Merge "Add Security monkey audit service"
diff --git a/.travis.yml b/.travis.yml
deleted file mode 100644
index 1cc95a8..0000000
--- a/.travis.yml
+++ /dev/null
@@ -1,91 +0,0 @@
-dist: trusty
-sudo: required
-
-addons:
- apt:
- sources:
- - sourceline: 'deb http://apt-mk.mirantis.com/trusty nightly salt'
- - key_url: 'http://apt-mk.mirantis.com/public.gpg'
- packages:
- - curl
- - subversion
- - git
- - salt-master
- - salt-minion
- - reclass
- - python-pip
- - tree
-
-
-#git:
-# submodules: false
-#
-before_install:
- - sudo pip install cookiecutter
-# - test ! -e .gitmodules || sed -i 's,https://\([.a-z0-9_-]*\)/\(.*\),git@\1:\2,' .gitmodules
-# - test ! -e .gitmodules || git submodule update --init --recursive --remote
-
-env:
- global:
- - ENV_DOMAIN=ci.local
- matrix:
- - CLUSTER_NAME=openstack_mk_contrail
- - CLUSTER_NAME=openstack_mk_ovs
- - CLUSTER_NAME=kubernetes_mk
-
-install:
- - export RECLASS_SYSTEM=file://$PWD
- - mkdir ../$CLUSTER_NAME; cd ../$CLUSTER_NAME
- - export RECLASS_REPO_PATH=$PWD
- - export RECLASS_REPOSITORY=file://$RECLASS_REPO_PATH
- - git clone git@github.com:Mirantis/mk2x-cookiecutter-reclass-model.git ../cookiecutter_models; cd ../cookiecutter_models
- - export COOKIECUTTER_BASE=$PWD
- - export ENV_DOMAIN=ci.local
- - COOKIECUTTER_JSON=$COOKIECUTTER_BASE/cluster/$CLUSTER_NAME/cookiecutter.json
- #- export ENV_DOMAIN=${CLUSTER_NAME//_/-}.$ENV_DOMAIN
- - export MASTER_HOSTNAME=cfg01.$ENV_DOMAIN
- - cd $RECLASS_REPO_PATH
- - git init .
-# CI WORKAROUNDS
- - export FORMULAS_SOURCE=pkg
- - sed -i "s/deployment_name/$CLUSTER_NAME/g" $COOKIECUTTER_JSON
- - sed -i "s/deploy-name.local/$ENV_DOMAIN/g" $COOKIECUTTER_JSON
- - sed -i 's%.*reclass_repository.*%"reclass_repository":"'$RECLASS_REPOSITORY'",%g' $COOKIECUTTER_JSON
- - cookiecutter $COOKIECUTTER_BASE/cluster/$CLUSTER_NAME --output-dir ./classes/cluster --no-input
- - git add ./*
- - git commit -am "Init, add cluster level"
- - git submodule add $RECLASS_SYSTEM ./classes/system
- - |
- mkdir -p nodes;
- git branch -a
- tree -lL 3
- cat <<-EOF > nodes/cfg01.$ENV_DOMAIN.yml
- classes:
- - cluster.$CLUSTER_NAME.infra.config
- parameters:
- _param:
- linux_system_codename: trusty
- reclass_data_revision: master
- linux:
- system:
- name: cfg01
- domain: $ENV_DOMAIN
- # #######################
-
- - git add ./*
- - git commit -am "Add system level and salt-master node"
-# CI WORKAROUNDS
- - export RECLASS_BRANCH=master
- #- sed -ie "s#\(reclass_data_revision.\).*#\1 $RECLASS_BRANCH#" $(find nodes -name ${MASTER_HOSTNAME}.yml|tail -n1)
- #- git commit -am "Fake branch update" || true
-# PREREQUSITES
- - sudo mkdir /srv/salt; sudo cp -a $PWD /srv/salt/reclass
- - sudo svn export --force https://github.com/salt-formulas/salt-formulas/trunk/deploy/scripts /srv/salt/scripts
-
-script:
- - cd /srv/salt/scripts
- - sudo ./salt-master-init.sh || exit 1
-
-after_failure:
- - tree -lL 3 $RECLASS_REPO_PATH
- - for i in ls -lta "/tmp/*verify*"; do echo -e "\n\n$i:";tail -n20 $i; done
diff --git a/aptly/server/mirror/ubuntu/trusty/mcp/apt_mk.yml b/aptly/server/mirror/ubuntu/trusty/mcp/apt_mk/init.yml
similarity index 100%
rename from aptly/server/mirror/ubuntu/trusty/mcp/apt_mk.yml
rename to aptly/server/mirror/ubuntu/trusty/mcp/apt_mk/init.yml
diff --git a/aptly/server/mirror/ubuntu/trusty/mcp/apt_mk/stable.yml b/aptly/server/mirror/ubuntu/trusty/mcp/apt_mk/stable.yml
new file mode 100644
index 0000000..227427e
--- /dev/null
+++ b/aptly/server/mirror/ubuntu/trusty/mcp/apt_mk/stable.yml
@@ -0,0 +1,5 @@
+classes:
+- system.aptly.server.mirror.ubuntu.trusty.mcp.apt_mk
+parameters:
+ _param:
+ apt_mk_version: stable
\ No newline at end of file
diff --git a/aptly/server/mirror/ubuntu/trusty/mcp/apt_mk/testing.yml b/aptly/server/mirror/ubuntu/trusty/mcp/apt_mk/testing.yml
new file mode 100644
index 0000000..c81963f
--- /dev/null
+++ b/aptly/server/mirror/ubuntu/trusty/mcp/apt_mk/testing.yml
@@ -0,0 +1,5 @@
+classes:
+- system.aptly.server.mirror.ubuntu.trusty.mcp.apt_mk
+parameters:
+ _param:
+ apt_mk_version: testing
\ No newline at end of file
diff --git a/aptly/server/mirror/ubuntu/trusty/mcp/openstack.yml b/aptly/server/mirror/ubuntu/trusty/mcp/openstack.yml
deleted file mode 100644
index 32e3b90..0000000
--- a/aptly/server/mirror/ubuntu/trusty/mcp/openstack.yml
+++ /dev/null
@@ -1,73 +0,0 @@
-parameters:
- _param:
- mcp_repo_version: 1.0
- aptly:
- server:
- mirror:
- mirantis_openstack_trusty:
- source: http://mirror.fuel-infra.org/mcp-repos/${_param:mcp_repo_version}/trusty
- distribution: mitaka
- components: main restricted
- architectures: amd64
- key_url: "http://mirror.fuel-infra.org/mcp-repos/${_param:mcp_repo_version}/trusty/archive-mcp${_param:mcp_repo_version}.key"
- gpgkeys:
- - 1FA22B08
- publisher:
- component: main
- distributions:
- - ubuntu-trusty/mitaka
-
- mirantis_openstack_hotfix_trusty:
- source: http://mirror.fuel-infra.org/mcp-repos/${_param:mcp_repo_version}/trusty
- distribution: mitaka-hotfix
- components: main restricted
- architectures: amd64
- key_url: "http://mirror.fuel-infra.org/mcp-repos/${_param:mcp_repo_version}/trusty/archive-mcp${_param:mcp_repo_version}.key"
- gpgkeys:
- - 1FA22B08
- publisher:
- component: main
- distributions:
- - ubuntu-trusty/mitaka-hotfix
-
- mirantis_openstack_security_trusty:
- source: http://mirror.fuel-infra.org/mcp-repos/${_param:mcp_repo_version}/trusty
- distribution: mitaka-security
- components: main restricted
- architectures: amd64
- key_url: "http://mirror.fuel-infra.org/mcp-repos/${_param:mcp_repo_version}/trusty/archive-mcp${_param:mcp_repo_version}.key"
- gpgkeys:
- - 1FA22B08
- publisher:
- component: main
- distributions:
- - ubuntu-trusty/mitaka-security
-
- # required for alternative horizon plugins/etc..
- mirantis_openstack_updates_trusty:
- source: http://mirror.fuel-infra.org/mcp-repos/${_param:mcp_repo_version}/trusty
- distribution: mitaka-updates
- components: main restricted
- architectures: amd64
- key_url: "http://mirror.fuel-infra.org/mcp-repos/${_param:mcp_repo_version}/trusty/archive-mcp${_param:mcp_repo_version}.key"
- gpgkeys:
- - 1FA22B08
- publisher:
- component: main
- distributions:
- - ubuntu-trusty/mitaka-updates
-
- # required for salt formulas
- mirantis_openstack_holdback_trusty:
- source: http://mirror.fuel-infra.org/mcp-repos/${_param:mcp_repo_version}/trusty
- distribution: mitaka-holdback
- components: main restricted
- architectures: amd64
- key_url: "http://mirror.fuel-infra.org/mcp-repos/${_param:mcp_repo_version}/trusty/archive-mcp${_param:mcp_repo_version}.key"
- gpgkeys:
- - 1FA22B08
- publisher:
- component: main
- distributions:
- - ubuntu-trusty/mitaka-holdback
-
diff --git a/aptly/server/mirror/ubuntu/trusty/mcp/openstack_mitaka.yml b/aptly/server/mirror/ubuntu/trusty/mcp/openstack_mitaka.yml
new file mode 100644
index 0000000..d9e54e5
--- /dev/null
+++ b/aptly/server/mirror/ubuntu/trusty/mcp/openstack_mitaka.yml
@@ -0,0 +1,71 @@
+parameters:
+ aptly:
+ server:
+ mirror:
+ mirantis_openstack_mitaka_trusty:
+ source: http://mirror.fuel-infra.org/mcp-repos/mitaka/trusty
+ distribution: mitaka
+ components: main restricted
+ architectures: amd64
+ key_url: "http://mirror.fuel-infra.org/mcp-repos/mitaka/trusty/archive-mcpmitaka.key"
+ gpgkeys:
+ - 1FA22B08
+ publisher:
+ component: main
+ distributions:
+ - ubuntu-trusty/mitaka
+
+ mirantis_openstack_mitaka_hotfix_trusty:
+ source: http://mirror.fuel-infra.org/mcp-repos/mitaka/trusty
+ distribution: mitaka-hotfix
+ components: main restricted
+ architectures: amd64
+ key_url: "http://mirror.fuel-infra.org/mcp-repos/mitaka/trusty/archive-mcpmitaka.key"
+ gpgkeys:
+ - 1FA22B08
+ publisher:
+ component: main
+ distributions:
+ - ubuntu-trusty/mitaka-hotfix
+
+ mirantis_openstack_mitaka_security_trusty:
+ source: http://mirror.fuel-infra.org/mcp-repos/mitaka/trusty
+ distribution: mitaka-security
+ components: main restricted
+ architectures: amd64
+ key_url: "http://mirror.fuel-infra.org/mcp-repos/mitaka/trusty/archive-mcpmitaka.key"
+ gpgkeys:
+ - 1FA22B08
+ publisher:
+ component: main
+ distributions:
+ - ubuntu-trusty/mitaka-security
+
+ # required for alternative horizon plugins/etc..
+ mirantis_openstack_mitaka_updates_trusty:
+ source: http://mirror.fuel-infra.org/mcp-repos/mitaka/trusty
+ distribution: mitaka-updates
+ components: main restricted
+ architectures: amd64
+ key_url: "http://mirror.fuel-infra.org/mcp-repos/mitaka/trusty/archive-mcpmitaka.key"
+ gpgkeys:
+ - 1FA22B08
+ publisher:
+ component: main
+ distributions:
+ - ubuntu-trusty/mitaka-updates
+
+ # required for salt formulas
+ mirantis_openstack_mitaka_holdback_trusty:
+ source: http://mirror.fuel-infra.org/mcp-repos/mitaka/trusty
+ distribution: mitaka-holdback
+ components: main restricted
+ architectures: amd64
+ key_url: "http://mirror.fuel-infra.org/mcp-repos/mitaka/trusty/archive-mcpmitaka.key"
+ gpgkeys:
+ - 1FA22B08
+ publisher:
+ component: main
+ distributions:
+ - ubuntu-trusty/mitaka-holdback
+
diff --git a/aptly/server/mirror/ubuntu/xenial/mcp/openstack.yml b/aptly/server/mirror/ubuntu/xenial/mcp/openstack.yml
deleted file mode 100644
index a23ece8..0000000
--- a/aptly/server/mirror/ubuntu/xenial/mcp/openstack.yml
+++ /dev/null
@@ -1,73 +0,0 @@
-parameters:
- _param:
- mcp_repo_version: 1.0
- aptly:
- server:
- mirror:
- mirantis_openstack_xenial:
- source: http://mirror.fuel-infra.org/mcp-repos/${_param:mcp_repo_version}/xenial
- distribution: mitaka
- components: main restricted
- architectures: amd64
- key_url: "http://mirror.fuel-infra.org/mcp-repos/${_param:mcp_repo_version}/xenial/archive-mcp${_param:mcp_repo_version}.key"
- gpgkeys:
- - 1FA22B08
- publisher:
- component: main
- distributions:
- - ubuntu-xenial/mitaka
-
- mirantis_openstack_hotfix_xenial:
- source: http://mirror.fuel-infra.org/mcp-repos/${_param:mcp_repo_version}/xenial
- distribution: mitaka-hotfix
- components: main restricted
- architectures: amd64
- key_url: "http://mirror.fuel-infra.org/mcp-repos/${_param:mcp_repo_version}/xenial/archive-mcp${_param:mcp_repo_version}.key"
- gpgkeys:
- - 1FA22B08
- publisher:
- component: main
- distributions:
- - ubuntu-xenial/mitaka-hotfix
-
- mirantis_openstack_security_xenial:
- source: http://mirror.fuel-infra.org/mcp-repos/${_param:mcp_repo_version}/xenial
- distribution: mitaka-security
- components: main restricted
- architectures: amd64
- key_url: "http://mirror.fuel-infra.org/mcp-repos/${_param:mcp_repo_version}/xenial/archive-mcp${_param:mcp_repo_version}.key"
- gpgkeys:
- - 1FA22B08
- publisher:
- component: main
- distributions:
- - ubuntu-xenial/mitaka-security
-
- # required for alternative horizon plugins/etc..
- mirantis_openstack_updates_xenial:
- source: http://mirror.fuel-infra.org/mcp-repos/${_param:mcp_repo_version}/xenial
- distribution: mitaka-updates
- components: main restricted
- architectures: amd64
- key_url: "http://mirror.fuel-infra.org/mcp-repos/${_param:mcp_repo_version}/xenial/archive-mcp${_param:mcp_repo_version}.key"
- gpgkeys:
- - 1FA22B08
- publisher:
- component: main
- distributions:
- - ubuntu-xenial/mitaka-updates
-
- # required for salt formulas
- mirantis_openstack_holdback_xenial:
- source: http://mirror.fuel-infra.org/mcp-repos/${_param:mcp_repo_version}/xenial
- distribution: mitaka-holdback
- components: main restricted
- architectures: amd64
- key_url: "http://mirror.fuel-infra.org/mcp-repos/${_param:mcp_repo_version}/xenial/archive-mcp${_param:mcp_repo_version}.key"
- gpgkeys:
- - 1FA22B08
- publisher:
- component: main
- distributions:
- - ubuntu-xenial/mitaka-holdback
-
diff --git a/aptly/server/mirror/ubuntu/xenial/mcp/openstack_mitaka.yml b/aptly/server/mirror/ubuntu/xenial/mcp/openstack_mitaka.yml
new file mode 100644
index 0000000..32254d5
--- /dev/null
+++ b/aptly/server/mirror/ubuntu/xenial/mcp/openstack_mitaka.yml
@@ -0,0 +1,71 @@
+parameters:
+ aptly:
+ server:
+ mirror:
+ mirantis_openstack_mitaka_xenial:
+ source: http://mirror.fuel-infra.org/mcp-repos/mitaka/xenial
+ distribution: mitaka
+ components: main restricted
+ architectures: amd64
+ key_url: "http://mirror.fuel-infra.org/mcp-repos/mitaka/xenial/archive-mcpmitaka.key"
+ gpgkeys:
+ - 1FA22B08
+ publisher:
+ component: main
+ distributions:
+ - ubuntu-xenial/mitaka
+
+ mirantis_openstack_mitaka_hotfix_xenial:
+ source: http://mirror.fuel-infra.org/mcp-repos/mitaka/xenial
+ distribution: mitaka-hotfix
+ components: main restricted
+ architectures: amd64
+ key_url: "http://mirror.fuel-infra.org/mcp-repos/mitaka/xenial/archive-mcpmitaka.key"
+ gpgkeys:
+ - 1FA22B08
+ publisher:
+ component: main
+ distributions:
+ - ubuntu-xenial/mitaka-hotfix
+
+ mirantis_openstack_mitaka_security_xenial:
+ source: http://mirror.fuel-infra.org/mcp-repos/mitaka/xenial
+ distribution: mitaka-security
+ components: main restricted
+ architectures: amd64
+ key_url: "http://mirror.fuel-infra.org/mcp-repos/mitaka/xenial/archive-mcpmitaka.key"
+ gpgkeys:
+ - 1FA22B08
+ publisher:
+ component: main
+ distributions:
+ - ubuntu-xenial/mitaka-security
+
+ # required for alternative horizon plugins/etc..
+ mirantis_openstack_mitaka_updates_xenial:
+ source: http://mirror.fuel-infra.org/mcp-repos/mitaka/xenial
+ distribution: mitaka-updates
+ components: main restricted
+ architectures: amd64
+ key_url: "http://mirror.fuel-infra.org/mcp-repos/mitaka/xenial/archive-mcpmitaka.key"
+ gpgkeys:
+ - 1FA22B08
+ publisher:
+ component: main
+ distributions:
+ - ubuntu-xenial/mitaka-updates
+
+ # required for salt formulas
+ mirantis_openstack_mitaka_holdback_xenial:
+ source: http://mirror.fuel-infra.org/mcp-repos/mitaka/xenial
+ distribution: mitaka-holdback
+ components: main restricted
+ architectures: amd64
+ key_url: "http://mirror.fuel-infra.org/mcp-repos/mitaka/xenial/archive-mcpmitaka.key"
+ gpgkeys:
+ - 1FA22B08
+ publisher:
+ component: main
+ distributions:
+ - ubuntu-xenial/mitaka-holdback
+
diff --git a/aptly/server/mirror/ubuntu/xenial/mcp/openstack_newton.yml b/aptly/server/mirror/ubuntu/xenial/mcp/openstack_newton.yml
new file mode 100644
index 0000000..2f08b2c
--- /dev/null
+++ b/aptly/server/mirror/ubuntu/xenial/mcp/openstack_newton.yml
@@ -0,0 +1,71 @@
+parameters:
+ aptly:
+ server:
+ mirror:
+ mirantis_openstack_newton_xenial:
+ source: http://mirror.fuel-infra.org/mcp-repos/newton/xenial
+ distribution: newton
+ components: main restricted
+ architectures: amd64
+ key_url: "http://mirror.fuel-infra.org/mcp-repos/newton/xenial/archive-mcpnewton.key"
+ gpgkeys:
+ - 1FA22B08
+ publisher:
+ component: main
+ distributions:
+ - ubuntu-xenial/newton
+
+ mirantis_openstack_newton_hotfix_xenial:
+ source: http://mirror.fuel-infra.org/mcp-repos/newton/xenial
+ distribution: newton-hotfix
+ components: main restricted
+ architectures: amd64
+ key_url: "http://mirror.fuel-infra.org/mcp-repos/newton/xenial/archive-mcpnewton.key"
+ gpgkeys:
+ - 1FA22B08
+ publisher:
+ component: main
+ distributions:
+ - ubuntu-xenial/newton-hotfix
+
+ mirantis_openstack_newton_security_xenial:
+ source: http://mirror.fuel-infra.org/mcp-repos/newton/xenial
+ distribution: newton-security
+ components: main restricted
+ architectures: amd64
+ key_url: "http://mirror.fuel-infra.org/mcp-repos/newton/xenial/archive-mcpnewton.key"
+ gpgkeys:
+ - 1FA22B08
+ publisher:
+ component: main
+ distributions:
+ - ubuntu-xenial/newton-security
+
+ # required for alternative horizon plugins/etc..
+ mirantis_openstack_newton_updates_xenial:
+ source: http://mirror.fuel-infra.org/mcp-repos/newton/xenial
+ distribution: newton-updates
+ components: main restricted
+ architectures: amd64
+ key_url: "http://mirror.fuel-infra.org/mcp-repos/newton/xenial/archive-mcpnewton.key"
+ gpgkeys:
+ - 1FA22B08
+ publisher:
+ component: main
+ distributions:
+ - ubuntu-xenial/newton-updates
+
+ # required for salt formulas
+ mirantis_openstack_newton_holdback_xenial:
+ source: http://mirror.fuel-infra.org/mcp-repos/newton/xenial
+ distribution: newton-holdback
+ components: main restricted
+ architectures: amd64
+ key_url: "http://mirror.fuel-infra.org/mcp-repos/newton/xenial/archive-mcpnewton.key"
+ gpgkeys:
+ - 1FA22B08
+ publisher:
+ component: main
+ distributions:
+ - ubuntu-xenial/newton-holdback
+
diff --git a/aptly/server/mirror/ubuntu/xenial/mcp/openstack_ocata.yml b/aptly/server/mirror/ubuntu/xenial/mcp/openstack_ocata.yml
new file mode 100644
index 0000000..8c12ddc
--- /dev/null
+++ b/aptly/server/mirror/ubuntu/xenial/mcp/openstack_ocata.yml
@@ -0,0 +1,71 @@
+parameters:
+ aptly:
+ server:
+ mirror:
+ mirantis_openstack_ocata_xenial:
+ source: http://mirror.fuel-infra.org/mcp-repos/ocata/xenial
+ distribution: ocata
+ components: main restricted
+ architectures: amd64
+ key_url: "http://mirror.fuel-infra.org/mcp-repos/ocata/xenial/archive-mcpocata.key"
+ gpgkeys:
+ - 1FA22B08
+ publisher:
+ component: main
+ distributions:
+ - ubuntu-xenial/ocata
+
+ mirantis_openstack_ocata_hotfix_xenial:
+ source: http://mirror.fuel-infra.org/mcp-repos/ocata/xenial
+ distribution: ocata-hotfix
+ components: main restricted
+ architectures: amd64
+ key_url: "http://mirror.fuel-infra.org/mcp-repos/ocata/xenial/archive-mcpocata.key"
+ gpgkeys:
+ - 1FA22B08
+ publisher:
+ component: main
+ distributions:
+ - ubuntu-xenial/ocata-hotfix
+
+ mirantis_openstack_ocata_security_xenial:
+ source: http://mirror.fuel-infra.org/mcp-repos/ocata/xenial
+ distribution: ocata-security
+ components: main restricted
+ architectures: amd64
+ key_url: "http://mirror.fuel-infra.org/mcp-repos/ocata/xenial/archive-mcpocata.key"
+ gpgkeys:
+ - 1FA22B08
+ publisher:
+ component: main
+ distributions:
+ - ubuntu-xenial/ocata-security
+
+ # required for alternative horizon plugins/etc..
+ mirantis_openstack_ocata_updates_xenial:
+ source: http://mirror.fuel-infra.org/mcp-repos/ocata/xenial
+ distribution: ocata-updates
+ components: main restricted
+ architectures: amd64
+ key_url: "http://mirror.fuel-infra.org/mcp-repos/ocata/xenial/archive-mcpocata.key"
+ gpgkeys:
+ - 1FA22B08
+ publisher:
+ component: main
+ distributions:
+ - ubuntu-xenial/ocata-updates
+
+ # required for salt formulas
+ mirantis_openstack_ocata_holdback_xenial:
+ source: http://mirror.fuel-infra.org/mcp-repos/ocata/xenial
+ distribution: ocata-holdback
+ components: main restricted
+ architectures: amd64
+ key_url: "http://mirror.fuel-infra.org/mcp-repos/ocata/xenial/archive-mcpocata.key"
+ gpgkeys:
+ - 1FA22B08
+ publisher:
+ component: main
+ distributions:
+ - ubuntu-xenial/ocata-holdback
+
diff --git a/devops_portal/service/rundeck.yml b/devops_portal/service/rundeck.yml
index 1a15473..82fd764 100644
--- a/devops_portal/service/rundeck.yml
+++ b/devops_portal/service/rundeck.yml
@@ -5,8 +5,9 @@
rundeck:
configure_proxy: true
credentials:
- username: admin
+ username: ${_param:rundeck_admin_username}
password: ${_param:rundeck_admin_password}
+ token: ${_param:rundeck_admin_token}
endpoint:
address: ${_param:haproxy_rundeck_bind_host}
port: ${_param:haproxy_rundeck_bind_port}
diff --git a/docker/swarm/service/rundeck.yml b/docker/swarm/service/rundeck.yml
index baad94a..cc871dd 100644
--- a/docker/swarm/service/rundeck.yml
+++ b/docker/swarm/service/rundeck.yml
@@ -1,8 +1,7 @@
parameters:
_param:
docker_rundeck_replicas: 1
- docker_image_rundeck: docker-sandbox.sandbox.mirantis.net/ikharin/oss/rundeck:latest
- rundeck_admin_password: password
+ docker_image_rundeck: docker-sandbox.sandbox.mirantis.net/ikharin/oss/rundeck:devel
docker:
client:
service:
@@ -17,10 +16,14 @@
ports:
- 14440:4440
volume:
- etc:
+ framework.properties:
type: bind
- source: /srv/volumes/rundeck/etc
- destination: /etc/rundeck
+ source: /srv/volumes/rundeck/config/framework.properties
+ destination: /etc/rundeck/framework.properties
+ tokens.properties:
+ type: bind
+ source: /srv/volumes/rundeck/config/tokens.properties
+ destination: /etc/rundeck/tokens.properties
rundeck:
type: bind
source: /srv/volumes/rundeck/rundeck
diff --git a/docker/swarm/stack/gerrit.yml b/docker/swarm/stack/gerrit.yml
index 26ffe7f..48466ef 100644
--- a/docker/swarm/stack/gerrit.yml
+++ b/docker/swarm/stack/gerrit.yml
@@ -1,7 +1,7 @@
parameters:
_param:
docker_image_gerrit: tcpcloud/gerrit:2.13.6
- docker_image_mysql: mysql:5.6
+ docker_image_mysql: tcpcloud/mysql:5.6
gerrit_ldap_server: ""
gerrit_ldap_bind_user: ""
gerrit_ldap_bind_password: ""
@@ -39,7 +39,7 @@
LDAP_GROUPBASE: ${_param:gerrit_ldap_group_base}
LDAP_USERNAME: ${_param:gerrit_ldap_bind_user}
LDAP_PASSWORD: ${_param:gerrit_ldap_bind_password}
- WEBURL: ${_param:gerrit_public_host}
+ WEBURL: http://${_param:gerrit_public_host}:8080
GERRIT_ADMIN_SSH_PUBLIC: ${_param:gerrit_admin_public_key}
GERRIT_ADMIN_PWD: ${_param:gerrit_admin_password}
GERRIT_ADMIN_EMAIL: ${_param:gerrit_admin_email}
@@ -50,6 +50,7 @@
MYSQL_PASSWORD: ${_param:mysql_gerrit_password}
MYSQL_DATABASE: gerrit
MYSQL_ROOT_PASSWORD: ${_param:mysql_admin_password}
+ MYSQL_START_TIMEOUT: 300
deploy:
restart_policy:
condition: any
diff --git a/docker/swarm/stack/ldap.yml b/docker/swarm/stack/ldap.yml
index 6e94695..a5fe135 100644
--- a/docker/swarm/stack/ldap.yml
+++ b/docker/swarm/stack/ldap.yml
@@ -8,6 +8,8 @@
ldap:
service:
server:
+ networks:
+ - ldap
deploy:
restart_policy:
condition: any
@@ -28,6 +30,8 @@
LDAP_CONFIG_PASSWORD: ${_param:openldap_config_password}
LDAP_TLS: "false"
admin:
+ networks:
+ - ldap
deploy:
restart_policy:
condition: any
@@ -35,12 +39,16 @@
depends_on:
- server
hostname: ldap
- domainname: ${_param:openldap_domain}
environment:
- PHPLDAPADMIN_LDAP_HOSTS: "#PYTHON2BASH:[{'ldap.${_param:openldap_domain}': [{'server': [{'tls': False}]},{'login': [{'bind_id': 'cn=admin,${_param:openldap_dn}'},{'bind_pass': '${_param:openldap_admin_password}'}]}]}]"
+ PHPLDAPADMIN_LDAP_HOSTS: "#PYTHON2BASH:[{'server': [{'server': [{'tls': False}]},{'login': [{'bind_id': 'cn=admin,${_param:openldap_dn}'},{'bind_pass': '${_param:openldap_admin_password}'}]}]}]"
PHPLDAPADMIN_HTTPS: "false"
PHPLDAPADMIN_TRUST_PROXY_SSL: "true"
PHPLDAPADMIN_SERVER_ADMIN: ${_param:admin_email}
PHPLDAPADMIN_THEME: mirantis
ports:
- 18089:80
+ network:
+ ldap:
+ driver: overlay
+ driver_opts:
+ encrypted: 1
diff --git a/docker/swarm/stack/rundeck.yml b/docker/swarm/stack/rundeck.yml
index b0951a4..f89619a 100644
--- a/docker/swarm/stack/rundeck.yml
+++ b/docker/swarm/stack/rundeck.yml
@@ -1,15 +1,11 @@
parameters:
_param:
docker_rundeck_replicas: 1
- docker_image_rundeck: docker-sandbox.sandbox.mirantis.net/ikharin/oss/rundeck:latest
- rundeck_admin_password: password
+ docker_image_rundeck: docker-sandbox.sandbox.mirantis.net/ikharin/oss/rundeck:devel
docker:
client:
stack:
rundeck:
- environment:
- SERVER_URL: "http://${_param:haproxy_rundeck_bind_host}:${_param:haproxy_rundeck_bind_port}"
- RUNDECK_ADMIN_PASSWORD: ${_param:rundeck_admin_password}
service:
rundeck:
image: ${_param:docker_image_rundeck}
@@ -20,9 +16,11 @@
ports:
- 14440:4440
volumes:
- - /srv/volumes/rundeck/etc:/etc/rundeck
+ - /srv/volumes/rundeck/etc/framework.properties:/etc/rundeck/framework.properties
+ - /srv/volumes/rundeck/etc/tokens.properties:/etc/rundeck/tokens.properties
+ - /srv/volumes/rundeck/etc/realm.properties:/etc/rundeck/realm.properties
+ - /srv/volumes/rundeck/etc/rundeck-config.properties:/etc/rundeck/rundeck-config.properties
- /srv/volumes/rundeck/rundeck:/var/rundeck
- - /srv/volumes/rundeck/mysql:/var/lib/mysql
- /srv/volumes/rundeck/log:/var/log/rundeck
- /srv/volumes/rundeck/logs:/var/lib/rundeck/logs
- /srv/volumes/rundeck/plugins:/opt/rundeck-plugins
diff --git a/jenkins/client/approved_scripts.yml b/jenkins/client/approved_scripts.yml
index d947687..d65fecd 100644
--- a/jenkins/client/approved_scripts.yml
+++ b/jenkins/client/approved_scripts.yml
@@ -94,3 +94,4 @@
- method java.util.regex.Matcher find
- method hudson.model.Run getId
- method java.util.regex.MatchResult groupCount
+ - method java.lang.Throwable printStackTrace
diff --git a/jenkins/client/init.yml b/jenkins/client/init.yml
index ab057df..07720fa 100644
--- a/jenkins/client/init.yml
+++ b/jenkins/client/init.yml
@@ -24,6 +24,7 @@
description-setter: {}
discard-old-build: {}
docker-workflow: {}
+ email-ext: {}
extended-choice-parameter: {}
extensible-choice-parameter: {}
gerrit-trigger: {}
diff --git a/jenkins/client/job/debian/packages/extra.yml b/jenkins/client/job/debian/packages/extra.yml
index 9d6755e..298452e 100644
--- a/jenkins/client/job/debian/packages/extra.yml
+++ b/jenkins/client/job/debian/packages/extra.yml
@@ -8,96 +8,135 @@
- package: librdkafka
dist: trusty
build: pipeline
+ branch: debian/trusty
- package: python-kafka
dist: trusty
build: pipeline
+ branch: debian/trusty
- package: liburcu
dist: trusty
build: pipeline
+ branch: debian/trusty
- package: python-kazoo
dist: trusty
build: pipeline
+ branch: debian/trusty
- package: python-pathlib
dist: trusty
build: pipeline
+ branch: debian/trusty
- package: kafka
dist: trusty
build: pipeline
+ branch: debian/trusty
- package: python-geventhttpclient
dist: trusty
build: pipeline
+ branch: debian/trusty
- package: python-consistent-hash
dist: trusty
build: pipeline
+ branch: debian/trusty
- package: libipfix
dist: trusty
build: pipeline
+ branch: debian/trusty
- package: python-ncclient
dist: trusty
build: pipeline
+ branch: debian/trusty
- package: python-pycassa
dist: trusty
build: pipeline
+ branch: debian/trusty
- package: python-xmltodict
dist: trusty
build: pipeline
+ branch: debian/trusty
- package: python-backports.ssl-match-hostname
dist: trusty
build: pipeline
+ branch: debian/trusty
- package: python-certifi
dist: trusty
build: pipeline
+ branch: debian/trusty
- package: python-docker
dist: trusty
build: pipeline
+ branch: debian/trusty
- package: python-cassandra-driver
dist: trusty
build: pipeline
+ branch: debian/trusty
- package: python-redis
dist: trusty
build: pipeline
+ branch: debian/trusty
- package: python-tabulate
dist: trusty
build: pipeline
+ branch: debian/trusty
- package: cassandra-cpp-driver
dist: trusty
build: pipeline
+ branch: debian/trusty
- package: libuv1
dist: trusty
build: pipeline
+ branch: debian/trusty
- package: python-sseclient
dist: trusty
build: pipeline
+ branch: debian/trusty
+ - package: reclass
+ dist: trusty
+ build: pipeline
+ branch: debian/trusty
- package: librdkafka
dist: xenial
build: pipeline
+ branch: debian/xenial
- package: python-kafka
dist: xenial
build: pipeline
+ branch: debian/xenial
- package: python-geventhttpclient
dist: xenial
build: pipeline
+ branch: debian/xenial
- package: python-docker
dist: xenial
build: pipeline
+ branch: debian/xenial
- package: python-consistent-hash
dist: xenial
build: pipeline
+ branch: debian/xenial
- package: libipfix
dist: xenial
build: pipeline
+ branch: debian/xenial
- package: cassandra-cpp-driver
dist: xenial
build: pipeline
+ branch: debian/xenial
- package: python-sseclient
dist: xenial
build: pipeline
+ branch: debian/xenial
+ - package: reclass
+ dist: xenial
+ build: pipeline
+ branch: debian/xenial
- package: telegraf
dist: trusty
build: telegraf
+ branch: release-1.2
- package: telegraf
dist: xenial
build: telegraf
+ branch: release-1.2
template:
type: workflow-scm
concurrent: false
@@ -125,7 +164,7 @@
default: "${_param:jenkins_gerrit_url}/debian/{{package}}.git"
SOURCE_BRANCH:
type: string
- default: "debian/{{dist}}"
+ default: "{{branch}}"
SOURCE_CREDENTIALS:
type: string
default: "gerrit"
diff --git a/jenkins/client/job/debian/packages/horizon/modules.yml b/jenkins/client/job/debian/packages/horizon/modules.yml
index 2b6477b..359ab89 100644
--- a/jenkins/client/job/debian/packages/horizon/modules.yml
+++ b/jenkins/client/job/debian/packages/horizon/modules.yml
@@ -29,6 +29,30 @@
dist: xenial
os_version: mitaka
branch: stable/mitaka
+ # Trusty
+ - name: horizon-contrail-panels
+ os: ubuntu
+ dist: trusty
+ os_version: newton
+ branch: stable/newton
+ # Xenial
+ - name: horizon-contrail-panels
+ os: ubuntu
+ dist: xenial
+ os_version: newton
+ branch: stable/newton
+ # Trusty
+ - name: horizon-contrail-panels
+ os: ubuntu
+ dist: trusty
+ os_version: ocata
+ branch: stable/ocata
+ # Xenial
+ - name: horizon-contrail-panels
+ os: ubuntu
+ dist: xenial
+ os_version: ocata
+ branch: stable/ocata
template:
discard:
build:
@@ -45,7 +69,7 @@
trigger:
gerrit:
project:
- salt-formulas/{{name}}:
+ horizon-modules/{{name}}:
branches:
- "{{branch}}"
message:
diff --git a/jenkins/client/job/debian/packages/horizon/themes.yml b/jenkins/client/job/debian/packages/horizon/themes.yml
index b96a0c6..a5ad56a 100644
--- a/jenkins/client/job/debian/packages/horizon/themes.yml
+++ b/jenkins/client/job/debian/packages/horizon/themes.yml
@@ -33,7 +33,7 @@
trigger:
gerrit:
project:
- salt-formulas/{{name}}:
+ horizon-themes/{{name}}:
branches:
- "{{branch}}"
message:
diff --git a/jenkins/client/job/debian/packages/salt.yml b/jenkins/client/job/debian/packages/salt.yml
index 3c73fa7..ecd7432 100644
--- a/jenkins/client/job/debian/packages/salt.yml
+++ b/jenkins/client/job/debian/packages/salt.yml
@@ -97,6 +97,8 @@
dist: trusty
- name: linux
dist: trusty
+ - name: lldp
+ dist: trusty
- name: logrotate
dist: trusty
- name: maas
@@ -183,6 +185,8 @@
dist: trusty
- name: telegraf
dist: trusty
+ - name: tftpd-hpa
+ dist: trusty
- name: varnish
dist: trusty
- name: zookeeper
@@ -279,6 +283,8 @@
dist: xenial
- name: linux
dist: xenial
+ - name: lldp
+ dist: xenial
- name: logrotate
dist: xenial
- name: maas
@@ -365,6 +371,8 @@
dist: xenial
- name: telegraf
dist: xenial
+ - name: tftpd-hpa
+ dist: xenial
- name: varnish
dist: xenial
- name: zookeeper
diff --git a/jenkins/client/job/deploy/lab/mk/init.yml b/jenkins/client/job/deploy/lab/mk/init.yml
index 17dca28..2a32dc6 100644
--- a/jenkins/client/job/deploy/lab/mk/init.yml
+++ b/jenkins/client/job/deploy/lab/mk/init.yml
@@ -37,7 +37,7 @@
# heat
HEAT_TEMPLATE_URL:
type: string
- default: "git@github.com:Mirantis/mk-lab-heat-templates.git"
+ default: "${_param:jenkins_gerrit_url}/mk/heat-templates"
HEAT_TEMPLATE_CREDENTIALS:
type: string
default: "gerrit"
diff --git a/jenkins/client/job/docker/devops-portal.yml b/jenkins/client/job/docker/devops-portal.yml
new file mode 100644
index 0000000..50f72a4
--- /dev/null
+++ b/jenkins/client/job/docker/devops-portal.yml
@@ -0,0 +1,51 @@
+parameters:
+ jenkins:
+ client:
+ job:
+ docker-build-images-devops-portal:
+ name: docker-build-images-devops-portal
+ discard:
+ build:
+ keep_num: 25
+ artifact:
+ keep_num: 25
+ type: workflow-scm
+ concurrent: false
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
+ credentials: "gerrit"
+ script: docker-build-to-jfrog.groovy
+ trigger:
+ gerrit:
+ project:
+ "oss/devops-portal":
+ branches:
+ - master
+ event:
+ patchset:
+ - created:
+ excludeDrafts: false
+ excludeNoCodeChange: false
+ comment:
+ - addedContains:
+ commentAddedCommentContains: 'rebuild'
+ param:
+ IMAGE_NAME:
+ type: string
+ default: "devops-portal"
+ IMAGE_TAGS:
+ type: string
+ default: "latest"
+ CREDENTIALS_ID:
+ type: string
+ default: "gerrit"
+ DOCKERFILE_PATH:
+ type: string
+ default: "docker/devops-portal"
+ DOCKER_REGISTRY:
+ type: string
+ default: "docker-dev-virtual.docker.mirantis.net"
+ PROJECT_NAMESPACE:
+ type: string
+ default: "oss"
diff --git a/jenkins/client/job/docker/init.yml b/jenkins/client/job/docker/init.yml
index 2f1f49a..1a2e4d9 100644
--- a/jenkins/client/job/docker/init.yml
+++ b/jenkins/client/job/docker/init.yml
@@ -5,7 +5,7 @@
Docker:
enabled: true
type: ListView
- include_regex: ".*-docker-.*"
+ include_regex: ".*docker.*"
job_template:
docker-build-image:
name: docker-build-image-{{name}}-{{branch}}
@@ -34,6 +34,10 @@
branch: "master"
tags: "latest"
dockerfile: "image/Dockerfile"
+ - name: mysql
+ branch: "master"
+ tags: "5.6 latest"
+ dockerfile: "5.6/Dockerfile"
template:
discard:
build:
@@ -83,4 +87,4 @@
default: "dockerhub"
DOCKER_GIT_TAG:
type: boolean
- default: "true"
\ No newline at end of file
+ default: "true"
diff --git a/jenkins/client/job/git-mirrors/downstream/debian-packages.yml b/jenkins/client/job/git-mirrors/downstream/debian-packages.yml
new file mode 100644
index 0000000..9708d9f
--- /dev/null
+++ b/jenkins/client/job/git-mirrors/downstream/debian-packages.yml
@@ -0,0 +1,13 @@
+classes:
+ - system.jenkins.client.job.git-mirrors.downstream
+parameters:
+ _param:
+ jenkins_git_mirror_downstream_jobs:
+ - name: debian-telegraf
+ downstream: debian/telegraf
+ upstream: "https://github.com/influxdata/telegraf.git"
+ branches: master
+ - name: debian-gophercloud
+ downstream: debian/gophercloud
+ upstream: "https://github.com/gophercloud/gophercloud.git"
+ branches: master
diff --git a/jenkins/client/job/git-mirrors/upstream/debian-packages.yml b/jenkins/client/job/git-mirrors/upstream/debian-packages.yml
new file mode 100644
index 0000000..82d48e4
--- /dev/null
+++ b/jenkins/client/job/git-mirrors/upstream/debian-packages.yml
@@ -0,0 +1,9 @@
+classes:
+ - system.jenkins.client.job.git-mirrors.upstream
+parameters:
+ _param:
+ jenkins_git_mirror_upstream_jobs:
+ - name: debian-telegraf
+ downstream: debian/telegraf
+ upstream: "git@github.com:Mirantis/telegraf.git"
+ branches: master
diff --git a/jenkins/client/job/opencontrail/git-mirrors/downstream.yml b/jenkins/client/job/opencontrail/git-mirrors/downstream.yml
index b49a1a0..45b06b6 100644
--- a/jenkins/client/job/opencontrail/git-mirrors/downstream.yml
+++ b/jenkins/client/job/opencontrail/git-mirrors/downstream.yml
@@ -45,6 +45,8 @@
branches: ${_param:contrail_dpdk_extra_branches}
- name: contrail-kubernetes
branches: ${_param:contrail_kubernetes_branches}
+ - name: contrail-dpdk
+ branches: ${_param:contrail_dpdk_branches}
template:
discard:
build:
diff --git a/jenkins/client/job/opencontrail/git-mirrors/upstream.yml b/jenkins/client/job/opencontrail/git-mirrors/upstream.yml
index ece2182..0fa0491 100644
--- a/jenkins/client/job/opencontrail/git-mirrors/upstream.yml
+++ b/jenkins/client/job/opencontrail/git-mirrors/upstream.yml
@@ -44,6 +44,8 @@
branches: ${_param:contrail_branches}
- name: contrail-dpdk-extra-packages
branches: ${_param:contrail_dpdk_extra_branches}
+ - name: contrail-dpdk
+ branches: ${_param:contrail_dpdk_branches}
template:
discard:
build:
diff --git a/jenkins/client/job/opencontrail/init.yml b/jenkins/client/job/opencontrail/init.yml
index 63e4215..df8f51b 100644
--- a/jenkins/client/job/opencontrail/init.yml
+++ b/jenkins/client/job/opencontrail/init.yml
@@ -8,6 +8,7 @@
contrail_dpdk_extra_branches: "mitaka,kilo,liberty-multiqueue"
contrail_ceilometer_plugin_branches: "master"
contrail_kubernetes_branches: "master,origin-1.1,origin-1.1.3,release-1.1,release-1.2"
+ contrail_dpdk_branches: "master,R3.0.2.x,R3.0.3.x,R3.1,R3.1.1.x,R3.2,contrail_dpdk_17_02,contrail_dpdk_1_7,contrail_dpdk_2_0,contrail_dpdk_2_1"
jenkins:
client:
view:
@@ -26,3 +27,5 @@
naming_rule: "R3.1.1.x"
- group_regex: "build-opencontrail-oc32-.*"
naming_rule: "R3.2"
+ - group_regex: "build-opencontrail-oc666-.*"
+ naming_rule: "oc-666"
diff --git a/jenkins/client/job/salt-formulas/tests.yml b/jenkins/client/job/salt-formulas/tests.yml
index 0912cbb..111cc6a 100644
--- a/jenkins/client/job/salt-formulas/tests.yml
+++ b/jenkins/client/job/salt-formulas/tests.yml
@@ -104,6 +104,7 @@
- name: swift
- name: taiga
- name: telegraf
+ - name: tftpd-hpa
- name: varnish
- name: zookeeper
template:
diff --git a/jenkins/client/job/salt-models/generate-auto.yml b/jenkins/client/job/salt-models/generate-auto.yml
new file mode 100644
index 0000000..4f62784
--- /dev/null
+++ b/jenkins/client/job/salt-models/generate-auto.yml
@@ -0,0 +1,44 @@
+parameters:
+ jenkins:
+ client:
+ job_template:
+ generate-salt-model-auto:
+ name: generate-salt-model-{{cookiecutter_template}}
+ param:
+ cookiecutter_template:
+ - separated-products-auto
+ template:
+ type: workflow-scm
+ concurrent: true
+ display_name: "Generate reclass cluster {{cookiecutter_template}} automatically"
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
+ credentials: "jenkins-mk"
+ script: generate-cookiecutter-products-auto.groovy
+ param:
+ COOKIECUTTER_TEMPLATE_URL:
+ type: string
+ default: "git@github.com:Mirantis/mk2x-cookiecutter-reclass-model.git"
+ COOKIECUTTER_TEMPLATE_CREDENTIALS:
+ type: string
+ default: github-credentials
+ COOKIECUTTER_TEMPLATE_BRANCH:
+ type: string
+ default: master
+ COOKIECUTTER_TEMPLATE_PATH:
+ type: string
+ default: "./"
+ COOKIECUTTER_TEMPLATE_CONTEXT:
+ type: text
+ RECLASS_MODEL_URL:
+ type: string
+ RECLASS_MODEL_CREDENTIALS:
+ type: string
+ default: gerrit
+ RECLASS_MODEL_BRANCH:
+ type: string
+ default: master
+ EMAIL_ADDRESS:
+ type: string
+ default: ""
\ No newline at end of file
diff --git a/jenkins/client/job/salt-models/init.yml b/jenkins/client/job/salt-models/init.yml
index 7e5039a..9da1a34 100644
--- a/jenkins/client/job/salt-models/init.yml
+++ b/jenkins/client/job/salt-models/init.yml
@@ -2,6 +2,7 @@
- system.jenkins.client.job.salt-models.git-mirrors
- system.jenkins.client.job.salt-models.tests
- system.jenkins.client.job.salt-models.generate
+ - system.jenkins.client.job.salt-models.generate-auto
parameters:
_param:
salt_formulas_branches: master
diff --git a/jenkins/slave/ruby.yml b/jenkins/slave/ruby.yml
new file mode 100644
index 0000000..9fd26c3
--- /dev/null
+++ b/jenkins/slave/ruby.yml
@@ -0,0 +1,12 @@
+classes:
+ - system.jenkins.slave
+parameters:
+ linux:
+ system:
+ package:
+ ruby:
+ version: latest
+ rbenv:
+ version: latest
+ ruby-build:
+ version: latest
diff --git a/keystone/client/service/radosgw-s3.yml b/keystone/client/service/radosgw-s3.yml
index 00efe1b..06d8299 100644
--- a/keystone/client/service/radosgw-s3.yml
+++ b/keystone/client/service/radosgw-s3.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ radosgw_s3_cluster_port: 8081
keystone:
client:
server:
@@ -20,11 +21,11 @@
- region: ${_param:openstack_region}
public_address: ${_param:cluster_public_host}
public_protocol: ${_param:cluster_public_protocol}
- public_port: 8081
+ public_port: ${_param:radosgw_s3_cluster_port}
public_path: '/' # /$(project_id)s
internal_address: ${_param:radosgw_service_host}
- internal_port: 8081
+ internal_port: ${_param:radosgw_s3_cluster_port}
internal_path: '/'
admin_address: ${_param:radosgw_service_host}
- admin_port: 8081
+ admin_port: ${_param:radosgw_s3_cluster_port}
admin_path: '/'
diff --git a/keystone/client/service/sahara.yml b/keystone/client/service/sahara.yml
index 2cd3260..84a0b96 100644
--- a/keystone/client/service/sahara.yml
+++ b/keystone/client/service/sahara.yml
@@ -13,7 +13,7 @@
password: ${_param:keystone_sahara_password}
email: ${_param:admin_email}
service:
- swift:
+ sahara:
type: data-processing
description: Sahara Data Processing
endpoints:
diff --git a/keystone/client/service/swift-s3.yml b/keystone/client/service/swift-s3.yml
index 7bc1373..5880487 100644
--- a/keystone/client/service/swift-s3.yml
+++ b/keystone/client/service/swift-s3.yml
@@ -16,7 +16,7 @@
swift-s3:
type: object-store
description: S3 Service (swift)
- region: ${_param:keystone_region}
+ region: ${_param:openstack_region}
endpoints:
- region: ${_param:openstack_region}
public_address: ${_param:cluster_public_host}
diff --git a/keystone/server/single.yml b/keystone/server/single.yml
index 38be60f..ef0a030 100644
--- a/keystone/server/single.yml
+++ b/keystone/server/single.yml
@@ -9,9 +9,37 @@
mysql_keystone_password: password
keystone:
server:
- roles:
- - admin
- - Member
- - image_manager
- database:
- host: 127.0.0.1
+ enabled: true
+ version: ${_param:keystone_version}
+ service_token: ${_param:keystone_service_token}
+ service_tenant: service
+ admin_tenant: admin
+ admin_name: admin
+ admin_password: ${_param:keystone_admin_password}
+ admin_email: ${_param:admin_email}
+ bind:
+ address: ${_param:single_address}
+ private_address: ${_param:single_address}
+ private_port: 35357
+ public_address: ${_param:single_address}
+ public_port: 5000
+ region: ${_param:openstack_region}
+ database:
+ engine: mysql
+ host: ${_param:single_address}
+ name: keystone
+ password: ${_param:mysql_keystone_password}
+ user: keystone
+ tokens:
+ engine: fernet
+ expiration: 3600
+ max_active_keys: 3
+ location: /var/lib/keystone/fernet-keys
+ message_queue:
+ engine: rabbitmq
+ members:
+ - host: ${_param:single_address}
+ user: openstack
+ password: ${_param:rabbitmq_openstack_password}
+ virtual_host: '/openstack'
+ ha_queues: true
\ No newline at end of file
diff --git a/linux/system/single.yml b/linux/system/single.yml
index fad25ae..2c538f5 100644
--- a/linux/system/single.yml
+++ b/linux/system/single.yml
@@ -11,6 +11,8 @@
version: latest
cloud-init:
version: purged
+ mcelog:
+ version: latest
kernel:
modules:
- nf_conntrack
@@ -50,9 +52,8 @@
item: nofile
value: 307200
- type: soft
- item: noproc
+ item: nproc
value: 307200
- type: hard
- item: noproc
+ item: nproc
value: 307200
-
diff --git a/mysql/client/database/aodh.yml b/mysql/client/database/aodh.yml
new file mode 100644
index 0000000..92a2b29
--- /dev/null
+++ b/mysql/client/database/aodh.yml
@@ -0,0 +1,17 @@
+parameters:
+ mysql:
+ client:
+ server:
+ database:
+ database:
+ aodh:
+ encoding: utf8
+ users:
+ - name: aodh
+ password: ${_param:mysql_aodh_password}
+ host: '%'
+ rights: all
+ - name: aodh
+ password: ${_param:mysql_aodh_password}
+ host: ${_param:single_address}
+ rights: all
\ No newline at end of file
diff --git a/mysql/client/database_upgrade/aodh.yml b/mysql/client/database_upgrade/aodh.yml
new file mode 100644
index 0000000..d363161
--- /dev/null
+++ b/mysql/client/database_upgrade/aodh.yml
@@ -0,0 +1,23 @@
+parameters:
+ mysql:
+ client:
+ server:
+ database:
+ database:
+ aodh_upgrade:
+ encoding: utf8
+ users:
+ - name: aodh
+ password: ${_param:mysql_aodh_password}
+ host: '%'
+ rights: all
+ - name: aodh
+ password: ${_param:mysql_aodh_password}
+ host: ${_param:single_address}
+ rights: all
+ initial_data:
+ engine: backupninja
+ source: ${_param:backupninja_backup_host}
+ host: ${linux:network:fqdn}
+ database: aodh
+
diff --git a/mysql/client/database_upgrade/ceilometer.yml b/mysql/client/database_upgrade/ceilometer.yml
new file mode 100644
index 0000000..5344b4b
--- /dev/null
+++ b/mysql/client/database_upgrade/ceilometer.yml
@@ -0,0 +1,23 @@
+parameters:
+ mysql:
+ client:
+ server:
+ database:
+ database:
+ ceilometer_upgrade:
+ encoding: utf8
+ users:
+ - name: ceilometer
+ password: ${_param:mysql_ceilometer_password}
+ host: '%'
+ rights: all
+ - name: ceilometer
+ password: ${_param:mysql_ceilometer_password}
+ host: ${_param:single_address}
+ rights: all
+ initial_data:
+ engine: backupninja
+ source: ${_param:backupninja_backup_host}
+ host: ${linux:network:fqdn}
+ database: ceilometer
+
diff --git a/mysql/client/database_upgrade/cinder.yml b/mysql/client/database_upgrade/cinder.yml
new file mode 100644
index 0000000..bafc70d
--- /dev/null
+++ b/mysql/client/database_upgrade/cinder.yml
@@ -0,0 +1,22 @@
+parameters:
+ mysql:
+ client:
+ server:
+ database:
+ database:
+ cinder_upgrade:
+ encoding: utf8
+ users:
+ - name: cinder
+ password: ${_param:mysql_cinder_password}
+ host: '%'
+ rights: all
+ - name: cinder
+ password: ${_param:mysql_cinder_password}
+ host: ${_param:single_address}
+ rights: all
+ initial_data:
+ engine: backupninja
+ source: ${_param:backupninja_backup_host}
+ host: ${linux:network:fqdn}
+ database: cinder
\ No newline at end of file
diff --git a/mysql/client/database_upgrade/designate.yml b/mysql/client/database_upgrade/designate.yml
new file mode 100644
index 0000000..48b7fce
--- /dev/null
+++ b/mysql/client/database_upgrade/designate.yml
@@ -0,0 +1,22 @@
+parameters:
+ mysql:
+ client:
+ server:
+ database:
+ database:
+ designate_upgrade:
+ encoding: utf8
+ users:
+ - name: designate
+ password: ${_param:mysql_designate_password}
+ host: '%'
+ rights: all
+ - name: designate
+ password: ${_param:mysql_designate_password}
+ host: ${_param:single_address}
+ rights: all
+ initial_data:
+ engine: backupninja
+ source: ${_param:backupninja_backup_host}
+ host: ${linux:network:fqdn}
+ database: designate
\ No newline at end of file
diff --git a/mysql/client/database_upgrade/designate_pool_manager.yml b/mysql/client/database_upgrade/designate_pool_manager.yml
new file mode 100644
index 0000000..26dd975
--- /dev/null
+++ b/mysql/client/database_upgrade/designate_pool_manager.yml
@@ -0,0 +1,22 @@
+parameters:
+ mysql:
+ client:
+ server:
+ database:
+ database:
+ designate_pool_manager_upgrade:
+ encoding: utf8
+ users:
+ - name: designate
+ password: ${_param:mysql_designate_password}
+ host: '%'
+ rights: all
+ - name: designate
+ password: ${_param:mysql_designate_password}
+ host: ${_param:single_address}
+ rights: all
+ initial_data:
+ engine: backupninja
+ source: ${_param:backupninja_backup_host}
+ host: ${linux:network:fqdn}
+ database: designate_pool_manager
\ No newline at end of file
diff --git a/mysql/client/database_upgrade/glance.yml b/mysql/client/database_upgrade/glance.yml
new file mode 100644
index 0000000..bebe604
--- /dev/null
+++ b/mysql/client/database_upgrade/glance.yml
@@ -0,0 +1,22 @@
+parameters:
+ mysql:
+ client:
+ server:
+ database:
+ database:
+ glance_upgrade:
+ encoding: utf8
+ users:
+ - name: glance
+ password: ${_param:mysql_glance_password}
+ host: '%'
+ rights: all
+ - name: glance
+ password: ${_param:mysql_glance_password}
+ host: ${_param:single_address}
+ rights: all
+ initial_data:
+ engine: backupninja
+ source: ${_param:backupninja_backup_host}
+ host: ${linux:network:fqdn}
+ database: glance
diff --git a/mysql/client/database_upgrade/grafana.yml b/mysql/client/database_upgrade/grafana.yml
new file mode 100644
index 0000000..7759a66
--- /dev/null
+++ b/mysql/client/database_upgrade/grafana.yml
@@ -0,0 +1,22 @@
+parameters:
+ mysql:
+ client:
+ server:
+ database:
+ database:
+ grafana_upgrade:
+ encoding: utf8
+ users:
+ - name: grafana
+ password: ${_param:mysql_grafana_password}
+ host: '%'
+ rights: all
+ - name: grafana
+ password: ${_param:mysql_grafana_password}
+ host: ${_param:single_address}
+ rights: all
+ initial_data:
+ engine: backupninja
+ source: ${_param:backupninja_backup_host}
+ host: ${linux:network:fqdn}
+ database: grafana
\ No newline at end of file
diff --git a/mysql/client/database_upgrade/heat.yml b/mysql/client/database_upgrade/heat.yml
new file mode 100644
index 0000000..24e4cb1
--- /dev/null
+++ b/mysql/client/database_upgrade/heat.yml
@@ -0,0 +1,22 @@
+parameters:
+ mysql:
+ client:
+ server:
+ database:
+ database:
+ heat_upgrade:
+ encoding: utf8
+ users:
+ - name: heat
+ password: ${_param:mysql_heat_password}
+ host: '%'
+ rights: all
+ - name: heat
+ password: ${_param:mysql_heat_password}
+ host: ${_param:single_address}
+ rights: all
+ initial_data:
+ engine: backupninja
+ source: ${_param:backupninja_backup_host}
+ host: ${linux:network:fqdn}
+ database: heat
\ No newline at end of file
diff --git a/mysql/client/database_upgrade/keystone.yml b/mysql/client/database_upgrade/keystone.yml
new file mode 100644
index 0000000..8265662
--- /dev/null
+++ b/mysql/client/database_upgrade/keystone.yml
@@ -0,0 +1,22 @@
+parameters:
+ mysql:
+ client:
+ server:
+ database:
+ database:
+ keystone_upgrade:
+ encoding: utf8
+ users:
+ - name: keystone
+ password: ${_param:mysql_keystone_password}
+ host: '%'
+ rights: all
+ - name: keystone
+ password: ${_param:mysql_keystone_password}
+ host: ${_param:single_address}
+ rights: all
+ initial_data:
+ engine: backupninja
+ source: ${_param:backupninja_backup_host}
+ host: ${linux:network:fqdn}
+ database: keystone
\ No newline at end of file
diff --git a/mysql/client/database_upgrade/murano.yml b/mysql/client/database_upgrade/murano.yml
new file mode 100644
index 0000000..2223ce6
--- /dev/null
+++ b/mysql/client/database_upgrade/murano.yml
@@ -0,0 +1,22 @@
+parameters:
+ mysql:
+ client:
+ server:
+ database:
+ database:
+ murano_upgrade:
+ encoding: utf8
+ users:
+ - name: murano
+ password: ${_param:mysql_murano_password}
+ host: '%'
+ rights: all
+ - name: murano
+ password: ${_param:mysql_murano_password}
+ host: ${_param:single_address}
+ rights: all
+ initial_data:
+ engine: backupninja
+ source: ${_param:backupninja_backup_host}
+ host: ${linux:network:fqdn}
+ database: murano
\ No newline at end of file
diff --git a/mysql/client/database_upgrade/neutron.yml b/mysql/client/database_upgrade/neutron.yml
new file mode 100644
index 0000000..7dd723c
--- /dev/null
+++ b/mysql/client/database_upgrade/neutron.yml
@@ -0,0 +1,22 @@
+parameters:
+ mysql:
+ client:
+ server:
+ database:
+ database:
+ neutron_upgrade:
+ encoding: utf8
+ users:
+ - name: neutron
+ password: ${_param:mysql_neutron_password}
+ host: '%'
+ rights: all
+ - name: neutron
+ password: ${_param:mysql_neutron_password}
+ host: ${_param:single_address}
+ rights: all
+ initial_data:
+ engine: backupninja
+ source: ${_param:backupninja_backup_host}
+ host: ${linux:network:fqdn}
+ database: neutron
\ No newline at end of file
diff --git a/mysql/client/database_upgrade/nova.yml b/mysql/client/database_upgrade/nova.yml
new file mode 100644
index 0000000..699c9c3
--- /dev/null
+++ b/mysql/client/database_upgrade/nova.yml
@@ -0,0 +1,22 @@
+parameters:
+ mysql:
+ client:
+ server:
+ database:
+ database:
+ nova_upgrade:
+ encoding: utf8
+ users:
+ - name: nova
+ password: ${_param:mysql_nova_password}
+ host: '%'
+ rights: all
+ - name: nova
+ password: ${_param:mysql_nova_password}
+ host: ${_param:single_address}
+ rights: all
+ initial_data:
+ engine: backupninja
+ source: ${_param:backupninja_backup_host}
+ host: ${linux:network:fqdn}
+ database: nova
\ No newline at end of file
diff --git a/mysql/client/database_upgrade/nova_api.yml b/mysql/client/database_upgrade/nova_api.yml
new file mode 100644
index 0000000..8bb33c8
--- /dev/null
+++ b/mysql/client/database_upgrade/nova_api.yml
@@ -0,0 +1,38 @@
+parameters:
+ mysql:
+ client:
+ server:
+ database:
+ database:
+ nova_upgrade_api:
+ encoding: utf8
+ users:
+ - name: nova
+ password: ${_param:mysql_nova_password}
+ host: '%'
+ rights: all
+ - name: nova
+ password: ${_param:mysql_nova_password}
+ host: ${_param:single_address}
+ rights: all
+ initial_data:
+ engine: backupninja
+ source: ${_param:backupninja_backup_host}
+ host: ${linux:network:fqdn}
+ database: nova_api
+ nova_upgrade_cell0:
+ encoding: utf8
+ users:
+ - name: nova
+ password: ${_param:mysql_nova_password}
+ host: '%'
+ rights: all
+ - name: nova
+ password: ${_param:mysql_nova_password}
+ host: ${_param:single_address}
+ rights: all
+ initial_data:
+ engine: backupninja
+ source: ${_param:backupninja_backup_host}
+ host: ${linux:network:fqdn}
+ database: nova_cell0
\ No newline at end of file
diff --git a/mysql/client/database_upgrade/sahara.yml b/mysql/client/database_upgrade/sahara.yml
new file mode 100644
index 0000000..73618d0
--- /dev/null
+++ b/mysql/client/database_upgrade/sahara.yml
@@ -0,0 +1,22 @@
+parameters:
+ mysql:
+ client:
+ server:
+ database:
+ database:
+ sahara_upgrade:
+ encoding: utf8
+ users:
+ - name: sahara
+ password: ${_param:mysql_sahara_password}
+ host: '%'
+ rights: all
+ - name: sahara
+ password: ${_param:mysql_sahara_password}
+ host: ${_param:single_address}
+ rights: all
+ initial_data:
+ engine: backupninja
+ source: ${_param:backupninja_backup_host}
+ host: ${linux:network:fqdn}
+ database: sahara
\ No newline at end of file
diff --git a/mysql/client/single.yml b/mysql/client/single.yml
index e273e2f..dd96da5 100644
--- a/mysql/client/single.yml
+++ b/mysql/client/single.yml
@@ -1,4 +1,5 @@
classes:
+- system.mysql.client.database.aodh
- system.mysql.client.database.ceilometer
- system.mysql.client.database.cinder
- system.mysql.client.database.glance
diff --git a/mysql/client/single_upgrade.yml b/mysql/client/single_upgrade.yml
new file mode 100644
index 0000000..3bfe65e
--- /dev/null
+++ b/mysql/client/single_upgrade.yml
@@ -0,0 +1,26 @@
+classes:
+- system.mysql.client.database_upgrade.aodh
+- system.mysql.client.database_upgrade.ceilometer
+- system.mysql.client.database_upgrade.cinder
+- system.mysql.client.database_upgrade.glance
+- system.mysql.client.database_upgrade.heat
+- system.mysql.client.database_upgrade.keystone
+- system.mysql.client.database_upgrade.nova
+- system.mysql.client.database_upgrade.nova_api
+- system.mysql.client.database_upgrade.neutron
+- service.mysql.client.single
+parameters:
+ _param:
+ mysql_client_host: localhost
+ backupninja_backup_host: localhost
+ mysql:
+ client:
+ enabled: true
+ server:
+ database:
+ admin:
+ host: ${_param:mysql_client_host}
+ port: 3306
+ user: ${_param:mysql_admin_user}
+ password: ${_param:mysql_admin_password}
+ encoding: utf8
diff --git a/neutron/control/openvswitch/single.yml b/neutron/control/openvswitch/single.yml
new file mode 100644
index 0000000..6601db1
--- /dev/null
+++ b/neutron/control/openvswitch/single.yml
@@ -0,0 +1,45 @@
+classes:
+- service.neutron.control.single
+parameters:
+ _param:
+ neutron_control_dvr: True
+ neutron_l3_ha: False
+ neutron_global_physnet_mtu: 1500
+ neutron_external_mtu: 1500
+ neutron_tenant_network_types: "flat,vxlan"
+ neutron:
+ server:
+ plugin: ml2
+ global_physnet_mtu: ${_param:neutron_global_physnet_mtu}
+ l3_ha: ${_param:neutron_l3_ha}
+ dvr: ${_param:neutron_control_dvr}
+ backend:
+ engine: ml2
+ tenant_network_types: "${_param:neutron_tenant_network_types}"
+ external_mtu: ${_param:neutron_external_mtu}
+ mechanism:
+ ovs:
+ driver: openvswitch
+ compute:
+ region: ${_param:openstack_region}
+ database:
+ host: ${_param:openstack_database_address}
+ identity:
+ region: ${_param:openstack_region}
+ message_queue:
+ members:
+ - host: ${_param:openstack_message_queue_node01_address}
+ mysql:
+ server:
+ database:
+ neutron:
+ encoding: utf8
+ users:
+ - name: neutron
+ password: ${_param:mysql_neutron_password}
+ host: '%'
+ rights: all
+ - name: neutron
+ password: ${_param:mysql_neutron_password}
+ host: ${_param:cluster_local_address}
+ rights: all
\ No newline at end of file
diff --git a/openssh/client/root.yml b/openssh/client/root.yml
new file mode 100644
index 0000000..145f5da
--- /dev/null
+++ b/openssh/client/root.yml
@@ -0,0 +1,42 @@
+applications:
+- openssh
+parameters:
+ _param:
+ root_private_key: |
+ -----BEGIN RSA PRIVATE KEY-----
+ MIIEpQIBAAKCAQEAsy1IhygI3xV4md37IMd+blxelYr3wuVhWn7uEDGpcZo+lvrN
+ u+6An3VgPA7uX9cLUFzO91UOZx5F4TNlCH1DGq7MoVyvgcSla3IBATR3SpQ8rWnn
+ FD8rjsUw3RloTfwz7+f7y/DWFsHhGAWzWy4FNE3e0b5udk1Fyk4SA43he1w8V+Eo
+ V1oqQUsFOG6DlAbUfCln4GvH7KngTfnmnLgEBUdzK6zn1bwLllugbH9OO3Jnflek
+ L9K2qFu9zbuDP2QHU7GkeZOtmtHB7EkaIt4QpjUasPgmWkIvKa0FOrdunljxLc54
+ 6eRJDxfiy4fC8VKAn1qlk/i8XvEEME9Z8fywjQIDAQABAoIBAQCdMsuBGNS/tDy8
+ 8g5TsfLwrEWneebprQl+tgHzXz7EFol3OM+rZBKg0//8cTUeDLM2bFaAlLUwL1Ur
+ wUWQ7yUikd2ibIjmlzpyS/Ept3g5jFi35EQCdXGnrsWyFYp3cR+4CZXWVZPfH3Z2
+ 9vlms7eJLhChgCu1yxHB7kDLsXz0Fn5jaWPd2TDY+3Y3t3LCFxNgfIQ+Mljzj/6f
+ +MG7bp/5UuEA76oZnPfp2fj1vqWYCI6ftk4Wam1AkHVUNP3jjl48cao7EKeH5v4E
+ 0PL+AY3av4SoUQWf1ZlkkJrhIyRRdVDavX86t17NXmrQvaz3brz8yI2Hh08ho413
+ AH8C0zyZAoGBANcea55n9vBoA4FQRX2HEA9ljdPWIFdvkKXvxb7R/UxhzublicBm
+ 3JwcDCwbiGhEzYhMlDmt0hZ4YPA3fL7WwP2EXkrYyqn1tSGSS2CkfhpuB2xgPTSr
+ cxbJj5iuKM0eS9GdPqae2k4ME3sC5pi+eiiWuUuvzhqid8EMAGFvYdcXAoGBANU6
+ R4OLghz2FaTSeFFHfHCoAym03qMe9pRCugnM2Np0vEZ650G2xez8OtYim8nttkTE
+ xCWppxBtHIjN6mm4pOHsGxr0LqrKtHgMxkawyBx9hZTZSNudAMupPXBRHlPm/+hL
+ EXt4xUiBd4GVkWw2esEKINi83dXHnECugknJN7v7AoGBAJHy4bEneDLDXx1tCLiR
+ 2iOYExGWRXsNBmaOtuswLVqVQXsGYN9Y6nQ/00JZq8KSa5/91NMNS2xTX/Gas9gG
+ fAmEtTSywU1uluWgC+QVtjjYTdEJunzxlbPwLKy5/JSt6WLd/JOvUw2Aw/bBkRIw
+ qVDAchcXwA3yDK29JsT0fL0hAoGBAMqu0zufaNbOtFQwHF5mbUtI6XjDjL3RuOHF
+ a8HVDmzZef4k5Z35drqGKAdUbnHLm+5Se4CxezSKAw2nbqN/+HsoS7ubUKDYfiN/
+ QRoBALbUOh37TN40p4TwIo6ZDRMECU1tzfhoHF+HcWmkGs+aGaVVU1Oyc8u6KjTx
+ rLcmpevxAoGAFz4bvKyBt/wq8TPTVzU/iJtwBLq8WdZpKJcuVkF7/DWY3A3maOFs
+ P9IMHeDD+tlfIu0Y3qmPmEaLzXsMfRh+3Eb6itrgDRFEuE/HyPIWxHvDt1jjfIFu
+ O87TLcnZIoW99nyY0RixwuK6ZeCmmyktX0iO7dNDIOyBReCs6ZwXSSc=
+ -----END RSA PRIVATE KEY-----
+ openssh:
+ client:
+ enabled: true
+ user:
+ root:
+ enabled: true
+ private_key:
+ type: rsa
+ key: ${_param:root_private_key}
+ user: ${linux:system:user:root}
diff --git a/openssh/server/team/mcp_ci.yml b/openssh/server/team/mcp_ci.yml
index 837ee90..cd931a6 100644
--- a/openssh/server/team/mcp_ci.yml
+++ b/openssh/server/team/mcp_ci.yml
@@ -9,34 +9,20 @@
full_name: Ruslan Kamaldinov
home: /home/rkamaldinov
email: rkamaldinov@mirantis.com
- iberezovskiy:
+ dburmistrov:
enabled: true
- name: iberezovskiy
+ name: dburmistrov
sudo: true
- full_name: Ivan Berezovskiy
- home: /home/iberezovskiy
- email: iberezovskiy@mirantis.com
- skolekonov:
+ full_name: Dmitrii Burmistrov
+ home: /home/dburmistrov
+ email: dburmistrov@mirantis.com
+ dkaiharodsev:
enabled: true
- name: skolekonov
+ name: dkaiharodsev
sudo: true
- full_name: Sergey Kolekonov
- home: /home/skolekonov
- email: skolekonov@mirantis.com
- mmatuszkowiak:
- enabled: true
- name: mmatuszkowiak
- sudo: true
- full_name: Mateusz Matuszkowiak
- home: /home/mmatuszkowiak
- email: mmatuszkowiak@mirantis.com
- akaszuba:
- enabled: true
- name: akaszuba
- sudo: true
- full_name: Artur Kaszuba
- home: /home/akaszuba
- email: akaszuba@mirantis.com
+ full_name: Dmytro Kaiharodtsev
+ home: /home/dkaiharodsev
+ email: dkaiharodsev@mirantis.com
openssh:
server:
enabled: true
@@ -46,34 +32,20 @@
public_keys:
- ${public_keys:rkamaldinov}
user: ${linux:system:user:rkamaldinov}
- iberezovskiy:
+ dburmistrov:
enabled: true
public_keys:
- - ${public_keys:iberezovskiy}
- user: ${linux:system:user:iberezovskiy}
- skolekonov:
+ - ${public_keys:dburmistrov}
+ user: ${linux:system:user:dburmistrov}
+ dkaiharodsev:
enabled: true
public_keys:
- - ${public_keys:skolekonov}
- user: ${linux:system:user:skolekonov}
- mmatuszkowiak:
- enabled: true
- public_keys:
- - ${public_keys:mmatuszkowiak}
- user: ${linux:system:user:mmatuszkowiak}
- akaszuba:
- enabled: true
- public_keys:
- - ${public_keys:akaszuba}
- user: ${linux:system:user:akaszuba}
+ - ${public_keys:dkaiharodsev}
+ user: ${linux:system:user:dkaiharodsev}
public_keys:
rkamaldinov:
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDCzeIFxatNuXWuaTomcGDTMlpqiF6KlK47BSO5yIpfWHTL7o0OFsQArB4UeZ9AC7JHQg1bpxzscJxz8Xj3tA1f8yOCrepR8LbWh7L6a1hMhSCJPK9QLUHPCLV4PW0ghq46Um8ekxMbEqGM/rrKP+GeYxNFUxJMHCkKbZAsV+BV8amuJHQkYt29GP/hgYyZEoWKErqoQ/uGQ0qWEMVQsnus6M3p3c/v1J4JtbbrmRBjyrPx/Tjinw6K2sgocgBZT7vVb4PYwbONi1IAclkPJIyrSNEavZ4MbK93ZXNQCV7rkUbKmHT71Qle34/ks9zyERJ3RgB+pWgQqCjtmJeV51V1 rkamaldinov@mirantis.com
- iberezovskiy:
- key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJT1d+2zKca28nFykpizh7z1yPLzK5fpMUH/zKaupINKqZxyMNbKiIQsYHSRXESRj6dpkCI2VQGO99fosPF7/XYCNVRcMLZ3lefi6aUaoBGhGTlj/Lbfwln9sN+o3m9oWgrwX/1+IkY9KlUPS4skVsiExHaGRLmCkMbF+dryB5oWKnOcf27z/fpXIFU06opYzxWZ1wR98vSlazqe+m1nDB4ZHYsvP2ztP2wn6+6xTeLj9tzWDRFmHluW7KJrN5PuX+KExPQx6IidDL92UX2E8ua5S+f6bGttT37wS0smKQTw3dnnM79sJnbd1hc4UtyDBQcFFqFq/L+ohpmM7EKY/f iberezovskiy@IvanBerezovskiy
- skolekonov:
- key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDmj9no4dGs67f3KPlson/IMWo4FVAiC83euE01MvwkMY0oWfkHgwPy600PYZANDbXg1Qmza7W56ePQosPBZYtdOmk/Dr0jrviGN2faSawpiFb2K+KHx+hi08gOYHWaooA/IoB7nXBdYjIdfoCrWVR23nB7gcPKRwB31/ozySb+Q5u3wnVdGf3CJGWtRsfzjAyGcwPj7+9K3RuuyzAnRL/oaf9tcBzCHo1jd1o+rqZBVkBazfZSYiO3Kv1/xyw5MREqsu12i8M/77Yiim2nhEre1nB3INj+TAvFYxTJs33SUxUjtcdCSdBQpHLTeODZR8Ra7MTfCoFCllKGx5IDO1Fd skolekonov@SK
- mmatuszkowiak:
- key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC63QhWE96IF/SRCFWyKJyzOyprc7WlD6RdCClw7BxKum7BDlXfV+fhQupWUdsPVnOaCMwndjG+ZrZXg5okGui4GuL7nucUFYfUhZh252IBM8TM7BkuVd7fmbZ6OD2/4uGTOJRBhO+Jrol9Z2450vaiGZwWrbvWHNPtI+bhx3/4WWxjgZ59NGll220c1cTjGQamvNgtWBWNnsEilmZxinl501EgvDPJ8uewCAS3YA3T9ut11RRJiWKfoMr4H9sFeUTiu1j6ByYlINXMJTNadPzEcV6EW06k1K9oNfJ42F6gYFfjBQK5db83iNTkyA/j4TjfqJ9tlg2cWTp+x2vy8YNV mmatuszkowiak@Mateuszs-MacBook-Pro-2.local
- akaszuba:
- key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDDM8RI+GX+gh8KXQGIHlfePeplOk9aGSjbbDpb3KG2n3J4RftzNThtkaEKBCwKyOSuUh0qHW3pYu17M1eIXHI53PnEQLHE1VoJ2/GI7CHWOjBk0Hgf+/NFCKogetlMjXIrOPRYKtUDcS4ejgb8X+mGCUoJOBIM2qLPO5TLAYvkkEnWaeQQn7Nrn+t8f6hZmfJLBY36jUngXW13ucEj5BcoXpaMV5JPesw9Wg27mHfEPW1Rybizy0R0I3dC4B/1QygntlZW0OTivB35La99h/iHSVVhZQv9A/T+DeR5dMIpMPl+OPKGkZ1pE+4zFIbrGuEDUppxczxaDjJ+9dqzG3pn akaszuba@mirantis.com
+ dburmistrov:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDPKldN0BL6C/pmjkKyaSUw9OTUQAumWLCgNPyLVGZIuYPyFs9GqvKgHVm0QChm1OLhnQuA1wxGW5piBtqaDCTyLbKb/ANR3nhO1rqX5LTwZS2W2I0ImP47HUpnxqsBl15/y9hY2JDHZ7qrd7zNqCD+uCkf9l9qA9BmN1aMSKm07fqaaUfhnl3AocxsPX4X4eHfzy7hPJdzrHEcHbGoLLEd8ahJLkHKieWF1lAI++fIhETPF41+ZbH7MBBG4qw/UhhYAgLP3YAEWwvm/J3DtRqGkpSvH2U21hmAlgJHwxtoCD9Q1jKpH5+BDTvqJIXu0K7Gcl00xbeNYyHrwTVsldFX dburmistrov@mirantis.com
+ dkaiharodsev:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSz9eH08GDUOSEDReJAIdjDCoYaoTwg1SSzYNwPRO/evJBeqYwRvZmxzITKq+1qy4jXnpa3ZpuBdaUebqKri2VtvMGmBrWtP8Ojbg3kNPjKOfvrW4cCyJE0yrnW03TULnRgrnf4/WXLK0dnHxL39AmlVjQTVS4pbx73XjyPoVjJbk4PXq37F5cLyyLj4aeWmCcPWn7MLsEC4RUkDwHy3DsDNdgKOlUSHmmOfVy9GBwVbXwVyYbq732Qm0Qqf/2zlJi84LgXOH2irv5HRTMDQ2Wey5Amcl7VpK8OMvtN4R8Sb7c3mgsmM/b/h+gefl0Y/vQfsSSi8GCPhmBoNT4FBgZ dkaiharodsev@dkaiharodsev-pc
diff --git a/openssh/server/team/members/cade.yml b/openssh/server/team/members/cade.yml
new file mode 100644
index 0000000..dd50b54
--- /dev/null
+++ b/openssh/server/team/members/cade.yml
@@ -0,0 +1,20 @@
+parameters:
+ linux:
+ system:
+ user:
+ cade:
+ enabled: true
+ name: cade
+ sudo: true
+ full_name: Cade Ekblad-Frank
+ home: /home/cade
+ email: cade@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ cade:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDpSYtgC/lSMXCfjjxSWFJ8WUjhGfBWLnCJ4n8AzXGw/t/x+DBjMQz40D0T4ymvn/8/vRDwZ8stISWGeTGn0G4z1H4FWM+orBbT2srPHL2/XbjKUYRQOUxp8f4wBW4VNsaTPbzjh6A1BY0d7dOee6k2N5ramIibojzbWSEkxFG9vxtXm5jDYs4gcx0rYN11+9wamsHYAdXv4VJmUMS8TEP/8p67NtRNcq1m9uuHlZE5CxTcF6CvflgnXrDrF6QrdbjPVpzXKZmvdYom0OT97FJRtcdojovsZpOo59vozmyUh2g0ycq1izpLT0uQQ3vT6mz53gc5wiUynY6yX7wedqq74/vFz/QKBYjh/OqxZMhkH4GsWXs7yGW7q4+cNEDzARyTj7ikhg/C+UrXZ5jKx7Xc7cbhyuyzHm55+AgfhPLQoiYL3trONdH539kYnY6IAAsz0213ulJRPUHN3+M0x4iEoFAqwWo3wqdkH24v8plqLga7Q3zTbLYX+FOZOv0WC9gI3elmcd9ZBHHh0SOatQEg+Eu0m3ezyLmLHQ3pidWbksz9pnkLWBxeBq3x/xSXM5geI2BgMWVV+74YhBb9+irCpaU0BPYOpX023yNskXODF5RYAt5I5fVAfogHy4S2c3xgGlYUklUEvWBtl6bFYQjQfK2xeANaFUIBKdD5hgDdhQ== cade@mirantis.com
+ user: ${linux:system:user:cade}
diff --git a/openssh/server/team/members/dszeluga.yml b/openssh/server/team/members/dszeluga.yml
new file mode 100644
index 0000000..72c7db4
--- /dev/null
+++ b/openssh/server/team/members/dszeluga.yml
@@ -0,0 +1,20 @@
+parameters:
+ linux:
+ system:
+ user:
+ dszeluga:
+ enabled: true
+ name: dszeluga
+ sudo: true
+ full_name: Damian Szeluga
+ home: /home/dszeluga
+ email: dszeluga@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ dszeluga:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDEEFoCOaivah6AjFZmPIDlDlp8mUfsh9UFrjgLL8vqVYoyVnuZ5DQZTeZsCgFCPxodEsgHDkSEFwkB6hbyqEXszGIL8dWwSBR3QfNJD2cjZ8ZYqXsKN63RzHGAjTXMjlCB7TZtcui1SWpKjGd+x3gQ0KkHZI9V9WVYDcC75kyEAHZptM2N9jlwbhr9lXZ77gZacjaGoKN0Agb/ydd1TyhQ1F3g56pnvgZtkOe/bStwjpz2NS0FqiqAR3wOeZZUGsR3TCP70oYfaeJvpCDVRR/gVXqqvcBAiNYTGC/tMlKuECKPtOOAP8Oc+bt1eOrbiPVJ5NfoOIpmMCDUUSnFoNGN damjanek@cocaine.local
+ user: ${linux:system:user:dszeluga}
diff --git a/openssh/server/team/members/ecantwell.yml b/openssh/server/team/members/ecantwell.yml
new file mode 100644
index 0000000..68bb110
--- /dev/null
+++ b/openssh/server/team/members/ecantwell.yml
@@ -0,0 +1,20 @@
+parameters:
+ linux:
+ system:
+ user:
+ ecantwell:
+ enabled: true
+ name: ecantwell
+ sudo: true
+ full_name: Erick Cantwell
+ home: /home/ecantwell
+ email: ecantwell@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ ecantwell:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDYAORp6uIs68C7P2QbNh/Jd58NudtLZrCLir/iGbHx8w1kV4yHG+o1N2wS5PYTkvIAl1/bMexniQiBKSmHvT8GnLJjyNBZL9PcLvCdYQQyQsXtd9LMUAaQehwQnQhB59CDOpTyIwrUuG+z8W5DFx47wKh6yVWCAwTVDJ3bRcL4bv16TE2A3PfCUNxFy8q6Z2RbL1YdIJwsywBBTj8wT1HuEImhefRmC0PuWPzoZZdezRQs05+fgNjw3gcVh3vdzWg6Klfz2FTQl0CgXOVaFWGIE8mi+uh/g0ML5JVQNEpqGxtHtHADykZvac+ozOTthSu+JaQEgUhc8bwV/31Hzh/9r3hOlkMj/Gmsprd+JWyeKewbBKVmaCVFsN7h8WSmBoSkk4uK7yPpR3xkC+Fs5vtXGqEBYFO/44b2WNgwZNE/gEgaxQFqAvg/E2bJVLwQ8ePUxIYoZN2qv2yIvqHCmWSDs6clTz+TGPPh92Txsp2/iTodhDk1muHfS4NGf9wkSMJQPuHFR+izsC5byPYKT4QfpWOrFDa1hHEgO4Hf/zpfAS4yIeo+hNIpE740w6tZINE9RJLutiTq+datt7M9qzqMVq9xEON/I8zBmfY5Srky9gTNhSdViWVPB6Tb8xiIXHZAx4YcJ1waZNZP6Yqn0WsEkAYC3vCXqpeRNcCVu3NIkw==
+ user: ${linux:system:user:ecantwell}
diff --git a/openssh/server/team/members/jmosher.yml b/openssh/server/team/members/jmosher.yml
new file mode 100644
index 0000000..00535b4
--- /dev/null
+++ b/openssh/server/team/members/jmosher.yml
@@ -0,0 +1,20 @@
+parameters:
+ linux:
+ system:
+ user:
+ jmosher:
+ enabled: true
+ name: jmosher
+ sudo: true
+ full_name: Jaymes Mosher
+ home: /home/jmosher
+ email: jmosher@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ jmosher:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQClNkHapODxW9iiYKG/anZO3+Ca01pXSAohWqB8fIxHJ3l2SPV6tHsHNAiUQNcG7i9hNHNOC7moa9fL6et+3rphxHfpHqxzTEwEOyzR6GiyWMNdkrXJApAiGNNoeMY1t2rxPhjQGLCqjNdGgSMcyb+/Rw5zRHRkJbRP6l0z2/VwAqhW31qEp/S6sPdZvuCgsKN2g2y2qHq7oMSh0WIcaJsDbOkcxzypOk+0J/Gu0RMu1JpjVSaWu996XB3LmdtP6ll9EAJ+OYcMbtT8/XWc4UGraka8BWbt20qS6Q6GxAkY+96Iir+NvS4KEzkaryFgct8+eN5soJeKf8eoN1ecPX99nvuyG08DsKdyowDzr8PDZrt7mRQd/k2nnPGo1oVJPtCKV/UeAEUJcwecq9GE7HmSQ6WyQ4cdIrBw/IWZI/pJ/H+9QnOKldJpUP0g3dru5TJFbR5iGrqdikXrMG/7w5+3H94ardCysEH2e7Nbhb4dHm3YM3h3HT7I9qpojvzlxe6OhO4xEX0KfjuVz/HaqD1tC+FaGL/JD2yLPpRTGykDjuUuEQdzvTUCg5tMmSGMB2LpwvWPVCpkr6jczzPCpeMQptXz8k/9ljKVKvAGBnFPQUTip3qHQpBpOTNvTHJNQEF9wsRIs36hxbZE6yY7H/mX0SDeOS+v4ub3PvugGzvglw==
+ user: ${linux:system:user:jmosher}
diff --git a/openssh/server/team/members/korlowska.yml b/openssh/server/team/members/korlowska.yml
new file mode 100644
index 0000000..7b1c151
--- /dev/null
+++ b/openssh/server/team/members/korlowska.yml
@@ -0,0 +1,20 @@
+parameters:
+ linux:
+ system:
+ user:
+ korlowska:
+ enabled: true
+ name: korlowska
+ sudo: true
+ full_name: Katarzyna Orlowska
+ home: /home/korlowska
+ email: korlowska@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ korlowska:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCqsNuEIZr8XobFca4uN3KDAQzyd//NaZQrEMfJZNm8Gj5ym4NWX8cUjf3TQvV6eMGsNe/mxwIxmpyIANQeWUUlnelXG4rRjkBt94J1bg1YeB6F76R6yPuMrP8x/4s5nTy1OVr7jo1xwwL9aHZZcxQFExMBRMM2HrZDJNoXSdwqi7vuW8uUkCSwd8lsZ4iftI4TIafehZTHWroPP3kVMI+JvbdKyAR8xT2DsPHCIb42lEfCPMEYopKRI///L3KkZkbaVdshz/4zCvx3fAyKCHLH44Qgjs3eoAuz1ZFjAec/j6jwNEWGIrlk0g5nIfEXHR5e6qZRwa+nW60xHpIwMfGWtHscyTXR95OVXlEMLqAmycSXVLwyu47attnE/CLLUH4am38ET6w8Oxkzis0gHs3NOEhoNAf2OVhV3gP3aPzoDBRGemNdYZgGNnq6VI9dNhItkxN1QIYKI1d1Dwt8sz1PJM0W9JJjZDNFZAh5Q5QAsg3nxNudk4bxyjCnYbYbRj/dbKOKLJTEsqelsvlKT/+picEwqB/xmcwalHoKtR9QsNw2XuENBQk3OCfAC4SOhm+U1zq7XHpoVxjjn/J4p5ChkH7bhNGNMAE9aefekXGWNjpQFRszd/0SlEkzhUDsUIGKFEP8wlsjb9eOzatYf65fRbE1/YGODuwubj7WrZxy3w== korlowska@mirantis.com
+ user: ${linux:system:user:korlowska}
diff --git a/openssh/server/team/members/miwinski.yml b/openssh/server/team/members/miwinski.yml
new file mode 100644
index 0000000..48f91e9
--- /dev/null
+++ b/openssh/server/team/members/miwinski.yml
@@ -0,0 +1,20 @@
+parameters:
+ linux:
+ system:
+ user:
+ miwinski:
+ enabled: true
+ name: miwinski
+ sudo: true
+ full_name: Marcin Iwinski
+ home: /home/miwinski
+ email: miwinski@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ miwinski:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCydY97fXVWbcUiNaK5KnMHQpLT4acAVXykKqB5hAUPwKn4nFN3dFNw9dpToFpriqNpJTZrEdxVgL9obB4aouHpi+NVH6s8cMZ6ulNTiSTBM0Xkmu7jl66eMhfHNaFwgFC0vsGQ85oI813H7A601tCweKegMUW/mwOKbwHj1isEA+jbyrdRTC64icBa6zbW/G2uF0ajz9dCPe9L0rAbQFE51N1fxrnLeb6BI+5br0H6bRz1kGc5ZsNiUx3EEEOrMFbAbHQAxvD8Te/nUErdlHCiFufKlXLJSUNDPGFrW2mIfvfGlbyrLPgm24RKS6xfcD7BhJOmr54k7QbWChEp/SrX iwi@iwon
+ user: ${linux:system:user:miwinski}
diff --git a/openssh/server/team/members/mlos.yml b/openssh/server/team/members/mlos.yml
new file mode 100644
index 0000000..1e9da38
--- /dev/null
+++ b/openssh/server/team/members/mlos.yml
@@ -0,0 +1,20 @@
+parameters:
+ linux:
+ system:
+ user:
+ mlos:
+ enabled: true
+ name: mlos
+ sudo: true
+ full_name: Mateusz Los
+ home: /home/mlos
+ email: mlos@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ mlos:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu2lUtuV3WnfLk/TcXQA0p/XKMSsRU+0Ov/j1x1aFZgG14QckfkOPJ8bRZ6+R5csYtd8Xy1yQS9xWQcq+bON4CkY/PfwCdmVxjWy5lLIg1Pmq18z+f/DNwCqPhXZy9MO3WkfXWtzd5qhk4aHUVX4R6K64OaDCdIqaVAiHTZp4jy+CqhOLiJcCyrrr/nXEHooVr9iZo2c8qGNdPfS9xw8Ikb7/TXOTOme8RL+DBOXLLjQaECcQYZlD057zSULLkUNH4y+3hs4hSmpzQj52NZ3FyDQTW6d3H0wmjaNhu2zrBOn48UGvYeTzT8QZCHYAYv20bFWLWDzDpB9lqUO2P+9g1 losiek@Mateuszs-MacBook-Pro-2.local
+ user: ${linux:system:user:mlos}
diff --git a/openssh/server/team/members/mrelewicz.yml b/openssh/server/team/members/mrelewicz.yml
new file mode 100644
index 0000000..7e863e2
--- /dev/null
+++ b/openssh/server/team/members/mrelewicz.yml
@@ -0,0 +1,20 @@
+parameters:
+ linux:
+ system:
+ user:
+ mrelewicz:
+ enabled: true
+ name: mrelewicz
+ sudo: true
+ full_name: Maciej Relewicz
+ home: /home/mrelewicz
+ email: mrelewicz@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ mrelewicz:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCsB8R/Sv7hI7kHnOa7slfRQUhx3uVo3lDT7SLZw6m5Xnc7JVmQBmsO3s0lLHWRcxBUNso8P5xd8XG30VaW2MPrHGEMy6TbwxJmoFb8+zZaETjcaXvXig2RAQe/I3GAplptCz76GFM9SQavXtqb4D7wPi/AGs7yTFBa1rlVPdmhnlQ2woZoF/Hb5vPpFbK8ucR79eopNyd+g9mhLALJGRIUkRh6q66LCUAbMHA/Lm01IV//mGFUS1Sh0lcM34LOl99SyRVKW7kbql4vWE/4ZSxX1GJC4WVxxBitdWAypGuq3PY8L/+JDjXK7hXSrYaVWygrrluQh+ZXY8S1zx1SoPEG8uzyqdei8VxDPJd+3Y+w3YvWiYI2QA7fdtf4AW57OjZJrCgC2SpUuO6TNGcQ3gxV2/IChHQMHUV6IYc+ENaKuFIXVfvFBa/VMVRoTFXKVdE1cycDR3mgygGxE9QWxLmsJf7ZaK6A0zQjxTQs0GJi6Id9dgjDsh90uPIaVJWGKZZqDH+/cbXqN1AOTK3ecVji2fOfL3JQfY4wTFt/WmGa2VrdTfv/d9bcvEvhHYaCUs3sWy3sobJXwYCiXwuZVTTLj4EvN6L+jt8I9nG/6OWILUPVjrx84ikZ3Ig1Tbts2giIuB8JpQRup1mrEtpxoeOga1ts5ZGF8XfIKOpqaBpTsw== mrelewicz@mirantis.com
+ user: ${linux:system:user:mrelewicz}
diff --git a/openssh/server/team/members/mwilson.yml b/openssh/server/team/members/mwilson.yml
new file mode 100644
index 0000000..f9280eb
--- /dev/null
+++ b/openssh/server/team/members/mwilson.yml
@@ -0,0 +1,21 @@
+parameters:
+ linux:
+ system:
+ user:
+ mwilson:
+ enabled: true
+ name: mwilson
+ sudo: true
+ full_name: Mike Wilson
+ home: /home/mwilson
+ email: mwilson@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ mwilson:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA3ltgS2MbSWR6c/V60oEHtUnLQ3bm5sSqnjFEvL00Y/aVuNL6VCnPCrWXlYSbp6P70UYuD+ngD4x7aW8jg13ii9rw2RntlaPfmttIOb6REDFohOhC4T3BPdeCd5wVe9p/ioyiFCqNi6/m/RWL7Iv8IlR/2IetQHL14VWwTgGd62sqExdb6oZM3Yux/S4jSTcMYBzt49t+QKTLiYTvQJl7Tzv8RJNzAWMsgBwo9M1N73Zqa0hA46sGkbwmWXoBhnJwowGD38q54P+WaSrar/9FT7l+uCXMwbsyYDpoRJH8SQOOpKrymEeyKCjXQUVtLopmfZMZ6COBpLsTSq1BCytwQw== /home/mwilson/.ssh/id_rsa
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDV6H07IEV9merlHUFV8O/Y7sczYXNZjysTBg4TkUW3mWzvW0PJMKnP6Fc1XfFE53fR71N09gkmnVlEtbHa8PTXoS89JVuUHTnitAbDdINShm0pFNWsi/3f00nbfQ8hjaxEWeZ4VlwYzP4v5IPVtpDug+epK65clIG8Xfxlp+CcckyeDdBNSztHHDuQiholzmPicN6EFM6bVUqUZSGnmxiOCrYUOMXBbYChBc3otfeF6vO3WvnKF77nixgOGGmuS0+t96vPKLB3cl5GYpTFyOmrt3tu7JPlTsqwUa0yqDa3ny+5BToIpnROhAqTZV5fV3LHgtObcWYRGANdjVWyPiNOiywiDzsw7/xzuuqV2wLeLnFG1Z+G550F1Ed4lrsPYKc7+qxZYLquI0iJoIjg5WPzNw5QBLdb1srL9zo+0A91Asx8U95IjIMWumowWjDN3Mn0qJwxW5d8SUign3wksIu2FlkLCT4u95CEIebDVEhTQQR0AOP00/KLKtBDn9a5H0UnJZZSTG4+prU3CnqyXqyp6dano86fGEkkcP2PDi/SUwoxdBvMVbdZxYpPYm+8Oe0TjLWPlwu4kYCwVnl3EYgJZAHjT6wVHOjyXcJYezPvvXY8B/VR8UfupetHg5/mVjoQQy2+Nl34AaDN2TLQLXRuG+U+hZqV5Jzc3JO+KKfDUw== mwilson@mwilson-ThinkPad-W530
+ user: ${linux:system:user:mwilson}
diff --git a/openssh/server/team/members/pmathews.yml b/openssh/server/team/members/pmathews.yml
new file mode 100644
index 0000000..0e1761e
--- /dev/null
+++ b/openssh/server/team/members/pmathews.yml
@@ -0,0 +1,20 @@
+parameters:
+ linux:
+ system:
+ user:
+ pmathews:
+ enabled: true
+ name: pmathews
+ sudo: true
+ full_name: Paul Mathews
+ home: /home/pmathews
+ email: pmathews@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ pmathews:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAIAQCt98sNV0lNpOK3HBAdv44hGv+0INrqfZsaZgTdGsJi1aZp8QymbusSW/86XnuQLrJKqPe8xrJn3/PBCqSgEXnye2J5cculBHoW3ehTwlQk/SSlM4GqeSEhn+6r07Gt3Y41EbsbgJYDFUZe395DVfAp5I/HBEG0Hf4b9zamzDX4OGXiBNhIDMjmnBHTbVAiYJ/igrGtDKTt1qNfDX7b7ViLSNv3nw2F2vBBzXQashGW6e/qJWjrdxjR6WNldmq2/KjxFec2k4J1RhItxEFNaPPAULkUUwXZugyid1fDxUlrpMryG+edCXtIMKD3caGTJD1S4QX6wQlPL/dOn+U+qu2Aa2tG5fKF3ECrfgQapOND239XRANm4+lSFgR8ucD4VO7EcYNLwS9DBNNvvnZWcVtgWwR9ULx0Cr85uySVJr+Wzj5GmX6m0uzeTFyUITn3CpQf2ONSi4g06Vwguvm0NxiMwjnirrkwlw9tVgbZpGAo/rlIa6t1brKKKkZQhm4JpK/xFd0qUWva1pME/G1AkRYAGm8EQsR3N6nEHFW3eJci9/Y/vHigxfXhN9rCJranKogP4v24gv00fVPPrFzxnC9/pfSrbpbh+5RsiZ8ZdUc+rrAM0qSauH1TvD+x6Al2R03ABtnKbhQhw2wkCMPiUpb7MeIYcYw0NTLhF/KocKamRQx/dDr9zzvNkMsbFs9eUipHAQoDcDgYPvYaR3q1kGZpteUO1qMYCMNxmAkUte+ggsorZQ/avwa87nd6KBUSjRraxyZKxZMLbTIYKE5ElduySq3ltZLkwnjiHCmJ934rlOyZro/pREi24L1cYdy1oUsckEiDmR8p715Idh4crxSfcvT8h1MNPV9bvdKsjKO1CtWz4xaSXG1DZ7PmByHqMzJi8mNZI2f/ZbCXNFA1S5bT5NeUO3x5Aw3lD49fQIxFc8WSvD0bBuGk+1DaLjCMNQnBSFJaCB79HQXYqVkNoUH+V4HEnvinoqXOKI5jVy3vNkm8C9DSnJQHUotbyGw+yikXTLg3EFAxJC7eeC/aPblF21TZDmaYGh0y7UNrV/RAVSLO87DOdELCij/GUqW0ANsgJIE/GVDog1AGIM8S+7kwzWDHZSlb1VC8gEk1xL8FIPdUmxHi0Azk5aWUqzXqC+0Qwx4UKsLwjLgRhW35u+3wDzlphgO3+4DR26daUp8RynfUnoHoj7WIy+B3mfE4bTGHUIr0WFoV5kkcOYdYdbLDD7sWJk3XPBqaCr7WJPOCOof7iyVSsH5sZ1/l6UCwfkuSCLwSMw1MYRRkQ8qqRB02auG8uYZ5ismyqfSJHH6bIXnUxpw4PabM7KmpNKXO0ZQi80QhnwY4yshfBESWJDpcfjqlEUSbLY5nqoQ99N2LHahr43/FO8P6iuARuVxaDv0VOkWaOFL2Zmj5udk0U6osODK+Uj+DE3Y0AuTGlMLh634ycx6fp5kdnBjmlvVMSmJCoi47AaTJFXLvsfXvafIfglouVuFtAWmriU1BIPq+uoTwqgZAZkTySGvvFZLyTMES9NTexodkrOdhJM3yGfCkTCq1C90VywdmsyPIeajEhlDcLFZIkUzIxlaJplGF/1DHg6ZafFnQSBNBfr9GMem4FnW2EUNM7WUFZSXvA85DYs4B1oKTU1chqIk+cg6MxX3xA6NSL1RhqhW+x8Dt6EWT6g3WTQM8ychO2GUNRR8VFpt/mVbxkiH0h9MRFwu9uQTLZR/c/TT1DIh6eyIIneIbPkHDhRIHiURW5deELMtsMq21o3heCNk1Qa4wIjQ9e6Ikn4BxMRHeuW5VL2oaHxgT88tCKjGETqYDKE0e++ZaS93GMOMeesApM88rySIOqcidQE2Jh0DRHQ1A5FsoSw69zPgZYYiVLYW7MupimmiWcBGoB+SWQl3OLytDX8/MC4KHZf8oxUiWdORXWplEULy9P3mYV7K3hSU9Wb28EoDYnusdyu3I5peqIV8DAfOsCOOXvKbfd4hogV79y8ul4EnTrKZXEa96Nl8+BQ+xXa28MufAZOmODfKE48/ywzc1H2dXhZZWtXxNZez+qmkqVsIMGG32YlpwdTdH4FGxg9d64fHAtPGqY2stmHWyFUB6+ky2A7XvoqSR1k1cLKaEM5dZe9sWCsHalsA1yd+s+VL14OFB1tgaA2y6GMaPftYELnvvGvAaeBRVpdHNel3TKbQXCl0wGdJ2BzreG9kIzSntjl0/3hkrl32+l3xfdZGJetYtyO8fdzF70J1kBft2CbewwJdC6X1Nkr+nUspHCAkWtB8TcO08xnrpQKnXiXidfCtmcbZa51e7mzSmZTCAKlV2eM6B/G97COezG1+SenKh4YeD22jSuXa/ZW+9RswKzCwXXA9poncIRHMMwkQUq87GGG/WAOZ0CkvJwfw2eGtQ8L2eikEi6x7DyWczzJxAeJ3uFj4S0iZrR7XVnRb+x4DsEo/FPRH/+L103R6nTmtkZw6XAMXEjNuaPOBV9FaQ6neeBab8a+Gfe3+9Gzv2tspgcl1fK56UtCoL3NDAMMGpxK8KykPnkQcMeu6B8H8f6xxAtNQHW3y+vZrkWma/VBriCKv67Uaxj8yF2Kqn/VDZskcBGwvOYIfJPOQHKDYyBoS10WmP6vk5l9s3LhuBJfartbC5NIZb5mJ9a/nHhcdzKnJ+yJk2I6YcOECwBXz2rJ4Y+IfwDJaRl1god8DGLvEPvWko3WinHERC+e7VXyb1CQ==
+ user: ${linux:system:user:pmathews}
diff --git a/openssh/server/team/members/sflorczak.yml b/openssh/server/team/members/sflorczak.yml
new file mode 100644
index 0000000..d340089
--- /dev/null
+++ b/openssh/server/team/members/sflorczak.yml
@@ -0,0 +1,20 @@
+parameters:
+ linux:
+ system:
+ user:
+ sflorczak:
+ enabled: true
+ name: sflorczak
+ sudo: true
+ full_name: Szymon Florczak
+ home: /home/sflorczak
+ email: sflorczak@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ sflorczak:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDOdCr32ewiGJKLLwxf0Ic0naFV1j+ZflpfUVjuIPplrLeL5u8CNVlT5adPzgc48ijbee3qpzNvkOC7Ym295xQXUluo/cj2p5wVp70YnHrfhnLjGOCldm/K8B9bHmHbm1XW6hWUp7SWjMwhOdR217iveVLkuOy+hPdpXOC86hO93v7fY12UZDiqSRfrHpUqEaHHqlSyU2Eftn9GsR4UaotkeaQsiv8bi/k5nrwea/ccALZXnhrgTSTpXOVy3rfR5cCFQCA1PjMYvFEjhUofCHBSk+OA8xwOkpBOCfYrWRUmMT7MGEV5Jjm75QUrq1AuqRdFh8SM5lP39Tdwr8FMC+q5 flor3k@MacBook-Pro-Szymon.local
+ user: ${linux:system:user:sflorczak}
diff --git a/openssh/server/team/mmo_devops.yml b/openssh/server/team/mmo_devops.yml
index 2e34f91..d3eb756 100644
--- a/openssh/server/team/mmo_devops.yml
+++ b/openssh/server/team/mmo_devops.yml
@@ -1,103 +1,11 @@
-parameters:
- linux:
- system:
- user:
- dszeluga:
- enabled: true
- name: dszeluga
- sudo: true
- full_name: Damian Szeluga
- home: /home/dszeluga
- mlos:
- enabled: true
- name: mlos
- sudo: true
- full_name: Mateusz Los
- home: /home/mlos
- mwilson:
- enabled: true
- name: mwilson
- sudo: true
- full_name: Mike Wilson
- home: /home/mwilson
- korlowska:
- enabled: true
- name: korlowska
- sudo: true
- full_name: Katarzyna Orlowska
- home: /home/korlowska
- sflorczak:
- enabled: true
- name: sflorczak
- sudo: true
- full_name: Szymon Florczak
- home: /home/sflorczak
- miwinski:
- enabled: true
- name: miwinski
- sudo: true
- full_name: Marcin Iwinski
- home: /home/miwinski
- mrelewicz:
- enabled: true
- name: mrelewicz
- sudo: true
- full_name: Maciej Relewicz
- home: /home/mrelewicz
- openssh:
- server:
- enabled: true
- user:
- dszeluga:
- enabled: true
- public_keys:
- - ${public_keys:dszeluga}
- user: ${linux:system:user:dszeluga}
- mlos:
- enabled: true
- public_keys:
- - ${public_keys:mlos}
- user: ${linux:system:user:mlos}
- mwilson:
- enabled: true
- public_keys:
- - ${public_keys:mwilson}
- - ${public_keys:mwilson2}
- user: ${linux:system:user:mwilson}
- korlowska:
- enabled: true
- public_keys:
- - ${public_keys:korlowska}
- user: ${linux:system:user:korlowska}
- sflorczak:
- enabled: true
- public_keys:
- - ${public_keys:sflorczak}
- user: ${linux:system:user:sflorczak}
- miwinski:
- enabled: true
- public_keys:
- - ${public_keys:miwinski}
- user: ${linux:system:user:miwinski}
- mrelewicz:
- enabled: true
- public_keys:
- - ${public_keys:mrelewicz}
- user: ${linux:system:user:mrelewicz}
- public_keys:
- dszeluga:
- key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDEEFoCOaivah6AjFZmPIDlDlp8mUfsh9UFrjgLL8vqVYoyVnuZ5DQZTeZsCgFCPxodEsgHDkSEFwkB6hbyqEXszGIL8dWwSBR3QfNJD2cjZ8ZYqXsKN63RzHGAjTXMjlCB7TZtcui1SWpKjGd+x3gQ0KkHZI9V9WVYDcC75kyEAHZptM2N9jlwbhr9lXZ77gZacjaGoKN0Agb/ydd1TyhQ1F3g56pnvgZtkOe/bStwjpz2NS0FqiqAR3wOeZZUGsR3TCP70oYfaeJvpCDVRR/gVXqqvcBAiNYTGC/tMlKuECKPtOOAP8Oc+bt1eOrbiPVJ5NfoOIpmMCDUUSnFoNGN damjanek@cocaine.local
- mlos:
- key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu2lUtuV3WnfLk/TcXQA0p/XKMSsRU+0Ov/j1x1aFZgG14QckfkOPJ8bRZ6+R5csYtd8Xy1yQS9xWQcq+bON4CkY/PfwCdmVxjWy5lLIg1Pmq18z+f/DNwCqPhXZy9MO3WkfXWtzd5qhk4aHUVX4R6K64OaDCdIqaVAiHTZp4jy+CqhOLiJcCyrrr/nXEHooVr9iZo2c8qGNdPfS9xw8Ikb7/TXOTOme8RL+DBOXLLjQaECcQYZlD057zSULLkUNH4y+3hs4hSmpzQj52NZ3FyDQTW6d3H0wmjaNhu2zrBOn48UGvYeTzT8QZCHYAYv20bFWLWDzDpB9lqUO2P+9g1 losiek@Mateuszs-MacBook-Pro-2.local
- mwilson:
- key: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA3ltgS2MbSWR6c/V60oEHtUnLQ3bm5sSqnjFEvL00Y/aVuNL6VCnPCrWXlYSbp6P70UYuD+ngD4x7aW8jg13ii9rw2RntlaPfmttIOb6REDFohOhC4T3BPdeCd5wVe9p/ioyiFCqNi6/m/RWL7Iv8IlR/2IetQHL14VWwTgGd62sqExdb6oZM3Yux/S4jSTcMYBzt49t+QKTLiYTvQJl7Tzv8RJNzAWMsgBwo9M1N73Zqa0hA46sGkbwmWXoBhnJwowGD38q54P+WaSrar/9FT7l+uCXMwbsyYDpoRJH8SQOOpKrymEeyKCjXQUVtLopmfZMZ6COBpLsTSq1BCytwQw== /home/mwilson/.ssh/id_rsa
- mwilson2:
- key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDV6H07IEV9merlHUFV8O/Y7sczYXNZjysTBg4TkUW3mWzvW0PJMKnP6Fc1XfFE53fR71N09gkmnVlEtbHa8PTXoS89JVuUHTnitAbDdINShm0pFNWsi/3f00nbfQ8hjaxEWeZ4VlwYzP4v5IPVtpDug+epK65clIG8Xfxlp+CcckyeDdBNSztHHDuQiholzmPicN6EFM6bVUqUZSGnmxiOCrYUOMXBbYChBc3otfeF6vO3WvnKF77nixgOGGmuS0+t96vPKLB3cl5GYpTFyOmrt3tu7JPlTsqwUa0yqDa3ny+5BToIpnROhAqTZV5fV3LHgtObcWYRGANdjVWyPiNOiywiDzsw7/xzuuqV2wLeLnFG1Z+G550F1Ed4lrsPYKc7+qxZYLquI0iJoIjg5WPzNw5QBLdb1srL9zo+0A91Asx8U95IjIMWumowWjDN3Mn0qJwxW5d8SUign3wksIu2FlkLCT4u95CEIebDVEhTQQR0AOP00/KLKtBDn9a5H0UnJZZSTG4+prU3CnqyXqyp6dano86fGEkkcP2PDi/SUwoxdBvMVbdZxYpPYm+8Oe0TjLWPlwu4kYCwVnl3EYgJZAHjT6wVHOjyXcJYezPvvXY8B/VR8UfupetHg5/mVjoQQy2+Nl34AaDN2TLQLXRuG+U+hZqV5Jzc3JO+KKfDUw== mwilson@mwilson-ThinkPad-W530
- korlowska:
- key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCqsNuEIZr8XobFca4uN3KDAQzyd//NaZQrEMfJZNm8Gj5ym4NWX8cUjf3TQvV6eMGsNe/mxwIxmpyIANQeWUUlnelXG4rRjkBt94J1bg1YeB6F76R6yPuMrP8x/4s5nTy1OVr7jo1xwwL9aHZZcxQFExMBRMM2HrZDJNoXSdwqi7vuW8uUkCSwd8lsZ4iftI4TIafehZTHWroPP3kVMI+JvbdKyAR8xT2DsPHCIb42lEfCPMEYopKRI///L3KkZkbaVdshz/4zCvx3fAyKCHLH44Qgjs3eoAuz1ZFjAec/j6jwNEWGIrlk0g5nIfEXHR5e6qZRwa+nW60xHpIwMfGWtHscyTXR95OVXlEMLqAmycSXVLwyu47attnE/CLLUH4am38ET6w8Oxkzis0gHs3NOEhoNAf2OVhV3gP3aPzoDBRGemNdYZgGNnq6VI9dNhItkxN1QIYKI1d1Dwt8sz1PJM0W9JJjZDNFZAh5Q5QAsg3nxNudk4bxyjCnYbYbRj/dbKOKLJTEsqelsvlKT/+picEwqB/xmcwalHoKtR9QsNw2XuENBQk3OCfAC4SOhm+U1zq7XHpoVxjjn/J4p5ChkH7bhNGNMAE9aefekXGWNjpQFRszd/0SlEkzhUDsUIGKFEP8wlsjb9eOzatYf65fRbE1/YGODuwubj7WrZxy3w== korlowska@mirantis.com
- sflorczak:
- key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDOdCr32ewiGJKLLwxf0Ic0naFV1j+ZflpfUVjuIPplrLeL5u8CNVlT5adPzgc48ijbee3qpzNvkOC7Ym295xQXUluo/cj2p5wVp70YnHrfhnLjGOCldm/K8B9bHmHbm1XW6hWUp7SWjMwhOdR217iveVLkuOy+hPdpXOC86hO93v7fY12UZDiqSRfrHpUqEaHHqlSyU2Eftn9GsR4UaotkeaQsiv8bi/k5nrwea/ccALZXnhrgTSTpXOVy3rfR5cCFQCA1PjMYvFEjhUofCHBSk+OA8xwOkpBOCfYrWRUmMT7MGEV5Jjm75QUrq1AuqRdFh8SM5lP39Tdwr8FMC+q5 flor3k@MacBook-Pro-Szymon.local
- miwinski:
- key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCydY97fXVWbcUiNaK5KnMHQpLT4acAVXykKqB5hAUPwKn4nFN3dFNw9dpToFpriqNpJTZrEdxVgL9obB4aouHpi+NVH6s8cMZ6ulNTiSTBM0Xkmu7jl66eMhfHNaFwgFC0vsGQ85oI813H7A601tCweKegMUW/mwOKbwHj1isEA+jbyrdRTC64icBa6zbW/G2uF0ajz9dCPe9L0rAbQFE51N1fxrnLeb6BI+5br0H6bRz1kGc5ZsNiUx3EEEOrMFbAbHQAxvD8Te/nUErdlHCiFufKlXLJSUNDPGFrW2mIfvfGlbyrLPgm24RKS6xfcD7BhJOmr54k7QbWChEp/SrX iwi@iwon
- mrelewicz:
- key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCsB8R/Sv7hI7kHnOa7slfRQUhx3uVo3lDT7SLZw6m5Xnc7JVmQBmsO3s0lLHWRcxBUNso8P5xd8XG30VaW2MPrHGEMy6TbwxJmoFb8+zZaETjcaXvXig2RAQe/I3GAplptCz76GFM9SQavXtqb4D7wPi/AGs7yTFBa1rlVPdmhnlQ2woZoF/Hb5vPpFbK8ucR79eopNyd+g9mhLALJGRIUkRh6q66LCUAbMHA/Lm01IV//mGFUS1Sh0lcM34LOl99SyRVKW7kbql4vWE/4ZSxX1GJC4WVxxBitdWAypGuq3PY8L/+JDjXK7hXSrYaVWygrrluQh+ZXY8S1zx1SoPEG8uzyqdei8VxDPJd+3Y+w3YvWiYI2QA7fdtf4AW57OjZJrCgC2SpUuO6TNGcQ3gxV2/IChHQMHUV6IYc+ENaKuFIXVfvFBa/VMVRoTFXKVdE1cycDR3mgygGxE9QWxLmsJf7ZaK6A0zQjxTQs0GJi6Id9dgjDsh90uPIaVJWGKZZqDH+/cbXqN1AOTK3ecVji2fOfL3JQfY4wTFt/WmGa2VrdTfv/d9bcvEvhHYaCUs3sWy3sobJXwYCiXwuZVTTLj4EvN6L+jt8I9nG/6OWILUPVjrx84ikZ3Ig1Tbts2giIuB8JpQRup1mrEtpxoeOga1ts5ZGF8XfIKOpqaBpTsw== mrelewicz@mirantis.com
+classes:
+# DevOps/SRE Team
+- system.openssh.server.team.members.cade
+- system.openssh.server.team.members.dszeluga
+- system.openssh.server.team.members.jmosher
+- system.openssh.server.team.members.ecantwell
+- system.openssh.server.team.members.mrelewicz
+- system.openssh.server.team.members.mwilson
+- system.openssh.server.team.members.pmathews
+# Missing- team members still in flux
+# - system.openssh.server.team.members.bpiotrowski
diff --git a/prometheus/server/target/dns.yml b/prometheus/server/target/dns.yml
index 5919a91..fd56d1d 100644
--- a/prometheus/server/target/dns.yml
+++ b/prometheus/server/target/dns.yml
@@ -3,13 +3,15 @@
server:
target:
dns:
- - name: 'pushgateway'
- domain:
- - 'tasks.monitoring_pushgateway'
- type: A
- port: 9091
- - name: 'prometheus'
- domain:
- - 'tasks.monitoring_server'
- type: A
- port: 9090
+ enabled: true
+ endpoint:
+ - name: 'pushgateway'
+ domain:
+ - 'tasks.monitoring_pushgateway'
+ type: A
+ port: 9091
+ - name: 'prometheus'
+ domain:
+ - 'tasks.monitoring_server'
+ type: A
+ port: 9090
diff --git a/prometheus/server/target/etcd.yml b/prometheus/server/target/etcd.yml
index 3db134e..4cd04bf 100644
--- a/prometheus/server/target/etcd.yml
+++ b/prometheus/server/target/etcd.yml
@@ -4,6 +4,7 @@
target:
static:
etcd:
+ enabled: true
scheme: https
tls_config:
skip_verify: true
diff --git a/prometheus/server/target/kubernetes.yml b/prometheus/server/target/kubernetes.yml
index 8abed5d..d7ba3d6 100644
--- a/prometheus/server/target/kubernetes.yml
+++ b/prometheus/server/target/kubernetes.yml
@@ -3,6 +3,7 @@
server:
target:
kubernetes:
+ enabled: true
api_ip: ${_param:kubernetes_control_address}
ssl_dir: /opt/prometheus/config
cert_name: prometheus-server.crt
diff --git a/reclass/storage/system/openstack_control_upgrade_single.yml b/reclass/storage/system/openstack_control_upgrade_single.yml
new file mode 100644
index 0000000..964e064
--- /dev/null
+++ b/reclass/storage/system/openstack_control_upgrade_single.yml
@@ -0,0 +1,15 @@
+parameters:
+ _param:
+ openstack_upgrade_node01_hostname: upg01
+ reclass:
+ storage:
+ node:
+ openstack_control_upgrade_node01:
+ name: ${_param:openstack_upgrade_node01_hostname}
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.openstack.upgrade
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: xenial
+ single_address: ${_param:openstack_upgrade_node01_address}
diff --git a/rundeck/client/init.yml b/rundeck/client/init.yml
new file mode 100644
index 0000000..31b7ee9
--- /dev/null
+++ b/rundeck/client/init.yml
@@ -0,0 +1,19 @@
+classes:
+ - service.rundeck.client
+parameters:
+ _param:
+ rundeck_client_host: ${_param:haproxy_rundeck_bind_host}
+ rundeck_client_port: ${_param:haproxy_rundeck_bind_port}
+ rundeck_client_https: ${_param:haproxy_rundeck_ssl:enabled}
+ rundeck_client_username: ${_param:rundeck_admin_username}
+ rundeck_client_password: ${_param:rundeck_admin_password}
+ rundeck:
+ client:
+ server:
+ endpoint:
+ host: ${_param:rundeck_client_host}
+ port: ${_param:rundeck_client_port}
+ https: ${_param:rundeck_client_https}
+ credentials:
+ username: ${_param:rundeck_client_username}
+ password: ${_param:rundeck_client_password}
diff --git a/rundeck/client/project/cicd.yml b/rundeck/client/project/cicd.yml
new file mode 100644
index 0000000..e33fcae
--- /dev/null
+++ b/rundeck/client/project/cicd.yml
@@ -0,0 +1,22 @@
+parameters:
+ rundeck:
+ client:
+ project:
+ cicd:
+ description: "CI/CD Runbooks"
+ node:
+ node01:
+ nodename: ${_param:cluster_node01_name}.${_param:cluster_domain}
+ hostname: ${_param:cluster_node01_address}
+ username: ${_param:rundeck_runbook_user}
+ tags: [cicd, docker]
+ node02:
+ nodename: ${_param:cluster_node02_name}.${_param:cluster_domain}
+ hostname: ${_param:cluster_node02_address}
+ username: ${_param:rundeck_runbook_user}
+ tags: [cicd, docker]
+ node03:
+ nodename: ${_param:cluster_node03_name}.${_param:cluster_domain}
+ hostname: ${_param:cluster_node03_address}
+ username: ${_param:rundeck_runbook_user}
+ tags: [cicd, docker]
diff --git a/rundeck/client/runbook.yml b/rundeck/client/runbook.yml
new file mode 100644
index 0000000..cb94025
--- /dev/null
+++ b/rundeck/client/runbook.yml
@@ -0,0 +1,22 @@
+classes:
+ - service.rundeck.common
+parameters:
+ linux:
+ system:
+ user:
+ runbook:
+ enabled: true
+ name: ${_param:rundeck_runbook_user}
+ system: true
+ sudo: true
+ full_name: Rundeck Remote
+ home: /var/lib/runbook
+ openssh:
+ server:
+ enabled: true
+ user:
+ runbook:
+ enabled: true
+ public_keys:
+ - key: ${_param:rundeck_runbook_public_key}
+ user: ${linux:system:user:runbook}
diff --git a/rundeck/server/docker.yml b/rundeck/server/docker.yml
new file mode 100644
index 0000000..3406b6a
--- /dev/null
+++ b/rundeck/server/docker.yml
@@ -0,0 +1,19 @@
+classes:
+ - service.rundeck.common
+ - service.rundeck.server.single
+parameters:
+ rundeck:
+ server:
+ user:
+ uid: 550
+ gid: 550
+ home_dir: /srv/volumes/rundeck
+ root_dir: /srv/volumes/rundeck
+ api:
+ host: ${_param:haproxy_rundeck_bind_host}
+ port: ${_param:haproxy_rundeck_bind_port}
+ https: ${_param:haproxy_rundeck_ssl:enabled}
+ ssh:
+ user: ${_param:rundeck_runbook_user}
+ private_key: ${_param:rundeck_runbook_private_key}
+ public_key: ${_param:rundeck_runbook_public_key}
diff --git a/salt/control/cluster/openstack_upgrade_single.yml b/salt/control/cluster/openstack_upgrade_single.yml
new file mode 100644
index 0000000..fd6e4f0
--- /dev/null
+++ b/salt/control/cluster/openstack_upgrade_single.yml
@@ -0,0 +1,18 @@
+parameters:
+ salt:
+ control:
+ size:
+ openstack.upgrade:
+ cpu: 32
+ ram: 65536
+ disk_profile: medium
+ net_profile: default
+ cluster:
+ internal:
+ domain: ${_param:cluster_domain}
+ engine: virt
+ node:
+ upg01:
+ provider: kvm02.${_param:cluster_domain}
+ image: ${_param:salt_control_xenial_image}
+ size: openstack.upgrade
\ No newline at end of file
diff --git a/salt/master/formula/git/foundation.yml b/salt/master/formula/git/foundation.yml
index eaaeea9..7e21699 100644
--- a/salt/master/formula/git/foundation.yml
+++ b/salt/master/formula/git/foundation.yml
@@ -50,3 +50,7 @@
source: git
address: '${_param:salt_master_environment_repository}/salt-formula-jenkins.git'
revision: ${_param:salt_master_environment_revision}
+ openldap:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-openldap.git'
+ revision: ${_param:salt_master_environment_revision}
diff --git a/salt/master/formula/git/oss.yml b/salt/master/formula/git/oss.yml
index 5c9577a..e927387 100644
--- a/salt/master/formula/git/oss.yml
+++ b/salt/master/formula/git/oss.yml
@@ -14,3 +14,13 @@
source: git
address: '${_param:salt_master_oss_repository}/devops-portal.git'
revision: ${_param:salt_master_oss_revision}
+ rundeck:
+ module:
+ rundeck.py:
+ enabled: true
+ state:
+ rundeck_project.py:
+ enabled: true
+ source: git
+ address: '${_param:salt_master_oss_repository}/rundeck.git'
+ revision: ${_param:salt_master_oss_revision}
diff --git a/salt/master/formula/pkg/oss.yml b/salt/master/formula/pkg/oss.yml
index 1c0e90a..45739d2 100644
--- a/salt/master/formula/pkg/oss.yml
+++ b/salt/master/formula/pkg/oss.yml
@@ -7,3 +7,6 @@
devops_portal:
source: pkg
name: salt-formula-devops-portal
+ rundeck:
+ source: pkg
+ name: salt-formula-rundeck
diff --git a/salt/minion/masters.yml b/salt/minion/masters.yml
new file mode 100644
index 0000000..829474a
--- /dev/null
+++ b/salt/minion/masters.yml
@@ -0,0 +1,7 @@
+parameters:
+ salt:
+ minion:
+ master_type: failover
+ masters:
+ - host: ${_param:infra_config_deploy_address}
+ - host: ${_param:infra_config_address}