Merge "Enable k8s RBAC everywhere via system level"
diff --git a/classes/cluster/k8s-aio-calico/kubernetes/init.yml b/classes/cluster/k8s-aio-calico/kubernetes/init.yml
index 8ac02d5..e19fd5a 100644
--- a/classes/cluster/k8s-aio-calico/kubernetes/init.yml
+++ b/classes/cluster/k8s-aio-calico/kubernetes/init.yml
@@ -23,9 +23,9 @@
kubernetes_calico_cni_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/cni:latest
kubernetes_calico_policy_image: calico/kube-policy-controller:v0.5.4
- kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.13-11
- kubernetes_pause_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/pause-amd64:v1.8.13-11
- kubernetes_virtlet_image: mirantis/virtlet:v1.0.3
+ kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.10.4-4
+ kubernetes_pause_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/pause-amd64:v1.10.4-4
+ kubernetes_virtlet_image: mirantis/virtlet:v1.1.0
kubernetes_criproxy_version: v0.11.0
kubernetes_criproxy_checksum: md5=115bbb0c27518db6b0b3bc8cdc5fc897
kubernetes_netchecker_agent_image: mirantis/k8s-netchecker-agent:stable
diff --git a/classes/cluster/k8s-aio-contrail/kubernetes/init.yml b/classes/cluster/k8s-aio-contrail/kubernetes/init.yml
index a7122a1..ec2a07f 100644
--- a/classes/cluster/k8s-aio-contrail/kubernetes/init.yml
+++ b/classes/cluster/k8s-aio-contrail/kubernetes/init.yml
@@ -16,8 +16,8 @@
etcd_initial_token: IN7KaRMSo3xkGxkjAAPtkRkAgqN4ZNRq
# component docker images
- kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.13-11
- kubernetes_pause_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/pause-amd64:v1.8.13-11
+ kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.10.4-4
+ kubernetes_pause_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/pause-amd64:v1.10.4-4
kubernetes_netchecker_agent_image: quay.io/l23network/k8s-netchecker-agent:v1.0
kubernetes_netchecker_server_image: quay.io/l23network/k8s-netchecker-server:v1.0
kubernetes_externaldns_image: mirantis/external-dns:latest
diff --git a/classes/cluster/k8s-compact/kubernetes/init.yml b/classes/cluster/k8s-compact/kubernetes/init.yml
index b2717fb..7c4c4e6 100644
--- a/classes/cluster/k8s-compact/kubernetes/init.yml
+++ b/classes/cluster/k8s-compact/kubernetes/init.yml
@@ -32,8 +32,8 @@
kubernetes_calico_cni_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/cni:latest
kubernetes_calico_policy_image: calico/kube-policy-controller:v0.5.4
kubernetes_hyperkube_image: docker-prod-local.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.6-5
- kubernetes_pause_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/pause-amd64:v1.8.13-11
- kubernetes_virtlet_image: mirantis/virtlet:v1.0.3
+ kubernetes_pause_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/pause-amd64:v1.10.4-4
+ kubernetes_virtlet_image: mirantis/virtlet:v1.1.0
kubernetes_criproxy_version: v0.11.0
kubernetes_criproxy_checksum: md5=115bbb0c27518db6b0b3bc8cdc5fc897
kubernetes_netchecker_agent_image: mirantis/k8s-netchecker-agent:stable
diff --git a/classes/cluster/k8s-ha-calico-cloudprovider/kubernetes/compute.yml b/classes/cluster/k8s-ha-calico-cloudprovider/kubernetes/compute.yml
index 412d662..73e8de1 100644
--- a/classes/cluster/k8s-ha-calico-cloudprovider/kubernetes/compute.yml
+++ b/classes/cluster/k8s-ha-calico-cloudprovider/kubernetes/compute.yml
@@ -10,8 +10,8 @@
kubernetes_calico_calicoctl_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/ctl:latest
kubernetes_calico_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/node:latest
kubernetes_calico_cni_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/cni:latest
- kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.13-11
- kubernetes_pause_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/pause-amd64:v1.8.13-11
+ kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.10.4-4
+ kubernetes_pause_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/pause-amd64:v1.10.4-4
docker:
host:
pkgs:
diff --git a/classes/cluster/k8s-ha-calico-flannel-virtlet/kubernetes/init.yml b/classes/cluster/k8s-ha-calico-flannel-virtlet/kubernetes/init.yml
index c5d82dc..5190986 100644
--- a/classes/cluster/k8s-ha-calico-flannel-virtlet/kubernetes/init.yml
+++ b/classes/cluster/k8s-ha-calico-flannel-virtlet/kubernetes/init.yml
@@ -26,9 +26,9 @@
kubernetes_calico_cni_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/cni:latest
kubernetes_calico_policy_image: calico/kube-policy-controller:v0.5.4
- kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.10.3-3
- kubernetes_pause_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/pause-amd64:v1.10.3-3
- kubernetes_virtlet_image: mirantis/virtlet:v1.0.3
+ kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.10.4-4
+ kubernetes_pause_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/pause-amd64:v1.10.4-4
+ kubernetes_virtlet_image: mirantis/virtlet:v1.1.0
kubernetes_criproxy_version: v0.11.0
kubernetes_criproxy_checksum: md5=115bbb0c27518db6b0b3bc8cdc5fc897
kubernetes_dashboard_image: gcr.io/google_containers/kubernetes-dashboard-amd64:v1.5.1
diff --git a/classes/cluster/k8s-ha-calico-syndic/infra/config.yml b/classes/cluster/k8s-ha-calico-syndic/infra/config.yml
index ce7924a..768d22d 100644
--- a/classes/cluster/k8s-ha-calico-syndic/infra/config.yml
+++ b/classes/cluster/k8s-ha-calico-syndic/infra/config.yml
@@ -21,7 +21,6 @@
linux_system_codename: xenial
salt_api_password_hash: "$6$WV0P1shnoDh2gI/Z$22/Bcd7ffMv0jDlFpT63cAU4PiXHz9pjXwngToKwqAsgoeK4HNR3PiKaushjxp3JsQ8hNoJmAC6TxzVqfV8WH/"
salt_master_host: 127.0.0.1
- salt_syndic_enabled: false
salt:
master:
worker_threads: 40
diff --git a/classes/cluster/k8s-ha-calico-syndic/infra/init.yml b/classes/cluster/k8s-ha-calico-syndic/infra/init.yml
index e129b05..681892a 100644
--- a/classes/cluster/k8s-ha-calico-syndic/infra/init.yml
+++ b/classes/cluster/k8s-ha-calico-syndic/infra/init.yml
@@ -11,6 +11,7 @@
infra_config_address: 172.16.10.90
infra_config_deploy_address: 192.168.10.90
salt_syndic_master_address: 192.168.10.90
+ salt_syndic_enabled: false
cluster_domain: k8s-ha-calico-syndic.local
cluster_name: k8s-ha-calico-syndic
diff --git a/classes/cluster/k8s-ha-calico-syndic/kubernetes/init.yml b/classes/cluster/k8s-ha-calico-syndic/kubernetes/init.yml
index 12216e2..9e98054 100644
--- a/classes/cluster/k8s-ha-calico-syndic/kubernetes/init.yml
+++ b/classes/cluster/k8s-ha-calico-syndic/kubernetes/init.yml
@@ -28,7 +28,7 @@
kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.13-11
kubernetes_pause_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/pause-amd64:v1.8.13-11
- kubernetes_virtlet_image: mirantis/virtlet:v1.0.3
+ kubernetes_virtlet_image: mirantis/virtlet:v1.1.0
kubernetes_criproxy_version: v0.11.0
kubernetes_criproxy_checksum: md5=115bbb0c27518db6b0b3bc8cdc5fc897
kubernetes_dashboard_image: gcr.io/google_containers/kubernetes-dashboard-amd64:v1.5.1
diff --git a/classes/cluster/k8s-ha-calico/kubernetes/init.yml b/classes/cluster/k8s-ha-calico/kubernetes/init.yml
index 12216e2..b66a075 100644
--- a/classes/cluster/k8s-ha-calico/kubernetes/init.yml
+++ b/classes/cluster/k8s-ha-calico/kubernetes/init.yml
@@ -26,9 +26,9 @@
kubernetes_calico_cni_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/cni:latest
kubernetes_calico_policy_image: calico/kube-policy-controller:v0.5.4
- kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.13-11
- kubernetes_pause_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/pause-amd64:v1.8.13-11
- kubernetes_virtlet_image: mirantis/virtlet:v1.0.3
+ kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.10.4-4
+ kubernetes_pause_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/pause-amd64:v1.10.4-4
+ kubernetes_virtlet_image: mirantis/virtlet:v1.1.0
kubernetes_criproxy_version: v0.11.0
kubernetes_criproxy_checksum: md5=115bbb0c27518db6b0b3bc8cdc5fc897
kubernetes_dashboard_image: gcr.io/google_containers/kubernetes-dashboard-amd64:v1.5.1
diff --git a/classes/cluster/k8s-ha-contrail-40/kubernetes/compute.yml b/classes/cluster/k8s-ha-contrail-40/kubernetes/compute.yml
index bd0ebb7..a27bde9 100644
--- a/classes/cluster/k8s-ha-contrail-40/kubernetes/compute.yml
+++ b/classes/cluster/k8s-ha-contrail-40/kubernetes/compute.yml
@@ -57,4 +57,4 @@
- ${linux:system:name}
hyperkube:
image: ${_param:kubernetes_hyperkube_image}
-# pause_image: ${_param:kubernetes_pause_image}
+
diff --git a/classes/cluster/k8s-ha-contrail-40/kubernetes/control.yml b/classes/cluster/k8s-ha-contrail-40/kubernetes/control.yml
index fc5ed2f..f83f9a4 100644
--- a/classes/cluster/k8s-ha-contrail-40/kubernetes/control.yml
+++ b/classes/cluster/k8s-ha-contrail-40/kubernetes/control.yml
@@ -2,7 +2,6 @@
- service.etcd.server.cluster
- service.kubernetes.control.cluster
- system.haproxy.proxy.listen.kubernetes.apiserver
-- system.keepalived.cluster.instance.kube_api_server_vip
- system.linux.system.repo.docker_legacy
- system.kubernetes.pool.cluster
- system.salt.minion.cert.k8s_client
@@ -17,7 +16,6 @@
_param:
keepalived_k8s_apiserver_vip_interface: ens4
keepalived_k8s_apiserver_vip_address: ${_param:kubernetes_control_address}
- keepalived_k8s_apiserver_vip_password: password
linux:
network:
diff --git a/classes/cluster/k8s-ha-contrail-40/opencontrail/control.yml b/classes/cluster/k8s-ha-contrail-40/opencontrail/control.yml
index 4dfad76..a1e3f0b 100644
--- a/classes/cluster/k8s-ha-contrail-40/opencontrail/control.yml
+++ b/classes/cluster/k8s-ha-contrail-40/opencontrail/control.yml
@@ -11,7 +11,6 @@
- system.opencontrail.client.resource.config_node
- system.opencontrail.client.resource.database_node
- system.opencontrail.client.resource.analytics_node
-- system.opencontrail.client.resource.global_vrouter_config
- system.opencontrail.client.resource.k8s_api
- system.haproxy.proxy.listen.opencontrail.analytics
- cluster.k8s-ha-contrail-40.infra
@@ -75,4 +74,6 @@
engine: k8s
host: none
bind:
- address: ${_param:single_address}
\ No newline at end of file
+ address: ${_param:single_address}
+ master:
+ host: ${_param:opencontrail_control_address}
diff --git a/classes/cluster/k8s-ha-contrail-40/opencontrail/init.yml b/classes/cluster/k8s-ha-contrail-40/opencontrail/init.yml
index 3a29757..4ec9301 100644
--- a/classes/cluster/k8s-ha-contrail-40/opencontrail/init.yml
+++ b/classes/cluster/k8s-ha-contrail-40/opencontrail/init.yml
@@ -25,3 +25,6 @@
openstack_version: none
openstack_control_address: none
keystone_admin_password: none
+
+ keepalived_vip_interface: ens4
+ keepalived_vip_address: ${_param:opencontrail_control_address}
diff --git a/classes/cluster/k8s-ha-contrail/kubernetes/init.yml b/classes/cluster/k8s-ha-contrail/kubernetes/init.yml
index d8a497e..635a268 100644
--- a/classes/cluster/k8s-ha-contrail/kubernetes/init.yml
+++ b/classes/cluster/k8s-ha-contrail/kubernetes/init.yml
@@ -24,9 +24,9 @@
# component docker images
kubernetes_opencontrail_cni_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/contrail-integration/contrail-cni:v1.0.0
- kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.13-11
- kubernetes_pause_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/pause-amd64:v1.8.13-11
- kubernetes_virtlet_image: mirantis/virtlet:v1.0.3
+ kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.10.4-4
+ kubernetes_pause_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/pause-amd64:v1.10.4-4
+ kubernetes_virtlet_image: mirantis/virtlet:v1.1.0
kubernetes_criproxy_version: v0.11.0
kubernetes_criproxy_checksum: md5=115bbb0c27518db6b0b3bc8cdc5fc897
kubernetes_dashboard_image: gcr.io/google_containers/kubernetes-dashboard-amd64:v1.5.1
@@ -37,7 +37,7 @@
kubernetes_netchecker_agent_image: mirantis/k8s-netchecker-agent:stable
kubernetes_netchecker_server_image: mirantis/k8s-netchecker-server:stable
kubernetes_netchecker_agent_probeurls: "http://ipinfo.io"
- kubernetes_virtlet_image: mirantis/virtlet:v1.0.3
+ kubernetes_virtlet_image: mirantis/virtlet:v1.1.0
kubernetes_externaldns_image: mirantis/external-dns:latest
kubernetes_externaldns_provider: coredns
diff --git a/classes/cluster/os-ha-ovs-syndic/infra/config.yml b/classes/cluster/os-ha-ovs-syndic/infra/config.yml
index 77b5623..e9f25ba 100644
--- a/classes/cluster/os-ha-ovs-syndic/infra/config.yml
+++ b/classes/cluster/os-ha-ovs-syndic/infra/config.yml
@@ -46,7 +46,6 @@
salt_master_base_environment: prd
salt_minion_ca_host: ${linux:network:fqdn}
salt_api_password_hash: "$6$sGnRlxGf$al5jMCetLP.vfI/fTl3Z0N7Za1aeiexL487jAtyRABVfT3NlwZxQGVhO7S1N8OwS/34VHYwZQA8lkXwKMN/GS1"
- salt_syndic_enabled: false
linux:
network:
interface:
diff --git a/classes/cluster/os-ha-ovs-syndic/infra/init.yml b/classes/cluster/os-ha-ovs-syndic/infra/init.yml
index 61d2374..0639ab8 100644
--- a/classes/cluster/os-ha-ovs-syndic/infra/init.yml
+++ b/classes/cluster/os-ha-ovs-syndic/infra/init.yml
@@ -6,6 +6,7 @@
infra_config_hostname: cfg01
infra_config_address: 172.16.10.90
salt_syndic_master_address: 192.168.10.90
+ salt_syndic_enabled: false
linux:
network:
host:
diff --git a/classes/cluster/sl-k8s-calico/kubernetes/init.yml b/classes/cluster/sl-k8s-calico/kubernetes/init.yml
index 50d0373..fd258b4 100644
--- a/classes/cluster/sl-k8s-calico/kubernetes/init.yml
+++ b/classes/cluster/sl-k8s-calico/kubernetes/init.yml
@@ -27,12 +27,12 @@
kubernetes_calico_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/node:latest
kubernetes_calico_cni_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/cni:latest
kubernetes_calico_policy_image: calico/kube-policy-controller:v0.5.4
- kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.13-11
- kubernetes_pause_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/pause-amd64:v1.8.13-11
+ kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.10.4-4
+ kubernetes_pause_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/pause-amd64:v1.10.4-4
kubernetes_netchecker_agent_image: mirantis/k8s-netchecker-agent:stable
kubernetes_netchecker_server_image: mirantis/k8s-netchecker-server:stable
kubernetes_netchecker_agent_probeurls: "http://ipinfo.io"
- kubernetes_virtlet_image: mirantis/virtlet:v1.0.3
+ kubernetes_virtlet_image: mirantis/virtlet:v1.1.0
kubernetes_criproxy_version: v0.11.0
kubernetes_criproxy_checksum: md5=115bbb0c27518db6b0b3bc8cdc5fc897
kubernetes_externaldns_image: mirantis/external-dns:latest
diff --git a/classes/cluster/sl-k8s-calico/stacklight/server.yml b/classes/cluster/sl-k8s-calico/stacklight/server.yml
index 9a7a236..cf74de2 100644
--- a/classes/cluster/sl-k8s-calico/stacklight/server.yml
+++ b/classes/cluster/sl-k8s-calico/stacklight/server.yml
@@ -1,7 +1,7 @@
classes:
- system.docker.host
-- system.linux.system.repo.mcp.apt_mirantis.elastic
-- system.linux.system.repo.mcp.apt_mirantis.kibana
+- system.linux.system.repo.mcp.apt_mirantis.elastic.5x
+- system.linux.system.repo.mcp.apt_mirantis.kibana.5x
- system.linux.system.repo.mcp.apt_mirantis.influxdb
- system.linux.system.repo.mcp.apt_mirantis.docker
# Needed to install Galera packages
@@ -45,6 +45,7 @@
docker_image_prometheus_relay: docker-prod-virtual.docker.mirantis.net/openstack-docker/prometheus_relay:${_param:apt_mk_version}
docker_image_grafana: docker-prod-virtual.docker.mirantis.net/mirantis/external/grafana:${_param:apt_mk_version}
docker_image_alerta: docker-prod-virtual.docker.mirantis.net/mirantis/external/alerta-web:${_param:apt_mk_version}
+ elasticsearch_version: 5
docker_influxdb_image: influxdb:1.2
grafana_admin_password: admin
keepalived_prometheus_vip_address: ${_param:cluster_vip_address}
@@ -62,6 +63,7 @@
cluster_node03_address: ${_param:stacklight_node03_address}
# Kibana
kibana_elasticsearch_host: ${_param:cluster_vip_address}
+ kibana_version: 5
# Galera
openstack_version: newton
galera_innodb_buffer_pool_size: 1024M
diff --git a/classes/cluster/sl-k8s-contrail/kubernetes/init.yml b/classes/cluster/sl-k8s-contrail/kubernetes/init.yml
index 5744182..5542723 100644
--- a/classes/cluster/sl-k8s-contrail/kubernetes/init.yml
+++ b/classes/cluster/sl-k8s-contrail/kubernetes/init.yml
@@ -16,8 +16,8 @@
etcd_initial_token: IN7KaRMSo3xkGxkjAAPtkRkAgqN4ZNRq
# component docker images
- kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.13-11
- kubernetes_pause_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/pause-amd64:v1.8.13-11
+ kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.10.4-4
+ kubernetes_pause_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/pause-amd64:v1.10.4-4
kubernetes_netchecker_agent_image: quay.io/l23network/k8s-netchecker-agent:v1.0
kubernetes_netchecker_server_image: quay.io/l23network/k8s-netchecker-server:v1.0
kubernetes_externaldns_image: mirantis/external-dns:latest
diff --git a/classes/cluster/sl-os-contrail/stacklight/server.yml b/classes/cluster/sl-os-contrail/stacklight/server.yml
index ee6e15e..66f422a 100755
--- a/classes/cluster/sl-os-contrail/stacklight/server.yml
+++ b/classes/cluster/sl-os-contrail/stacklight/server.yml
@@ -2,8 +2,8 @@
- system.docker.host
- system.linux.system.repo.influxdb
- system.linux.system.repo.mcp.salt
-- system.linux.system.repo.mcp.apt_mirantis.elastic
-- system.linux.system.repo.mcp.apt_mirantis.kibana
+- system.linux.system.repo.mcp.apt_mirantis.elastic.5x
+- system.linux.system.repo.mcp.apt_mirantis.kibana.5x
- system.linux.system.repo.docker
- system.heka.remote_collector.container
- system.heka.remote_collector.input.amqp
@@ -37,7 +37,9 @@
parameters:
_param:
heka_amqp_host: ${_param:openstack_control_address}
+ elasticsearch_version: 5
kibana_elasticsearch_host: ${_param:stacklight_monitor_address}
+ kibana_version: 5
keepalived_prometheus_vip_address: ${_param:stacklight_monitor_address}
keepalived_prometheus_vip_password: 'password'
keepalived_prometheus_vip_interface: ens4
diff --git a/classes/cluster/sl-pike-dvr/stacklight/server.yml b/classes/cluster/sl-pike-dvr/stacklight/server.yml
index 648d2e0..678645c 100644
--- a/classes/cluster/sl-pike-dvr/stacklight/server.yml
+++ b/classes/cluster/sl-pike-dvr/stacklight/server.yml
@@ -2,8 +2,8 @@
- system.docker.host
- system.linux.system.repo.mcp.apt_mirantis.influxdb
- system.linux.system.repo.mcp.extra
-- system.linux.system.repo.mcp.apt_mirantis.elastic
-- system.linux.system.repo.mcp.apt_mirantis.kibana
+- system.linux.system.repo.mcp.apt_mirantis.elastic.5x
+- system.linux.system.repo.mcp.apt_mirantis.kibana.5x
- system.linux.system.repo.mcp.apt_mirantis.docker
- system.linux.system.repo.docker
- system.heka.remote_collector.container
@@ -39,6 +39,8 @@
_param:
heka_amqp_host: ${_param:openstack_control_address}
kibana_elasticsearch_host: ${_param:stacklight_monitor_address}
+ elasticsearch_version: 5
+ kibana_version: 5
keepalived_prometheus_vip_address: ${_param:stacklight_monitor_address}
keepalived_prometheus_vip_password: 'password'
keepalived_prometheus_vip_interface: ens4
diff --git a/classes/cluster/virtual-mcp-mitaka-dvr-trusty/stacklight/server.yml b/classes/cluster/virtual-mcp-mitaka-dvr-trusty/stacklight/server.yml
index 7a79a07..bb9e88b 100644
--- a/classes/cluster/virtual-mcp-mitaka-dvr-trusty/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp-mitaka-dvr-trusty/stacklight/server.yml
@@ -2,8 +2,8 @@
- system.docker.host
- system.linux.system.repo.influxdb
- system.linux.system.repo.mcp.salt
-- system.linux.system.repo.mcp.apt_mirantis.elastic
-- system.linux.system.repo.mcp.apt_mirantis.kibana
+- system.linux.system.repo.mcp.apt_mirantis.elastic.5x
+- system.linux.system.repo.mcp.apt_mirantis.kibana.5x
- system.linux.system.repo.docker
- system.elasticsearch.server.cluster
- system.elasticsearch.server.curator
@@ -27,6 +27,8 @@
parameters:
_param:
kibana_elasticsearch_host: ${_param:stacklight_monitor_address}
+ elasticsearch_version: 5
+ kibana_version: 5
keepalived_prometheus_vip_address: ${_param:stacklight_monitor_address}
keepalived_prometheus_vip_password: 'password'
keepalived_prometheus_vip_interface: eth1
diff --git a/classes/cluster/virtual-mcp-mitaka-dvr/stacklight/server.yml b/classes/cluster/virtual-mcp-mitaka-dvr/stacklight/server.yml
index f958148..c2bb0c3 100644
--- a/classes/cluster/virtual-mcp-mitaka-dvr/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp-mitaka-dvr/stacklight/server.yml
@@ -2,8 +2,8 @@
- system.docker.host
- system.linux.system.repo.influxdb
- system.linux.system.repo.mcp.salt
-- system.linux.system.repo.mcp.apt_mirantis.elastic
-- system.linux.system.repo.mcp.apt_mirantis.kibana
+- system.linux.system.repo.mcp.apt_mirantis.elastic.5x
+- system.linux.system.repo.mcp.apt_mirantis.kibana.5x
- system.linux.system.repo.docker
- system.elasticsearch.server.cluster
- system.elasticsearch.server.curator
@@ -27,6 +27,8 @@
parameters:
_param:
kibana_elasticsearch_host: ${_param:stacklight_monitor_address}
+ elasticsearch_version: 5
+ kibana_version: 5
keepalived_prometheus_vip_address: ${_param:stacklight_monitor_address}
keepalived_prometheus_vip_password: 'password'
keepalived_prometheus_vip_interface: ens4
diff --git a/classes/cluster/virtual-mcp-mitaka-ovs-trusty/stacklight/server.yml b/classes/cluster/virtual-mcp-mitaka-ovs-trusty/stacklight/server.yml
index 2f073e8..288acfe 100644
--- a/classes/cluster/virtual-mcp-mitaka-ovs-trusty/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp-mitaka-ovs-trusty/stacklight/server.yml
@@ -2,8 +2,8 @@
- system.docker.host
- system.linux.system.repo.influxdb
- system.linux.system.repo.mcp.salt
-- system.linux.system.repo.mcp.apt_mirantis.elastic
-- system.linux.system.repo.mcp.apt_mirantis.kibana
+- system.linux.system.repo.mcp.apt_mirantis.elastic.5x
+- system.linux.system.repo.mcp.apt_mirantis.kibana.5x
- system.linux.system.repo.docker
- system.heka.remote_collector.container
- system.heka.remote_collector.input.amqp
@@ -33,6 +33,8 @@
_param:
heka_amqp_host: ${_param:openstack_control_address}
kibana_elasticsearch_host: ${_param:stacklight_monitor_address}
+ elasticsearch_version: 5
+ kibana_version: 5
keepalived_prometheus_vip_address: ${_param:stacklight_monitor_address}
keepalived_prometheus_vip_password: 'password'
keepalived_prometheus_vip_interface: eth1
diff --git a/classes/cluster/virtual-mcp-mitaka-ovs/stacklight/server.yml b/classes/cluster/virtual-mcp-mitaka-ovs/stacklight/server.yml
index 6c50766..9980eac 100644
--- a/classes/cluster/virtual-mcp-mitaka-ovs/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp-mitaka-ovs/stacklight/server.yml
@@ -2,8 +2,8 @@
- system.docker.host
- system.linux.system.repo.influxdb
- system.linux.system.repo.mcp.salt
-- system.linux.system.repo.mcp.apt_mirantis.elastic
-- system.linux.system.repo.mcp.apt_mirantis.kibana
+- system.linux.system.repo.mcp.apt_mirantis.elastic.5x
+- system.linux.system.repo.mcp.apt_mirantis.kibana.5x
- system.linux.system.repo.docker
- system.heka.remote_collector.container
- system.heka.remote_collector.input.amqp
@@ -33,6 +33,8 @@
_param:
heka_amqp_host: ${_param:openstack_control_address}
kibana_elasticsearch_host: ${_param:stacklight_monitor_address}
+ elasticsearch_version: 5
+ kibana_version: 5
keepalived_prometheus_vip_address: ${_param:stacklight_monitor_address}
keepalived_prometheus_vip_password: 'password'
keepalived_prometheus_vip_interface: ens4
diff --git a/classes/cluster/virtual-mcp-newton-dvr/stacklight/server.yml b/classes/cluster/virtual-mcp-newton-dvr/stacklight/server.yml
index 9b2dd5e..33460a6 100644
--- a/classes/cluster/virtual-mcp-newton-dvr/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp-newton-dvr/stacklight/server.yml
@@ -2,8 +2,8 @@
- system.docker.host
- system.linux.system.repo.influxdb
- system.linux.system.repo.mcp.salt
-- system.linux.system.repo.mcp.apt_mirantis.elastic
-- system.linux.system.repo.mcp.apt_mirantis.kibana
+- system.linux.system.repo.mcp.apt_mirantis.elastic.5x
+- system.linux.system.repo.mcp.apt_mirantis.kibana.5x
- system.linux.system.repo.docker
- system.elasticsearch.server.cluster
- system.elasticsearch.server.curator
@@ -27,6 +27,8 @@
parameters:
_param:
kibana_elasticsearch_host: ${_param:stacklight_monitor_address}
+ elasticsearch_version: 5
+ kibana_version: 5
keepalived_prometheus_vip_address: ${_param:stacklight_monitor_address}
keepalived_prometheus_vip_password: 'password'
keepalived_prometheus_vip_interface: ens4
diff --git a/classes/cluster/virtual-mcp-newton-ovs/stacklight/server.yml b/classes/cluster/virtual-mcp-newton-ovs/stacklight/server.yml
index 88ea159..4c12333 100644
--- a/classes/cluster/virtual-mcp-newton-ovs/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp-newton-ovs/stacklight/server.yml
@@ -2,8 +2,8 @@
- system.docker.host
- system.linux.system.repo.influxdb
- system.linux.system.repo.mcp.salt
-- system.linux.system.repo.mcp.apt_mirantis.elastic
-- system.linux.system.repo.mcp.apt_mirantis.kibana
+- system.linux.system.repo.mcp.apt_mirantis.elastic.5x
+- system.linux.system.repo.mcp.apt_mirantis.kibana.5x
- system.linux.system.repo.docker
- system.heka.remote_collector.container
- system.heka.remote_collector.input.amqp
@@ -32,6 +32,8 @@
parameters:
_param:
heka_amqp_host: ${_param:openstack_control_address}
+ elasticsearch_version: 5
+ kibana_version: 5
kibana_elasticsearch_host: ${_param:stacklight_monitor_address}
keepalived_prometheus_vip_address: ${_param:stacklight_monitor_address}
keepalived_prometheus_vip_password: 'password'
diff --git a/classes/cluster/virtual-mcp-ocata-dvr-ceph-local/stacklight/server.yml b/classes/cluster/virtual-mcp-ocata-dvr-ceph-local/stacklight/server.yml
index 8a077e5..6f32f5f 100644
--- a/classes/cluster/virtual-mcp-ocata-dvr-ceph-local/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp-ocata-dvr-ceph-local/stacklight/server.yml
@@ -1,8 +1,8 @@
classes:
- system.docker.host
- system.linux.system.repo_local.mcp.apt_mirantis.influxdb
-- system.linux.system.repo_local.mcp.apt_mirantis.elastic
-- system.linux.system.repo_local.mcp.apt_mirantis.kibana
+- system.linux.system.repo_local.mcp.apt_mirantis.elastic.5x
+- system.linux.system.repo_local.mcp.apt_mirantis.kibana.5x
- system.linux.system.repo_local.mcp.apt_mirantis.docker
- system.heka.remote_collector.container
- system.heka.remote_collector.input.amqp
@@ -32,6 +32,8 @@
_param:
heka_amqp_host: ${_param:openstack_control_address}
kibana_elasticsearch_host: ${_param:stacklight_monitor_address}
+ elasticsearch_version: 5
+ kibana_version: 5
keepalived_prometheus_vip_address: ${_param:stacklight_monitor_address}
keepalived_prometheus_vip_password: 'password'
keepalived_prometheus_vip_interface: ens4
diff --git a/classes/cluster/virtual-mcp-ocata-dvr/stacklight/server.yml b/classes/cluster/virtual-mcp-ocata-dvr/stacklight/server.yml
index 3e8887c..b86bac7 100644
--- a/classes/cluster/virtual-mcp-ocata-dvr/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp-ocata-dvr/stacklight/server.yml
@@ -2,8 +2,8 @@
- system.docker.host
- system.linux.system.repo.mcp.apt_mirantis.influxdb
- system.linux.system.repo.mcp.extra
-- system.linux.system.repo.mcp.apt_mirantis.elastic
-- system.linux.system.repo.mcp.apt_mirantis.kibana
+- system.linux.system.repo.mcp.apt_mirantis.elastic.5x
+- system.linux.system.repo.mcp.apt_mirantis.kibana.5x
- system.linux.system.repo.mcp.apt_mirantis.docker
- system.heka.remote_collector.container
- system.heka.remote_collector.input.amqp
@@ -33,6 +33,8 @@
_param:
heka_amqp_host: ${_param:openstack_control_address}
kibana_elasticsearch_host: ${_param:stacklight_monitor_address}
+ elasticsearch_version: 5
+ kibana_version: 5
keepalived_prometheus_vip_address: ${_param:stacklight_monitor_address}
keepalived_prometheus_vip_password: 'password'
keepalived_prometheus_vip_interface: ens4
diff --git a/classes/cluster/virtual-mcp-ocata-ovs-ceph-local/stacklight/server.yml b/classes/cluster/virtual-mcp-ocata-ovs-ceph-local/stacklight/server.yml
index ab0817a..205e43d 100644
--- a/classes/cluster/virtual-mcp-ocata-ovs-ceph-local/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp-ocata-ovs-ceph-local/stacklight/server.yml
@@ -1,8 +1,8 @@
classes:
- system.docker.host
- system.linux.system.repo_local.mcp.apt_mirantis.influxdb
-- system.linux.system.repo_local.mcp.apt_mirantis.elastic
-- system.linux.system.repo_local.mcp.apt_mirantis.kibana
+- system.linux.system.repo_local.mcp.apt_mirantis.elastic.5x
+- system.linux.system.repo_local.mcp.apt_mirantis.kibana.5x
- system.linux.system.repo_local.mcp.apt_mirantis.docker
- system.heka.remote_collector.container
- system.heka.remote_collector.input.amqp
@@ -32,6 +32,8 @@
_param:
heka_amqp_host: ${_param:openstack_control_address}
kibana_elasticsearch_host: ${_param:stacklight_monitor_address}
+ elasticsearch_version: 5
+ kibana_version: 5
keepalived_prometheus_vip_address: ${_param:stacklight_monitor_address}
keepalived_prometheus_vip_password: 'password'
keepalived_prometheus_vip_interface: ens4
diff --git a/classes/cluster/virtual-mcp-ocata-ovs-ceph/stacklight/server.yml b/classes/cluster/virtual-mcp-ocata-ovs-ceph/stacklight/server.yml
index 0c56d52..230f355 100644
--- a/classes/cluster/virtual-mcp-ocata-ovs-ceph/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp-ocata-ovs-ceph/stacklight/server.yml
@@ -1,8 +1,8 @@
classes:
- system.docker.host
- system.linux.system.repo.mcp.apt_mirantis.influxdb
-- system.linux.system.repo.mcp.apt_mirantis.elastic
-- system.linux.system.repo.mcp.apt_mirantis.kibana
+- system.linux.system.repo.mcp.apt_mirantis.elastic.5x
+- system.linux.system.repo.mcp.apt_mirantis.kibana.5x
- system.linux.system.repo.mcp.apt_mirantis.docker
- system.heka.remote_collector.container
- system.heka.remote_collector.input.amqp
@@ -32,6 +32,8 @@
_param:
heka_amqp_host: ${_param:openstack_control_address}
kibana_elasticsearch_host: ${_param:stacklight_monitor_address}
+ elasticsearch_version: 5
+ kibana_version: 5
keepalived_prometheus_vip_address: ${_param:stacklight_monitor_address}
keepalived_prometheus_vip_password: 'password'
keepalived_prometheus_vip_interface: ens4
diff --git a/classes/cluster/virtual-mcp-ocata-ovs/stacklight/server.yml b/classes/cluster/virtual-mcp-ocata-ovs/stacklight/server.yml
index ce7f493..33324af 100644
--- a/classes/cluster/virtual-mcp-ocata-ovs/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp-ocata-ovs/stacklight/server.yml
@@ -2,8 +2,8 @@
- system.docker.host
- system.linux.system.repo.mcp.apt_mirantis.influxdb
- system.linux.system.repo.mcp.extra
-- system.linux.system.repo.mcp.apt_mirantis.elastic
-- system.linux.system.repo.mcp.apt_mirantis.kibana
+- system.linux.system.repo.mcp.apt_mirantis.elastic.5x
+- system.linux.system.repo.mcp.apt_mirantis.kibana.5x
- system.linux.system.repo.mcp.apt_mirantis.docker
- system.heka.remote_collector.container
- system.heka.remote_collector.input.amqp
@@ -32,6 +32,8 @@
parameters:
_param:
heka_amqp_host: ${_param:openstack_control_address}
+ elasticsearch_version: 5
+ kibana_version: 5
kibana_elasticsearch_host: ${_param:stacklight_monitor_address}
keepalived_prometheus_vip_address: ${_param:stacklight_monitor_address}
keepalived_prometheus_vip_password: 'password'
diff --git a/classes/cluster/virtual-mcp-pike-dvr-ceph-rgw/openstack/proxy.yml b/classes/cluster/virtual-mcp-pike-dvr-ceph-rgw/openstack/proxy.yml
index 7e74232..a3dbf37 100644
--- a/classes/cluster/virtual-mcp-pike-dvr-ceph-rgw/openstack/proxy.yml
+++ b/classes/cluster/virtual-mcp-pike-dvr-ceph-rgw/openstack/proxy.yml
@@ -8,8 +8,6 @@
- cluster.virtual-mcp-pike-dvr-ceph-rgw
parameters:
_param:
- cluster_public_host: ${_param:openstack_proxy_address}
- cluster_public_protocol: https
nginx_proxy_ssl:
enabled: true
authority: ${_param:salt_minion_ca_authority}
diff --git a/classes/cluster/virtual-mcp-pike-dvr-ceph-rgw/stacklight/server.yml b/classes/cluster/virtual-mcp-pike-dvr-ceph-rgw/stacklight/server.yml
index 17f0c74..6e5af3a 100644
--- a/classes/cluster/virtual-mcp-pike-dvr-ceph-rgw/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp-pike-dvr-ceph-rgw/stacklight/server.yml
@@ -1,8 +1,8 @@
classes:
- system.docker.host
- system.linux.system.repo.mcp.apt_mirantis.influxdb
-- system.linux.system.repo.mcp.apt_mirantis.elastic
-- system.linux.system.repo.mcp.apt_mirantis.kibana
+- system.linux.system.repo.mcp.apt_mirantis.elastic.5x
+- system.linux.system.repo.mcp.apt_mirantis.kibana.5x
- system.linux.system.repo.mcp.apt_mirantis.docker
- system.heka.remote_collector.container
- system.heka.remote_collector.input.amqp
@@ -32,6 +32,8 @@
_param:
heka_amqp_host: ${_param:openstack_control_address}
kibana_elasticsearch_host: ${_param:stacklight_monitor_address}
+ elasticsearch_version: 5
+ kibana_version: 5
keepalived_prometheus_vip_address: ${_param:stacklight_monitor_address}
keepalived_prometheus_vip_password: 'password'
keepalived_prometheus_vip_interface: ens4
diff --git a/classes/cluster/virtual-mcp-pike-dvr-ssl-barbican/.env b/classes/cluster/virtual-mcp-pike-dvr-ssl-barbican/.env
index b054cf5..cf4c91c 100644
--- a/classes/cluster/virtual-mcp-pike-dvr-ssl-barbican/.env
+++ b/classes/cluster/virtual-mcp-pike-dvr-ssl-barbican/.env
@@ -1 +1 @@
-FORMULAS_SALT_MASTER+=(java openssh ntp nginx collectd sensu heka sphinx mysql galera grafana libvirt rsyslog glusterfs postfix xtrabackup freeipa prometheus telegraf elasticsearch kibana rundeck devops-portal libvirt rsyslog memcached rabbitmq apache keystone glance nova neutron cinder heat horizon ironic tftpd-hpa bind powerdns designate barbican iptables fluentd dogtag barbican logrotate)
+FORMULAS_SALT_MASTER+=(java openssh ntp nginx collectd sensu heka sphinx mysql galera grafana libvirt rsyslog glusterfs postfix xtrabackup freeipa prometheus telegraf elasticsearch kibana rundeck devops-portal libvirt rsyslog memcached rabbitmq apache keystone glance nova neutron cinder heat horizon ironic tftpd-hpa bind powerdns designate barbican iptables fluentd dogtag barbican logrotate auditd)
diff --git a/classes/cluster/virtual-mcp-pike-dvr-ssl-barbican/init.yml b/classes/cluster/virtual-mcp-pike-dvr-ssl-barbican/init.yml
index 8a7241f..1db0cfa 100644
--- a/classes/cluster/virtual-mcp-pike-dvr-ssl-barbican/init.yml
+++ b/classes/cluster/virtual-mcp-pike-dvr-ssl-barbican/init.yml
@@ -8,6 +8,7 @@
- system.openssh.server.team.mcp_qa
- cluster.virtual-mcp-pike-dvr-ssl-barbican.infra
- cluster.virtual-mcp-pike-dvr-ssl-barbican.openstack
+- system.auditd.server.ciscat
- cluster.overrides
parameters:
_param:
diff --git a/classes/cluster/virtual-mcp-pike-dvr-ssl-barbican/openstack/compute.yml b/classes/cluster/virtual-mcp-pike-dvr-ssl-barbican/openstack/compute.yml
index 52c6ade..ea2affc 100644
--- a/classes/cluster/virtual-mcp-pike-dvr-ssl-barbican/openstack/compute.yml
+++ b/classes/cluster/virtual-mcp-pike-dvr-ssl-barbican/openstack/compute.yml
@@ -12,6 +12,7 @@
- system.ceilometer.agent.cluster
- system.ceilometer.agent.polling.default
- system.linux.network.interface.single_ovs_dvr
+- system.nova.compute.libvirt.ssl
- cluster.virtual-mcp-pike-dvr-ssl-barbican
parameters:
_param:
diff --git a/classes/cluster/virtual-mcp-pike-dvr-ssl/.env b/classes/cluster/virtual-mcp-pike-dvr-ssl/.env
index 3681e6f..ebce5d7 100644
--- a/classes/cluster/virtual-mcp-pike-dvr-ssl/.env
+++ b/classes/cluster/virtual-mcp-pike-dvr-ssl/.env
@@ -1 +1 @@
-FORMULAS_SALT_MASTER+=(java openssh ntp nginx collectd sensu heka sphinx mysql galera grafana libvirt rsyslog glusterfs postfix xtrabackup freeipa prometheus telegraf elasticsearch kibana rundeck devops-portal libvirt rsyslog memcached rabbitmq apache keystone glance nova neutron cinder heat horizon ironic tftpd-hpa bind powerdns designate barbican iptables fluentd logrotate)
+FORMULAS_SALT_MASTER+=(java openssh ntp nginx collectd sensu heka sphinx mysql galera grafana libvirt rsyslog glusterfs postfix xtrabackup freeipa prometheus telegraf elasticsearch kibana rundeck devops-portal libvirt rsyslog memcached rabbitmq apache keystone glance nova neutron cinder heat horizon ironic tftpd-hpa bind powerdns designate barbican iptables fluentd logrotate auditd)
diff --git a/classes/cluster/virtual-mcp-pike-dvr-ssl/init.yml b/classes/cluster/virtual-mcp-pike-dvr-ssl/init.yml
index 5b47776..048d300 100644
--- a/classes/cluster/virtual-mcp-pike-dvr-ssl/init.yml
+++ b/classes/cluster/virtual-mcp-pike-dvr-ssl/init.yml
@@ -9,6 +9,7 @@
- system.openssh.server.team.mcp_qa
- cluster.virtual-mcp-pike-dvr-ssl.infra
- cluster.virtual-mcp-pike-dvr-ssl.openstack
+- system.auditd.server.ciscat
- cluster.overrides
parameters:
_param:
diff --git a/classes/cluster/virtual-mcp-pike-dvr-ssl/openstack/compute.yml b/classes/cluster/virtual-mcp-pike-dvr-ssl/openstack/compute.yml
index bb4d099..a461cf8 100644
--- a/classes/cluster/virtual-mcp-pike-dvr-ssl/openstack/compute.yml
+++ b/classes/cluster/virtual-mcp-pike-dvr-ssl/openstack/compute.yml
@@ -12,6 +12,7 @@
- system.ceilometer.agent.cluster
- system.ceilometer.agent.polling.default
- system.linux.network.interface.single_ovs_dvr
+- system.nova.compute.libvirt.ssl
- cluster.virtual-mcp-pike-dvr-ssl
parameters:
_param:
diff --git a/classes/cluster/virtual-mcp-pike-dvr/.env b/classes/cluster/virtual-mcp-pike-dvr/.env
index 147f964..006f9e8 100644
--- a/classes/cluster/virtual-mcp-pike-dvr/.env
+++ b/classes/cluster/virtual-mcp-pike-dvr/.env
@@ -1 +1 @@
-FORMULAS_SALT_MASTER+=(fluentd git grafana linux nginx ntp openssh prometheus reclass rsyslog salt sphinx telegraf backupninja logrotate)
+FORMULAS_SALT_MASTER+=(fluentd git grafana linux nginx ntp openssh prometheus reclass rsyslog salt sphinx telegraf backupninja logrotate auditd)
diff --git a/classes/cluster/virtual-mcp-pike-dvr/init.yml b/classes/cluster/virtual-mcp-pike-dvr/init.yml
index cbf24f0..b3e79c6 100644
--- a/classes/cluster/virtual-mcp-pike-dvr/init.yml
+++ b/classes/cluster/virtual-mcp-pike-dvr/init.yml
@@ -8,6 +8,7 @@
- system.openssh.server.team.mcp_qa
- cluster.virtual-mcp-pike-dvr.infra
- cluster.virtual-mcp-pike-dvr.openstack
+- system.auditd.server.ciscat
- cluster.overrides
parameters:
salt:
diff --git a/classes/cluster/virtual-mcp-pike-ovs-ceph/openstack/proxy.yml b/classes/cluster/virtual-mcp-pike-ovs-ceph/openstack/proxy.yml
index 97e56ec..de48f4b 100644
--- a/classes/cluster/virtual-mcp-pike-ovs-ceph/openstack/proxy.yml
+++ b/classes/cluster/virtual-mcp-pike-ovs-ceph/openstack/proxy.yml
@@ -7,8 +7,6 @@
- cluster.virtual-mcp-pike-ovs-ceph
parameters:
_param:
- cluster_public_host: ${_param:openstack_proxy_address}
- cluster_public_protocol: https
nginx_proxy_ssl:
enabled: true
authority: ${_param:salt_minion_ca_authority}
diff --git a/classes/cluster/virtual-mcp-pike-ovs-ceph/stacklight/server.yml b/classes/cluster/virtual-mcp-pike-ovs-ceph/stacklight/server.yml
index fb55453..6f0f8a4 100644
--- a/classes/cluster/virtual-mcp-pike-ovs-ceph/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp-pike-ovs-ceph/stacklight/server.yml
@@ -1,8 +1,8 @@
classes:
- system.docker.host
- system.linux.system.repo.mcp.apt_mirantis.influxdb
-- system.linux.system.repo.mcp.apt_mirantis.elastic
-- system.linux.system.repo.mcp.apt_mirantis.kibana
+- system.linux.system.repo.mcp.apt_mirantis.elastic.5x
+- system.linux.system.repo.mcp.apt_mirantis.kibana.5x
- system.linux.system.repo.mcp.apt_mirantis.docker
- system.heka.remote_collector.container
- system.heka.remote_collector.input.amqp
@@ -31,6 +31,8 @@
parameters:
_param:
heka_amqp_host: ${_param:openstack_control_address}
+ elasticsearch_version: 5
+ kibana_version: 5
kibana_elasticsearch_host: ${_param:stacklight_monitor_address}
keepalived_prometheus_vip_address: ${_param:stacklight_monitor_address}
keepalived_prometheus_vip_password: 'password'
diff --git a/classes/cluster/virtual-mcp-pike-ovs/.env b/classes/cluster/virtual-mcp-pike-ovs/.env
index 147f964..006f9e8 100644
--- a/classes/cluster/virtual-mcp-pike-ovs/.env
+++ b/classes/cluster/virtual-mcp-pike-ovs/.env
@@ -1 +1 @@
-FORMULAS_SALT_MASTER+=(fluentd git grafana linux nginx ntp openssh prometheus reclass rsyslog salt sphinx telegraf backupninja logrotate)
+FORMULAS_SALT_MASTER+=(fluentd git grafana linux nginx ntp openssh prometheus reclass rsyslog salt sphinx telegraf backupninja logrotate auditd)
diff --git a/classes/cluster/virtual-mcp-pike-ovs/init.yml b/classes/cluster/virtual-mcp-pike-ovs/init.yml
index 6d75499..6cc8a27 100644
--- a/classes/cluster/virtual-mcp-pike-ovs/init.yml
+++ b/classes/cluster/virtual-mcp-pike-ovs/init.yml
@@ -8,6 +8,7 @@
- system.openssh.server.team.mcp_qa
- cluster.virtual-mcp-pike-ovs.infra
- cluster.virtual-mcp-pike-ovs.openstack
+- system.auditd.server.ciscat
- cluster.overrides
parameters:
salt:
diff --git a/classes/cluster/virtual-mcp11-aio/.env b/classes/cluster/virtual-mcp11-aio/.env
deleted file mode 100644
index 95318c1..0000000
--- a/classes/cluster/virtual-mcp11-aio/.env
+++ /dev/null
@@ -1 +0,0 @@
-FORMULAS_SALT_MASTER+=(java openssh ntp nginx collectd sensu heka sphinx mysql galera grafana libvirt rsyslog glusterfs postfix xtrabackup freeipa prometheus telegraf elasticsearch kibana rundeck devops-portal libvirt rsyslog memcached rabbitmq apache keystone glance nova neutron cinder heat horizon ironic tftpd-hpa bind powerdns designate barbican iptables logrotate)
diff --git a/classes/cluster/virtual-mcp11-aio/infra/config.yml b/classes/cluster/virtual-mcp11-aio/infra/config.yml
deleted file mode 100644
index c59029b..0000000
--- a/classes/cluster/virtual-mcp11-aio/infra/config.yml
+++ /dev/null
@@ -1,10 +0,0 @@
-classes:
- - cluster.virtual-mcp11-aio
-parameters:
- _param:
- linux_system_codename: xenial
- linux:
- system:
- name: cfg01
- domain: ${_param:cluster_domain}
- purge_repos: ${_param:linux_system_purge_repos}
diff --git a/classes/cluster/virtual-mcp11-aio/infra/init.yml b/classes/cluster/virtual-mcp11-aio/infra/init.yml
deleted file mode 100644
index 46d0de0..0000000
--- a/classes/cluster/virtual-mcp11-aio/infra/init.yml
+++ /dev/null
@@ -1,4 +0,0 @@
-parameters:
- _param:
- apt_mk_version: stable
- linux_system_purge_repos: false
diff --git a/classes/cluster/virtual-mcp11-aio/init.yml b/classes/cluster/virtual-mcp11-aio/init.yml
deleted file mode 100755
index dfbfc10..0000000
--- a/classes/cluster/virtual-mcp11-aio/init.yml
+++ /dev/null
@@ -1,97 +0,0 @@
-classes:
-- system.linux.network.dynamic_hosts
-- service.git.client
-- system.linux.system.single
-- system.linux.system.repo.mcp.salt
-- system.openssh.client.lab
-- system.salt.master.pkg
-- system.salt.master.api
-- system.salt.minion.ca.salt_master
-- system.salt.minion.cert.proxy
-- system.sphinx.server.doc.reclass
-- system.reclass.storage.salt
-- system.mysql.client
-- system.memcached.server.single
-- system.rabbitmq.server.single
-- cluster.virtual-mcp11-aio.infra
-- cluster.virtual-mcp11-aio.openstack
-- cluster.overrides
-parameters:
- _param:
- reclass_data_repository: https://gerrit.mcp.mirantis.net/salt-models/mcp-virtual-lab
- reclass_data_revision: master
- salt_master_environment_repository: "https://github.com/tcpcloud"
- salt_master_environment_revision: master
- reclass_config_master: 192.168.10.90
- single_address: 172.16.10.90
- infra_config_address: ${_param:single_address}
- cluster_domain: virtual-mcp11-aio.local
- cluster_name: virtual-mcp11-aio
- infra_config_hostname: cfg01
-
- mysql_admin_user: root
- mysql_admin_password: workshop
- mysql_cluster_role: master
- rabbitmq_secret_key: workshop
- rabbitmq_admin_password: workshop
- loopback_device_size: 20
- salt_master_host: 192.168.10.90
- salt_master_base_environment: prd
- salt_minion_ca_host: ${linux:network:fqdn}
- salt_api_password_hash: "$6$sGnRlxGf$al5jMCetLP.vfI/fTl3Z0N7Za1aeiexL487jAtyRABVfT3NlwZxQGVhO7S1N8OwS/34VHYwZQA8lkXwKMN/GS1"
- openssh:
- server:
- password_auth: true
- permit_root_login: true
- linux:
- system:
- user:
- root:
- enabled: true
- # r00tme
- password: $6$9ojWyyN.$26Vj46JtCUL6C7XBQ8RmQTZLwo8/8SkqTRElXh0X2YBLrt7E/aVe2AYQ5gguYUwUknZNOSn5q7M9M3Jyf2gof/
- repo:
- linux_system_repo:
- source: ${_param:linux_system_repo}
- architectures: amd64
- clean_file: true
- pin:
- - pin: ${_param:linux_system_repo_pin}
- priority: ${_param:linux_system_repo_priority}
- package: '*'
- network:
- bridge: openvswitch
- interface:
- br-floating:
- enabled: true
- type: ovs_bridge
- phy-public:
- enabled: true
- type: ovs_port
- bridge: br-floating
- proto: static
- address: ${_param:openstack_public_neutron_subnet_gateway}
- netmask: 255.255.255.0
-# override on this level
- nova:
- compute:
- cache:
- members:
- - host: ${_param:single_address}
- port: 11211
- cinder:
- volume:
- cache:
- members:
- - host: ${_param:single_address}
- port: 11211
- galera:
- master:
- members:
- - host: ${_param:single_address}
- port: 4567
- neutron:
- server:
- message_queue:
- members:
- - host: ${_param:single_address}
diff --git a/classes/cluster/virtual-mcp11-aio/openstack/init.yml b/classes/cluster/virtual-mcp11-aio/openstack/init.yml
deleted file mode 100755
index 67daa26..0000000
--- a/classes/cluster/virtual-mcp11-aio/openstack/init.yml
+++ /dev/null
@@ -1,187 +0,0 @@
-classes:
-- system.linux.system.lowmem
-- system.linux.system.repo.mcp.openstack
-- system.linux.system.repo.mcp.extra
-- system.linux.storage.loopback
-- system.rabbitmq.server.vhost.openstack
-- system.keystone.server.wsgi
-- system.keystone.server.single
-- service.galera.master.single
-- system.galera.server.database.cinder
-- system.galera.server.database.designate
-- system.galera.server.database.glance
-- system.galera.server.database.heat
-- system.galera.server.database.keystone
-- system.galera.server.database.nova
-- system.galera.server.database.barbican
-- system.keystone.client.single
-- system.keystone.client.service.barbican
-- system.keystone.client.service.nova21
-- system.keystone.client.service.nova-placement
-- system.keystone.client.service.designate
-- system.glance.control.single
-- system.nova.control.single
-- system.neutron.control.openvswitch.single
-- system.neutron.client.service.public
-- system.heat.server.single
-- system.nova.compute.single
-- service.neutron.gateway.single
-- system.cinder.control.single
-- system.cinder.control.backend.lvm
-- service.cinder.volume.local
-- system.cinder.volume.backend.lvm
-- system.horizon.server.single
-- system.bind.server.single
-- system.barbican.server.single
-- service.barbican.server.plugin.simple_crypto
-- system.designate.server.single
-- system.designate.server.backend.bind
-parameters:
- _param:
- openstack_version: ocata
- cluster_public_host: ${_param:single_address}
- cluster_public_protocol: http
- openstack_region: RegionOne
- admin_email: root@localhost
- rabbitmq_openstack_password: workshop
- galera_server_cluster_name: openstack_cluster
- galera_server_maintenance_password: workshop
- galera_server_admin_password: workshop
- keystone_version: ${_param:openstack_version}
- barbican_version: ${_param:openstack_version}
- glance_version: ${_param:openstack_version}
- nova_version: ${_param:openstack_version}
- neutron_version: ${_param:openstack_version}
- cinder_version: ${_param:openstack_version}
- heat_version: ${_param:openstack_version}
- horizon_version: ${_param:openstack_version}
- designate_version: ${_param:openstack_version}
- keystone_service_token: workshop
- keystone_admin_password: workshop
- keystone_barbican_password: workshop
- keystone_ceilometer_password: workshop
- keystone_cinder_password: workshop
- keystone_glance_password: workshop
- keystone_heat_password: workshop
- keystone_neutron_password: workshop
- keystone_nova_password: workshop
- keystone_designate_password: workshop
- keystone_service_host: ${_param:single_address}
- mysql_keystone_password: workshop
- mysql_barbican_password: workshop
- mysql_glance_password: workshop
- mysql_nova_password: workshop
- mysql_neutron_password: workshop
- mysql_cinder_password: workshop
- mysql_heat_password: workshop
- mysql_designate_password: workshop
- barbican_service_host: ${_param:single_address}
- heat_service_host: ${_param:single_address}
- neutron_service_host: ${_param:single_address}
- glance_service_host: ${_param:single_address}
- cinder_service_host: ${_param:single_address}
- designate_service_host: ${_param:single_address}
- nova_service_host: ${_param:single_address}
- control_address: ${_param:single_address}
- metadata_password: workshop
- cluster_vip_address: ${_param:single_address}
- cluster_local_address: ${_param:single_address}
- openstack_database_address: ${_param:single_address}
- tenant_address: ${_param:single_address}
- heat_domain_admin_password: workshop
- horizon_secret_key: workshop
- horizon_identity_encryption: none
- horizon_identity_version: 2
- horizon_identity_host: ${_param:single_address}
- designate_admin_api_enabled: true
- designate_bind9_rndc_key: 4pc+X4PDqb2q+5o72dISm72LM1Ds9X2EYZjqg+nmsS7FhdTwzFFY8l/iEDmHxnyjkA33EQC8H+z0fLLBunoitw==
- designate_pool_target_type: bind9
- designate_domain_id: 5186883b-91fb-4891-bd49-e6769234a8fc
- designate_pool_ns_records:
- - hostname: 'ns1.example.org.'
- priority: 10
- designate_pool_nameservers:
- - host: ${_param:single_address}
- port: 53
- designate_pool_target_masters:
- - host: ${_param:single_address}
- port: 5354
- designate_pool_target_options:
- host: ${_param:single_address}
- port: 53
- rndc_host: 127.0.0.1
- rndc_port: 953
- rndc_key_file: /etc/designate/rndc.key
- designate_quota_zones: 40
- designate_worker_enabled: true
- linux_system_repo: deb [arch=amd64] http://mirror.fuel-infra.org/mcp-repos/${_param:openstack_version}/xenial ${_param:openstack_version} main
- linux_system_repo_pin: release a=${_param:openstack_version}
- linux_system_repo_priority: 1200
- openstack_public_neutron_subnet_gateway: 192.168.130.1
- openstack_public_neutron_subnet_cidr: 192.168.130.0/24
- openstack_public_neutron_subnet_allocation_start: 192.168.130.10
- openstack_public_neutron_subnet_allocation_end: 192.168.130.254
- barbican_simple_crypto_kek: YWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXoxMjM0NTY=
- barbican_integration_enabled: False
- openstack_message_queue_node01_address: ${_param:single_address}
- cluster_node01_address: 127.0.1.1
- # DEPRECATED, these are hot-fix added just to deal with wrong class loading above. This model needs maintenance.
- cluster_node02_address: 127.0.2.1
- cluster_node03_address: 127.0.3.1
- galera:
- master:
- members: []
- innodb_buffer_pool_size: 1024M
- max_connections: 1000
- slave:
- enabled: false
- barbican:
- server:
- ks_notifications_enable: True
- store:
- software:
- crypto_plugin: simple_crypto
- store_plugin: store_crypto
- global_default: True
- neutron:
- server:
- message_queue:
- members: []
- gateway:
- agent_mode: dvr_snat
- dvr: True
- nova:
- compute:
- barbican:
- enabled: ${_param:barbican_integration_enabled}
- vncproxy_url: http://${_param:single_address}:6080
- network:
- user: neutron
- password: ${_param:keystone_neutron_password}
- tenant: service
- cache:
- members: []
- controller:
- barbican:
- enabled: ${_param:barbican_integration_enabled}
- vncproxy_url: http://${_param:single_address}:6080
- cinder:
- controller:
- barbican:
- enabled: ${_param:barbican_integration_enabled}
- volume:
- cache:
- members: []
- horizon:
- server:
- secure: False
- designate:
- server:
- quota:
- zones: ${_param:designate_quota_zones}
- worker:
- enabled: ${_param:designate_worker_enabled}
- glance:
- server:
- barbican:
- enabled: ${_param:barbican_integration_enabled}
diff --git a/classes/cluster/virtual-mcp11-contrail-nfv/stacklight/server.yml b/classes/cluster/virtual-mcp11-contrail-nfv/stacklight/server.yml
index bbcf491..a0be7b7 100755
--- a/classes/cluster/virtual-mcp11-contrail-nfv/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp11-contrail-nfv/stacklight/server.yml
@@ -1,8 +1,8 @@
classes:
- system.linux.system.repo.grafana
- system.linux.system.repo.influxdb
-- system.linux.system.repo.mcp.apt_mirantis.elastic
-- system.linux.system.repo.mcp.apt_mirantis.kibana
+- system.linux.system.repo.mcp.apt_mirantis.elastic.5x
+- system.linux.system.repo.mcp.apt_mirantis.kibana.5x
- system.collectd.remote_client.cluster
- system.heka.remote_collector.cluster
- system.heka.remote_collector.input.amqp
@@ -24,6 +24,8 @@
collectd_remote_collector_host: ${_param:stacklight_monitor_address}
heka_amqp_host: ${_param:openstack_message_queue_address}
kibana_elasticsearch_host: ${_param:stacklight_monitor_address}
+ elasticsearch_version: 5
+ kibana_version: 5
keepalived_stacklight_monitor_vip_address: ${_param:stacklight_monitor_address}
keepalived_stacklight_monitor_vip_password: 'password'
keepalived_stacklight_monitor_vip_interface: ens4
diff --git a/classes/cluster/virtual-mcp11-contrail/stacklight/server.yml b/classes/cluster/virtual-mcp11-contrail/stacklight/server.yml
index dea0438..ce4bdc9 100755
--- a/classes/cluster/virtual-mcp11-contrail/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp11-contrail/stacklight/server.yml
@@ -2,8 +2,8 @@
- system.docker.host
- system.linux.system.repo.influxdb
- system.linux.system.repo.mcp.salt
-- system.linux.system.repo.mcp.apt_mirantis.elastic
-- system.linux.system.repo.mcp.apt_mirantis.kibana
+- system.linux.system.repo.mcp.apt_mirantis.elastic.5x
+- system.linux.system.repo.mcp.apt_mirantis.kibana.5x
- system.linux.system.repo.docker
- system.heka.remote_collector.container
- system.heka.remote_collector.input.amqp
@@ -33,6 +33,8 @@
_param:
heka_amqp_host: ${_param:openstack_control_address}
kibana_elasticsearch_host: ${_param:stacklight_monitor_address}
+ elasticsearch_version: 5
+ kibana_version: 5
keepalived_prometheus_vip_address: ${_param:stacklight_monitor_address}
keepalived_prometheus_vip_password: 'password'
keepalived_prometheus_vip_interface: ens4
diff --git a/classes/cluster/virtual-mcp11-dvr/stacklight/server.yml b/classes/cluster/virtual-mcp11-dvr/stacklight/server.yml
index 26518f9..1dc0b38 100644
--- a/classes/cluster/virtual-mcp11-dvr/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp11-dvr/stacklight/server.yml
@@ -2,8 +2,8 @@
- system.docker.host
- system.linux.system.repo.influxdb
- system.linux.system.repo.mcp.salt
-- system.linux.system.repo.mcp.apt_mirantis.elastic
-- system.linux.system.repo.mcp.apt_mirantis.kibana
+- system.linux.system.repo.mcp.apt_mirantis.elastic.5x
+- system.linux.system.repo.mcp.apt_mirantis.kibana.5x
- system.linux.system.repo.docker
- system.heka.remote_collector.container
- system.heka.remote_collector.input.amqp
@@ -33,6 +33,8 @@
_param:
heka_amqp_host: ${_param:openstack_control_address}
kibana_elasticsearch_host: ${_param:stacklight_monitor_address}
+ elasticsearch_version: 5
+ kibana_version: 5
keepalived_prometheus_vip_address: ${_param:stacklight_monitor_address}
keepalived_prometheus_vip_password: 'password'
keepalived_prometheus_vip_interface: ens4
diff --git a/classes/cluster/virtual-mcp11-k8s-calico-dyn/kubernetes/init.yml b/classes/cluster/virtual-mcp11-k8s-calico-dyn/kubernetes/init.yml
index e45aed2..5e53a55 100644
--- a/classes/cluster/virtual-mcp11-k8s-calico-dyn/kubernetes/init.yml
+++ b/classes/cluster/virtual-mcp11-k8s-calico-dyn/kubernetes/init.yml
@@ -23,8 +23,8 @@
kubernetes_calico_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/node:latest
kubernetes_calico_cni_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/cni:latest
kubernetes_calico_policy_image: calico/kube-policy-controller:v0.5.4
- kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.13-11
- kubernetes_pause_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/pause-amd64:v1.8.13-11
+ kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.10.4-4
+ kubernetes_pause_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/pause-amd64:v1.10.4-4
kubernetes_netchecker_agent_image: mirantis/k8s-netchecker-agent:v1.1.0
kubernetes_netchecker_server_image: mirantis/k8s-netchecker-server:v1.1.0
kubernetes_netchecker_agent_probeurls: "http://ipinfo.io"
diff --git a/classes/cluster/virtual-mcp11-k8s-calico-dyn/stacklight/server.yml b/classes/cluster/virtual-mcp11-k8s-calico-dyn/stacklight/server.yml
index 80c253d..b9837cd 100644
--- a/classes/cluster/virtual-mcp11-k8s-calico-dyn/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp11-k8s-calico-dyn/stacklight/server.yml
@@ -1,7 +1,7 @@
classes:
- system.docker.host
-- system.linux.system.repo.mcp.apt_mirantis.elastic
-- system.linux.system.repo.mcp.apt_mirantis.kibana
+- system.linux.system.repo.mcp.apt_mirantis.elastic.5x
+- system.linux.system.repo.mcp.apt_mirantis.kibana.5x
- system.linux.system.repo.docker
# Needed to install Galera packages
- system.linux.system.repo.mcp.openstack
@@ -32,6 +32,7 @@
docker_image_remote_storage_adapter: docker-prod-virtual.docker.mirantis.net/openstack-docker/remote_storage_adapter:${_param:apt_mk_version}
docker_image_prometheus_relay: docker-prod-virtual.docker.mirantis.net/openstack-docker/prometheus_relay:${_param:apt_mk_version}
docker_image_grafana: docker-prod-virtual.docker.mirantis.net/mirantis/external/grafana:${_param:apt_mk_version}
+ elasticsearch_version: 5
grafana_admin_password: admin
keepalived_prometheus_vip_address: ${_param:cluster_vip_address}
keepalived_prometheus_vip_password: password
@@ -45,6 +46,7 @@
cluster_node03_address: ${_param:stacklight_node03_address}
# Kibana
kibana_elasticsearch_host: ${_param:cluster_vip_address}
+ kibana_version: 5
# Galera
openstack_version: newton
galera_innodb_buffer_pool_size: 1024M
diff --git a/classes/cluster/virtual-mcp11-k8s-calico-minimal/kubernetes/init.yml b/classes/cluster/virtual-mcp11-k8s-calico-minimal/kubernetes/init.yml
index d46ff45..c7e3e8d 100644
--- a/classes/cluster/virtual-mcp11-k8s-calico-minimal/kubernetes/init.yml
+++ b/classes/cluster/virtual-mcp11-k8s-calico-minimal/kubernetes/init.yml
@@ -22,8 +22,8 @@
kubernetes_calico_calicoctl_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/ctl:latest
kubernetes_calico_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/node:latest
kubernetes_calico_cni_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/cni:latest
- kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.13-11
- kubernetes_pause_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/pause-amd64:v1.8.13-11
+ kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.10.4-4
+ kubernetes_pause_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/pause-amd64:v1.10.4-4
kubernetes_netchecker_agent_image: mirantis/k8s-netchecker-agent:v1.1.0
kubernetes_netchecker_server_image: mirantis/k8s-netchecker-server:v1.1.0
kubernetes_netchecker_agent_probeurls: "http://ipinfo.io"
diff --git a/classes/cluster/virtual-mcp11-k8s-calico/kubernetes/init.yml b/classes/cluster/virtual-mcp11-k8s-calico/kubernetes/init.yml
index f0079ed..dcfdd1d 100644
--- a/classes/cluster/virtual-mcp11-k8s-calico/kubernetes/init.yml
+++ b/classes/cluster/virtual-mcp11-k8s-calico/kubernetes/init.yml
@@ -25,12 +25,12 @@
kubernetes_calico_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/node:latest
kubernetes_calico_cni_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/cni:latest
kubernetes_calico_policy_image: calico/kube-policy-controller:v0.5.4
- kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.13-11
- kubernetes_pause_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/pause-amd64:v1.8.13-11
+ kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.10.4-4
+ kubernetes_pause_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/pause-amd64:v1.10.4-4
kubernetes_netchecker_agent_image: mirantis/k8s-netchecker-agent:v1.1.0
kubernetes_netchecker_server_image: mirantis/k8s-netchecker-server:v1.1.0
kubernetes_netchecker_agent_probeurls: "http://ipinfo.io"
- kubernetes_virtlet_image: mirantis/virtlet:v1.0.3
+ kubernetes_virtlet_image: mirantis/virtlet:v1.1.0
kubernetes_criproxy_version: v0.11.0
kubernetes_criproxy_checksum: md5=115bbb0c27518db6b0b3bc8cdc5fc897
kubernetes_dashboard_image: gcr.io/google_containers/kubernetes-dashboard-amd64:v1.5.1
diff --git a/classes/cluster/virtual-mcp11-k8s-calico/stacklight/server.yml b/classes/cluster/virtual-mcp11-k8s-calico/stacklight/server.yml
index 9395aab..441df3c 100644
--- a/classes/cluster/virtual-mcp11-k8s-calico/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp11-k8s-calico/stacklight/server.yml
@@ -1,7 +1,7 @@
classes:
- system.docker.host
-- system.linux.system.repo.mcp.apt_mirantis.elastic
-- system.linux.system.repo.mcp.apt_mirantis.kibana
+- system.linux.system.repo.mcp.apt_mirantis.elastic.5x
+- system.linux.system.repo.mcp.apt_mirantis.kibana.5x
- system.linux.system.repo.mcp.apt_mirantis.influxdb
- system.linux.system.repo.mcp.apt_mirantis.docker
# Needed to install Galera packages
@@ -46,6 +46,7 @@
docker_image_prometheus_relay: docker-prod-virtual.docker.mirantis.net/openstack-docker/prometheus_relay:${_param:apt_mk_version}
docker_image_grafana: docker-prod-virtual.docker.mirantis.net/mirantis/external/grafana:${_param:apt_mk_version}
docker_influxdb_image: influxdb:1.2
+ elasticsearch_version: 5
grafana_admin_password: admin
keepalived_prometheus_vip_address: ${_param:cluster_vip_address}
keepalived_prometheus_vip_password: password
@@ -62,6 +63,7 @@
cluster_node03_address: ${_param:stacklight_node03_address}
# Kibana
kibana_elasticsearch_host: ${_param:cluster_vip_address}
+ kibana_version: 5
# Galera
openstack_version: newton
galera_innodb_buffer_pool_size: 1024M
diff --git a/classes/cluster/virtual-mcp11-k8s-contrail/kubernetes/init.yml b/classes/cluster/virtual-mcp11-k8s-contrail/kubernetes/init.yml
index 85c2aed..f89e046 100644
--- a/classes/cluster/virtual-mcp11-k8s-contrail/kubernetes/init.yml
+++ b/classes/cluster/virtual-mcp11-k8s-contrail/kubernetes/init.yml
@@ -25,8 +25,8 @@
# component docker images
kubernetes_opencontrail_cni_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/contrail-integration/contrail-cni:v1.0.0
- kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.13-11
- kubernetes_pause_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/pause-amd64:v1.8.13-11
+ kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.10.4-4
+ kubernetes_pause_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/pause-amd64:v1.10.4-4
kubernetes_criproxy_version: v0.11.0
kubernetes_criproxy_checksum: md5=115bbb0c27518db6b0b3bc8cdc5fc897
kubernetes_dashboard_image: gcr.io/google_containers/kubernetes-dashboard-amd64:v1.5.1
@@ -37,7 +37,7 @@
kubernetes_netchecker_agent_image: mirantis/k8s-netchecker-agent:stable
kubernetes_netchecker_server_image: mirantis/k8s-netchecker-server:stable
kubernetes_netchecker_agent_probeurls: "http://ipinfo.io"
- kubernetes_virtlet_image: mirantis/virtlet:v1.0.3
+ kubernetes_virtlet_image: mirantis/virtlet:v1.1.0
kubernetes_externaldns_image: mirantis/external-dns:latest
kubernetes_externaldns_provider: coredns
diff --git a/classes/cluster/virtual-mcp11-k8s-contrail/stacklight/server.yml b/classes/cluster/virtual-mcp11-k8s-contrail/stacklight/server.yml
index a8c2e44..dc3ffea 100644
--- a/classes/cluster/virtual-mcp11-k8s-contrail/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp11-k8s-contrail/stacklight/server.yml
@@ -1,7 +1,7 @@
classes:
- system.linux.system.repo.influxdb
-- system.linux.system.repo.mcp.apt_mirantis.elastic
-- system.linux.system.repo.mcp.apt_mirantis.kibana
+- system.linux.system.repo.mcp.apt_mirantis.elastic.5x
+- system.linux.system.repo.mcp.apt_mirantis.kibana.5x
- system.linux.system.repo.docker
# Needed to install Galera packages
- system.linux.system.repo.mcp.openstack
@@ -45,6 +45,7 @@
docker_image_remote_storage_adapter: docker-prod-virtual.docker.mirantis.net/openstack-docker/remote_storage_adapter:${_param:apt_mk_version}
docker_image_prometheus_relay: docker-prod-virtual.docker.mirantis.net/openstack-docker/prometheus_relay:${_param:apt_mk_version}
docker_image_grafana: docker-prod-virtual.docker.mirantis.net/mirantis/external/grafana:${_param:apt_mk_version}
+ elasticsearch_version: 5
grafana_admin_password: admin
keepalived_prometheus_vip_address: ${_param:cluster_vip_address}
keepalived_prometheus_vip_password: password
@@ -59,6 +60,7 @@
grafana_database_password: ${_param:mysql_grafana_password}
# Kibana
kibana_elasticsearch_host: ${_param:cluster_vip_address}
+ kibana_version: 5
# Docker/Elasticsearch
cluster_elasticsearch_port: 9200
cluster_kibana_port: 5601
diff --git a/classes/cluster/virtual-mcp11-ovs-dpdk/stacklight/server.yml b/classes/cluster/virtual-mcp11-ovs-dpdk/stacklight/server.yml
index bb730fa..0d42d6e 100644
--- a/classes/cluster/virtual-mcp11-ovs-dpdk/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp11-ovs-dpdk/stacklight/server.yml
@@ -4,8 +4,8 @@
- system.linux.system.repo.influxdb
- system.heka.remote_collector.input.amqp
- system.heka.aggregator.cluster
-- system.linux.system.repo.mcp.apt_mirantis.elastic
-- system.linux.system.repo.mcp.apt_mirantis.kibana
+- system.linux.system.repo.mcp.apt_mirantis.elastic.5x
+- system.linux.system.repo.mcp.apt_mirantis.kibana.5x
- system.elasticsearch.server.cluster
- system.elasticsearch.server.curator
- system.kibana.server.single
@@ -22,6 +22,8 @@
collectd_remote_collector_host: ${_param:stacklight_monitor_address}
heka_amqp_host: ${_param:openstack_control_address}
kibana_elasticsearch_host: ${_param:stacklight_monitor_address}
+ elasticsearch_version: 5
+ kibana_version: 5
keepalived_stacklight_monitor_vip_address: ${_param:stacklight_monitor_address}
keepalived_stacklight_monitor_vip_password: 'password'
keepalived_stacklight_monitor_vip_interface: ens4
diff --git a/classes/cluster/virtual-mcp11-ovs-ironic-ssl/stacklight/server.yml b/classes/cluster/virtual-mcp11-ovs-ironic-ssl/stacklight/server.yml
index 75f3ad2..d78b873 100644
--- a/classes/cluster/virtual-mcp11-ovs-ironic-ssl/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp11-ovs-ironic-ssl/stacklight/server.yml
@@ -4,8 +4,8 @@
- system.linux.system.repo.influxdb
- system.heka.remote_collector.input.amqp
- system.heka.aggregator.cluster
-- system.linux.system.repo.mcp.apt_mirantis.elastic
-- system.linux.system.repo.mcp.apt_mirantis.kibana
+- system.linux.system.repo.mcp.apt_mirantis.elastic.5x
+- system.linux.system.repo.mcp.apt_mirantis.kibana.5x
- system.elasticsearch.server.cluster
- system.elasticsearch.server.curator
- system.kibana.server.single
@@ -22,6 +22,8 @@
collectd_remote_collector_host: ${_param:stacklight_monitor_address}
heka_amqp_host: ${_param:openstack_control_address}
kibana_elasticsearch_host: ${_param:stacklight_monitor_address}
+ elasticsearch_version: 5
+ kibana_version: 5
keepalived_stacklight_monitor_vip_address: ${_param:stacklight_monitor_address}
keepalived_stacklight_monitor_vip_password: 'password'
keepalived_stacklight_monitor_vip_interface: ens4
diff --git a/classes/cluster/virtual-mcp11-ovs-ironic/stacklight/server.yml b/classes/cluster/virtual-mcp11-ovs-ironic/stacklight/server.yml
index 6823f91..b9a6618 100644
--- a/classes/cluster/virtual-mcp11-ovs-ironic/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp11-ovs-ironic/stacklight/server.yml
@@ -4,8 +4,8 @@
- system.linux.system.repo.influxdb
- system.heka.remote_collector.input.amqp
- system.heka.aggregator.cluster
-- system.linux.system.repo.mcp.apt_mirantis.elastic
-- system.linux.system.repo.mcp.apt_mirantis.kibana
+- system.linux.system.repo.mcp.apt_mirantis.elastic.5x
+- system.linux.system.repo.mcp.apt_mirantis.kibana.5x
- system.elasticsearch.server.cluster
- system.elasticsearch.server.curator
- system.kibana.server.single
@@ -21,6 +21,8 @@
_param:
collectd_remote_collector_host: ${_param:stacklight_monitor_address}
heka_amqp_host: ${_param:openstack_control_address}
+ elasticsearch_version: 5
+ kibana_version: 5
kibana_elasticsearch_host: ${_param:stacklight_monitor_address}
keepalived_stacklight_monitor_vip_address: ${_param:stacklight_monitor_address}
keepalived_stacklight_monitor_vip_password: 'password'
diff --git a/classes/cluster/virtual-mcp11-ovs/stacklight/server.yml b/classes/cluster/virtual-mcp11-ovs/stacklight/server.yml
index 1409b9e..ed1c098 100644
--- a/classes/cluster/virtual-mcp11-ovs/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp11-ovs/stacklight/server.yml
@@ -4,8 +4,8 @@
- system.linux.system.repo.influxdb
- system.heka.remote_collector.input.amqp
- system.heka.aggregator.cluster
-- system.linux.system.repo.mcp.apt_mirantis.elastic
-- system.linux.system.repo.mcp.apt_mirantis.kibana
+- system.linux.system.repo.mcp.apt_mirantis.elastic.5x
+- system.linux.system.repo.mcp.apt_mirantis.kibana.5x
- system.elasticsearch.server.cluster
- system.elasticsearch.server.curator
- system.kibana.server.single
@@ -21,6 +21,8 @@
_param:
collectd_remote_collector_host: ${_param:stacklight_monitor_address}
heka_amqp_host: ${_param:openstack_control_address}
+ elasticsearch_version: 5
+ kibana_version: 5
kibana_elasticsearch_host: ${_param:stacklight_monitor_address}
keepalived_stacklight_monitor_vip_address: ${_param:stacklight_monitor_address}
keepalived_stacklight_monitor_vip_password: 'password'
diff --git a/classes/cluster/virtual-offline-pike-ovs-dpdk/stacklight/server.yml b/classes/cluster/virtual-offline-pike-ovs-dpdk/stacklight/server.yml
index 4b2f516..369c95f 100644
--- a/classes/cluster/virtual-offline-pike-ovs-dpdk/stacklight/server.yml
+++ b/classes/cluster/virtual-offline-pike-ovs-dpdk/stacklight/server.yml
@@ -2,8 +2,8 @@
- system.docker.host
- system.linux.system.repo_local.mcp.apt_mirantis.influxdb
- system.linux.system.repo_local.mcp.extra
-- system.linux.system.repo_local.mcp.apt_mirantis.elastic
-- system.linux.system.repo_local.mcp.apt_mirantis.kibana
+- system.linux.system.repo_local.mcp.apt_mirantis.elastic.5x
+- system.linux.system.repo_local.mcp.apt_mirantis.kibana.5x
- system.linux.system.repo_local.mcp.apt_mirantis.docker
- system.heka.remote_collector.container
- system.heka.remote_collector.input.amqp
@@ -33,6 +33,8 @@
_param:
heka_amqp_host: ${_param:openstack_control_address}
kibana_elasticsearch_host: ${_param:stacklight_monitor_address}
+ elasticsearch_version: 5
+ kibana_version: 5
keepalived_prometheus_vip_address: ${_param:stacklight_monitor_address}
keepalived_prometheus_vip_password: 'password'
keepalived_prometheus_vip_interface: ens4
diff --git a/classes/cluster/virtual-offline-pike-ovs/stacklight/server.yml b/classes/cluster/virtual-offline-pike-ovs/stacklight/server.yml
index e9f6bcb..4ecc914 100644
--- a/classes/cluster/virtual-offline-pike-ovs/stacklight/server.yml
+++ b/classes/cluster/virtual-offline-pike-ovs/stacklight/server.yml
@@ -2,8 +2,8 @@
- system.docker.host
- system.linux.system.repo_local.mcp.apt_mirantis.influxdb
- system.linux.system.repo_local.mcp.extra
-- system.linux.system.repo_local.mcp.apt_mirantis.elastic
-- system.linux.system.repo_local.mcp.apt_mirantis.kibana
+- system.linux.system.repo_local.mcp.apt_mirantis.elastic.5x
+- system.linux.system.repo_local.mcp.apt_mirantis.kibana.5x
- system.linux.system.repo_local.mcp.apt_mirantis.docker
- system.heka.remote_collector.container
- system.heka.remote_collector.input.amqp
@@ -33,6 +33,8 @@
_param:
heka_amqp_host: ${_param:openstack_control_address}
kibana_elasticsearch_host: ${_param:stacklight_monitor_address}
+ elasticsearch_version: 5
+ kibana_version: 5
keepalived_prometheus_vip_address: ${_param:stacklight_monitor_address}
keepalived_prometheus_vip_password: 'password'
keepalived_prometheus_vip_interface: ens4
diff --git a/classes/cluster/virtual-offline-ssl/openstack/compute.yml b/classes/cluster/virtual-offline-ssl/openstack/compute.yml
index 5a5710a..e908e62 100644
--- a/classes/cluster/virtual-offline-ssl/openstack/compute.yml
+++ b/classes/cluster/virtual-offline-ssl/openstack/compute.yml
@@ -16,6 +16,7 @@
- system.nova.compute.nfv.sriov
- system.neutron.compute.nfv.dpdk
- system.neutron.compute.nfv.sriov
+- system.nova.compute.libvirt.ssl
- cluster.virtual-offline-ssl
parameters:
_param:
diff --git a/classes/system b/classes/system
index 8d46284..0185ec6 160000
--- a/classes/system
+++ b/classes/system
@@ -1 +1 @@
-Subproject commit 8d46284f4cf6457d4d99d631dca26f4aaed71b45
+Subproject commit 0185ec6c09e0563af761afc88977dda3461ea6f0