiSvtZNMMrtJvFHRIRDzJ3M1lV0prWNWkMM1/3FAd4W49y6VT3fkMCo8uqG7CfGdgR2DgBCxf9KaNPfW5eDEPOgmE5lK8tVSEI6T+Cg7hbcTf4lFYnlFBnlQgp/0JstsM4Vbwb4B34LOpOsf2S8rrWk2xQMjwaMHXkc2s/E8iW3F5nVFuyEXYISFQIiAHw8dzC6CHgLcyHUVWwznKawZ newt@newt-dev1
+ jpavlik:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAylDZDzgMuEsJQpwFHDW+QivCVhryxXd1/HWqq1TVhJmT9oNAYdhUBnf/9kVtgmP0EWpDJtGSEaSugCmx8KE76I64RhpOTlm7wO0FFUVnzhFtTPx38WHfMjMdk1HF8twZU4svi72Xbg1KyBimwvaxTTd4zxq8Mskp3uwtkqPcQJDSQaZYv+wtuB6m6vHBCOTZwAognDGEvvCg0dgTU4hch1zoHSaxedS1UFHjUAM598iuI3+hMos/5hjG/vuay4cPLBJX5x1YF6blbFALwrQw8ZmTPaimqDUA9WD6KSmS1qg4rOkk4cszIfJ5vyymMrG+G3qk5LeT4VrgIgWQTAHyXw== pavlk.jakub@gmail.com
+ tux:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDXEN5qmte4oMYFCMZtuNzWiu5M32Dp0OsfR1pSz5gMMQF1Sw3xEDXEATEWhyvJTuVtFQasWVcMCYzEPev8H54UK97dLlxHxEDD9PQYY2O+xu/Rq+p/jryJ/T3mO7LDjUUXtHkUnsDZ51G+sFAWktE+FifwrEDmAEnRucLqOzVhehelG73S3uqfxVsPTsW2CcVIZICKtvdODbgAVyCf1LRR0LJv4fXqcyebCbzIrk4NWJhc474TH88niC7PH5VfxSfXZdKoi3yKVMgqdGSUxGhkx3D5CwCR9K+kUnP0rE5GNIqoCiS8iNbWl6POfMPSxH/ckqZN1h8El6SEoPJzVNp9 tux@tux-workbook
+ marco:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDmrJJsRR1dIqaomk83+sn5OnRLvVqrxtROT2uO83W0C4036t3OfJEBL2COJ4Z1iQmyoQUcIpRdJns+Ft8GpVEEQ+mW4eo33jhVEkfLBzRTE7f/WqDmMeDbdxO7LdUNlIIc40KBPcnJWvEorqV2z2UF0+xqittTE34A3CgF82BI2Nx6vCNhgnJJnCyYisD+wT4f+Ovor3Rm2s6zdnJRqcLgx5lkNx6fM2ffkD36MjyPyVYWvFqw68kEsBPcpB0EmiINKQRg3A/iPvUgRWMl9nSvSMVopkbTOBpSK3H9hzGCLiQJvE8pGjHhb7SOix0p0sFdNrNRiC5ayaGQUDQgWH8h marco@marco-MS-7699
+ filip:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCcuHTjJ3CoWdkmvtag07bIWeyAMqFLAN+QApat7TXUcDYmm/neK4Asg3m/UicofZnB80cI4tjnB84Z8WazLHMxVTLwHbEqTVbXVeKebiZ5yn0yo4ndRzmppUfSvs0xcMysBwu+hYAnIDXTedctbciMSYKbuQ+b9XZ4mFZ/2RHG4QBA/dPUxJdCwvkBu7AOV+6zaRSR99UETr5nxICQUGVJBTy6VkCsch4mK3/K2SrujODUhytcROg+6ejV/aZHWH9xIFRBLfhmSFeOC6oneBWo4QBQ2tTZgb7Go744JpkhkoMfWQnR2s6cCgUN60BJ6j5snqmbv9/2CmgbI4UprC+E6lL04K/Jbgjv+fi3KqnCIpRiQzahmjSeeYdPducWme3BVDceUSb5EzF/RjSDi4yHcTWJS0TcPf195p42O1G6tLw5zfmIu2+PWUq1L4pLualboUbaDtwqg0WaLWKONi9tJkOS1OMz4hxqEbWBAtFNJLHC5K+OXcV8Yt6C7iB2dEZ4c26MAi1pdMqhFjxYiCGYKZ4lyV9xo8tWcs5fiUIi2PKyLQ9SMRQbhXIcb9ENby2D/ijh5AVpbBew8iaUQQKg83Yo0z2PwTWyNFuXECAl667XaTNZEMVUjo5yU/OtktVZiH6ZfvEFwj+7OpLBiZ3sFgp/7EHcGXa0FL6BcXuwfQ== filip@pytloun.cz
+ vzach:
+ key: AAAAB3NzaC1yc2EAAAABJQAAAQEAn4MJUkXbiZPPEcdKijB4MqnjPGk80x5W+8XsMvZuUqElmuLgB30kdCnSCBgipYPor3m8wakdJTTwiY6P50yhtp/tD2b4t1TC1djPwiNS/6JwjZawj30bS5ZrVKeTHtOq6E0tf927svXgEE21/ADgWpMoDeQ/pKlbt0m/U8YGBCmJ7cBa8ggGHhvJIwCNhpELn02vKV8Qfx44rk+DoxLBwQUHQ8PsEwtoSCLMIulpLflptak1pgvN6ggA5p15i36OyJkobI1yR9YEgtb+8yQqofu2DZ+v+9Qhbb+C0446RnyGzfvk/DreCeI4rJh5/6QZjwv3XfYDER5LbNCnoOQAsQ== v.zach@tcpcloud.eu
+ osmola:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDGcF8AI/8hOeKlda4vniFVBbD3wOK4D2+/z+pB7kK0JyxfVC3XccYbpqQioWjt96JwDX8dSio07OUAFqOWQH2cTp6wjqNmpIaAODo44kQgKDXrjEq61fYW+L6JYZHxsFUPLvlNlwQwND2F5HU8oWbsneGu+Psb/COQebcGDdT1v/f2G9r5br2O43P/XPx8+YGKd+OiHPIN4Fk8fZzCGX7oJ7GGGr8YTL/Y8ULF3WiTXbQEWusU52Sf7/Is0A6BQOH+OuBGrVCT+j2XI9QBMyVSYtaKCnRDlEGessnGIGRGrNza/xYivWBw8IsVziDC8x7zZByAwmctWoWED6wWs4YU7SqoonEaYEog32J6Uw9tGtTgvkRC1mpMtgR2eenjNax8Fpoc6uTb/l0gevaRE6IqNMS0FBIIbkCYcoxfj7zIsYms/9IhsXGk1lW5ZrouCFICGEVa7zJ2F+3DvyQDCSuqsk/bfUQZEFw1FdAYIsZYQR+LIOSVQplapGVyqhlbkeUEVdILzgdMAfkPa80ZnGvTO729G/8uP78k1QhZUHAypkeWQ/aJfOKrxXyAxtMZiuyK31zf4OZdKSDS9bAWlmyKkohp7cEjLU0ex4AYDS231Y6JywL+RnucMJ4gFqSfSYfkM6+23gFbYfP7NcEKrkCaim/9RMU1RsunBk8As2K5gw== ondrej.smola@tcpcloud.eu
+ jkonecny:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDIYO4/Nwrs5PJTPJabVOVWW47RvErdCG7U3Gabi8xffdA5uN1YTZbiqHt4SNPRmto60+YX35YjFH3giJotf+q5Ct5GN5m90VVRRtppAK+TAHtMgisIa6j5re6egHoi++9L1NwwTLDr/lzD4Gf7MBtU+q3scJJFmrTpLKUqC2ptL8wnCMlXbnjF1zfHqFbaMxXss7ZU/puHlY7Oc6pPzf+30XTQaq+0ZbshEJMDD0iGH3ijk7V2CCnpShZpQYF8FaLhSRkLzqn4xwrcK1dtENPL9qFBME+XYeC5vvBEMU7MBgs4jLX2KDyx/ZFbk+i79pd37hxNPs7Aj105ppVAaiqWsUgZxdfbC3GaW/U0jqJCDtlftnq1FLCRfO8O2sIJsfA78qWOP5ylD+dnGvYzcexQFpfgu49ZqoJYIt0EgSElH27MHF+hmwE6MHHKyBhELn3iN2uY6IWZTEVG7JROuDPOD6zAAaEw90M2xs1O4kUusArqNnL+AyYNlKGvkMy6ztf2a7+YH9u8zpZCMJUBq3gPTGnFGAeiynoaoSxeN83VYv64durJ439SmRZGMQMHJh3/H0TIAJPO4VwzPwhnn+fg/zaT93Ofg/BNZ4EG+panVCdtNa+sLvZTy01pfwtgX2bDrhpPTiotTea9/8PcEi+DM3CVeIOOZigOEFk+oAo5sw== jiri.konecny@tcpcloud.eu
+ pcizinsky:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCt9HA2bUwCVGGdUjyFzdPFp0j2z9XanLW9gHZ3BhB6Wc4ficU6zmbqYxrHUvdmUrRJbLMEAo9JDlzAIw4CPGhRkD3d7HfnmlEYcEeizLnnC+CmKo3+mrwkQIzWIz6PJOh1kvp5uaNp4ztjRGXXmPzcR0nk4jRD89gLHvH9EYStxZI6nsi3mmWR/LhgIhijb8p63duhE4HuK/RRRjeDQaUsbTG9TMEskY5ZI3p/QM55wlml9F8QJrtwxpaIPI5Fl8lflq+4YcoqgDIBFc6nwubIuiNY4gPJ8s1SQfsfxHSOJpFPZDwi76dxUpthtJrU46fqRvXPzTKoS29WZ5pSAY6p pavel.cizinsky@tcpcloud.eu
+ pmichalec:
+ key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGwsfObHWHqBv6UQBjvm0nkgnAGc5MZPuQXJ3ln4sM1P pmichalec@dontpanic
+
diff --git a/system/rabbitmq/server/cluster.yml b/system/rabbitmq/server/cluster.yml
new file mode 100644
index 0000000..c9de9a8
--- /dev/null
+++ b/system/rabbitmq/server/cluster.yml
@@ -0,0 +1,4 @@
+classes:
+- service.rabbitmq.server.cluster
+- service.keepalived.cluster.single
+- service.haproxy.proxy.single
\ No newline at end of file
diff --git a/system/rabbitmq/server/single.yml b/system/rabbitmq/server/single.yml
new file mode 100644
index 0000000..6183f81
--- /dev/null
+++ b/system/rabbitmq/server/single.yml
@@ -0,0 +1,2 @@
+classes:
+- service.rabbitmq.server.single
diff --git a/system/rabbitmq/server/vhost/monitoring.yml b/system/rabbitmq/server/vhost/monitoring.yml
new file mode 100644
index 0000000..1f5d61a
--- /dev/null
+++ b/system/rabbitmq/server/vhost/monitoring.yml
@@ -0,0 +1,8 @@
+parameters:
+ rabbitmq:
+ server:
+ host:
+ '/monitor':
+ enabled: true
+ user: monitor
+ password: ${_param:rabbitmq_graphite_password}
diff --git a/system/rabbitmq/server/vhost/openstack.yml b/system/rabbitmq/server/vhost/openstack.yml
new file mode 100644
index 0000000..962bc0a
--- /dev/null
+++ b/system/rabbitmq/server/vhost/openstack.yml
@@ -0,0 +1,20 @@
+parameters:
+ rabbitmq:
+ server:
+ host:
+ '/':
+ enabled: true
+ user: guest
+ password: guest
+ policies:
+ - name: HA
+ pattern: '^(?!amq\.).*'
+ definition: '{"ha-mode": "all", "message-ttl": 120000}'
+ '/openstack':
+ enabled: true
+ user: openstack
+ password: ${_param:rabbitmq_openstack_password}
+ policies:
+ - name: HA
+ pattern: '^(?!amq\.).*'
+ definition: '{"ha-mode": "all", "message-ttl": 120000}'
diff --git a/system/reclass/storage/salt.yml b/system/reclass/storage/salt.yml
new file mode 100644
index 0000000..e36bc5c
--- /dev/null
+++ b/system/reclass/storage/salt.yml
@@ -0,0 +1,16 @@
+classes:
+- service.reclass.storage.salt
+- service.git.client
+parameters:
+ reclass:
+ storage:
+ data_source:
+ engine: git
+ address: '${_param:reclass_data_repository}'
+ branch: ${_param:reclass_data_revision}
+ salt:
+ master:
+ pillar:
+ engine: reclass
+ data_dir: /srv/salt/reclass
+
diff --git a/system/reclass/storage/system/monitoring_service_cluster.yml b/system/reclass/storage/system/monitoring_service_cluster.yml
new file mode 100644
index 0000000..d86a218
--- /dev/null
+++ b/system/reclass/storage/system/monitoring_service_cluster.yml
@@ -0,0 +1,31 @@
+parameters:
+ reclass:
+ storage:
+ node:
+ monitoring_service_node01:
+ name: mon01
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.monitoring.server
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: xenial
+ single_address: ${_param:monitoring_service_node01_address}
+ monitoring_service_node02:
+ name: mon02
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.monitoring.server
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: xenial
+ single_address: ${_param:monitoring_service_node02_address}
+ monitoring_service_node03:
+ name: mon03
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.monitoring.server
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: xenial
+ single_address: ${_param:monitoring_service_node03_address}
diff --git a/system/reclass/storage/system/monitoring_service_single.yml b/system/reclass/storage/system/monitoring_service_single.yml
new file mode 100644
index 0000000..42353ef
--- /dev/null
+++ b/system/reclass/storage/system/monitoring_service_single.yml
@@ -0,0 +1,13 @@
+parameters:
+ reclass:
+ storage:
+ node:
+ monitoring_service_node01:
+ name: mon01
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.monitoring.server
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: xenial
+ single_address: ${_param:monitoring_service_node01_address}
diff --git a/system/reclass/storage/system/opencontrail_analytics_cluster.yml b/system/reclass/storage/system/opencontrail_analytics_cluster.yml
new file mode 100644
index 0000000..f8055a6
--- /dev/null
+++ b/system/reclass/storage/system/opencontrail_analytics_cluster.yml
@@ -0,0 +1,37 @@
+parameters:
+ reclass:
+ storage:
+ node:
+ opencontrail_analytics_node01:
+ name: nal01
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.opencontrail.analytics
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: trusty
+ single_address: ${_param:opencontrail_analytics_node01_address}
+ keepalived_vip_priority: 103
+ opencontrail_database_id: 1
+ opencontrail_analytics_node02:
+ name: nal02
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.opencontrail.analytics
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: trusty
+ single_address: ${_param:opencontrail_analytics_node02_address}
+ keepalived_vip_priority: 102
+ opencontrail_database_id: 2
+ opencontrail_analytics_node03:
+ name: nal03
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.opencontrail.analytics
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: trusty
+ single_address: ${_param:opencontrail_analytics_node03_address}
+ keepalived_vip_priority: 101
+ opencontrail_database_id: 3
diff --git a/system/reclass/storage/system/opencontrail_control_cluster.yml b/system/reclass/storage/system/opencontrail_control_cluster.yml
new file mode 100644
index 0000000..0f882a3
--- /dev/null
+++ b/system/reclass/storage/system/opencontrail_control_cluster.yml
@@ -0,0 +1,37 @@
+parameters:
+ reclass:
+ storage:
+ node:
+ opencontrail_control_node01:
+ name: ntw01
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.opencontrail.control
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: trusty
+ single_address: ${_param:opencontrail_control_node01_address}
+ keepalived_vip_priority: 103
+ opencontrail_database_id: 1
+ opencontrail_control_node02:
+ name: ntw02
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.opencontrail.control
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: trusty
+ single_address: ${_param:opencontrail_control_node02_address}
+ keepalived_vip_priority: 102
+ opencontrail_database_id: 2
+ opencontrail_control_node03:
+ name: ntw03
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.opencontrail.control
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: trusty
+ single_address: ${_param:opencontrail_control_node03_address}
+ keepalived_vip_priority: 101
+ opencontrail_database_id: 3
diff --git a/system/reclass/storage/system/opencontrail_gateway_single.yml b/system/reclass/storage/system/opencontrail_gateway_single.yml
new file mode 100644
index 0000000..c6ae10f
--- /dev/null
+++ b/system/reclass/storage/system/opencontrail_gateway_single.yml
@@ -0,0 +1,13 @@
+parameters:
+ reclass:
+ storage:
+ node:
+ opencontrail_gateway_node01:
+ name: gtw01
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.opencontrail.gateway
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: trusty
+ single_address: ${_param:opencontrail_gateway_address}
diff --git a/system/reclass/storage/system/openstack_compute_multi.yml b/system/reclass/storage/system/openstack_compute_multi.yml
new file mode 100644
index 0000000..572a6bf
--- /dev/null
+++ b/system/reclass/storage/system/openstack_compute_multi.yml
@@ -0,0 +1,20 @@
+parameters:
+ reclass:
+ storage:
+ node:
+ openstack_compute_node01:
+ name: cmp01
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.openstack.compute
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: trusty
+ openstack_compute_node02:
+ name: cmp02
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.openstack.compute
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: trusty
diff --git a/system/reclass/storage/system/openstack_compute_single.yml b/system/reclass/storage/system/openstack_compute_single.yml
new file mode 100644
index 0000000..11bb4f5
--- /dev/null
+++ b/system/reclass/storage/system/openstack_compute_single.yml
@@ -0,0 +1,13 @@
+parameters:
+ reclass:
+ storage:
+ node:
+ openstack_compute_node01:
+ name: cmp01
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.openstack.compute
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: trusty
+ single_address: 172.16.10.105
diff --git a/system/reclass/storage/system/openstack_control_cluster.yml b/system/reclass/storage/system/openstack_control_cluster.yml
new file mode 100644
index 0000000..482d826
--- /dev/null
+++ b/system/reclass/storage/system/openstack_control_cluster.yml
@@ -0,0 +1,40 @@
+parameters:
+ reclass:
+ storage:
+ node:
+ openstack_control_node01:
+ name: ctl01
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.openstack.control
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: trusty
+ single_address: ${_param:openstack_control_node01_address}
+ keepalived_vip_priority: 103
+ opencontrail_database_id: 1
+ rabbitmq_cluster_role: master
+ openstack_control_node02:
+ name: ctl02
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.openstack.control
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: trusty
+ single_address: ${_param:openstack_control_node02_address}
+ keepalived_vip_priority: 102
+ opencontrail_database_id: 2
+ rabbitmq_cluster_role: slave
+ openstack_control_node03:
+ name: ctl03
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.openstack.control
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: trusty
+ single_address: ${_param:openstack_control_node03_address}
+ keepalived_vip_priority: 101
+ opencontrail_database_id: 3
+ rabbitmq_cluster_role: slave
diff --git a/system/reclass/storage/system/openstack_dashboard_single.yml b/system/reclass/storage/system/openstack_dashboard_single.yml
new file mode 100644
index 0000000..3a9f81a
--- /dev/null
+++ b/system/reclass/storage/system/openstack_dashboard_single.yml
@@ -0,0 +1,13 @@
+parameters:
+ reclass:
+ storage:
+ node:
+ openstack_proxy_node01:
+ name: prx01
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.openstack.dashboard
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: trusty
+ single_address: 172.16.10.121
diff --git a/system/reclass/storage/system/openstack_database_cluster.yml b/system/reclass/storage/system/openstack_database_cluster.yml
new file mode 100644
index 0000000..a46aaec
--- /dev/null
+++ b/system/reclass/storage/system/openstack_database_cluster.yml
@@ -0,0 +1,40 @@
+parameters:
+ reclass:
+ storage:
+ node:
+ openstack_database_node01:
+ name: dbs01
+ domain: ${_param:cluster_domain}
+ classes:
+ - service.galera.master.cluster
+ - cluster.${_param:cluster_name}.openstack.database
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: trusty
+ single_address: ${_param:openstack_database_node01_address}
+ keepalived_vip_priority: 103
+ mysql_cluster_role: master
+ openstack_database_node02:
+ name: dbs02
+ domain: ${_param:cluster_domain}
+ classes:
+ - service.galera.slave.cluster
+ - cluster.${_param:cluster_name}.openstack.database
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: trusty
+ single_address: ${_param:openstack_database_node02_address}
+ keepalived_vip_priority: 102
+ mysql_cluster_role: slave
+ openstack_database_node03:
+ name: dbs03
+ domain: ${_param:cluster_domain}
+ classes:
+ - service.galera.slave.cluster
+ - cluster.${_param:cluster_name}.openstack.database
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: trusty
+ single_address: ${_param:openstack_database_node03_address}
+ keepalived_vip_priority: 101
+ mysql_cluster_role: slave
diff --git a/system/reclass/storage/system/openstack_gateway_single.yml b/system/reclass/storage/system/openstack_gateway_single.yml
new file mode 100644
index 0000000..4128f5a
--- /dev/null
+++ b/system/reclass/storage/system/openstack_gateway_single.yml
@@ -0,0 +1,13 @@
+parameters:
+ reclass:
+ storage:
+ node:
+ openstack_gateway_node01:
+ name: gtw01
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.openstack.gateway
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: trusty
+ single_address: ${_param:openstack_gateway_address}
\ No newline at end of file
diff --git a/system/reclass/storage/system/openstack_message_queue_cluster.yml b/system/reclass/storage/system/openstack_message_queue_cluster.yml
new file mode 100644
index 0000000..ccf811f
--- /dev/null
+++ b/system/reclass/storage/system/openstack_message_queue_cluster.yml
@@ -0,0 +1,37 @@
+parameters:
+ reclass:
+ storage:
+ node:
+ openstack_message_queue_node01:
+ name: msg01
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.openstack.message_queue
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: trusty
+ single_address: ${_param:openstack_message_queue_node01_address}
+ keepalived_vip_priority: 103
+ rabbitmq_cluster_role: master
+ openstack_message_queue_node02:
+ name: msg02
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.openstack.message_queue
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: trusty
+ single_address: ${_param:openstack_message_queue_node02_address}
+ keepalived_vip_priority: 102
+ rabbitmq_cluster_role: slave
+ openstack_message_queue_node03:
+ name: msg03
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.openstack.message_queue
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: trusty
+ single_address: ${_param:openstack_message_queue_node03_address}
+ keepalived_vip_priority: 101
+ rabbitmq_cluster_role: slave
diff --git a/system/reclass/storage/system/openstack_proxy_cluster.yml b/system/reclass/storage/system/openstack_proxy_cluster.yml
new file mode 100644
index 0000000..9c89268
--- /dev/null
+++ b/system/reclass/storage/system/openstack_proxy_cluster.yml
@@ -0,0 +1,22 @@
+parameters:
+ reclass:
+ storage:
+ node:
+ openstack_proxy_node01:
+ name: prx01
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.openstack.proxy
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: trusty
+ single_address: ${_param:openstack_proxy_node01_address}
+ openstack_proxy_node02:
+ name: prx02
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.openstack.proxy
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: trusty
+ single_address: ${_param:openstack_proxy_node02_address}
diff --git a/system/reclass/storage/system/openstack_proxy_single.yml b/system/reclass/storage/system/openstack_proxy_single.yml
new file mode 100644
index 0000000..4cfcc87
--- /dev/null
+++ b/system/reclass/storage/system/openstack_proxy_single.yml
@@ -0,0 +1,13 @@
+parameters:
+ reclass:
+ storage:
+ node:
+ openstack_proxy_node01:
+ name: prx01
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.openstack.proxy
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: trusty
+ single_address: ${_param:openstack_proxy_node01_address}
diff --git a/system/reclass/storage/system/physical_control_cluster.yml b/system/reclass/storage/system/physical_control_cluster.yml
new file mode 100644
index 0000000..606b410
--- /dev/null
+++ b/system/reclass/storage/system/physical_control_cluster.yml
@@ -0,0 +1,32 @@
+parameters:
+ reclass:
+ storage:
+ node:
+ fuel_compute_node01:
+ name: kvm01
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.fuel.compute
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: trusty
+ single_address: ${_param:fuel_compute_node01_address}
+ fuel_compute_node02:
+ name: kvm02
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.fuel.compute
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: trusty
+ single_address: ${_param:fuel_compute_node02_address}
+ deploy_address: 192.168.10.152
+ fuel_compute_node03:
+ name: kvm03
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.fuel.compute
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: trusty
+ single_address: ${_param:fuel_compute_node03_address}
diff --git a/system/reclass/storage/system/physical_control_full.yml b/system/reclass/storage/system/physical_control_full.yml
new file mode 100644
index 0000000..d43c1c4
--- /dev/null
+++ b/system/reclass/storage/system/physical_control_full.yml
@@ -0,0 +1,94 @@
+parameters:
+ reclass:
+ storage:
+ node:
+ fuel_compute_node01:
+ name: kvm01
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.fuel.compute
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: trusty
+ single_address: ${_param:fuel_compute_node01_address}
+ deploy_address: ${_param:fuel_compute_node01_deploy_address}
+ fuel_compute_node02:
+ name: kvm02
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.fuel.compute
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: trusty
+ single_address: ${_param:fuel_compute_node02_address}
+ deploy_address: ${_param:fuel_compute_node02_deploy_address}
+ fuel_compute_node03:
+ name: kvm03
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.fuel.compute
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: trusty
+ single_address: ${_param:fuel_compute_node03_address}
+ deploy_address: ${_param:fuel_compute_node03_deploy_address}
+ fuel_compute_node04:
+ name: kvm04
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.fuel.compute
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: trusty
+ single_address: ${_param:fuel_compute_node04_address}
+ deploy_address: ${_param:fuel_compute_node04_deploy_address}
+ fuel_compute_node05:
+ name: kvm05
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.fuel.compute
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: trusty
+ single_address: ${_param:fuel_compute_node05_address}
+ deploy_address: ${_param:fuel_compute_node05_deploy_address}
+ fuel_compute_node06:
+ name: kvm06
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.fuel.compute
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: trusty
+ single_address: ${_param:fuel_compute_node06_address}
+ deploy_address: ${_param:fuel_compute_node06_deploy_address}
+ fuel_compute_node07:
+ name: kvm07
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.fuel.compute
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: trusty
+ single_address: ${_param:fuel_compute_node07_address}
+ deploy_address: ${_param:fuel_compute_node07_deploy_address}
+ fuel_compute_node08:
+ name: kvm08
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.fuel.compute
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: trusty
+ single_address: ${_param:fuel_compute_node08_address}
+ deploy_address: ${_param:fuel_compute_node08_deploy_address}
+ fuel_compute_node09:
+ name: kvm09
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.fuel.compute
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: trusty
+ single_address: ${_param:fuel_compute_node09_address}
+ deploy_address: ${_param:fuel_compute_node09_deploy_address}
diff --git a/system/reclass/storage/system/physical_control_single.yml b/system/reclass/storage/system/physical_control_single.yml
new file mode 100644
index 0000000..7767c7e
--- /dev/null
+++ b/system/reclass/storage/system/physical_control_single.yml
@@ -0,0 +1,14 @@
+parameters:
+ reclass:
+ storage:
+ node:
+ fuel_compute_node01:
+ name: kvm01
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.fuel.compute
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: trusty
+ single_address: ${_param:fuel_compute_node01_address}
+
diff --git a/system/reclass/storage/system/stacklight_log_cluster.yml b/system/reclass/storage/system/stacklight_log_cluster.yml
new file mode 100644
index 0000000..15d2c21
--- /dev/null
+++ b/system/reclass/storage/system/stacklight_log_cluster.yml
@@ -0,0 +1,35 @@
+parameters:
+ reclass:
+ storage:
+ node:
+ stacklight_log_node01:
+ name: log01
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.stacklight.log
+ - cluster.${_param:cluster_name}.stacklight.log_curator
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: xenial
+ single_address: ${_param:stacklight_log_node01_address}
+ keepalived_vip_priority: 103
+ stacklight_log_node02:
+ name: log02
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.stacklight.log
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: xenial
+ single_address: ${_param:stacklight_log_node02_address}
+ keepalived_vip_priority: 102
+ stacklight_log_node03:
+ name: log03
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.stacklight.log
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: xenial
+ single_address: ${_param:stacklight_log_node03_address}
+ keepalived_vip_priority: 101
diff --git a/system/reclass/storage/system/stacklight_monitor_cluster.yml b/system/reclass/storage/system/stacklight_monitor_cluster.yml
new file mode 100644
index 0000000..be862f6
--- /dev/null
+++ b/system/reclass/storage/system/stacklight_monitor_cluster.yml
@@ -0,0 +1,34 @@
+parameters:
+ reclass:
+ storage:
+ node:
+ stacklight_monitor_node01:
+ name: mon01
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.stacklight.monitor
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: xenial
+ single_address: ${_param:stacklight_monitor_node01_address}
+ keepalived_vip_priority: 103
+ stacklight_monitor_node02:
+ name: mon02
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.stacklight.monitor
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: xenial
+ single_address: ${_param:stacklight_monitor_node02_address}
+ keepalived_vip_priority: 102
+ stacklight_monitor_node03:
+ name: mon03
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.stacklight.monitor
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: xenial
+ single_address: ${_param:stacklight_monitor_node03_address}
+ keepalived_vip_priority: 101
diff --git a/system/reclass/storage/system/stacklight_server_cluster.yml b/system/reclass/storage/system/stacklight_server_cluster.yml
new file mode 100644
index 0000000..5a106b9
--- /dev/null
+++ b/system/reclass/storage/system/stacklight_server_cluster.yml
@@ -0,0 +1,38 @@
+parameters:
+ reclass:
+ storage:
+ node:
+ stacklight_server_node01:
+ name: mon01
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.stacklight.server
+ - system.influxdb.server.single
+ - system.elasticsearch.client.single
+ - system.grafana.client.single
+ - system.kibana.client.single
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: xenial
+ single_address: ${_param:stacklight_monitor_node01_address}
+ keepalived_vip_priority: 103
+ stacklight_server_node02:
+ name: mon02
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.stacklight.server
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: xenial
+ single_address: ${_param:stacklight_monitor_node02_address}
+ keepalived_vip_priority: 102
+ stacklight_server_node03:
+ name: mon03
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.stacklight.server
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: xenial
+ single_address: ${_param:stacklight_monitor_node03_address}
+ keepalived_vip_priority: 101
diff --git a/system/reclass/storage/system/stacklight_server_single.yml b/system/reclass/storage/system/stacklight_server_single.yml
new file mode 100644
index 0000000..c931e89
--- /dev/null
+++ b/system/reclass/storage/system/stacklight_server_single.yml
@@ -0,0 +1,15 @@
+parameters:
+ reclass:
+ storage:
+ node:
+ stacklight_server_node01:
+ name: mon01
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.stacklight.server
+ - system.elasticsearch.client.single
+ - system.grafana.client.single
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: xenial
+ single_address: ${_param:stacklight_monitor_node01_address}
diff --git a/system/reclass/storage/system/stacklight_telemetry_cluster.yml b/system/reclass/storage/system/stacklight_telemetry_cluster.yml
new file mode 100644
index 0000000..8791b98
--- /dev/null
+++ b/system/reclass/storage/system/stacklight_telemetry_cluster.yml
@@ -0,0 +1,34 @@
+parameters:
+ reclass:
+ storage:
+ node:
+ stacklight_telemetry_node01:
+ name: mtr01
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.stacklight.telemetry
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: xenial
+ single_address: ${_param:stacklight_telemetry_node01_address}
+ keepalived_vip_priority: 103
+ stacklight_telemetry_node02:
+ name: mtr02
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.stacklight.telemetry
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: xenial
+ single_address: ${_param:stacklight_telemetry_node02_address}
+ keepalived_vip_priority: 102
+ stacklight_telemetry_node03:
+ name: mtr03
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.stacklight.telemetry
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: xenial
+ single_address: ${_param:stacklight_telemetry_node03_address}
+ keepalived_vip_priority: 101
diff --git a/system/salt/control/cluster/opencontrail_analytics_cluster.yml b/system/salt/control/cluster/opencontrail_analytics_cluster.yml
new file mode 100644
index 0000000..8fbe3ee
--- /dev/null
+++ b/system/salt/control/cluster/opencontrail_analytics_cluster.yml
@@ -0,0 +1,26 @@
+parameters:
+ salt:
+ control:
+ size:
+ opencontrail.analytics:
+ cpu: 32
+ ram: 65536
+ disk_profile: small
+ net_profile: default
+ cluster:
+ internal:
+ domain: ${_param:cluster_domain}
+ engine: virt
+ node:
+ nal01:
+ provider: kvm01.${_param:cluster_domain}
+ image: ${_param:salt_control_trusty_image}
+ size: opencontrail.analytics
+ nal02:
+ provider: kvm02.${_param:cluster_domain}
+ image: ${_param:salt_control_trusty_image}
+ size: opencontrail.analytics
+ nal03:
+ provider: kvm03.${_param:cluster_domain}
+ image: ${_param:salt_control_trusty_image}
+ size: opencontrail.analytics
diff --git a/system/salt/control/cluster/opencontrail_control_cluster.yml b/system/salt/control/cluster/opencontrail_control_cluster.yml
new file mode 100644
index 0000000..2548fbd
--- /dev/null
+++ b/system/salt/control/cluster/opencontrail_control_cluster.yml
@@ -0,0 +1,26 @@
+parameters:
+ salt:
+ control:
+ size:
+ opencontrail.control:
+ cpu: 32
+ ram: 65536
+ disk_profile: small
+ net_profile: default
+ cluster:
+ internal:
+ domain: ${_param:cluster_domain}
+ engine: virt
+ node:
+ ntw01:
+ provider: kvm01.${_param:cluster_domain}
+ image: ${_param:salt_control_trusty_image}
+ size: opencontrail.control
+ ntw02:
+ provider: kvm02.${_param:cluster_domain}
+ image: ${_param:salt_control_trusty_image}
+ size: opencontrail.control
+ ntw03:
+ provider: kvm03.${_param:cluster_domain}
+ image: ${_param:salt_control_trusty_image}
+ size: opencontrail.control
diff --git a/system/salt/control/cluster/openstack_control_cluster.yml b/system/salt/control/cluster/openstack_control_cluster.yml
new file mode 100644
index 0000000..6ee34a2
--- /dev/null
+++ b/system/salt/control/cluster/openstack_control_cluster.yml
@@ -0,0 +1,26 @@
+parameters:
+ salt:
+ control:
+ size:
+ openstack.control:
+ cpu: 32
+ ram: 65536
+ disk_profile: small
+ net_profile: default
+ cluster:
+ internal:
+ domain: ${_param:cluster_domain}
+ engine: virt
+ node:
+ ctl01:
+ provider: kvm01.${_param:cluster_domain}
+ image: ${_param:salt_control_trusty_image}
+ size: openstack.control
+ ctl02:
+ provider: kvm02.${_param:cluster_domain}
+ image: ${_param:salt_control_trusty_image}
+ size: openstack.control
+ ctl03:
+ provider: kvm03.${_param:cluster_domain}
+ image: ${_param:salt_control_trusty_image}
+ size: openstack.control
diff --git a/system/salt/control/cluster/openstack_database_cluster.yml b/system/salt/control/cluster/openstack_database_cluster.yml
new file mode 100644
index 0000000..2513eb4
--- /dev/null
+++ b/system/salt/control/cluster/openstack_database_cluster.yml
@@ -0,0 +1,26 @@
+parameters:
+ salt:
+ control:
+ size:
+ openstack.database:
+ cpu: 32
+ ram: 65536
+ disk_profile: small
+ net_profile: default
+ cluster:
+ internal:
+ domain: ${_param:cluster_domain}
+ engine: virt
+ node:
+ dbs01:
+ provider: kvm01.${_param:cluster_domain}
+ image: ${_param:salt_control_trusty_image}
+ size: openstack.database
+ dbs02:
+ provider: kvm02.${_param:cluster_domain}
+ image: ${_param:salt_control_trusty_image}
+ size: openstack.database
+ dbs03:
+ provider: kvm03.${_param:cluster_domain}
+ image: ${_param:salt_control_trusty_image}
+ size: openstack.database
diff --git a/system/salt/control/cluster/openstack_message_queue_cluster.yml b/system/salt/control/cluster/openstack_message_queue_cluster.yml
new file mode 100644
index 0000000..06252ac
--- /dev/null
+++ b/system/salt/control/cluster/openstack_message_queue_cluster.yml
@@ -0,0 +1,26 @@
+parameters:
+ salt:
+ control:
+ size:
+ openstack.message_queue:
+ cpu: 32
+ ram: 65536
+ disk_profile: small
+ net_profile: default
+ cluster:
+ internal:
+ domain: ${_param:cluster_domain}
+ engine: virt
+ node:
+ msg01:
+ provider: kvm01.${_param:cluster_domain}
+ image: ${_param:salt_control_trusty_image}
+ size: openstack.message_queue
+ msg02:
+ provider: kvm02.${_param:cluster_domain}
+ image: ${_param:salt_control_trusty_image}
+ size: openstack.message_queue
+ msg03:
+ provider: kvm03.${_param:cluster_domain}
+ image: ${_param:salt_control_trusty_image}
+ size: openstack.message_queue
diff --git a/system/salt/control/cluster/openstack_proxy_single.yml b/system/salt/control/cluster/openstack_proxy_single.yml
new file mode 100644
index 0000000..a3650be
--- /dev/null
+++ b/system/salt/control/cluster/openstack_proxy_single.yml
@@ -0,0 +1,18 @@
+parameters:
+ salt:
+ control:
+ size:
+ openstack.proxy:
+ cpu: 32
+ ram: 65536
+ disk_profile: small
+ net_profile: default
+ cluster:
+ internal:
+ domain: ${_param:cluster_domain}
+ engine: virt
+ node:
+ prx01:
+ provider: kvm01.${_param:cluster_domain}
+ image: ${_param:salt_control_trusty_image}
+ size: openstack.proxy
diff --git a/system/salt/control/cluster/stacklight_log_cluster.yml b/system/salt/control/cluster/stacklight_log_cluster.yml
new file mode 100644
index 0000000..acac87f
--- /dev/null
+++ b/system/salt/control/cluster/stacklight_log_cluster.yml
@@ -0,0 +1,26 @@
+parameters:
+ salt:
+ control:
+ size:
+ stacklight.log:
+ cpu: 32
+ ram: 65536
+ disk_profile: small
+ net_profile: default
+ cluster:
+ internal:
+ domain: ${_param:cluster_domain}
+ engine: virt
+ node:
+ log01:
+ provider: kvm01.${_param:cluster_domain}
+ image: ${_param:salt_control_xenial_image}
+ size: stacklight.log
+ log02:
+ provider: kvm02.${_param:cluster_domain}
+ image: ${_param:salt_control_xenial_image}
+ size: stacklight.log
+ log03:
+ provider: kvm03.${_param:cluster_domain}
+ image: ${_param:salt_control_xenial_image}
+ size: stacklight.log
diff --git a/system/salt/control/cluster/stacklight_server_cluster.yml b/system/salt/control/cluster/stacklight_server_cluster.yml
new file mode 100644
index 0000000..3cf8b08
--- /dev/null
+++ b/system/salt/control/cluster/stacklight_server_cluster.yml
@@ -0,0 +1,26 @@
+parameters:
+ salt:
+ control:
+ size:
+ stacklight.server:
+ cpu: 32
+ ram: 65536
+ disk_profile: small
+ net_profile: default
+ cluster:
+ internal:
+ domain: ${_param:cluster_domain}
+ engine: virt
+ node:
+ mon01:
+ provider: kvm01.${_param:cluster_domain}
+ image: ${_param:salt_control_xenial_image}
+ size: stacklight.server
+ mon02:
+ provider: kvm02.${_param:cluster_domain}
+ image: ${_param:salt_control_xenial_image}
+ size: stacklight.server
+ mon03:
+ provider: kvm03.${_param:cluster_domain}
+ image: ${_param:salt_control_xenial_image}
+ size: stacklight.server
diff --git a/system/salt/control/cluster/stacklight_telemetry_cluster.yml b/system/salt/control/cluster/stacklight_telemetry_cluster.yml
new file mode 100644
index 0000000..63c6029
--- /dev/null
+++ b/system/salt/control/cluster/stacklight_telemetry_cluster.yml
@@ -0,0 +1,26 @@
+parameters:
+ salt:
+ control:
+ size:
+ stacklight.telemetry:
+ cpu: 32
+ ram: 65536
+ disk_profile: small
+ net_profile: default
+ cluster:
+ internal:
+ domain: ${_param:cluster_domain}
+ engine: virt
+ node:
+ mtr01:
+ provider: kvm01.${_param:cluster_domain}
+ image: ${_param:salt_control_xenial_image}
+ size: stacklight.telemetry
+ mtr02:
+ provider: kvm02.${_param:cluster_domain}
+ image: ${_param:salt_control_xenial_image}
+ size: stacklight.telemetry
+ mtr03:
+ provider: kvm03.${_param:cluster_domain}
+ image: ${_param:salt_control_xenial_image}
+ size: stacklight.telemetry
diff --git a/system/salt/control/virt.yml b/system/salt/control/virt.yml
new file mode 100644
index 0000000..6ed8537
--- /dev/null
+++ b/system/salt/control/virt.yml
@@ -0,0 +1,47 @@
+classes:
+ - service.libvirt.server.kvm
+parameters:
+ salt:
+ control:
+ enabled: True
+ virt_enabled: True
+ virt:
+ nic:
+ default:
+ eth1:
+ bridge: br0
+ model: virtio
+ eth0:
+ bridge: br1
+ model: virtio
+ disk:
+ default:
+ - system:
+ size: 50000
+ xxxsmall:
+ - system:
+ size: 8000
+ xxsmall:
+ - system:
+ size: 15000
+ xsmall:
+ - system:
+ size: 30000
+ small:
+ - system:
+ size: 50000
+ medium:
+ - system:
+ size: 80000
+ large:
+ - system:
+ size: 100000
+ xlarge:
+ - system:
+ size: 150000
+ xxlarge:
+ - system:
+ size: 300000
+ xxxlarge:
+ - system:
+ size: 500000
diff --git a/system/salt/master/formula/git/openstack.yml b/system/salt/master/formula/git/openstack.yml
new file mode 100644
index 0000000..17c40e9
--- /dev/null
+++ b/system/salt/master/formula/git/openstack.yml
@@ -0,0 +1,94 @@
+parameters:
+ salt:
+ master:
+ environment:
+ dev:
+ formula:
+ ceilometer:
+ source: git
+ address: 'https://github.com/openstack/salt-formula-ceilometer.git'
+ revision: ${_param:salt_master_environment_revision}
+ cinder:
+ source: git
+ address: 'https://github.com/openstack/salt-formula-cinder.git'
+ revision: ${_param:salt_master_environment_revision}
+ galera:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-galera.git'
+ revision: ${_param:salt_master_environment_revision}
+ glance:
+ source: git
+ address: 'https://github.com/openstack/salt-formula-glance.git'
+ revision: ${_param:salt_master_environment_revision}
+ glusterfs:
+ source: git
+ address: 'https://github.com/tcpcloud/salt-formula-glusterfs.git'
+ revision: ${_param:salt_master_environment_revision}
+ haproxy:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-haproxy.git'
+ revision: ${_param:salt_master_environment_revision}
+ heat:
+ source: git
+ address: 'https://github.com/openstack/salt-formula-heat.git'
+ revision: ${_param:salt_master_environment_revision}
+ horizon:
+ source: git
+ address: 'https://github.com/openstack/salt-formula-horizon.git'
+ revision: ${_param:salt_master_environment_revision}
+ keepalived:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-keepalived.git'
+ revision: ${_param:salt_master_environment_revision}
+ keystone:
+ source: git
+ address: 'https://github.com/openstack/salt-formula-keystone.git'
+ revision: ${_param:salt_master_environment_revision}
+ memcached:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-memcached.git'
+ revision: ${_param:salt_master_environment_revision}
+ mongodb:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-mongodb.git'
+ revision: ${_param:salt_master_environment_revision}
+ mysql:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-mysql.git'
+ revision: ${_param:salt_master_environment_revision}
+ murano:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-murano.git'
+ revision: ${_param:salt_master_environment_revision}
+ neutron:
+ source: git
+ address: 'https://github.com/openstack/salt-formula-neutron.git'
+ revision: ${_param:salt_master_environment_revision}
+ nginx:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-nginx.git'
+ revision: ${_param:salt_master_environment_revision}
+ nova:
+ source: git
+ address: 'https://github.com/openstack/salt-formula-nova.git'
+ revision: ${_param:salt_master_environment_revision}
+ opencontrail:
+ source: git
+ address: 'https://github.com/openstack/salt-formula-opencontrail.git'
+ revision: ${_param:salt_master_environment_revision}
+ python:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-python.git'
+ revision: ${_param:salt_master_environment_revision}
+ rabbitmq:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-rabbitmq.git'
+ revision: ${_param:salt_master_environment_revision}
+ supervisor:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-supervisor.git'
+ revision: ${_param:salt_master_environment_revision}
+ swift:
+ source: git
+ address: 'https://github.com/openstack/salt-formula-swift.git'
+ revision: ${_param:salt_master_environment_revision}
diff --git a/system/salt/master/formula/git/saltstack.yml b/system/salt/master/formula/git/saltstack.yml
new file mode 100644
index 0000000..d0ca453
--- /dev/null
+++ b/system/salt/master/formula/git/saltstack.yml
@@ -0,0 +1,49 @@
+parameters:
+ salt:
+ master:
+ environment:
+ dev:
+ formula:
+ backupninja:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-backupninja.git'
+ revision: ${_param:salt_master_environment_revision}
+ git:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-git.git'
+ revision: ${_param:salt_master_environment_revision}
+ iptables:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-iptables.git'
+ revision: ${_param:salt_master_environment_revision}
+ libvirt:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-libvirt.git'
+ revision: ${_param:salt_master_environment_revision}
+ linux:
+ module:
+ linux_netlink.py:
+ enabled: true
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-linux.git'
+ revision: ${_param:salt_master_environment_revision}
+ ntp:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-ntp.git'
+ revision: ${_param:salt_master_environment_revision}
+ openssh:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-openssh.git'
+ revision: ${_param:salt_master_environment_revision}
+ reclass:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-reclass.git'
+ revision: ${_param:salt_master_environment_revision}
+ salt:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-salt.git'
+ revision: ${_param:salt_master_environment_revision}
+ sphinx:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-sphinx.git'
+ revision: ${_param:salt_master_environment_revision}
diff --git a/system/salt/master/formula/git/stacklight.yml b/system/salt/master/formula/git/stacklight.yml
new file mode 100644
index 0000000..b72b00b
--- /dev/null
+++ b/system/salt/master/formula/git/stacklight.yml
@@ -0,0 +1,80 @@
+parameters:
+ salt:
+ master:
+ environment:
+ dev:
+ formula:
+ apache:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-apache.git'
+ revision: ${_param:salt_master_environment_revision}
+ collectd:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-collectd.git'
+ revision: ${_param:salt_master_environment_revision}
+ elasticsearch:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-elasticsearch.git'
+ revision: ${_param:salt_master_environment_revision}
+ grafana:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-grafana.git'
+ revision: ${_param:salt_master_environment_revision}
+ state:
+ grafana3_datasource.py:
+ enabled: true
+ grafana3_dashboard.py:
+ enabled: true
+ graphite:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-graphite.git'
+ revision: ${_param:salt_master_environment_revision}
+ heka:
+ module:
+ heka_alarming.py:
+ enabled: true
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-heka.git'
+ revision: ${_param:salt_master_environment_revision}
+ influxdb:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-influxdb.git'
+ revision: ${_param:salt_master_environment_revision}
+ java:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-java.git'
+ revision: ${_param:salt_master_environment_revision}
+ kibana:
+ state:
+ kibana_object.py:
+ enabled: true
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-kibana.git'
+ revision: ${_param:salt_master_environment_revision}
+ nagios:
+ module:
+ nagios_alarming.py:
+ enabled: true
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-nagios.git'
+ revision: ${_param:salt_master_environment_revision}
+ postgresql:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-postgresql.git'
+ revision: ${_param:salt_master_environment_revision}
+ rabbitmq:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-rabbitmq.git'
+ revision: ${_param:salt_master_environment_revision}
+ redis:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-redis.git'
+ revision: ${_param:salt_master_environment_revision}
+ rsyslog:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-rsyslog.git'
+ revision: ${_param:salt_master_environment_revision}
+ sensu:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-sensu.git'
+ revision: ${_param:salt_master_environment_revision}
diff --git a/system/salt/master/formula/pkg/openstack.yml b/system/salt/master/formula/pkg/openstack.yml
new file mode 100644
index 0000000..f23bbee
--- /dev/null
+++ b/system/salt/master/formula/pkg/openstack.yml
@@ -0,0 +1,69 @@
+parameters:
+ salt:
+ master:
+ environment:
+ prd:
+ formula:
+ ceilometer:
+ source: pkg
+ name: salt-formula-ceilometer
+ cinder:
+ source: pkg
+ name: salt-formula-cinder
+ galera:
+ source: pkg
+ name: salt-formula-galera
+ glance:
+ source: pkg
+ name: salt-formula-glance
+ glusterfs:
+ source: pkg
+ name: salt-formula-glusterfs
+ haproxy:
+ source: pkg
+ name: salt-formula-haproxy
+ heat:
+ source: pkg
+ name: salt-formula-heat
+ horizon:
+ source: pkg
+ name: salt-formula-horizon
+ keepalived:
+ source: pkg
+ name: salt-formula-keepalived
+ keystone:
+ source: pkg
+ name: salt-formula-keystone
+ memcached:
+ source: pkg
+ name: salt-formula-memcached
+ mongodb:
+ source: pkg
+ name: salt-formula-mongodb
+ mysql:
+ source: pkg
+ name: salt-formula-mysql
+ neutron:
+ source: pkg
+ name: salt-formula-neutron
+ nginx:
+ source: pkg
+ name: salt-formula-nginx
+ nova:
+ source: pkg
+ name: salt-formula-nova
+ opencontrail:
+ source: pkg
+ name: salt-formula-opencontrail
+ python:
+ source: pkg
+ name: salt-formula-python
+ rabbitmq:
+ source: pkg
+ name: salt-formula-rabbitmq
+ supervisor:
+ source: pkg
+ name: salt-formula-supervisor
+ swift:
+ source: pkg
+ name: salt-formula-swift
diff --git a/system/salt/master/formula/pkg/saltstack.yml b/system/salt/master/formula/pkg/saltstack.yml
new file mode 100644
index 0000000..eeff26b
--- /dev/null
+++ b/system/salt/master/formula/pkg/saltstack.yml
@@ -0,0 +1,39 @@
+parameters:
+ salt:
+ master:
+ environment:
+ prd:
+ formula:
+ backupninja:
+ source: pkg
+ name: salt-formula-backupninja
+ git:
+ source: pkg
+ name: salt-formula-git
+ iptables:
+ source: pkg
+ name: salt-formula-iptables
+ libvirt:
+ source: pkg
+ name: salt-formula-libvirt
+ linux:
+ source: pkg
+ name: salt-formula-linux
+ nginx:
+ source: pkg
+ name: salt-formula-nginx
+ ntp:
+ source: pkg
+ name: salt-formula-ntp
+ openssh:
+ source: pkg
+ name: salt-formula-openssh
+ reclass:
+ source: pkg
+ name: salt-formula-reclass
+ salt:
+ source: pkg
+ name: salt-formula-salt
+ sphinx:
+ source: pkg
+ name: salt-formula-sphinx
diff --git a/system/salt/master/formula/pkg/stacklight.yml b/system/salt/master/formula/pkg/stacklight.yml
new file mode 100644
index 0000000..4fe75c0
--- /dev/null
+++ b/system/salt/master/formula/pkg/stacklight.yml
@@ -0,0 +1,54 @@
+parameters:
+ salt:
+ master:
+ environment:
+ prd:
+ formula:
+ apache:
+ source: pkg
+ name: salt-formula-apache
+ collectd:
+ source: pkg
+ name: salt-formula-collectd
+ elasticsearch:
+ source: pkg
+ name: salt-formula-elasticsearch
+ grafana:
+ source: pkg
+ name: salt-formula-grafana
+ graphite:
+ source: pkg
+ name: salt-formula-graphite
+ heka:
+ source: pkg
+ name: salt-formula-heka
+ influxdb:
+ source: pkg
+ name: salt-formula-influxdb
+ java:
+ source: pkg
+ name: salt-formula-java
+ kibana:
+ source: pkg
+ name: salt-formula-kibana
+ #nagios:
+ # source: pkg
+ # name: salt-formula-nagios
+ postgresql:
+ source: pkg
+ name: salt-formula-postgresql
+ rabbitmq:
+ source: pkg
+ name: salt-formula-rabbitmq
+ redis:
+ source: pkg
+ name: salt-formula-redis
+ rsyslog:
+ source: pkg
+ name: salt-formula-rsyslog
+ sensu:
+ source: pkg
+ name: salt-formula-sensu
+ nagios:
+ source: pkg
+ name: salt-formula-nagios
diff --git a/system/salt/master/git.yml b/system/salt/master/git.yml
new file mode 100644
index 0000000..5a922af
--- /dev/null
+++ b/system/salt/master/git.yml
@@ -0,0 +1,9 @@
+classes:
+- system.salt.master.single
+- system.salt.master.formula.git.openstack
+- system.salt.master.formula.git.saltstack
+- system.salt.master.formula.git.stacklight
+parameters:
+ _param:
+ salt_master_environment_repository: "https://github.com/tcpcloud"
+ salt_master_environment_revision: master
diff --git a/system/salt/master/pkg.yml b/system/salt/master/pkg.yml
new file mode 100644
index 0000000..d1c8a1a
--- /dev/null
+++ b/system/salt/master/pkg.yml
@@ -0,0 +1,6 @@
+classes:
+- system.salt.master.single
+- system.salt.master.formula.pkg.openstack
+- system.salt.master.formula.pkg.saltstack
+- system.salt.master.formula.pkg.stacklight
+- system.linux.system.repo.tcp_salt
diff --git a/system/salt/master/single.yml b/system/salt/master/single.yml
new file mode 100644
index 0000000..9764a97
--- /dev/null
+++ b/system/salt/master/single.yml
@@ -0,0 +1,19 @@
+classes:
+- service.git.client
+- service.salt.master.single
+parameters:
+ linux:
+ system:
+ sysctl:
+ net.core.rmem_max: 16777216
+ net.core.wmem_max: 16777216
+ net.ipv4.tcp_rmem: 4096 87380 16777216
+ net.ipv4.tcp_wmem: 4096 87380 16777216
+ salt:
+ master:
+ accept_policy: auto_accept
+ worker_threads: 40
+ command_timeout: 10
+ peer:
+ '.*':
+ - x509.sign_remote_certificate
diff --git a/system/salt/minion/master.yml b/system/salt/minion/master.yml
new file mode 100644
index 0000000..fbeb178
--- /dev/null
+++ b/system/salt/minion/master.yml
@@ -0,0 +1,2 @@
+classes:
+- service.salt.minion.master
diff --git a/system/salt/minion/pki/authority.yml b/system/salt/minion/pki/authority.yml
new file mode 100644
index 0000000..fa84966
--- /dev/null
+++ b/system/salt/minion/pki/authority.yml
@@ -0,0 +1,19 @@
+parameters:
+ salt:
+ minion:
+ ca:
+ mk_lab_ca:
+ common_name: mk_lab_ca
+ country: cz
+ locality: Prague
+ organization: Mirantis
+ signing_policy:
+ cert_server:
+ type: v3_edge_cert_server
+ minions: '*'
+ cert_client:
+ type: v3_edge_cert_client
+ minions: '*'
+ days_valid:
+ authority: 3650
+ certificate: 3650
diff --git a/system/salt/minion/pki/certificate.yml b/system/salt/minion/pki/certificate.yml
new file mode 100644
index 0000000..4bf4ef3
--- /dev/null
+++ b/system/salt/minion/pki/certificate.yml
@@ -0,0 +1,9 @@
+parameters:
+ salt:
+ minion:
+ cert:
+ proxy_cert:
+ host: ${_param:salt_minion_ca_host}
+ signing_policy: cert_server
+ authority: mk_lab_ca
+ common_name: ${_param:cluster_public_host}
diff --git a/system/sensu/client/remote.yml b/system/sensu/client/remote.yml
new file mode 100644
index 0000000..82bd256
--- /dev/null
+++ b/system/sensu/client/remote.yml
@@ -0,0 +1,9 @@
+classes:
+- service.sensu.client
+#- service.ruby.environment.version_1_9
+parameters:
+ sensu:
+ client:
+ plugin:
+ monitoring_for_openstack:
+ enabled: False
diff --git a/system/sensu/client/single.yml b/system/sensu/client/single.yml
new file mode 100644
index 0000000..31f4fc4
--- /dev/null
+++ b/system/sensu/client/single.yml
@@ -0,0 +1,2 @@
+classes:
+- service.sensu.client
diff --git a/system/sensu/server/dashboard.yml b/system/sensu/server/dashboard.yml
new file mode 100644
index 0000000..7cabe2b
--- /dev/null
+++ b/system/sensu/server/dashboard.yml
@@ -0,0 +1,25 @@
+classes:
+- service.git.client
+- service.redis.server.local
+- service.rabbitmq.server.single
+- service.sensu.server.single
+parameters:
+ _param:
+ rabbitmq_monitor_password: password
+ sensu_message_queue_host: 127.0.0.1
+ sensu:
+ dashboard:
+ enabled: true
+ bind:
+ address: 0.0.0.0
+ port: 3000
+ admin:
+ username: admin
+ password: ${_param:sensu_dashboard_password}
+ rabbitmq:
+ server:
+ host:
+ '/monitor':
+ enabled: true
+ user: monitor
+ password: ${_param:rabbitmq_monitor_password}
diff --git a/system/sensu/server/handler/mail.yml b/system/sensu/server/handler/mail.yml
new file mode 100644
index 0000000..e0b888a
--- /dev/null
+++ b/system/sensu/server/handler/mail.yml
@@ -0,0 +1,18 @@
+parameters:
+ sensu:
+ server:
+ enabled: true
+ handler:
+ default:
+ enabled: true
+ set:
+ - mail
+ stdout:
+ enabled: true
+ mail:
+ enabled: true
+ mail_to: root@localhost
+ host: localhost
+ port: 25
+ user: root
+ domain: localhost
diff --git a/system/sensu/server/single.yml b/system/sensu/server/single.yml
new file mode 100644
index 0000000..806b9ef
--- /dev/null
+++ b/system/sensu/server/single.yml
@@ -0,0 +1,8 @@
+classes:
+- service.git.client
+- service.redis.server.local
+- service.sensu.server.single
+parameters:
+ _param:
+ rabbitmq_monitor_password: password
+ sensu_message_queue_host: 127.0.0.1
diff --git a/system/sphinx/server/doc/reclass.yml b/system/sphinx/server/doc/reclass.yml
new file mode 100644
index 0000000..53fa5dd
--- /dev/null
+++ b/system/sphinx/server/doc/reclass.yml
@@ -0,0 +1,24 @@
+classes:
+- system.sphinx.server.multi
+parameters:
+ _param:
+ nginx_static_reclass_doc_host: ${_param:cluster_public_host}
+ sphinx:
+ server:
+ doc:
+ reclass_doc:
+ builder: singlehtml
+ path: source
+ source:
+ engine: reclass
+ nginx:
+ server:
+ site:
+ nginx_static_reclass_doc:
+ enabled: true
+ type: nginx_static
+ name: reclass_doc
+ host:
+ name: ${_param:nginx_static_reclass_doc_host}
+ port: 8090
+ protocol: http
diff --git a/system/sphinx/server/multi.yml b/system/sphinx/server/multi.yml
new file mode 100644
index 0000000..d8acbd8
--- /dev/null
+++ b/system/sphinx/server/multi.yml
@@ -0,0 +1,5 @@
+classes:
+- service.git.client
+- service.sphinx.server.multi
+- service.nginx.server.single
+- service.nginx.server.stats