Merge "Use cache backend to store sessions, include Memcache with Horizon system"
diff --git a/README.rst b/README.rst
index 1f1c8f4..b418f37 100644
--- a/README.rst
+++ b/README.rst
@@ -79,6 +79,45 @@
echo 7 > /sys/class/net/eth4/device/sriov_numvfs; sleep 2; ip link set eth4 up
exit 0
+Grafana
+=======
+
+Configure Grafana client
+------------------------
+
+The grafana.client talks to Grafana server to create datasource(s) and install
+Grafana plugin(s).
+
+User models must first include this class and define corresponding parameters:
+
+- grafana.client
+ - grafana_protocol (default: http)
+ - grafana_address
+ - grafana_port (default: 3000)
+ - grafana_user
+ - grafana_password
+
+Then include datasource(s) and define corresponding parameters:
+
+- grafana.client.datasource.influxdb
+ - grafana_influxdb_address
+ - grafana_influxdb_port
+ - grafana_influxdb_user
+ - grafana_influxdb_password
+ - grafana_influxdb_database
+ - grafana_influxdb_is_default (default true)
+
+- grafana.client.datasource.prometheus
+ - grafana_prometheus_address
+ - grafana_prometheus_port
+ - grafana_prometheus_is_default (default true)
+
+Backwark compatiblity
+---------------------
+
+The class **grafana.client.single** configures grafana client and an InfluxDB
+datasource. This is the legacy of LMA (aka StackLight) integration with Grafana
+and InfluxDB.
Nagios Monitoring
=================
diff --git a/grafana/client/datasource/influxdb.yml b/grafana/client/datasource/influxdb.yml
new file mode 100644
index 0000000..7abe22f
--- /dev/null
+++ b/grafana/client/datasource/influxdb.yml
@@ -0,0 +1,17 @@
+parameters:
+ _param:
+ grafana_influxdb_is_default: true
+ grafana_influxdb_ds_name: influxdb
+ grafana:
+ client:
+ datasource:
+ influxdb:
+ type: influxdb
+ name: ${_param:grafana_influxdb_ds_name}
+ host: ${_param:grafana_influxdb_address}
+ port: ${_param:grafana_influxdb_port}
+ user: ${_param:grafana_influxdb_user}
+ password: ${_param:grafana_influxdb_password}
+ database: ${_param:grafana_influxdb_database}
+ is_default: ${_param:grafana_influxdb_is_default}
+
diff --git a/grafana/client/datasource/prometheus.yml b/grafana/client/datasource/prometheus.yml
new file mode 100644
index 0000000..c4835ef
--- /dev/null
+++ b/grafana/client/datasource/prometheus.yml
@@ -0,0 +1,14 @@
+parameters:
+ _param:
+ grafana_prometheus_is_default: true
+ grafana_prometheus_ds_name: prometheus
+ grafana:
+ client:
+ datasource:
+ prometheus:
+ type: prometheus
+ name: ${_param:grafana_prometheus_ds_name}
+ host: ${_param:grafana_prometheus_address}
+ port: ${_param:grafana_prometheus_port}
+ is_default: ${_param:grafana_prometheus_is_default}
+
diff --git a/grafana/client/init.yml b/grafana/client/init.yml
new file mode 100644
index 0000000..08a9be8
--- /dev/null
+++ b/grafana/client/init.yml
@@ -0,0 +1,17 @@
+classes:
+- service.grafana.client.single
+parameters:
+ _param:
+ grafana_protocol: http
+ grafana_port: 3000
+ grafana:
+ client:
+ enabled: true
+ server:
+ protocol: ${_param:grafana_protocol}
+ host: ${_param:grafana_address}
+ port: ${_param:grafana_port}
+ user: ${_param:grafana_user}
+ password: ${_param:grafana_password}
+ remote_data:
+ engine: 'salt_mine'
diff --git a/grafana/client/single.yml b/grafana/client/single.yml
index 49ac876..87992a7 100644
--- a/grafana/client/single.yml
+++ b/grafana/client/single.yml
@@ -1,23 +1,12 @@
classes:
-- service.grafana.client.single
+- system.grafana.client
+- system.grafana.client.datasource.influxdb
parameters:
- grafana:
- client:
- enabled: true
- server:
- protocol: http
- host: ${_param:stacklight_monitor_address}
- port: 3000
- user: ${_param:grafana_user}
- password: ${_param:grafana_password}
- remote_data:
- engine: 'salt_mine'
- datasource:
- lma:
- type: influxdb
- host: ${_param:grafana_influxdb_host}
- port: ${_param:influxdb_port}
- user: lma
- password: ${_param:influxdb_stacklight_password}
- database: lma
- is_default: true
+ _param:
+ grafana_address: ${_param:stacklight_monitor_address}
+ grafana_influxdb_address: ${_param:grafana_influxdb_host}
+ grafana_influxdb_port: ${_param:influxdb_port}
+ grafana_influxdb_user: lma
+ grafana_influxdb_password: ${_param:influxdb_stacklight_password}
+ grafana_influxdb_database: lma
+ grafana_influxdb_ds_name: lma
diff --git a/jenkins/client/init.yml b/jenkins/client/init.yml
index 07720fa..ef0241d 100644
--- a/jenkins/client/init.yml
+++ b/jenkins/client/init.yml
@@ -17,6 +17,7 @@
password: ${_param:jenkins_client_password}
plugin:
ansicolor: {}
+ artifactory: {}
build-blocker-plugin: {}
build-monitor-plugin: {}
build-user-vars-plugin: {}
diff --git a/kubernetes/master/cluster.yml b/kubernetes/master/cluster.yml
index 0539331..ab283d0 100644
--- a/kubernetes/master/cluster.yml
+++ b/kubernetes/master/cluster.yml
@@ -9,4 +9,6 @@
container: false
network:
engine: calico
- private_ip_range: ${_param:calico_private_network}/${_param:calico_private_netmask}
\ No newline at end of file
+ private_ip_range: ${_param:calico_private_network}/${_param:calico_private_netmask}
+ prometheus:
+ enabled: true
diff --git a/kubernetes/pool/cluster.yml b/kubernetes/pool/cluster.yml
index b38cf07..8295d97 100644
--- a/kubernetes/pool/cluster.yml
+++ b/kubernetes/pool/cluster.yml
@@ -6,4 +6,6 @@
pool:
container: false
network:
- engine: calico
\ No newline at end of file
+ engine: calico
+ prometheus:
+ enabled: true
diff --git a/nova/control/cluster.yml b/nova/control/cluster.yml
index 1bcc8b9..d47c5e1 100644
--- a/nova/control/cluster.yml
+++ b/nova/control/cluster.yml
@@ -10,6 +10,7 @@
nova_cpu_allocation_ratio: 16.0
nova_ram_allocation_ratio: 1.5
nova_disk_allocation_ratio: 1.0
+ metadata_password: metadataPass
nova:
controller:
enabled: true
diff --git a/openssh/server/team/k8s_team.yml b/openssh/server/team/k8s_team.yml
new file mode 100644
index 0000000..ed85ae0
--- /dev/null
+++ b/openssh/server/team/k8s_team.yml
@@ -0,0 +1,23 @@
+parameters:
+ linux:
+ system:
+ user:
+ dshulyak:
+ enabled: true
+ name: dshulyak
+ sudo: true
+ full_name: Dmitry Shulyak
+ home: /home/dshulyak
+ email: dshulyak@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ dshulyak:
+ enabled: true
+ public_keys:
+ - ${public_keys:dshulyak}
+ user: ${linux:system:user:dshulyak}
+ public_keys:
+ kproskurin:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCvkecSoZQDlJ3rfnxzYYkKVOwZG/oGVNYykey07pJXzcc4RDnP+OSPSD57Ovc3f9DgGpDqi5EaSTK9wPT3Z4Xlq/0IN9mJjSqkMKahlQutozNeathqghM3mkiBrqV8Y9H+L+5V743ttWMxp+oEpYMVz6QlP152mDwhRESEoU6dm1UjPDOPmiqIBrjkc0glqrBGkvj6Rd7cyVrbVG//mOoemT0S+l9KHjVzIDF3sd9m1MWCtslO0ixCrIXh90wRYTUVJLe4g95Bo3f3k2/DIeqyLns2zjYaYBc54+VMwPllbc4KTNQnW+oZLGmh7fJRouJvNRmL9JrmVFBZ79tMKpLKq55U9RxAbtkO4wPUQxVXQRairYT6XVOis7eOQzojSyT8+jW1HK1ftexITn1nZnAgivzJYg9YugE5brS1pchJeptGQJDQSNeoAGR5rRc0A4uJIc9EzUjURVpa13ZWWKeenhQ3sfRUrP4+rCe4c0yeZS03jk54bNf3hqD7EEGH96L1ojAXyoVV/TgGgFJC3a3T7qciOMIJpWJVyKBVEgU9mSgWUL0lzEp/IrtEObNQQKwTb7LBM6wrSJd/57ePlTzXzSAZEed+7QV0LW+SBD7rwQyKM93i1P+do+4dmGO0fGr9AhMp2J4gsaFuAtCYZXV/b2zmuGnYGhbq3vacLIJYqQ== ds@ds-X10SAE
diff --git a/salt/minion/cert/ceph/pki.yml b/salt/minion/cert/ceph/pki.yml
index 259fc38..37e4fc5 100644
--- a/salt/minion/cert/ceph/pki.yml
+++ b/salt/minion/cert/ceph/pki.yml
@@ -3,6 +3,6 @@
minion:
cert:
ceph:
- key_file: /srv/salt/pki/${_param:cluster_name}/ceph.${_param:cluster_public_host}.key
- cert_file: /srv/salt/pki/${_param:cluster_name}/ceph.${_param:cluster_public_host}.crt
- all_file: /srv/salt/pki/${_param:cluster_name}/ceph-with-key.${_param:cluster_public_host}.pem
+ key_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:ceph:common_name}.key
+ cert_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:ceph:common_name}.crt
+ all_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:ceph:common_name}-chain-with-key.pem
diff --git a/salt/minion/cert/proxy/pki.yml b/salt/minion/cert/proxy/pki.yml
index 9a93bbf..731aea6 100644
--- a/salt/minion/cert/proxy/pki.yml
+++ b/salt/minion/cert/proxy/pki.yml
@@ -3,6 +3,6 @@
minion:
cert:
proxy:
- key_file: /srv/salt/pki/${_param:cluster_name}/proxy.${_param:cluster_public_host}.key
- cert_file: /srv/salt/pki/${_param:cluster_name}/proxy.${_param:cluster_public_host}.crt
- all_file: /srv/salt/pki/${_param:cluster_name}/proxy-with-key.${_param:cluster_public_host}.pem
+ key_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:proxy:common_name}.key
+ cert_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:proxy:common_name}.crt
+ all_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:proxy:common_name}-chain-with-key.pem
diff --git a/salt/minion/cert/swift/pki.yml b/salt/minion/cert/swift/pki.yml
index dd24060..3195e48 100644
--- a/salt/minion/cert/swift/pki.yml
+++ b/salt/minion/cert/swift/pki.yml
@@ -3,6 +3,6 @@
minion:
cert:
swift:
- key_file: /srv/salt/pki/${_param:cluster_name}/swift.${_param:cluster_public_host}.key
- cert_file: /srv/salt/pki/${_param:cluster_name}/swift.${_param:cluster_public_host}.crt
- all_file: /srv/salt/pki/${_param:cluster_name}/swift-with-key.${_param:cluster_public_host}.pem
+ key_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:swift:common_name}.key
+ cert_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:swift:common_name}.crt
+ all_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:swift:common_name}-chain-with-key.pem
diff --git a/salt/minion/cert/wildcard/init.yml b/salt/minion/cert/wildcard/init.yml
index 3bc2d52..2974895 100644
--- a/salt/minion/cert/wildcard/init.yml
+++ b/salt/minion/cert/wildcard/init.yml
@@ -11,6 +11,6 @@
authority: ${_param:salt_minion_ca_authority}
common_name: wildcard
alternative_names: IP:127.0.0.1,${_param:salt_pki_wildcard_alt_names}
- key_file: /srv/salt/pki/${_param:cluster_name}/wildcard.${_param:cluster_public_host}.key
- cert_file: /srv/salt/pki/${_param:cluster_name}/wildcard.${_param:cluster_public_host}.crt
- all_file: /srv/salt/pki/${_param:cluster_name}/wildcard-with-key.${_param:cluster_public_host}.pem
+ key_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:wildcard:common_name}.key
+ cert_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:wildcard:common_name}.crt
+ all_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:wildcard:common_name}-chain-with-key.pem