Merge "Configuring ens3 and ens4 interfaces"
diff --git a/classes/cluster/virtual-mcp11-aio/infra/config.yml b/classes/cluster/virtual-mcp11-aio/infra/config.yml
index c59029b..8b1bb8c 100644
--- a/classes/cluster/virtual-mcp11-aio/infra/config.yml
+++ b/classes/cluster/virtual-mcp11-aio/infra/config.yml
@@ -8,3 +8,17 @@
name: cfg01
domain: ${_param:cluster_domain}
purge_repos: ${_param:linux_system_purge_repos}
+ salt:
+ master:
+ worker_threads: 5
+ environment:
+ prd:
+ formula:
+ runtest:
+ source: git
+ address: 'https://gerrit.mcp.mirantis.net/salt-formulas/runtest'
+ revision: master
+ module:
+ runtest: runtest
+ state:
+ runtest.py: runtest.py
diff --git a/classes/cluster/virtual-mcp11-aio/infra/init.yml b/classes/cluster/virtual-mcp11-aio/infra/init.yml
index 46d0de0..d00a830 100644
--- a/classes/cluster/virtual-mcp11-aio/infra/init.yml
+++ b/classes/cluster/virtual-mcp11-aio/infra/init.yml
@@ -2,3 +2,7 @@
_param:
apt_mk_version: stable
linux_system_purge_repos: false
+ salt:
+ minion:
+ trusted_ca_minions:
+ - cfg01.${_param:cluster_domain}
diff --git a/classes/cluster/virtual-mcp11-aio/openstack/init.yml b/classes/cluster/virtual-mcp11-aio/openstack/init.yml
index 6ac2af2..6b8a6e2 100755
--- a/classes/cluster/virtual-mcp11-aio/openstack/init.yml
+++ b/classes/cluster/virtual-mcp11-aio/openstack/init.yml
@@ -1,11 +1,15 @@
classes:
+- system.salt.minion.cert.mysql.server
+- system.salt.minion.cert.rabbitmq_server
- system.linux.system.lowmem
- system.linux.system.repo.mcp.openstack
- system.linux.system.repo.mcp.extra
- system.linux.storage.loopback
+- service.rabbitmq.server.ssl
- system.rabbitmq.server.vhost.openstack
- system.keystone.server.wsgi
- system.keystone.server.single
+- service.galera.ssl
- service.galera.master.cluster
- system.galera.server.database.cinder
- system.galera.server.database.designate
@@ -94,6 +98,7 @@
horizon_identity_encryption: none
horizon_identity_version: 2
horizon_identity_host: ${_param:single_address}
+ designate_admin_api_enabled: true
designate_bind9_rndc_key: 4pc+X4PDqb2q+5o72dISm72LM1Ds9X2EYZjqg+nmsS7FhdTwzFFY8l/iEDmHxnyjkA33EQC8H+z0fLLBunoitw==
designate_pool_target_type: bind9
designate_domain_id: 5186883b-91fb-4891-bd49-e6769234a8fc
@@ -123,6 +128,11 @@
openstack_public_neutron_subnet_allocation_end: 192.168.130.254
barbican_simple_crypto_kek: YWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXoxMjM0NTY=
barbican_integration_enabled: False
+ galera_ssl_enabled: true
+ rabbitmq_ssl_enabled: true
+ rabbitmq_port: 5671 # for non-ssl use 5672
+ runtest_tempest_cfg_dir: /root/rally_reports/
+ runtest_tempest_cfg_name: tempest_generated.conf
galera:
master:
members: ~
@@ -138,13 +148,35 @@
crypto_plugin: simple_crypto
store_plugin: store_crypto
global_default: True
+ database:
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
+ message_queue:
+ port: ${_param:rabbitmq_port}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
neutron:
server:
+ api_workers: 2
+ rpc_state_report_workers: 2
+ rpc_workers: 2
message_queue:
members: ~
+ port: ${_param:rabbitmq_port}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
+ database:
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
gateway:
+ metadata:
+ workers: 2
agent_mode: dvr_snat
dvr: True
+ message_queue:
+ port: ${_param:rabbitmq_port}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
nova:
compute:
barbican:
@@ -156,17 +188,42 @@
tenant: service
cache:
members: ~
+ message_queue:
+ port: ${_param:rabbitmq_port}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
controller:
barbican:
enabled: ${_param:barbican_integration_enabled}
vncproxy_url: http://${_param:single_address}:6080
+ database:
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
+ message_queue:
+ port: ${_param:rabbitmq_port}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
cinder:
controller:
barbican:
enabled: ${_param:barbican_integration_enabled}
+ database:
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
+ message_queue:
+ port: ${_param:rabbitmq_port}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
volume:
cache:
members: ~
+ database:
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
+ message_queue:
+ port: ${_param:rabbitmq_port}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
horizon:
server:
secure: False
@@ -174,9 +231,65 @@
server:
quota:
zones: ${_param:designate_quota_zones}
+ database:
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
+ message_queue:
+ port: ${_param:rabbitmq_port}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
worker:
enabled: ${_param:designate_worker_enabled}
glance:
server:
barbican:
enabled: ${_param:barbican_integration_enabled}
+ database:
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
+ message_queue:
+ port: ${_param:rabbitmq_port}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
+ keystone:
+ server:
+ database:
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
+ message_queue:
+ port: ${_param:rabbitmq_port}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
+ heat:
+ server:
+ database:
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
+ message_queue:
+ port: ${_param:rabbitmq_port}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
+ runtest:
+ enabled: True
+ tempest:
+ enabled: True
+ cfg_dir: ${_param:runtest_tempest_cfg_dir}
+ cfg_name: ${_param:runtest_tempest_cfg_name}
+ compute:
+ build_timeout: 600
+ min_microversion: 2.1
+ max_microversion: 2.42
+ orchestration:
+ max_template_size: 5440000
+ max_resources_per_stack: 20000
+ dns_feature_enabled:
+ # Switch this to designate_admin_api_enabled once [1] is promoted to stable packages
+ # [1] https://gerrit.mcp.mirantis.net/gitweb?p=salt-formulas/designate.git;a=commit;h=96a3f43f6cf1149559e54a00b5548bdf46333749
+ api_admin: false
+ api_v1: false
+ api_v2: true
+ api_v2_quotas: true
+ api_v2_root_recordsets: true
+ bug_1573141_fixed: true
+ volume-feature-enabled:
+ backup: false
diff --git a/classes/system b/classes/system
index effee04..3610852 160000
--- a/classes/system
+++ b/classes/system
@@ -1 +1 @@
-Subproject commit effee0490ecfb00f1ed311143e7fc635700b6e0c
+Subproject commit 36108526bd13c5a90a5db63e4bb6b02e0e7a090c