Merge pull request #108 from Mirantis/_pr_openstack_web_public_vip
keepalived for prx nodes
diff --git a/haproxy/proxy/listen/opencontrail/analytics.yml b/haproxy/proxy/listen/opencontrail/analytics.yml
index 6ed6841..fd20277 100644
--- a/haproxy/proxy/listen/opencontrail/analytics.yml
+++ b/haproxy/proxy/listen/opencontrail/analytics.yml
@@ -24,6 +24,7 @@
contrail_config_stats:
type: contrail-config
service_name: contrail
+ check: false
format: listen
binds:
- address: '*'
@@ -33,6 +34,7 @@
contrail_openstack_stats:
type: contrail-config
service_name: contrail
+ check: false
format: listen
binds:
- address: '*'
@@ -42,6 +44,7 @@
contrail_collector_stats:
type: contrail-config
service_name: contrail
+ check: false
format: listen
binds:
- address: '*'
diff --git a/haproxy/proxy/listen/stacklight/influxdb.yml b/haproxy/proxy/listen/stacklight/influxdb.yml
new file mode 100644
index 0000000..8ab700f
--- /dev/null
+++ b/haproxy/proxy/listen/stacklight/influxdb.yml
@@ -0,0 +1,26 @@
+parameters:
+ haproxy:
+ proxy:
+ listen:
+ influxdb:
+ mode: http
+ options:
+ - "httpchk GET /ping"
+ - httplog
+ - dontlog-normal
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: ${_param:cluster_influxdb_port}
+ servers:
+ - name: ${_param:cluster_node01_hostname}
+ host: ${_param:cluster_node01_address}
+ port: 8086
+ params: 'check'
+ - name: ${_param:cluster_node02_hostname}
+ host: ${_param:cluster_node02_address}
+ port: 8086
+ params: 'backup check'
+ - name: ${_param:cluster_node03_hostname}
+ host: ${_param:cluster_node03_address}
+ port: 8086
+ params: 'backup check'
diff --git a/keystone/client/service/aodh.yml b/keystone/client/service/aodh.yml
index c91a354..51de0ca 100644
--- a/keystone/client/service/aodh.yml
+++ b/keystone/client/service/aodh.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ cluster_public_protocol: https
keystone:
client:
server:
@@ -16,7 +18,8 @@
description: OpenStack Alarming Service
endpoints:
- region: ${_param:openstack_region}
- public_address: ${_param:aodh_service_host}
+ public_address: ${_param:cluster_public_host}
+ public_protocol: ${_param:cluster_public_protocol}
public_port: 8042
public_path: '/'
internal_address: ${_param:aodh_service_host}
@@ -24,4 +27,4 @@
internal_path: '/'
admin_address: ${_param:aodh_service_host}
admin_port: 8042
- admin_path: '/'
\ No newline at end of file
+ admin_path: '/'
diff --git a/keystone/client/service/billometer.yml b/keystone/client/service/billometer.yml
index 86a153f..3728aa5 100644
--- a/keystone/client/service/billometer.yml
+++ b/keystone/client/service/billometer.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ cluster_public_protocol: https
keystone:
client:
server:
@@ -16,7 +18,8 @@
description: OpenStack Billing Service
endpoints:
- region: ${_param:openstack_region}
- public_address: ${_param:billometer_service_host}
+ public_address: ${_param:cluster_public_host}
+ public_protocol: ${_param:cluster_public_protocol}
public_port: 9753
public_path: '/v1'
internal_address: ${_param:billometer_service_host}
diff --git a/keystone/client/service/ceilometer.yml b/keystone/client/service/ceilometer.yml
index c40383a..4c59f80 100644
--- a/keystone/client/service/ceilometer.yml
+++ b/keystone/client/service/ceilometer.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ cluster_public_protocol: https
keystone:
client:
server:
@@ -16,7 +18,8 @@
description: OpenStack Telemetry Service
endpoints:
- region: ${_param:openstack_region}
- public_address: ${_param:ceilometer_service_host}
+ public_address: ${_param:cluster_public_host}
+ public_protocol: ${_param:cluster_public_protocol}
public_port: 8777
public_path: '/'
internal_address: ${_param:ceilometer_service_host}
diff --git a/keystone/client/service/cinder.yml b/keystone/client/service/cinder.yml
index 329c7ac..335985f 100644
--- a/keystone/client/service/cinder.yml
+++ b/keystone/client/service/cinder.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ cluster_public_protocol: https
keystone:
client:
server:
@@ -16,7 +18,8 @@
description: OpenStack Volume Service
endpoints:
- region: ${_param:openstack_region}
- public_address: ${_param:cinder_service_host}
+ public_address: ${_param:cluster_public_host}
+ public_protocol: ${_param:cluster_public_protocol}
public_port: 8776
public_path: '/v1/$(tenant_id)s'
internal_address: ${_param:cinder_service_host}
diff --git a/keystone/client/service/cinder2.yml b/keystone/client/service/cinder2.yml
index a24f06a..cc150ff 100644
--- a/keystone/client/service/cinder2.yml
+++ b/keystone/client/service/cinder2.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ cluster_public_protocol: https
keystone:
client:
server:
@@ -16,7 +18,8 @@
description: OpenStack Volume Service v2
endpoints:
- region: ${_param:openstack_region}
- public_address: ${_param:cinder_service_host}
+ public_address: ${_param:cluster_public_host}
+ public_protocol: ${_param:cluster_public_protocol}
public_port: 8776
public_path: '/v2/$(tenant_id)s'
internal_address: ${_param:cinder_service_host}
diff --git a/keystone/client/service/designate.yml b/keystone/client/service/designate.yml
new file mode 100644
index 0000000..4d95b2e
--- /dev/null
+++ b/keystone/client/service/designate.yml
@@ -0,0 +1,30 @@
+parameters:
+ _param:
+ cluster_public_protocol: https
+ keystone:
+ client:
+ server:
+ identity:
+ project:
+ service:
+ user:
+ designate:
+ is_admin: true
+ password: ${_param:keystone_designate_password}
+ email: ${_param:admin_email}
+ service:
+ designate:
+ type: dns
+ description: OpenStack DNS service
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:cluster_public_host}
+ public_protocol: ${_param:cluster_public_protocol}
+ public_port: 9001
+ public_path: '/'
+ internal_address: ${_param:designate_service_host}
+ internal_port: 9001
+ internal_path: '/'
+ admin_address: ${_param:designate_service_host}
+ admin_port: 9001
+ admin_path: '/'
diff --git a/keystone/client/service/glance.yml b/keystone/client/service/glance.yml
index 33d90c7..365917b 100644
--- a/keystone/client/service/glance.yml
+++ b/keystone/client/service/glance.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ cluster_public_protocol: https
keystone:
client:
server:
@@ -16,7 +18,8 @@
description: OpenStack Image Service
endpoints:
- region: ${_param:openstack_region}
- public_address: ${_param:glance_service_host}
+ public_address: ${_param:cluster_public_host}
+ public_protocol: ${_param:cluster_public_protocol}
public_port: 9292
public_path: ''
internal_address: ${_param:glance_service_host}
diff --git a/keystone/client/service/heat-cfn.yml b/keystone/client/service/heat-cfn.yml
index 3bb5449..343ff46 100644
--- a/keystone/client/service/heat-cfn.yml
+++ b/keystone/client/service/heat-cfn.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ cluster_public_protocol: https
keystone:
client:
server:
@@ -9,7 +11,8 @@
description: OpenStack CloudFormation Service
endpoints:
- region: ${_param:openstack_region}
- public_address: ${_param:heat_service_host}
+ public_address: ${_param:cluster_public_host}
+ public_protocol: ${_param:cluster_public_protocol}
public_port: 8000
public_path: '/v1'
internal_address: ${_param:heat_service_host}
diff --git a/keystone/client/service/heat.yml b/keystone/client/service/heat.yml
index 233cc75..692ceee 100644
--- a/keystone/client/service/heat.yml
+++ b/keystone/client/service/heat.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ cluster_public_protocol: https
keystone:
client:
server:
@@ -19,7 +21,8 @@
description: OpenStack Orchestration Service
endpoints:
- region: ${_param:openstack_region}
- public_address: ${_param:heat_service_host}
+ public_address: ${_param:cluster_public_host}
+ public_protocol: ${_param:cluster_public_protocol}
public_port: 8004
public_path: '/v1/%(tenant_id)s'
internal_address: ${_param:heat_service_host}
diff --git a/keystone/client/service/keystone.yml b/keystone/client/service/keystone.yml
index 914777c..af3acfc 100644
--- a/keystone/client/service/keystone.yml
+++ b/keystone/client/service/keystone.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ cluster_public_protocol: https
keystone:
client:
server:
@@ -9,7 +11,8 @@
description: OpenStack Identity Service
endpoints:
- region: ${_param:openstack_region}
- public_address: ${_param:keystone_service_host}
+ public_address: ${_param:cluster_public_host}
+ public_protocol: ${_param:cluster_public_protocol}
public_port: 5000
public_path: '/v2.0'
internal_address: ${_param:keystone_service_host}
diff --git a/keystone/client/service/keystone3.yml b/keystone/client/service/keystone3.yml
index 9aaedc2..9dd9eef 100644
--- a/keystone/client/service/keystone3.yml
+++ b/keystone/client/service/keystone3.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ cluster_public_protocol: https
keystone:
client:
server:
@@ -9,7 +11,8 @@
description: OpenStack Identity Service v3
endpoints:
- region: ${_param:openstack_region}
- public_address: ${_param:keystone_service_host}
+ public_address: ${_param:cluster_public_host}
+ public_protocol: ${_param:cluster_public_protocol}
public_port: 5000
public_path: '/v3'
internal_address: ${_param:keystone_service_host}
diff --git a/keystone/client/service/murano.yml b/keystone/client/service/murano.yml
new file mode 100644
index 0000000..4cb6211
--- /dev/null
+++ b/keystone/client/service/murano.yml
@@ -0,0 +1,30 @@
+parameters:
+ _param:
+ cluster_public_protocol: https
+ keystone:
+ client:
+ server:
+ identity:
+ project:
+ service:
+ user:
+ murano:
+ is_admin: true
+ password: ${_param:keystone_murano_password}
+ email: ${_param:admin_email}
+ service:
+ murano:
+ type: application-catalog
+ description: Application Catalog for OpenStack
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:cluster_public_host}
+ public_protocol: ${_param:cluster_public_protocol}
+ public_port: 8082
+ public_path: ''
+ internal_address: ${_param:murano_service_host}
+ internal_port: 8082
+ internal_path: ''
+ admin_address: ${_param:murano_service_host}
+ admin_port: 8082
+ admin_path: ''
diff --git a/keystone/client/service/neutron.yml b/keystone/client/service/neutron.yml
index 48ca372..e108f68 100644
--- a/keystone/client/service/neutron.yml
+++ b/keystone/client/service/neutron.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ neutron_public_protocol: https
keystone:
client:
server:
@@ -16,7 +18,8 @@
description: OpenStack Networking Service
endpoints:
- region: ${_param:openstack_region}
- public_address: ${_param:neutron_service_host}
+ public_address: ${_param:cluster_public_host}
+ public_protocol: ${_param:neutron_public_protocol}
public_port: 9696
public_path: '/'
internal_address: ${_param:neutron_service_host}
diff --git a/keystone/client/service/nova-ec2.yml b/keystone/client/service/nova-ec2.yml
index b729061..586701c 100644
--- a/keystone/client/service/nova-ec2.yml
+++ b/keystone/client/service/nova-ec2.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ cluster_public_protocol: https
keystone:
client:
server:
@@ -9,7 +11,8 @@
description: OpenStack EC2 Service
endpoints:
- region: ${_param:openstack_region}
- public_address: ${_param:nova_service_host}
+ public_address: ${_param:cluster_public_host}
+ public_protocol: ${_param:cluster_public_protocol}
public_port: 8773
public_path: '/services/Cloud'
internal_address: ${_param:nova_service_host}
diff --git a/keystone/client/service/nova.yml b/keystone/client/service/nova.yml
index 1497d69..ed703d0 100644
--- a/keystone/client/service/nova.yml
+++ b/keystone/client/service/nova.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ cluster_public_protocol: https
keystone:
client:
server:
@@ -16,7 +18,8 @@
description: OpenStack Compute Service
endpoints:
- region: ${_param:openstack_region}
- public_address: ${_param:nova_service_host}
+ public_address: ${_param:cluster_public_host}
+ public_protocol: ${_param:cluster_public_protocol}
public_port: 8774
public_path: '/v2/$(tenant_id)s'
internal_address: ${_param:nova_service_host}
diff --git a/keystone/client/service/nova21.yml b/keystone/client/service/nova21.yml
index e09a9df..48767de 100644
--- a/keystone/client/service/nova21.yml
+++ b/keystone/client/service/nova21.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ cluster_public_protocol: https
keystone:
client:
server:
@@ -16,7 +18,8 @@
description: OpenStack Compute Service
endpoints:
- region: ${_param:openstack_region}
- public_address: ${_param:nova_service_host}
+ public_address: ${_param:cluster_public_host}
+ public_protocol: ${_param:cluster_public_protocol}
public_port: 8774
public_path: '/v2/$(tenant_id)s'
internal_address: ${_param:nova_service_host}
@@ -30,7 +33,8 @@
description: OpenStack Compute Service v2.1
endpoints:
- region: ${_param:openstack_region}
- public_address: ${_param:nova_service_host}
+ public_address: ${_param:cluster_public_host}
+ public_protocol: ${_param:cluster_public_protocol}
public_port: 8774
public_path: '/v2.1'
internal_address: ${_param:nova_service_host}
diff --git a/keystone/client/service/radosgw-s3.yml b/keystone/client/service/radosgw-s3.yml
new file mode 100644
index 0000000..9b434af
--- /dev/null
+++ b/keystone/client/service/radosgw-s3.yml
@@ -0,0 +1,30 @@
+parameters:
+ _param:
+ cluster_public_protocol: https
+ keystone:
+ client:
+ server:
+ identity:
+ project:
+ service:
+ user:
+ swift:
+ is_admin: true
+ password: ${_param:keystone_swift_password}
+ email: ${_param:admin_email}
+ service:
+ radosgw-s3:
+ type: s3
+ description: S3 Service (radosgw)
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:cluster_public_host}
+ public_protocol: ${_param:cluster_public_protocol}
+ public_port: 8081
+ public_path: '/' # /$(tenant_id)s
+ internal_address: ${_param:radosgw_service_host}
+ internal_port: 8081
+ internal_path: '/'
+ admin_address: ${_param:radosgw_service_host}
+ admin_port: 8081
+ admin_path: '/'
diff --git a/keystone/client/service/radosgw-swift.yml b/keystone/client/service/radosgw-swift.yml
new file mode 100644
index 0000000..82d311f
--- /dev/null
+++ b/keystone/client/service/radosgw-swift.yml
@@ -0,0 +1,30 @@
+parameters:
+ _param:
+ cluster_public_protocol: https
+ keystone:
+ client:
+ server:
+ identity:
+ project:
+ service:
+ user:
+ swift:
+ is_admin: true
+ password: ${_param:keystone_swift_password}
+ email: ${_param:admin_email}
+ service:
+ radosgw-swift:
+ type: object-store
+ description: Swift Service (radosgw)
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:cluster_public_host}
+ public_protocol: ${_param:cluster_public_protocol}
+ public_port: 8081
+ public_path: '/swift/v1' # /$(tenant_id)s
+ internal_address: ${_param:radosgw_service_host}
+ internal_port: 8081
+ internal_path: '/swift/v1'
+ admin_address: ${_param:radosgw_service_host}
+ admin_port: 8081
+ admin_path: '/swift/v1'
diff --git a/keystone/client/service/sahara.yml b/keystone/client/service/sahara.yml
new file mode 100644
index 0000000..0dbb136
--- /dev/null
+++ b/keystone/client/service/sahara.yml
@@ -0,0 +1,30 @@
+parameters:
+ _param:
+ cluster_public_protocol: https
+ keystone:
+ client:
+ server:
+ identity:
+ project:
+ service:
+ user:
+ sahara:
+ is_admin: true
+ password: ${_param:keystone_sahara_password}
+ email: ${_param:admin_email}
+ service:
+ swift:
+ type: data-processing
+ description: Sahara Data Processing
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:cluster_public_host}
+ public_protocol: ${_param:cluster_public_protocol}
+ public_port: 8386
+ public_path: '/v1.1/%(tenant_id)s'
+ internal_address: ${_param:sahara_service_host}
+ internal_port: 8386
+ internal_path: '/v1.1/%(tenant_id)s'
+ admin_address: ${_param:sahara_service_host}
+ admin_port: 8386
+ admin_path: '/v1.1/%(tenant_id)s'
diff --git a/keystone/client/service/swift-s3.yml b/keystone/client/service/swift-s3.yml
new file mode 100644
index 0000000..6850dbd
--- /dev/null
+++ b/keystone/client/service/swift-s3.yml
@@ -0,0 +1,31 @@
+parameters:
+ _param:
+ cluster_public_protocol: https
+ keystone:
+ client:
+ server:
+ identity:
+ project:
+ service:
+ user:
+ swift:
+ is_admin: true
+ password: ${_param:keystone_swift_password}
+ email: ${_param:admin_email}
+ service:
+ swift-s3:
+ type: object-store
+ description: S3 Service (swift)
+ region: ${_param:keystone_region}
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:cluster_public_host}
+ public_protocol: ${_param:cluster_public_protocol}
+ public_port: 8080
+ public_path: '/v1/AUTH_%(tenant_id)s'
+ internal_address: ${_param:swift_service_host}
+ internal_port: 8080
+ internal_path: '/v1/AUTH_%(tenant_id)s'
+ admin_address: ${_param:swift_service_host}
+ admin_port: 8080
+ admin_path: '/'
diff --git a/keystone/client/service/swift.yml b/keystone/client/service/swift.yml
new file mode 100644
index 0000000..94636a4
--- /dev/null
+++ b/keystone/client/service/swift.yml
@@ -0,0 +1,30 @@
+parameters:
+ _param:
+ cluster_public_protocol: https
+ keystone:
+ client:
+ server:
+ identity:
+ project:
+ service:
+ user:
+ swift:
+ is_admin: true
+ password: ${_param:keystone_swift_password}
+ email: ${_param:admin_email}
+ service:
+ swift:
+ type: object-store
+ description: Swift Service
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:cluster_public_host}
+ public_protocol: ${_param:cluster_public_protocol}
+ public_port: 8080
+ public_path: '/v1/AUTH_%(tenant_id)s'
+ internal_address: ${_param:swift_service_host}
+ internal_port: 8080
+ internal_path: '/v1/AUTH_%(tenant_id)s'
+ admin_address: ${_param:swift_service_host}
+ admin_port: 8080
+ admin_path: '/'
diff --git a/nginx/server/proxy/openstack_api.yml b/nginx/server/proxy/openstack_api.yml
index a3182e5..5c4a1fa 100644
--- a/nginx/server/proxy/openstack_api.yml
+++ b/nginx/server/proxy/openstack_api.yml
@@ -9,86 +9,82 @@
enabled: true
type: nginx_proxy
name: openstack_api_keystone
+ check: false
proxy:
host: ${_param:keystone_service_host}
port: 5000
protocol: http
- filter:
- search: ${_param:keystone_service_host}
- replace: '$server_addr'
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 5000
+ ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_keystone_private:
enabled: true
type: nginx_proxy
name: openstack_api_keystone_private
+ check: false
proxy:
host: ${_param:keystone_service_host}
port: 35357
protocol: http
- filter:
- search: ${_param:keystone_service_host}
- replace: '$server_addr'
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 35357
+ ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_nova:
enabled: true
type: nginx_proxy
name: openstack_api_nova
+ check: false
proxy:
host: ${_param:nova_service_host}
port: 8774
protocol: http
- filter:
- search: ${_param:nova_service_host}
- replace: '$server_addr'
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 8774
+ ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_cinder:
enabled: true
type: nginx_proxy
name: openstack_api_cinder
+ check: false
proxy:
host: ${_param:cinder_service_host}
port: 8776
protocol: http
- filter:
- search: ${_param:cinder_service_host}
- replace: '$server_addr'
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 8776
+ ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_glance:
enabled: true
type: nginx_proxy
name: openstack_api_glance
+ check: false
+ underscores_in_headers: true
proxy:
host: ${_param:glance_service_host}
port: 9292
protocol: http
- filter:
- search: ${_param:glance_service_host}
- replace: '$server_addr'
+ size: 30000m
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 9292
+ ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_neutron:
enabled: true
type: nginx_proxy
name: openstack_api_neutron
+ check: false
proxy:
host: ${_param:neutron_service_host}
port: 9696
protocol: http
- filter:
- search: ${_param:neutron_service_host}
- replace: '$server_addr'
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 9696
+ ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_heat_cfn:
enabled: true
type: nginx_proxy
@@ -97,37 +93,33 @@
host: ${_param:heat_service_host}
port: 8000
protocol: http
- filter:
- search: ${_param:neutron_service_host}
- replace: '$server_addr'
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 8000
+ ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_heat:
enabled: true
type: nginx_proxy
name: openstack_api_heat
+ check: false
proxy:
host: ${_param:heat_service_host}
port: 8004
protocol: http
- filter:
- search: ${_param:heat_service_host}
- replace: '$server_addr'
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 8004
+ ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_nova_ec2:
enabled: true
type: nginx_proxy
name: openstack_api_nova_ec2
+ check: false
proxy:
host: ${_param:nova_service_host}
port: 8773
protocol: http
- filter:
- search: ${_param:nova_service_host}
- replace: '$server_addr'
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 8773
+ ssl: ${_param:nginx_proxy_ssl}
diff --git a/nginx/server/proxy/openstack_vnc.yml b/nginx/server/proxy/openstack_vnc.yml
index f53e40e..526f0db 100644
--- a/nginx/server/proxy/openstack_vnc.yml
+++ b/nginx/server/proxy/openstack_vnc.yml
@@ -7,6 +7,7 @@
enabled: true
type: nginx_proxy
name: novnc
+ check: false
proxy:
host: ${_param:openstack_control_address}
port: 6080
@@ -15,3 +16,4 @@
host:
name: ${_param:cluster_public_host}
port: 6080
+ ssl: ${_param:nginx_proxy_ssl}
diff --git a/nginx/server/proxy/openstack_web.yml b/nginx/server/proxy/openstack_web.yml
index 0165ff2..ad5ffea 100644
--- a/nginx/server/proxy/openstack_web.yml
+++ b/nginx/server/proxy/openstack_web.yml
@@ -2,7 +2,9 @@
_param:
nginx_proxy_openstack_web_host: ${_param:cluster_public_host}
nginx_proxy_openstack_web_proxy_host: ${_param:cluster_vip_address}
- nginx_proxy_openstack_web_buffer_size:
+ nginx_proxy_openstack_web_buffer_size:
+ number: 4
+ size: 256
nginx:
server:
enabled: true
@@ -12,11 +14,16 @@
type: nginx_proxy
name: openstack_web
proxy:
- size: 5000m
- host: prx
+ host: localhost
+ # TODO: port must be configurable, as some deployments might have HAproxy over prx nodes
port: 8078
+ size: 10000m
+ timeout: 43200
protocol: http
websocket: true
+ request_buffer: false
+ buffer:
+ ${_param:nginx_proxy_openstack_web_buffer_size}
host:
name: ${_param:nginx_proxy_openstack_web_host}
port: 443
diff --git a/openssh/server/team/mmo_de.yml b/openssh/server/team/mmo_de.yml
index 4b0c470..2e34f91 100644
--- a/openssh/server/team/mmo_de.yml
+++ b/openssh/server/team/mmo_de.yml
@@ -38,6 +38,12 @@
sudo: true
full_name: Marcin Iwinski
home: /home/miwinski
+ mrelewicz:
+ enabled: true
+ name: mrelewicz
+ sudo: true
+ full_name: Maciej Relewicz
+ home: /home/mrelewicz
openssh:
server:
enabled: true
@@ -73,6 +79,11 @@
public_keys:
- ${public_keys:miwinski}
user: ${linux:system:user:miwinski}
+ mrelewicz:
+ enabled: true
+ public_keys:
+ - ${public_keys:mrelewicz}
+ user: ${linux:system:user:mrelewicz}
public_keys:
dszeluga:
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDEEFoCOaivah6AjFZmPIDlDlp8mUfsh9UFrjgLL8vqVYoyVnuZ5DQZTeZsCgFCPxodEsgHDkSEFwkB6hbyqEXszGIL8dWwSBR3QfNJD2cjZ8ZYqXsKN63RzHGAjTXMjlCB7TZtcui1SWpKjGd+x3gQ0KkHZI9V9WVYDcC75kyEAHZptM2N9jlwbhr9lXZ77gZacjaGoKN0Agb/ydd1TyhQ1F3g56pnvgZtkOe/bStwjpz2NS0FqiqAR3wOeZZUGsR3TCP70oYfaeJvpCDVRR/gVXqqvcBAiNYTGC/tMlKuECKPtOOAP8Oc+bt1eOrbiPVJ5NfoOIpmMCDUUSnFoNGN damjanek@cocaine.local
@@ -88,3 +99,5 @@
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDOdCr32ewiGJKLLwxf0Ic0naFV1j+ZflpfUVjuIPplrLeL5u8CNVlT5adPzgc48ijbee3qpzNvkOC7Ym295xQXUluo/cj2p5wVp70YnHrfhnLjGOCldm/K8B9bHmHbm1XW6hWUp7SWjMwhOdR217iveVLkuOy+hPdpXOC86hO93v7fY12UZDiqSRfrHpUqEaHHqlSyU2Eftn9GsR4UaotkeaQsiv8bi/k5nrwea/ccALZXnhrgTSTpXOVy3rfR5cCFQCA1PjMYvFEjhUofCHBSk+OA8xwOkpBOCfYrWRUmMT7MGEV5Jjm75QUrq1AuqRdFh8SM5lP39Tdwr8FMC+q5 flor3k@MacBook-Pro-Szymon.local
miwinski:
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCydY97fXVWbcUiNaK5KnMHQpLT4acAVXykKqB5hAUPwKn4nFN3dFNw9dpToFpriqNpJTZrEdxVgL9obB4aouHpi+NVH6s8cMZ6ulNTiSTBM0Xkmu7jl66eMhfHNaFwgFC0vsGQ85oI813H7A601tCweKegMUW/mwOKbwHj1isEA+jbyrdRTC64icBa6zbW/G2uF0ajz9dCPe9L0rAbQFE51N1fxrnLeb6BI+5br0H6bRz1kGc5ZsNiUx3EEEOrMFbAbHQAxvD8Te/nUErdlHCiFufKlXLJSUNDPGFrW2mIfvfGlbyrLPgm24RKS6xfcD7BhJOmr54k7QbWChEp/SrX iwi@iwon
+ mrelewicz:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCsB8R/Sv7hI7kHnOa7slfRQUhx3uVo3lDT7SLZw6m5Xnc7JVmQBmsO3s0lLHWRcxBUNso8P5xd8XG30VaW2MPrHGEMy6TbwxJmoFb8+zZaETjcaXvXig2RAQe/I3GAplptCz76GFM9SQavXtqb4D7wPi/AGs7yTFBa1rlVPdmhnlQ2woZoF/Hb5vPpFbK8ucR79eopNyd+g9mhLALJGRIUkRh6q66LCUAbMHA/Lm01IV//mGFUS1Sh0lcM34LOl99SyRVKW7kbql4vWE/4ZSxX1GJC4WVxxBitdWAypGuq3PY8L/+JDjXK7hXSrYaVWygrrluQh+ZXY8S1zx1SoPEG8uzyqdei8VxDPJd+3Y+w3YvWiYI2QA7fdtf4AW57OjZJrCgC2SpUuO6TNGcQ3gxV2/IChHQMHUV6IYc+ENaKuFIXVfvFBa/VMVRoTFXKVdE1cycDR3mgygGxE9QWxLmsJf7ZaK6A0zQjxTQs0GJi6Id9dgjDsh90uPIaVJWGKZZqDH+/cbXqN1AOTK3ecVji2fOfL3JQfY4wTFt/WmGa2VrdTfv/d9bcvEvhHYaCUs3sWy3sobJXwYCiXwuZVTTLj4EvN6L+jt8I9nG/6OWILUPVjrx84ikZ3Ig1Tbts2giIuB8JpQRup1mrEtpxoeOga1ts5ZGF8XfIKOpqaBpTsw== mrelewicz@mirantis.com
diff --git a/reclass/storage/system/stacklight_server_cluster.yml b/reclass/storage/system/stacklight_server_cluster.yml
index 9d40ea9..edb7a94 100644
--- a/reclass/storage/system/stacklight_server_cluster.yml
+++ b/reclass/storage/system/stacklight_server_cluster.yml
@@ -11,8 +11,6 @@
domain: ${_param:cluster_domain}
classes:
- cluster.${_param:cluster_name}.stacklight.server
- - system.influxdb.server.single
- - system.influxdb.database.stacklight
- system.elasticsearch.client.single
- system.grafana.client.single
- system.kibana.client.single
diff --git a/reclass/storage/system/stacklight_server_single.yml b/reclass/storage/system/stacklight_server_single.yml
index 6ef1050..2b397f6 100644
--- a/reclass/storage/system/stacklight_server_single.yml
+++ b/reclass/storage/system/stacklight_server_single.yml
@@ -11,8 +11,6 @@
- cluster.${_param:cluster_name}.stacklight.server
- system.elasticsearch.client.single
- system.grafana.client.single
- - system.influxdb.server.single
- - system.influxdb.database.stacklight
- system.kibana.client.single
params:
salt_master_host: ${_param:reclass_config_master}