Merge pull request #27 from SwannCroiset/aggregator-poolisze
Increase heka poolsize for the aggregator
diff --git a/grafana/client/single.yml b/grafana/client/single.yml
index c36d4ff..49ac876 100644
--- a/grafana/client/single.yml
+++ b/grafana/client/single.yml
@@ -17,7 +17,7 @@
type: influxdb
host: ${_param:grafana_influxdb_host}
port: ${_param:influxdb_port}
- user: ${_param:influxdb_user}
- password: ${_param:influxdb_password}
- database: ${_param:influxdb_database}
+ user: lma
+ password: ${_param:influxdb_stacklight_password}
+ database: lma
is_default: true
diff --git a/graphite/server/single.yml b/graphite/server/single.yml
index b6d507a..364877e 100644
--- a/graphite/server/single.yml
+++ b/graphite/server/single.yml
@@ -37,4 +37,4 @@
rights: all privileges
supervisor:
server:
- enabled: false
+ enabled: true
diff --git a/heka/aggregator/cluster.yml b/heka/aggregator/cluster.yml
index d1bb631..2913211 100644
--- a/heka/aggregator/cluster.yml
+++ b/heka/aggregator/cluster.yml
@@ -9,9 +9,9 @@
aggregator:
influxdb_host: ${_param:heka_influxdb_host}
influxdb_port: ${_param:influxdb_port}
- influxdb_database: ${_param:influxdb_database}
- influxdb_username: ${_param:influxdb_user}
- influxdb_password: ${_param:influxdb_password}
+ influxdb_database: lma
+ influxdb_username: lma
+ influxdb_password: ${_param:influxdb_stacklight_password}
nagios_host: ${_param:nagios_host}
nagios_username: ${_param:nagios_username}
nagios_password: ${_param:nagios_password}
diff --git a/heka/aggregator/single.yml b/heka/aggregator/single.yml
index afe4b7d..c5ad6ab 100644
--- a/heka/aggregator/single.yml
+++ b/heka/aggregator/single.yml
@@ -9,9 +9,9 @@
aggregator:
influxdb_host: ${_param:heka_influxdb_host}
influxdb_port: ${_param:influxdb_port}
- influxdb_database: ${_param:influxdb_database}
- influxdb_username: ${_param:influxdb_user}
- influxdb_password: ${_param:influxdb_password}
+ influxdb_database: lma
+ influxdb_username: lma
+ influxdb_password: ${_param:influxdb_stacklight_password}
nagios_host: ${_param:nagios_host}
nagios_username: ${_param:nagios_username}
nagios_password: ${_param:nagios_password}
diff --git a/heka/remote_collector/cluster.yml b/heka/remote_collector/cluster.yml
index 7669bcf..ef7973f 100644
--- a/heka/remote_collector/cluster.yml
+++ b/heka/remote_collector/cluster.yml
@@ -6,9 +6,9 @@
remote_collector:
influxdb_host: ${_param:heka_influxdb_host}
influxdb_port: ${_param:influxdb_port}
- influxdb_database: ${_param:influxdb_database}
- influxdb_username: ${_param:influxdb_user}
- influxdb_password: ${_param:influxdb_password}
+ influxdb_database: lma
+ influxdb_username: lma
+ influxdb_password: ${_param:influxdb_stacklight_password}
aggregator_host: ${_param:heka_aggregator_host}
aggregator_port: ${_param:aggregator_port}
elasticsearch_host: ${_param:heka_elasticsearch_host}
diff --git a/heka/remote_collector/input/amqp.yml b/heka/remote_collector/input/amqp.yml
index fecd09b..392b224 100644
--- a/heka/remote_collector/input/amqp.yml
+++ b/heka/remote_collector/input/amqp.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ stacklight_notification_topic: stacklight_notifications
heka:
remote_collector:
amqp_host: ${_param:heka_amqp_host}
@@ -6,4 +8,4 @@
amqp_user: openstack
amqp_password: ${_param:rabbitmq_openstack_password}
amqp_vhost: '/openstack'
- amqp_notification_topic: notifications
+ amqp_notification_topic: ${_param:stacklight_notification_topic}
diff --git a/heka/remote_collector/single.yml b/heka/remote_collector/single.yml
index 7b4050e..c18484f 100644
--- a/heka/remote_collector/single.yml
+++ b/heka/remote_collector/single.yml
@@ -6,9 +6,9 @@
remote_collector:
influxdb_host: ${_param:heka_influxdb_host}
influxdb_port: ${_param:influxdb_port}
- influxdb_database: ${_param:influxdb_database}
- influxdb_username: ${_param:influxdb_user}
- influxdb_password: ${_param:influxdb_password}
+ influxdb_database: lma
+ influxdb_username: lma
+ influxdb_password: ${_param:influxdb_stacklight_password}
aggregator_host: ${_param:heka_aggregator_host}
aggregator_port: ${_param:aggregator_port}
elasticsearch_host: ${_param:heka_elasticsearch_host}
diff --git a/influxdb/database/stacklight.yml b/influxdb/database/stacklight.yml
new file mode 100644
index 0000000..d741380
--- /dev/null
+++ b/influxdb/database/stacklight.yml
@@ -0,0 +1,23 @@
+parameters:
+ influxdb:
+ server:
+ database:
+ lma:
+ enabled: true
+ name: lma
+ retention_policy:
+ - name: lma
+ is_default: true
+ duration: 30d
+ replication: 1
+ user:
+ lma:
+ enabled: true
+ name: lma
+ password: ${_param:influxdb_stacklight_password}
+ grant:
+ grant_lma_all:
+ enabled: true
+ user: lma
+ database: lma
+ privilege: all
diff --git a/influxdb/server/single.yml b/influxdb/server/single.yml
index 3d40099..ed0b2d5 100644
--- a/influxdb/server/single.yml
+++ b/influxdb/server/single.yml
@@ -19,23 +19,3 @@
enabled: true
name: 'root'
password: ${_param:influxdb_admin_password}
- database:
- lma:
- enabled: true
- name: lma
- retention_policy:
- - name: lma
- is_default: true
- duration: 30d
- replication: 1
- user:
- lma:
- enabled: true
- name: lma
- password: ${_param:influxdb_stacklight_password}
- grant:
- grant_lma_all:
- enabled: true
- user: lma
- database: lma
- privilege: all
diff --git a/linux/system/repo/grafana.yml b/linux/system/repo/grafana.yml
index 267065e..c1c8a5b 100644
--- a/linux/system/repo/grafana.yml
+++ b/linux/system/repo/grafana.yml
@@ -1,7 +1,8 @@
+parameters:
linux:
system:
repo:
grafana:
enabled: true
source: 'deb https://packagecloud.io/grafana/stable/debian/ jessie main'
- key_url: 'https://packagecloud.io/gpg.key'
\ No newline at end of file
+ key_url: 'https://packagecloud.io/gpg.key'
diff --git a/linux/system/repo_local/influxdb.yml b/linux/system/repo_local/influxdb.yml
index 7e3fb93..5e30d83 100644
--- a/linux/system/repo_local/influxdb.yml
+++ b/linux/system/repo_local/influxdb.yml
@@ -1,8 +1,8 @@
parameters:
linux:
system:
- repo:influxdb
- grafana:
+ repo:
+ influxdb:
refresh_db: ${_param:linux_repo_refresh_db}
source: "deb [arch=amd64] http://${_param:local_repo_url}/ubuntu-${_param:linux_system_codename}/ nightly influxdb"
architectures: amd64
diff --git a/openssh/server/team/mcp_qa.yml b/openssh/server/team/mcp_qa.yml
new file mode 100644
index 0000000..eef4e3f
--- /dev/null
+++ b/openssh/server/team/mcp_qa.yml
@@ -0,0 +1,52 @@
+parameters:
+ linux:
+ system:
+ user:
+ ddmitriev:
+ enabled: true
+ name: ddmitriev
+ sudo: true
+ full_name: Denys Dmytriiev
+ home: /home/ddmitriev
+ dtyzhnenko:
+ enabled: true
+ name: dtyzhnenko
+ sudo: true
+ full_name: Dmitry Tyzhnenko
+ home: /home/dtyzhnenko
+ tleontovich:
+ enabled: true
+ name: tleontovich
+ sudo: true
+ full_name: Tatyanka Leontovich
+ home: /home/tleontovich
+ group:
+ libvirtd:
+ enabled: true
+ name: libvirtd
+ openssh:
+ server:
+ enabled: true
+ user:
+ ddmitriev:
+ enabled: true
+ public_keys:
+ - ${public_keys:ddmitriev}
+ user: ${linux:system:user:ddmitriev}
+ dtyzhnenko:
+ enabled: true
+ public_keys:
+ - ${public_keys:dtyzhnenko}
+ user: ${linux:system:user:dtyzhnenko}
+ tleontovich:
+ enabled: true
+ public_keys:
+ - ${public_keys:tleontovich}
+ user: ${linux:system:user:tleontovich}
+ public_keys:
+ ddmitriev:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDuD4wJ8hzkchQ0pfgdwWukQyps1xYRfHOsjosmDu/mmgaXVud5mnpwb2q35E2YYTox2mx+ulJqyS+099gz6MPg4P8D5qdMuRbAsJqbceLaaIGQhdT8qgSo7ESrl5pwvYnfWzKLKF0z5s7nrW0nvArC40zhV9o9XpvzzzSFByepWfkwA8ReldGUYVvTKp8YXaCrqEdMZrU42adPM2nl+fYBbGF+h4/Ka247aVjPeER0blV3znFXbv2Kf38G+i/TEGaktgpBdtGGDi1tX2loMypmTJeqZRJnM0Eoly0BnynB7CSxn11eoIXBUe1mVYNqmQd1hw6uh59iymhK5j939v9J ddmitriev@dis_xcom
+ dtyzhnenko:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDhf5ysfuTmOO1975vUCag59tL+lQwfmWSQglZvKnMLnhO1P39VXDHCMla0Uh2IXI5abSrsq4xVXNfD3R5cnzPW8rG1h3528tSpszwZp28LSMkMfEZReEWVq2XoseRfzd7b3AaWN283NbQGPL6NRwyg9hLRG5dipdRxnDSutvDg/J4gbzeuS+QjXP6ymIs9vBhrpvHlQ6POI7Zedp2FOmqbGf3OK9wuBkD1Dhf+hTXvFSq1PFxmKB7w5CWvAOGGuapb+IYspPlDwd8lVWbvp+D3DchkhyL36gQyl2In/NKG2NR4z6dETX8JON5OMe0UipeKAsXInoVbyZfs3uZgdKDB dtyzhnenko
+ tleontovich:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDLtOIkzqNA3wdLQyQxLRaRwi4oXnRCPCsrn8oaAyxDXHhU3+ATGvXBdbkA6xU3d4hAohru5DwxGzyikzAAtrv79GWA9/ryXPcplmxBiJcN36GyfW6eX89hI1VIJMKMG3cUs0ONf2D+hENhbaO0pu4hNAb5HFcHAuqecQNOFFrJ3RqnWM8RWgJPY3iF1A9JnXwVrUgME962VPlydYvlL5mLk+h+4DgHuPipw/Qana5a2JfdErsPYeAdDwG8frCdA9wvMzVVZv78s0lA6BritQdd0SyZejbOlT9KVHhSOhqnWdCtd8+nZXzXgjV7GAiv7H9yE4Ee6QYSHUQHwJxZs3ZT tleontovich@tleontovich-pc
diff --git a/reclass/storage/system/stacklight_server_cluster.yml b/reclass/storage/system/stacklight_server_cluster.yml
index 5a106b9..1ffe9b3 100644
--- a/reclass/storage/system/stacklight_server_cluster.yml
+++ b/reclass/storage/system/stacklight_server_cluster.yml
@@ -8,6 +8,7 @@
classes:
- cluster.${_param:cluster_name}.stacklight.server
- system.influxdb.server.single
+ - system.influxdb.database.stacklight
- system.elasticsearch.client.single
- system.grafana.client.single
- system.kibana.client.single
diff --git a/salt/master/api.yml b/salt/master/api.yml
new file mode 100644
index 0000000..1c0c3fb
--- /dev/null
+++ b/salt/master/api.yml
@@ -0,0 +1,31 @@
+parameters:
+ _param:
+ salt_master_api_port: 8000
+ salt_master_api_permissions:
+ - '.*'
+ - '@local'
+ - '@wheel' # to allow access to all wheel modules
+ - '@runner' # to allow access to all runner modules
+ - '@jobs' # to allow access to the jobs runner and/or wheel mo
+ salt:
+ api:
+ enabled: true
+ bind:
+ address: 0.0.0.0
+ port: ${_param:salt_master_api_port}
+ master:
+ command_timeout: 600
+ user:
+ salt:
+ permissions: ${_param:salt_master_api_permissions}
+ linux:
+ system:
+ user:
+ salt:
+ enabled: true
+ name: salt
+ password: ${_param:salt_api_password_hash}
+ home: /var/tmp/salt
+ sudo: false
+ system: true
+ shell: /bin/false
diff --git a/salt/minion/ca/salt_master.yml b/salt/minion/ca/salt_master.yml
new file mode 100644
index 0000000..30c9d9b
--- /dev/null
+++ b/salt/minion/ca/salt_master.yml
@@ -0,0 +1,26 @@
+parameters:
+ _param:
+ salt_minion_ca_common_name: Salt Master CA
+ salt_minion_ca_country: cz
+ salt_minion_ca_locality: Prague
+ salt_minion_ca_organization: Mirantis
+ salt_minion_ca_days_valid_authority: 3650
+ salt_minion_ca_days_valid_certificate: 365
+ salt:
+ minion:
+ ca:
+ salt_master_ca:
+ common_name: ${_param:salt_minion_ca_common_name}
+ country: ${_param:salt_minion_ca_country}
+ locality: ${_param:salt_minion_ca_locality}
+ organization: ${_param:salt_minion_ca_organization}
+ signing_policy:
+ cert_server:
+ type: v3_edge_cert_server
+ minions: '*'
+ cert_client:
+ type: v3_edge_cert_client
+ minions: '*'
+ days_valid:
+ authority: ${_param:salt_minion_ca_days_valid_authority}
+ certificate: ${_param:salt_minion_ca_days_valid_certificate}
diff --git a/salt/minion/cert/proxy.yml b/salt/minion/cert/proxy.yml
new file mode 100644
index 0000000..fac9aa5
--- /dev/null
+++ b/salt/minion/cert/proxy.yml
@@ -0,0 +1,11 @@
+parameters:
+ _param:
+ salt_minion_ca_authority: salt_master_ca
+ salt:
+ minion:
+ cert:
+ proxy:
+ host: ${_param:salt_minion_ca_host}
+ signing_policy: cert_server
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: ${_param:cluster_public_host}