Merge pull request #39 from simonpasquier/fix-elasticsearch-cluster-class

Remove haproxy and keepalived classes from elasticsearch
diff --git a/ccp/control/service/neutron_contrail.yml b/ccp/control/service/neutron_contrail.yml
new file mode 100644
index 0000000..6bd75fe
--- /dev/null
+++ b/ccp/control/service/neutron_contrail.yml
@@ -0,0 +1,2 @@
+classes:
+- service.ccp.control.service.neutron_contrail
diff --git a/ccp/control/service/neutron_ovs.yml b/ccp/control/service/neutron_ovs.yml
new file mode 100644
index 0000000..7225029
--- /dev/null
+++ b/ccp/control/service/neutron_ovs.yml
@@ -0,0 +1,2 @@
+classes:
+- service.ccp.control.service.neutron_ovs
diff --git a/ccp/control/service/openstack_control.yml b/ccp/control/service/openstack_control.yml
new file mode 100644
index 0000000..187a7bf
--- /dev/null
+++ b/ccp/control/service/openstack_control.yml
@@ -0,0 +1,5 @@
+classes:
+- service.ccp.control.service.keystone
+- service.ccp.control.service.nova_controller
+parameters:
+  _param: {}
diff --git a/ccp/control/single.yml b/ccp/control/single.yml
new file mode 100644
index 0000000..c64ea84
--- /dev/null
+++ b/ccp/control/single.yml
@@ -0,0 +1,9 @@
+classes:
+- service.ccp.control.single
+- service.ccp.control.service.etcd
+parameters:
+  _param:
+    ccp_public_interface: eth0
+    ccp_private_interface: eth0
+    ccp_kubernetes_host: 127.0.0.1
+    ccp_control_namespace: ccp
diff --git a/ceilometer/agent/cluster.yml b/ceilometer/agent/cluster.yml
index 283e9d9..d4ec5da 100644
--- a/ceilometer/agent/cluster.yml
+++ b/ceilometer/agent/cluster.yml
@@ -1,6 +1,27 @@
 classes:
 - service.ceilometer.agent.cluster
 parameters:
+  ceilometer:
+    agent:
+      enabled: true
+      version: ${_param:ceilometer_version}
+      secret: ${_param:ceilometer_secret_key}
+      identity:
+        engine: keystone
+        host: ${_param:keystone_service_host}
+        port: 35357
+        tenant: service
+        user: ceilometer
+        password: ${_param:keystone_ceilometer_password}
+      message_queue:
+        engine: rabbitmq
+        host: ${_param:openstack_message_queue_address}
+        port: 5672
+        user: openstack
+        password: ${_param:rabbitmq_openstack_password}
+        virtual_host: '/openstack'
+        ha_queues: true
+        rpc_thread_pool_size: 5
   nova:
     compute:
       notification:
diff --git a/ceilometer/server/backend/influxdb.yml b/ceilometer/server/backend/influxdb.yml
index b5ce904..8faeceb 100644
--- a/ceilometer/server/backend/influxdb.yml
+++ b/ceilometer/server/backend/influxdb.yml
@@ -3,7 +3,7 @@
     server:
       database:
         influxdb:
-          host: ${_param:stacklight_telementry_node01_address}
+          host: ${_param:stacklight_telemetry_node01_address}
           port: 8086
           user: ceilometer
           password: ${_param:ceilometer_influxdb_password}
diff --git a/haproxy/proxy/listen/kubernetes/apiserver.yml b/haproxy/proxy/listen/kubernetes/apiserver.yml
new file mode 100644
index 0000000..a365c51
--- /dev/null
+++ b/haproxy/proxy/listen/kubernetes/apiserver.yml
@@ -0,0 +1,40 @@
+parameters:
+  haproxy:
+    proxy:
+      listen:
+        k8s_cluster:
+          type: kubernetes
+          binds:
+          - address: ${_param:cluster_vip_address}
+            port: 8080
+          servers:
+          - name: ${_param:cluster_node01_hostname}
+            host: ${_param:cluster_node01_address}
+            port: 8080
+            params: check
+          - name: ${_param:cluster_node02_hostname}
+            host: ${_param:cluster_node02_address}
+            port: 8080
+            params: check
+          - name: ${_param:cluster_node03_hostname}
+            host: ${_param:cluster_node03_address}
+            port: 8080
+            params: check
+        k8s_cluster_localhost:
+          type: kubernetes
+          binds:
+          - address: localhost
+            port: 8080
+          servers:
+          - name: ${_param:cluster_node01_hostname}
+            host: ${_param:cluster_node01_address}
+            port: 8080
+            params: check
+          - name: ${_param:cluster_node02_hostname}
+            host: ${_param:cluster_node02_address}
+            port: 8080
+            params: check
+          - name: ${_param:cluster_node03_hostname}
+            host: ${_param:cluster_node03_address}
+            port: 8080
+            params: check
\ No newline at end of file
diff --git a/haproxy/proxy/listen/kubernetes/etcd.yml b/haproxy/proxy/listen/kubernetes/etcd.yml
new file mode 100644
index 0000000..c314191
--- /dev/null
+++ b/haproxy/proxy/listen/kubernetes/etcd.yml
@@ -0,0 +1,22 @@
+parameters:
+  haproxy:
+    proxy:
+      listen:
+        etcd_cluster:
+          type: etcd
+          binds:
+          - address: ${_param:cluster_vip_address}
+            port: 4001
+          servers:
+          - name: etc01
+            host: ${_param:cluster_node01_address}
+            port: 4001
+            params: check
+          - name: etc02
+            host: ${_param:cluster_node02_address}
+            port: 4001
+            params: backup check
+          - name: etc03
+            host: ${_param:cluster_node03_address}
+            port: 4001
+            params: backup check
\ No newline at end of file
diff --git a/kubernetes/master/cluster.yml b/kubernetes/master/cluster.yml
new file mode 100644
index 0000000..0539331
--- /dev/null
+++ b/kubernetes/master/cluster.yml
@@ -0,0 +1,12 @@
+classes:
+- service.kubernetes.master.cluster
+- service.keepalived.cluster.single
+- service.haproxy.proxy.single
+- system.haproxy.proxy.listen.kubernetes.apiserver
+parameters:
+  kubernetes:
+    master:
+      container: false
+      network:
+        engine: calico
+        private_ip_range: ${_param:calico_private_network}/${_param:calico_private_netmask}
\ No newline at end of file
diff --git a/kubernetes/pool/cluster.yml b/kubernetes/pool/cluster.yml
new file mode 100644
index 0000000..b38cf07
--- /dev/null
+++ b/kubernetes/pool/cluster.yml
@@ -0,0 +1,9 @@
+classes:
+- service.kubernetes.pool.cluster
+- service.docker.host
+parameters:
+  kubernetes:
+    pool:
+      container: false
+      network:
+        engine: calico
\ No newline at end of file
diff --git a/linux/network/interface/ovs_lab_dvr.yml b/linux/network/interface/ovs_lab_dvr.yml
deleted file mode 100644
index 482bd02..0000000
--- a/linux/network/interface/ovs_lab_dvr.yml
+++ /dev/null
@@ -1,67 +0,0 @@
-parameters:
-  _param:
-    primary_interface: eth1
-    tenant_interface: eth2
-    external_interface: eth3
-    interface_mtu: 9000
-  linux:
-    network:
-      bridge: openvswitch
-      interface:
-        primary_interface:
-          enabled: true
-          name: ${_param:primary_interface}
-          type: eth
-          mtu: ${_param:interface_mtu}
-          proto: manual
-        tenant_interface:
-          enabled: true
-          name: ${_param:tenant_interface}
-          type: eth
-          mtu: ${_param:interface_mtu}
-          proto: manual
-        external_interface:
-          enabled: true
-          name: ${_param:external_interface}
-          type: eth
-          mtu: ${_param:interface_mtu}
-          proto: manual
-        br-int:
-          enabled: true
-          mtu: ${_param:interface_mtu}
-          type: ovs_bridge
-        br-floating:
-          enabled: true
-          mtu: ${_param:interface_mtu}
-          type: ovs_bridge
-        float-to-ex:
-          enabled: true
-          type: ovs_port
-          mtu: 65000
-          bridge: br-floating
-        br-mgmt:
-          enabled: true
-          type: bridge
-          mtu: ${_param:interface_mtu}
-          address: ${_param:single_address}
-          netmask: 255.255.255.0
-          use_interfaces:
-          - ${_param:primary_interface}
-        br-mesh:
-          enabled: true
-          type: bridge
-          mtu: ${_param:interface_mtu}
-          address: ${_param:tenant_address}
-          netmask: 255.255.255.0
-          use_interfaces:
-          - ${_param:tenant_interface}
-        br-ex:
-          enabled: true
-          type: bridge
-          mtu: ${_param:interface_mtu}
-          address: ${_param:external_address}
-          netmask: 255.255.255.0
-          use_interfaces:
-          - ${_param:external_interface}
-          use_ovs_ports:
-          - float-to-ex
\ No newline at end of file
diff --git a/linux/system/repo/docker.yml b/linux/system/repo/docker.yml
new file mode 100644
index 0000000..6eae575
--- /dev/null
+++ b/linux/system/repo/docker.yml
@@ -0,0 +1,9 @@
+parameters:
+  linux:
+    system:
+      repo:
+        docker:
+          source: "deb https://apt.dockerproject.org/repo ubuntu-${_param:linux_system_codename} main"
+          architectures: amd64
+          key_id: 58118E89F3A912897C070ADBF76221572C52609D
+          key_server: hkp://p80.pool.sks-keyservers.net:80
diff --git a/linux/system/repo/mos9_latest.yml b/linux/system/repo/mos9_latest.yml
index a55c8ae..d986602 100644
--- a/linux/system/repo/mos9_latest.yml
+++ b/linux/system/repo/mos9_latest.yml
@@ -5,14 +5,20 @@
         python-msgpack:
           version: latest
       repo:
-      # This repository is needed because the python-influxdb package
-      # required for Mitaka Ceilometer is only present in
-      # mos9.0-proposed from the 9.0-latest repository
         mirantis_latest_openstack_proposed:
           source: "deb http://mirror.fuel-infra.org/mos-repos/ubuntu/snapshots/9.0-latest/ mos9.0-proposed main"
           architectures: amd64
           key_url: "http://mirror.fuel-infra.org/mos-repos/ubuntu/snapshots/9.0-latest/archive-mos9.0.key"
           pin:
+            # Ceilometer packages should be picked from mos9.0-proposed
+            # if more recent versions exist there because the packages
+            # from mos9.0-stable have bugs related to the Events API.
+            - pin: "release a=mos9.0-proposed"
+              priority: 800
+              package: "/ceilometer/"
+            # This repository is needed because the python-influxdb package
+            # required for Mitaka Ceilometer is only present in
+            # mos9.0-proposed from the 9.0-latest repository
             - pin: "release a=mos9.0-proposed"
               priority: 400
               package: "*"
diff --git a/nova/compute/cluster.yml b/nova/compute/cluster.yml
index 7eca116..b27ac38 100644
--- a/nova/compute/cluster.yml
+++ b/nova/compute/cluster.yml
@@ -81,7 +81,7 @@
       network:
         engine: neutron
         region: ${_param:openstack_region}
-        host: ${_param:opencontrail_control_address}
+        host: ${_param:neutron_service_host}
         port: 9696
         user: neutron
         tenant: service
diff --git a/nova/control/cluster.yml b/nova/control/cluster.yml
index 2fb47fb..ac08d43 100644
--- a/nova/control/cluster.yml
+++ b/nova/control/cluster.yml
@@ -59,11 +59,11 @@
       network:
         engine: neutron
         region: ${_param:openstack_region}
-        host: ${_param:opencontrail_control_address}
+        host: ${_param:neutron_service_host}
         user: neutron
         password: ${_param:keystone_neutron_password}
         port: 9696
         mtu: 1500
         tenant: service
       metadata:
-        password: metadataPass
\ No newline at end of file
+        password: metadataPass
diff --git a/openssh/server/team/mmo_de.yml b/openssh/server/team/mmo_de.yml
new file mode 100644
index 0000000..4352929
--- /dev/null
+++ b/openssh/server/team/mmo_de.yml
@@ -0,0 +1,51 @@
+parameters:
+  linux:
+    system:
+      user:
+        dszeluga:
+          enabled: true
+          name: dszeluga
+          sudo: true
+          full_name: Damian Szeluga
+          home: /home/dszeluga
+        mlos:
+          enabled: true
+          name: mlos
+          sudo: true
+          full_name: Mateusz Los
+          home: /home/mlos
+        mwilson:
+          enabled: true
+          name: mwilson
+          sudo: true
+          full_name: Mike Wilson
+          home: /home/mwilson
+  openssh:
+    server:
+      enabled: true
+      user:
+        dszeluga:
+          enabled: true
+          public_keys:
+          - ${public_keys:dszeluga}
+          user: ${linux:system:user:dszeluga}
+        mlos:
+          enabled: true
+          public_keys:
+          - ${public_keys:mlos}
+          user: ${linux:system:user:mlos}
+        mwilson:
+          enabled: true
+          public_keys:
+          - ${public_keys:mwilson}
+          - ${public_keys:mwilson2}
+          user: ${linux:system:user:mwilson}
+  public_keys:
+    dszeluga:
+      key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDEEFoCOaivah6AjFZmPIDlDlp8mUfsh9UFrjgLL8vqVYoyVnuZ5DQZTeZsCgFCPxodEsgHDkSEFwkB6hbyqEXszGIL8dWwSBR3QfNJD2cjZ8ZYqXsKN63RzHGAjTXMjlCB7TZtcui1SWpKjGd+x3gQ0KkHZI9V9WVYDcC75kyEAHZptM2N9jlwbhr9lXZ77gZacjaGoKN0Agb/ydd1TyhQ1F3g56pnvgZtkOe/bStwjpz2NS0FqiqAR3wOeZZUGsR3TCP70oYfaeJvpCDVRR/gVXqqvcBAiNYTGC/tMlKuECKPtOOAP8Oc+bt1eOrbiPVJ5NfoOIpmMCDUUSnFoNGN damjanek@cocaine.local
+    mlos:
+      key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu2lUtuV3WnfLk/TcXQA0p/XKMSsRU+0Ov/j1x1aFZgG14QckfkOPJ8bRZ6+R5csYtd8Xy1yQS9xWQcq+bON4CkY/PfwCdmVxjWy5lLIg1Pmq18z+f/DNwCqPhXZy9MO3WkfXWtzd5qhk4aHUVX4R6K64OaDCdIqaVAiHTZp4jy+CqhOLiJcCyrrr/nXEHooVr9iZo2c8qGNdPfS9xw8Ikb7/TXOTOme8RL+DBOXLLjQaECcQYZlD057zSULLkUNH4y+3hs4hSmpzQj52NZ3FyDQTW6d3H0wmjaNhu2zrBOn48UGvYeTzT8QZCHYAYv20bFWLWDzDpB9lqUO2P+9g1 losiek@Mateuszs-MacBook-Pro-2.local
+    mwilson:
+      key: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA3ltgS2MbSWR6c/V60oEHtUnLQ3bm5sSqnjFEvL00Y/aVuNL6VCnPCrWXlYSbp6P70UYuD+ngD4x7aW8jg13ii9rw2RntlaPfmttIOb6REDFohOhC4T3BPdeCd5wVe9p/ioyiFCqNi6/m/RWL7Iv8IlR/2IetQHL14VWwTgGd62sqExdb6oZM3Yux/S4jSTcMYBzt49t+QKTLiYTvQJl7Tzv8RJNzAWMsgBwo9M1N73Zqa0hA46sGkbwmWXoBhnJwowGD38q54P+WaSrar/9FT7l+uCXMwbsyYDpoRJH8SQOOpKrymEeyKCjXQUVtLopmfZMZ6COBpLsTSq1BCytwQw== /home/mwilson/.ssh/id_rsa
+    mwilson2:
+      key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDV6H07IEV9merlHUFV8O/Y7sczYXNZjysTBg4TkUW3mWzvW0PJMKnP6Fc1XfFE53fR71N09gkmnVlEtbHa8PTXoS89JVuUHTnitAbDdINShm0pFNWsi/3f00nbfQ8hjaxEWeZ4VlwYzP4v5IPVtpDug+epK65clIG8Xfxlp+CcckyeDdBNSztHHDuQiholzmPicN6EFM6bVUqUZSGnmxiOCrYUOMXBbYChBc3otfeF6vO3WvnKF77nixgOGGmuS0+t96vPKLB3cl5GYpTFyOmrt3tu7JPlTsqwUa0yqDa3ny+5BToIpnROhAqTZV5fV3LHgtObcWYRGANdjVWyPiNOiywiDzsw7/xzuuqV2wLeLnFG1Z+G550F1Ed4lrsPYKc7+qxZYLquI0iJoIjg5WPzNw5QBLdb1srL9zo+0A91Asx8U95IjIMWumowWjDN3Mn0qJwxW5d8SUign3wksIu2FlkLCT4u95CEIebDVEhTQQR0AOP00/KLKtBDn9a5H0UnJZZSTG4+prU3CnqyXqyp6dano86fGEkkcP2PDi/SUwoxdBvMVbdZxYpPYm+8Oe0TjLWPlwu4kYCwVnl3EYgJZAHjT6wVHOjyXcJYezPvvXY8B/VR8UfupetHg5/mVjoQQy2+Nl34AaDN2TLQLXRuG+U+hZqV5Jzc3JO+KKfDUw== mwilson@mwilson-ThinkPad-W530
diff --git a/openssh/server/team/tcpcloud.yml b/openssh/server/team/tcpcloud.yml
index 562dc3d..85b20f5 100644
--- a/openssh/server/team/tcpcloud.yml
+++ b/openssh/server/team/tcpcloud.yml
@@ -98,6 +98,12 @@
           sudo: true
           full_name: Richard Felkl
           home: /home/rfelkl
+        tkukral:
+          enabled: true
+          name: tkukral
+          sudo: true
+          full_name: Tomas Kukral
+          home: /home/tkukral
       group:
         libvirtd:
           enabled: true
@@ -181,6 +187,11 @@
           public_keys:
           - ${public_keys:rfelkl}
           user: ${linux:system:user:rfelkl}
+        tkukral:
+          enabled: true
+          public_keys:
+          - ${public_keys:tkukral}
+          user: ${linux:system:user:tkukral}
   public_keys:
     askotnicky:
       key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDO6EnDYaGdF/Nn6lntxDNnKanCsheZRdh8kA/6ImyeRSjT2cgepm1Fsgv7wXBYoy0OxhB5wgCp5Az/Pj4oLkG3g+G05sUPUxxGCGRiwjcnyQ/FTz4TzHglAVqgbdgWoQYf9Hg6EKZovvPcH3STbEwcl+MhLqvxz0wm5+StE+wvp6I9dEfRV+2/e1uepauOTZ1+Ui1DMNXiMefTlbiIBHzUk7RiwJWgqzQXBndgunmbJWSed8zC0Ug97waDOFIX/oKZmAmsv0NLJ2e/kC3oUTuziGT74F9sh7Pqiw/9HZxvP45hJwEvytfUjfuiikIBbmYdF7Je93czaG/qjXGN8YvP== a.skotnicky@tcpisek.cz
@@ -212,5 +223,5 @@
       key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDCBPHunnzTMg2I88ZIaiQ5eJYJRq/hQcB5UtDZTC7hO0ce+oEpftcLQiQ69xKbOPb5xiK6VMJd6a53gZykabMTov6y+nECMr4B1i6tgK1NPCU/sGhvsUKeiRo7ZVMScRPuJuTGRLjR6Ac3pRrwrWpmoRvJtLnbrvjEYlt9V7ui/VFkl7uiPQc3AjNiSkgBekDGtrqZktjUstEosucjfriF/PVtlZqha7d3rHLpK1KBzzaSMNMxCgBitEtqjgHLtcR1H/KgPQpYAwkokmvAGH8/fqcd+tpmp6hiH3k2Haf8EjVBTcw71fbmqC0rpL8/r74jyYAmkfPG8LISb/T9gPcV jiri@jiri-Mirantis
     rfelkl:
       key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDlvQKWbEQ8bM2rtE35sA5+y//YKMLNJ48d+/RxWlUx6G8xJusUhrKZuMRMgN5NqJQ92Z0Yd2lulsPeKEfSbqAxBxmNZ+mAAy8w8P/BHlQImi2HgMpWtQ5yExsAvCUAqq6KclJBhzjArg4+ztmKmNvjM8ZktJYeCM8VJ+qT01B8/3+frgltIDCDcC8YpRwbAt7aLjuB2Jk5Q9daQbtZ4XyXwHgPDpyZUkcuueUk/iklUBkAh9P3CFJBpttXEyKI0+cJAtM9vCXXPWmWt7nFAyQ8nH9+lTv/ZuD+pipKJBW2sp8+fFUWJ/Z6GzWhyh2KxiY7eK3kgabg1i7FtLFtRbZj richard@richard-inspiron
-
-
+    tkukral:
+      key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDRM6WquKic6i6v/JbNR2XuMqCCYqlfyGU1K7XHK7tWFordRLz2/o4S76sZULBTXR0rLHtynvHM4QHlloE1/XJnd0BtI/3y8aY0OkXyu6PHvTC8Az8SyGj2XAcaiPlaT2f+oTJHoPc9rxLhMMD7OTwias6QeVKB3UrT0OaHfy2wWCF7t8cQeofi2ldEHKeCsC1jrT1vaVuoThQgZ00h0rNk4COPZEW34FXdmdJFUmZcUIDMa71HtYgnn4gmE8sUiJ/j6ardvPaycCDT9j1GW1Yu6UVLBWOoMMCb04bDJiidlvY1fQqbM/G4cR4ZPHFZ0RQiM2+wnRaB5RCmBVgNT0Tj tkukral
diff --git a/reclass/storage/system/kubernetes_control_cluster.yml b/reclass/storage/system/kubernetes_control_cluster.yml
new file mode 100644
index 0000000..5180ab6
--- /dev/null
+++ b/reclass/storage/system/kubernetes_control_cluster.yml
@@ -0,0 +1,38 @@
+parameters:
+  _param:
+    kubernetes_control_node01_hostname: ctl01
+    kubernetes_control_node02_hostname: ctl02
+    kubernetes_control_node03_hostname: ctl03
+  reclass:
+    storage:
+      node:
+        kubernetes_control_node01:
+          name: ${_param:kubernetes_control_node01_hostname}
+          domain: ${_param:cluster_domain}
+          classes:
+          - cluster.${_param:cluster_name}.kubernetes.control
+          params:
+            salt_master_host: ${_param:reclass_config_master}
+            linux_system_codename: xenial
+            single_address: ${_param:kubernetes_control_node01_address}
+            keepalived_vip_priority: 103
+        kubernetes_control_node02:
+          name: ${_param:kubernetes_control_node02_hostname}
+          domain: ${_param:cluster_domain}
+          classes:
+          - cluster.${_param:cluster_name}.kubernetes.control
+          params:
+            salt_master_host: ${_param:reclass_config_master}
+            linux_system_codename: xenial
+            single_address: ${_param:kubernetes_control_node02_address}
+            keepalived_vip_priority: 102
+        kubernetes_control_node03:
+          name: ${_param:kubernetes_control_node03_hostname}
+          domain: ${_param:cluster_domain}
+          classes:
+          - cluster.${_param:cluster_name}.kubernetes.control
+          params:
+            salt_master_host: ${_param:reclass_config_master}
+            linux_system_codename: xenial
+            single_address: ${_param:kubernetes_control_node03_address}
+            keepalived_vip_priority: 101
\ No newline at end of file
diff --git a/reclass/storage/system/opencontrail_control_cluster.yml b/reclass/storage/system/opencontrail_control_cluster.yml
index a8d916e..d0213b3 100644
--- a/reclass/storage/system/opencontrail_control_cluster.yml
+++ b/reclass/storage/system/opencontrail_control_cluster.yml
@@ -18,9 +18,9 @@
             keepalived_vip_priority: 103
             opencontrail_database_id: 1
         opencontrail_control_node02:
-          name: ${_param:opencontrail_control_node02hostname}
+          name: ${_param:opencontrail_control_node02_hostname}
           domain: ${_param:cluster_domain}
-          classes:  
+          classes:
           - cluster.${_param:cluster_name}.opencontrail.control
           params:
             salt_master_host: ${_param:reclass_config_master}
diff --git a/reclass/storage/system/opencontrail_gateway_single.yml b/reclass/storage/system/opencontrail_gateway_single.yml
index 6c0b871..52b2786 100644
--- a/reclass/storage/system/opencontrail_gateway_single.yml
+++ b/reclass/storage/system/opencontrail_gateway_single.yml
@@ -1,7 +1,7 @@
 parameters:
+  _param:
+    opencontrail_gateway_hostname: gtw01
   reclass:
-    _param:
-       opencontrail_gateway_hostname: gtw01
     storage:
       node:
         opencontrail_gateway_node01:
diff --git a/reclass/storage/system/openstack_gateway_cluster.yml b/reclass/storage/system/openstack_gateway_cluster.yml
index 30e04ab..72e31c5 100644
--- a/reclass/storage/system/openstack_gateway_cluster.yml
+++ b/reclass/storage/system/openstack_gateway_cluster.yml
@@ -2,6 +2,11 @@
   _param:
     openstack_gateway_node01_hostname: gtw01
     openstack_gateway_node02_hostname: gtw02
+    openstack_gateway_node03_hostname: gtw03
+
+    openstack_gateway_node01_tenant_address: ${_param:single_address}
+    openstack_gateway_node02_tenant_address: ${_param:single_address}
+    openstack_gateway_node03_tenant_address: ${_param:single_address}
   reclass:
     storage:
       node:
@@ -14,6 +19,7 @@
             salt_master_host: ${_param:reclass_config_master}
             linux_system_codename: trusty
             single_address: ${_param:openstack_gateway_node01_address}
+            tenant_address: ${_param:openstack_gateway_node01_tenant_address}
         openstack_gateway_node02:
           name: ${_param:openstack_gateway_node02_hostname}
           domain: ${_param:cluster_domain}
@@ -23,4 +29,16 @@
             salt_master_host: ${_param:reclass_config_master}
             linux_system_codename: trusty
             single_address: ${_param:openstack_gateway_node02_address}
+            tenant_address: ${_param:openstack_gateway_node02_tenant_address}
+        openstack_gateway_node03:
+          name: ${_param:openstack_gateway_node03_hostname}
+          domain: ${_param:cluster_domain}
+          classes:
+          - cluster.${_param:cluster_name}.openstack.gateway
+          params:
+            salt_master_host: ${_param:reclass_config_master}
+            linux_system_codename: trusty
+            single_address: ${_param:openstack_gateway_node03_address}
+            tenant_address: ${_param:openstack_gateway_node03_tenant_address}
+
 
diff --git a/reclass/storage/system/physical_control_cluster.yml b/reclass/storage/system/physical_control_cluster.yml
index 2d27058..12b83c9 100644
--- a/reclass/storage/system/physical_control_cluster.yml
+++ b/reclass/storage/system/physical_control_cluster.yml
@@ -3,6 +3,19 @@
     infra_compute_node01_hostname: kvm01
     infra_compute_node02_hostname: kvm02
     infra_compute_node03_hostname: kvm03
+
+    infra_compute_node01_deploy_address: ${_param:infra_compute_node01_address}
+    infra_compute_node02_deploy_address: ${_param:infra_compute_node02_address}
+    infra_compute_node03_deploy_address: ${_param:infra_compute_node03_address}
+
+    infra_compute_node01_storage_address: ${_param:infra_compute_node01_address}
+    infra_compute_node02_storage_address: ${_param:infra_compute_node02_address}
+    infra_compute_node03_storage_address: ${_param:infra_compute_node03_address}
+
+    infra_compute_node01_public_address: ${_param:infra_compute_node01_address}
+    infra_compute_node02_public_address: ${_param:infra_compute_node02_address}
+    infra_compute_node03_public_address: ${_param:infra_compute_node03_address}
+
   reclass:
     storage:
       node:
@@ -10,26 +23,35 @@
           name: ${_param:infra_compute_node01_hostname}
           domain: ${_param:cluster_domain}
           classes:
-          - cluster.${_param:cluster_name}.infra.compute
+          - cluster.${_param:cluster_name}.infra.kvm
           params:
             salt_master_host: ${_param:reclass_config_master}
             linux_system_codename: trusty
             single_address: ${_param:infra_compute_node01_address}
+            deploy_address: ${_param:infra_compute_node01_deploy_address}
+            public_address: ${_param:infra_compute_node01_public_address}
+            storage_address: ${_param:infra_compute_node01_storage_address}
         infra_compute_node02:
           name: ${_param:infra_compute_node02_hostname}
           domain: ${_param:cluster_domain}
           classes:
-          - cluster.${_param:cluster_name}.infra.compute
+          - cluster.${_param:cluster_name}.infra.kvm
           params:
             salt_master_host: ${_param:reclass_config_master}
             linux_system_codename: trusty
             single_address: ${_param:infra_compute_node02_address}
+            deploy_address: ${_param:infra_compute_node02_deploy_address}
+            public_address: ${_param:infra_compute_node02_public_address}
+            storage_address: ${_param:infra_compute_node02_storage_address}
         infra_compute_node03:
           name: ${_param:infra_compute_node03_hostname}
           domain: ${_param:cluster_domain}
           classes:
-          - cluster.${_param:cluster_name}.infra.compute
+          - cluster.${_param:cluster_name}.infra.kvm
           params:
             salt_master_host: ${_param:reclass_config_master}
             linux_system_codename: trusty
             single_address: ${_param:infra_compute_node03_address}
+            deploy_address: ${_param:infra_compute_node03_deploy_address}
+            public_address: ${_param:infra_compute_node03_public_address}
+            storage_address: ${_param:infra_compute_node03_storage_address}
diff --git a/reclass/storage/system/physical_control_full.yml b/reclass/storage/system/physical_control_full.yml
index d1dc5c8..7591113 100644
--- a/reclass/storage/system/physical_control_full.yml
+++ b/reclass/storage/system/physical_control_full.yml
@@ -9,6 +9,37 @@
     infra_compute_node07_hostname: kvm07
     infra_compute_node08_hostname: kvm08
     infra_compute_node09_hostname: kvm09
+
+    infra_compute_node01_deploy_address: ${_param:infra_compute_node01_address}
+    infra_compute_node02_deploy_address: ${_param:infra_compute_node02_address}
+    infra_compute_node03_deploy_address: ${_param:infra_compute_node03_address}
+    infra_compute_node04_deploy_address: ${_param:infra_compute_node04_address}
+    infra_compute_node05_deploy_address: ${_param:infra_compute_node05_address}
+    infra_compute_node06_deploy_address: ${_param:infra_compute_node06_address}
+    infra_compute_node07_deploy_address: ${_param:infra_compute_node07_address}
+    infra_compute_node08_deploy_address: ${_param:infra_compute_node08_address}
+    infra_compute_node09_deploy_address: ${_param:infra_compute_node09_address}
+
+    infra_compute_node01_storage_address: ${_param:infra_compute_node01_address}
+    infra_compute_node02_storage_address: ${_param:infra_compute_node02_address}
+    infra_compute_node03_storage_address: ${_param:infra_compute_node03_address}
+    infra_compute_node04_storage_address: ${_param:infra_compute_node04_address}
+    infra_compute_node05_storage_address: ${_param:infra_compute_node05_address}
+    infra_compute_node06_storage_address: ${_param:infra_compute_node06_address}
+    infra_compute_node07_storage_address: ${_param:infra_compute_node07_address}
+    infra_compute_node08_storage_address: ${_param:infra_compute_node08_address}
+    infra_compute_node09_storage_address: ${_param:infra_compute_node09_address}
+
+    infra_compute_node01_public_address: ${_param:infra_compute_node01_address}
+    infra_compute_node02_public_address: ${_param:infra_compute_node02_address}
+    infra_compute_node03_public_address: ${_param:infra_compute_node03_address}
+    infra_compute_node04_public_address: ${_param:infra_compute_node04_address}
+    infra_compute_node05_public_address: ${_param:infra_compute_node05_address}
+    infra_compute_node06_public_address: ${_param:infra_compute_node06_address}
+    infra_compute_node07_public_address: ${_param:infra_compute_node07_address}
+    infra_compute_node08_public_address: ${_param:infra_compute_node08_address}
+    infra_compute_node09_public_address: ${_param:infra_compute_node09_address}
+
   reclass:
     storage:
       node:
@@ -16,89 +47,107 @@
           name: ${_param:infra_compute_node01_hostname}
           domain: ${_param:cluster_domain}
           classes:
-          - cluster.${_param:cluster_name}.infra.compute
+          - cluster.${_param:cluster_name}.infra.kvm
           params:
             salt_master_host: ${_param:reclass_config_master}
             linux_system_codename: trusty
             single_address: ${_param:infra_compute_node01_address}
             deploy_address: ${_param:infra_compute_node01_deploy_address}
+            public_address: ${_param:infra_compute_node01_public_address}
+            storage_address: ${_param:infra_compute_node01_storage_address}
         infra_compute_node02:
           name: ${_param:infra_compute_node02_hostname}
           domain: ${_param:cluster_domain}
           classes:
-          - cluster.${_param:cluster_name}.infra.compute
+          - cluster.${_param:cluster_name}.infra.kvm
           params:
             salt_master_host: ${_param:reclass_config_master}
             linux_system_codename: trusty
             single_address: ${_param:infra_compute_node02_address}
             deploy_address: ${_param:infra_compute_node02_deploy_address}
+            public_address: ${_param:infra_compute_node02_public_address}
+            storage_address: ${_param:infra_compute_node02_storage_address}
         infra_compute_node03:
           name: ${_param:infra_compute_node03_hostname}
           domain: ${_param:cluster_domain}
           classes:
-          - cluster.${_param:cluster_name}.infra.compute
+          - cluster.${_param:cluster_name}.infra.kvm
           params:
             salt_master_host: ${_param:reclass_config_master}
             linux_system_codename: trusty
             single_address: ${_param:infra_compute_node03_address}
             deploy_address: ${_param:infra_compute_node03_deploy_address}
+            public_address: ${_param:infra_compute_node03_public_address}
+            storage_address: ${_param:infra_compute_node03_storage_address}
         infra_compute_node04:
           name: ${_param:infra_compute_node04_hostname}
           domain: ${_param:cluster_domain}
           classes:
-          - cluster.${_param:cluster_name}.infra.compute
+          - cluster.${_param:cluster_name}.infra.kvm
           params:
             salt_master_host: ${_param:reclass_config_master}
             linux_system_codename: trusty
             single_address: ${_param:infra_compute_node04_address}
             deploy_address: ${_param:infra_compute_node04_deploy_address}
+            public_address: ${_param:infra_compute_node04_public_address}
+            storage_address: ${_param:infra_compute_node04_storage_address}
         infra_compute_node05:
           name: ${_param:infra_compute_node05_hostname}
           domain: ${_param:cluster_domain}
           classes:
-          - cluster.${_param:cluster_name}.infra.compute
+          - cluster.${_param:cluster_name}.infra.kvm
           params:
             salt_master_host: ${_param:reclass_config_master}
             linux_system_codename: trusty
             single_address: ${_param:infra_compute_node05_address}
             deploy_address: ${_param:infra_compute_node05_deploy_address}
+            public_address: ${_param:infra_compute_node05_public_address}
+            storage_address: ${_param:infra_compute_node05_storage_address}
         infra_compute_node06:
           name: ${_param:infra_compute_node06_hostname}
           domain: ${_param:cluster_domain}
           classes:
-          - cluster.${_param:cluster_name}.infra.compute
+          - cluster.${_param:cluster_name}.infra.kvm
           params:
             salt_master_host: ${_param:reclass_config_master}
             linux_system_codename: trusty
             single_address: ${_param:infra_compute_node06_address}
             deploy_address: ${_param:infra_compute_node06_deploy_address}
+            public_address: ${_param:infra_compute_node06_public_address}
+            storage_address: ${_param:infra_compute_node06_storage_address}
         infra_compute_node07:
           name: ${_param:infra_compute_node07_hostname}
           domain: ${_param:cluster_domain}
           classes:
-          - cluster.${_param:cluster_name}.infra.compute
+          - cluster.${_param:cluster_name}.infra.kvm
           params:
             salt_master_host: ${_param:reclass_config_master}
             linux_system_codename: trusty
             single_address: ${_param:infra_compute_node07_address}
             deploy_address: ${_param:infra_compute_node07_deploy_address}
+            public_address: ${_param:infra_compute_node07_public_address}
+            storage_address: ${_param:infra_compute_node07_storage_address}
         infra_compute_node08:
           name: ${_param:infra_compute_node08_hostname}
           domain: ${_param:cluster_domain}
           classes:
-          - cluster.${_param:cluster_name}.infra.compute
+          - cluster.${_param:cluster_name}.infra.kvm
           params:
             salt_master_host: ${_param:reclass_config_master}
             linux_system_codename: trusty
             single_address: ${_param:infra_compute_node08_address}
             deploy_address: ${_param:infra_compute_node08_deploy_address}
+            public_address: ${_param:infra_compute_node08_public_address}
+            storage_address: ${_param:infra_compute_node08_storage_address}
         infra_compute_node09:
           name: ${_param:infra_compute_node09_hostname}
           domain: ${_param:cluster_domain}
           classes:
-          - cluster.${_param:cluster_name}.infra.compute
+          - cluster.${_param:cluster_name}.infra.kvm
           params:
             salt_master_host: ${_param:reclass_config_master}
             linux_system_codename: trusty
             single_address: ${_param:infra_compute_node09_address}
             deploy_address: ${_param:infra_compute_node09_deploy_address}
+            public_address: ${_param:infra_compute_node09_public_address}
+            storage_address: ${_param:infra_compute_node09_storage_address}
\ No newline at end of file
diff --git a/reclass/storage/system/physical_control_single.yml b/reclass/storage/system/physical_control_single.yml
index 4d23169..1a604f1 100644
--- a/reclass/storage/system/physical_control_single.yml
+++ b/reclass/storage/system/physical_control_single.yml
@@ -1,6 +1,9 @@
 parameters:
   _param:
     infra_compute_node01_hostname: kvm01
+    infra_compute_node01_deploy_address: ${_param:infra_compute_node01_address}
+    infra_compute_node01_storage_address: ${_param:infra_compute_node01_address}
+    infra_compute_node01_public_address: ${_param:infra_compute_node01_address}
   reclass:
     storage:
       node:
@@ -8,9 +11,11 @@
           name: ${_param:infra_compute_node01_hostname}
           domain: ${_param:cluster_domain}
           classes:
-          - cluster.${_param:cluster_name}.infra.compute
+          - cluster.${_param:cluster_name}.infra.kvm
           params:
             salt_master_host: ${_param:reclass_config_master}
             linux_system_codename: trusty
             single_address: ${_param:infra_compute_node01_address}
-
+            deploy_address: ${_param:infra_compute_node01_deploy_address}
+            public_address: ${_param:infra_compute_node01_public_address}
+            storage_address: ${_param:infra_compute_node01_storage_address}
\ No newline at end of file
diff --git a/reclass/storage/system/stacklight_server_cluster.yml b/reclass/storage/system/stacklight_server_cluster.yml
index a654ea2..9d40ea9 100644
--- a/reclass/storage/system/stacklight_server_cluster.yml
+++ b/reclass/storage/system/stacklight_server_cluster.yml
@@ -1,8 +1,8 @@
 parameters:
   _param:
     stacklight_monitor_node01_hostname: mon01
-    stacklight_monitor_node01_hostname: mon02
-    stacklight_monitor_node01_hostname: mon03
+    stacklight_monitor_node02_hostname: mon02
+    stacklight_monitor_node03_hostname: mon03
   reclass:
     storage:
       node:
@@ -40,4 +40,4 @@
             salt_master_host: ${_param:reclass_config_master}
             linux_system_codename: xenial
             single_address: ${_param:stacklight_monitor_node03_address}
-            keepalived_vip_priority: 101
\ No newline at end of file
+            keepalived_vip_priority: 101
diff --git a/reclass/storage/system/stacklight_server_single.yml b/reclass/storage/system/stacklight_server_single.yml
index 2b397f6..6ef1050 100644
--- a/reclass/storage/system/stacklight_server_single.yml
+++ b/reclass/storage/system/stacklight_server_single.yml
@@ -11,6 +11,8 @@
           - cluster.${_param:cluster_name}.stacklight.server
           - system.elasticsearch.client.single
           - system.grafana.client.single
+          - system.influxdb.server.single
+          - system.influxdb.database.stacklight
           - system.kibana.client.single
           params:
             salt_master_host: ${_param:reclass_config_master}
diff --git a/salt/control/cluster/foundation_integration_single.yml b/salt/control/cluster/infra_integration_single.yml
similarity index 84%
rename from salt/control/cluster/foundation_integration_single.yml
rename to salt/control/cluster/infra_integration_single.yml
index fe8d1b1..d1ef4e0 100644
--- a/salt/control/cluster/foundation_integration_single.yml
+++ b/salt/control/cluster/infra_integration_single.yml
@@ -2,7 +2,7 @@
   salt:
     control:
       size:
-        foundation.integration:
+        infra.integration:
           cpu: 4
           ram: 8192
           disk_profile: small
@@ -15,4 +15,4 @@
             cid01:
               provider: kvm02.${_param:cluster_domain}
               image: ${_param:salt_control_xenial_image}
-              size: foundation.integration
\ No newline at end of file
+              size: infra.integration
\ No newline at end of file
diff --git a/salt/control/cluster/foundation_storage_single.yml b/salt/control/cluster/infra_storage_single.yml
similarity index 85%
rename from salt/control/cluster/foundation_storage_single.yml
rename to salt/control/cluster/infra_storage_single.yml
index f0f1862..5d21054 100644
--- a/salt/control/cluster/foundation_storage_single.yml
+++ b/salt/control/cluster/infra_storage_single.yml
@@ -2,7 +2,7 @@
   salt:
     control:
       size:
-        foundation.storage:
+        infra.storage:
           cpu: 4
           ram: 8192
           disk_profile: xxxlarge
@@ -15,4 +15,4 @@
             sto01:
               provider: kvm02.${_param:cluster_domain}
               image: ${_param:salt_control_xenial_image}
-              size: foundation.storage
\ No newline at end of file
+              size: infra.storage
\ No newline at end of file
diff --git a/salt/control/cluster/foundation_version_control_single.yml b/salt/control/cluster/infra_version_control_single.yml
similarity index 82%
rename from salt/control/cluster/foundation_version_control_single.yml
rename to salt/control/cluster/infra_version_control_single.yml
index 2262eaf..dd40496 100644
--- a/salt/control/cluster/foundation_version_control_single.yml
+++ b/salt/control/cluster/infra_version_control_single.yml
@@ -2,7 +2,7 @@
   salt:
     control:
       size:
-        foundation.version_control:
+        infra.version_control:
           cpu: 4
           ram: 8192
           disk_profile: small
@@ -15,4 +15,4 @@
             git01:
               provider: kvm02.${_param:cluster_domain}
               image: ${_param:salt_control_xenial_image}
-              size: foundation.version_control
\ No newline at end of file
+              size: infra.version_control
\ No newline at end of file
diff --git a/salt/master/formula/git/kubernetes.yml b/salt/master/formula/git/kubernetes.yml
new file mode 100644
index 0000000..c827caf
--- /dev/null
+++ b/salt/master/formula/git/kubernetes.yml
@@ -0,0 +1,22 @@
+parameters:
+  salt:
+    master:
+      environment:
+        dev:
+          formula:
+            kubernetes:
+              source: git
+              address: 'https://github.com/openstack/salt-formula-kubernetes.git'
+              revision: ${_param:salt_master_environment_revision}
+            etcd:
+              source: git
+              address: 'https://github.com/tcpcloud/salt-formula-etcd.git'
+              revision: ${_param:salt_master_environment_revision}
+            bird:
+              source: git
+              address: 'https://github.com/tcpcloud/salt-formula-bird.git'
+              revision: ${_param:salt_master_environment_revision}
+            docker:
+              source: git
+              address: 'https://github.com/tcpcloud/salt-formula-docker.git'
+              revision: ${_param:salt_master_environment_revision}
\ No newline at end of file
diff --git a/salt/master/formula/pkg/kubernetes.yml b/salt/master/formula/pkg/kubernetes.yml
new file mode 100644
index 0000000..7b3af30
--- /dev/null
+++ b/salt/master/formula/pkg/kubernetes.yml
@@ -0,0 +1,18 @@
+parameters:
+  salt:
+    master:
+      environment:
+        prd:
+          formula:
+            kubernetes:
+              source: pkg
+              name: salt-formula-kubernetes
+            etcd:
+              source: pkg
+              name: salt-formula-etcd
+            bird:
+              source: pkg
+              name: salt-formula-bird
+            docker:
+              source: pkg
+              name: salt-formula-docker
\ No newline at end of file
diff --git a/salt/master/git.yml b/salt/master/git.yml
index 5a922af..7b57a26 100644
--- a/salt/master/git.yml
+++ b/salt/master/git.yml
@@ -3,6 +3,7 @@
 - system.salt.master.formula.git.openstack
 - system.salt.master.formula.git.saltstack
 - system.salt.master.formula.git.stacklight
+- system.salt.master.formula.git.kubernetes
 parameters:
   _param:
     salt_master_environment_repository: "https://github.com/tcpcloud"
diff --git a/salt/master/pkg.yml b/salt/master/pkg.yml
index d1c8a1a..baae04c 100644
--- a/salt/master/pkg.yml
+++ b/salt/master/pkg.yml
@@ -3,4 +3,5 @@
 - system.salt.master.formula.pkg.openstack
 - system.salt.master.formula.pkg.saltstack
 - system.salt.master.formula.pkg.stacklight
+- system.salt.master.formula.pkg.kubernetes
 - system.linux.system.repo.tcp_salt
diff --git a/salt/minion/cert/k8s_client_certificate.yml b/salt/minion/cert/k8s_client_certificate.yml
new file mode 100644
index 0000000..37bf618
--- /dev/null
+++ b/salt/minion/cert/k8s_client_certificate.yml
@@ -0,0 +1,12 @@
+parameters:
+  salt:
+    minion:
+      cert:
+        k8s_client:
+          host: ${_param:salt_minion_ca_host}
+          authority: ${_param:salt_minion_ca_authority}
+          key_file: /etc/kubernetes/ssl/kubelet-client.key
+          cert_file: /etc/kubernetes/ssl/kubelet-client.crt
+          common_name: kubelet-client
+          signing_policy: cert_client
+          alternative_names: IP:${_param:cluster_vip_address},IP:${_param:cluster_node01_address},IP:${_param:cluster_node02_address},IP:${_param:cluster_node03_address},IP:${_param:kubernetes_internal_api_address}
\ No newline at end of file
diff --git a/salt/minion/cert/k8s_server_certificate.yml b/salt/minion/cert/k8s_server_certificate.yml
new file mode 100644
index 0000000..835f043
--- /dev/null
+++ b/salt/minion/cert/k8s_server_certificate.yml
@@ -0,0 +1,13 @@
+parameters:
+  salt:
+    minion:
+      cert:
+        k8s_server:
+          host: ${_param:salt_minion_ca_host}
+          authority: ${_param:salt_minion_ca_authority}
+          common_name: kubernetes-server
+          key_file: /etc/kubernetes/ssl/kubernetes-server.key
+          cert_file: /etc/kubernetes/ssl/kubernetes-server.crt
+          ca_file: /etc/kubernetes/ssl/ca-kubernetes.crt
+          signing_policy: cert_server
+          alternative_names: IP:${_param:cluster_vip_address},IP:${_param:cluster_node01_address},IP:${_param:cluster_node02_address},IP:${_param:cluster_node03_address},IP:${_param:kubernetes_internal_api_address}
\ No newline at end of file
diff --git a/salt/minion/pki/authority.yml b/salt/minion/pki/authority.yml
deleted file mode 100644
index fa84966..0000000
--- a/salt/minion/pki/authority.yml
+++ /dev/null
@@ -1,19 +0,0 @@
-parameters:
-  salt:
-    minion:
-      ca:
-        mk_lab_ca:
-          common_name: mk_lab_ca
-          country: cz
-          locality: Prague
-          organization: Mirantis
-          signing_policy:
-            cert_server:
-              type: v3_edge_cert_server
-              minions: '*'
-            cert_client:
-              type: v3_edge_cert_client
-              minions: '*'
-          days_valid:
-            authority: 3650
-            certificate: 3650
diff --git a/salt/minion/pki/certificate.yml b/salt/minion/pki/certificate.yml
deleted file mode 100644
index 4bf4ef3..0000000
--- a/salt/minion/pki/certificate.yml
+++ /dev/null
@@ -1,9 +0,0 @@
-parameters:
-  salt:
-    minion:
-      cert:
-        proxy_cert:
-          host: ${_param:salt_minion_ca_host}
-          signing_policy: cert_server
-          authority: mk_lab_ca
-          common_name: ${_param:cluster_public_host}