Add initial offline barbican model
Change-Id: I433a4112958928b70ef6c77da62871be67bf75b9
diff --git a/classes/cluster/virtual-offline-ssl/infra/backup/client_common.yml b/classes/cluster/virtual-offline-ssl/infra/backup/client_common.yml
new file mode 100644
index 0000000..79b8f6b
--- /dev/null
+++ b/classes/cluster/virtual-offline-ssl/infra/backup/client_common.yml
@@ -0,0 +1,40 @@
+classes:
+- system.backupninja.client.single
+- system.openssh.client.root
+parameters:
+ _param:
+ backupninja_backup_host: ${_param:openstack_control_node03_address}
+ root_private_key: |
+ -----BEGIN RSA PRIVATE KEY-----
+ MIIEowIBAAKCAQEAxL6/rVgCetsETpZaUmXmkj8cZ1WN0eubH1FvMDOi/La9ZJyT
+ k0C6AYpJnIyEm93pMj5cLm08qRqMW+2pdOhYjcH69yg5MrX5SkRk8jCmIHIYoIbh
+ Qnwbnj3dd3I39ZdfU2FO7u2vlbglVou6ZoQxlJDItuLNtzq6EG+w9eF19e7+OsC6
+ 6iUItp618zfw1l3J/8nKvCGe2RYDf7mJW6XwCl/DwryJmwwzvPgYJ3QMuDD8/HFj
+ lrJ3xjFTXj4b4Ws1XIoy78fFbtiLr4OwqCYkho03u2E5rOOP1qZxZB63sivHMLMO
+ MM5bOAQKbulFNoyALADGYfc7sf0bZ4u9XXDXxQIDAQABAoIBAQCfmc2MJRT97KW1
+ yqpCpX9BrAiymuiNHf+cjEcSZxEUyHkjIRFmJt+9WB0W7ba1anM92vCUiPDojSzH
+ dig9Oi578JxR20NrK8uqv4jUHzrknynzLveVI3CUEcOSnglfJQijbxDFKfOCFPvV
+ FUyE1UATMNBh6+LNfMprgu+exuMWOPnDyUiYQ+WZ0JfuZY8fuaZte4woJJOb9LUu
+ 5rsMG/smIzjpgZ0Z9ZVDMurfq565qhpaXRAqKeIuyht8pacTo31iMQdHB78AvY/3
+ g0z21Gk8k3z0Kr/YFKr2r4FmXY5m/gAUvZly2ZrVQM5XsbTVCzq/JpI5fssNvSbU
+ AKmXzf4RAoGBAOO3d4/cstxERzW6hyOTjZIN1ppR52CsnZTsVPbfd0pCtmzmVZce
+ CtHKdcXSbTwZvvkK09QSWAp3MoSpd0gIOiLU8Wx/R/RIZsu9BlhTS3r3EQLnk72d
+ H/1TTA+j4T/LIYLSojQ1RxvIrHetAD44j732aTwKAHj/SybEAVqNkOB/AoGBAN0u
+ gLcrgqIHGrk4VjWSvlCGymfF40equcx+ud7XhfZDGETUOSahW4dPZ52cjPAkrCBQ
+ MMfcDwSVGsOAjd+mNt11BHUKobnhXwFaWWuyqyn9NmWFbjMbICVh7E3Of5aVN38o
+ lrmo/7LuKMVG7XRwphCv5NkaJmQG4njDyUQWlaW7AoGADCd8wDb9bPhP/LQqBmIX
+ ylXmwHHisaxE9O/wUQT4bwREjGd25gv6c9wkkRx8LBsLsGs9hzI7dMOL9Ly+2x9l
+ SvqmsC3S/1zl77X1Ir2/Z57MT6Vgo1xBmtnZU3Rhz2/eKAdqFPNLClaZrgGT475N
+ HcyLLWMzR0IJFtabY+Puea0CgYA8Zb5wRkldxWLewSuJZZDinGwY+kieAVjLJq/K
+ 0j+ah6fQ48LXcah0wpIgz+cMjHcUO9GWQdk3/x9X03rqX5EL2DBnZYfUIl63F9zj
+ M97ZkHOSNWVqPzX//0Vv2butewG0j3jZKfTo/2/SrxOYgEpYtC9huWpSVi7xm0US
+ erhSkQKBgFIf9JEsfgE57ANhvITZ3ZI0uZXNxZkXQaVg8jvScDi79IIhy9iPzhKC
+ aIIQoDNIlWv1ftCRZ5AlBvVXgvQ/QNrwy48JiQTzWZlb9Ezg8w+olQmSbG6fq7Y+
+ 7r3i+QUZ7RBdOb24QcQ618q54ozNTCB7OywY78ptFzeoBeptiNr1
+ -----END RSA PRIVATE KEY-----
+ # for salt-master backup
+ backupninja:
+ client:
+ target:
+ home_dir: /srv/volumes/backup/backupninja
+ engine_opts: "-av --delete --recursive --safe-links"
diff --git a/classes/cluster/virtual-offline-ssl/infra/backup/client_mysql.yml b/classes/cluster/virtual-offline-ssl/infra/backup/client_mysql.yml
new file mode 100644
index 0000000..18cabd8
--- /dev/null
+++ b/classes/cluster/virtual-offline-ssl/infra/backup/client_mysql.yml
@@ -0,0 +1,38 @@
+classes:
+- system.xtrabackup.client.single
+parameters:
+ _param:
+ xtrabackup_remote_server: ${_param:openstack_control_node03_address}
+ xtrabackup_qpress_source_name: http://${_param:aptly_server_address}:8078/qpress-11-linux-x64.tar
+ root_private_key: |
+ -----BEGIN RSA PRIVATE KEY-----
+ MIIEowIBAAKCAQEAxL6/rVgCetsETpZaUmXmkj8cZ1WN0eubH1FvMDOi/La9ZJyT
+ k0C6AYpJnIyEm93pMj5cLm08qRqMW+2pdOhYjcH69yg5MrX5SkRk8jCmIHIYoIbh
+ Qnwbnj3dd3I39ZdfU2FO7u2vlbglVou6ZoQxlJDItuLNtzq6EG+w9eF19e7+OsC6
+ 6iUItp618zfw1l3J/8nKvCGe2RYDf7mJW6XwCl/DwryJmwwzvPgYJ3QMuDD8/HFj
+ lrJ3xjFTXj4b4Ws1XIoy78fFbtiLr4OwqCYkho03u2E5rOOP1qZxZB63sivHMLMO
+ MM5bOAQKbulFNoyALADGYfc7sf0bZ4u9XXDXxQIDAQABAoIBAQCfmc2MJRT97KW1
+ yqpCpX9BrAiymuiNHf+cjEcSZxEUyHkjIRFmJt+9WB0W7ba1anM92vCUiPDojSzH
+ dig9Oi578JxR20NrK8uqv4jUHzrknynzLveVI3CUEcOSnglfJQijbxDFKfOCFPvV
+ FUyE1UATMNBh6+LNfMprgu+exuMWOPnDyUiYQ+WZ0JfuZY8fuaZte4woJJOb9LUu
+ 5rsMG/smIzjpgZ0Z9ZVDMurfq565qhpaXRAqKeIuyht8pacTo31iMQdHB78AvY/3
+ g0z21Gk8k3z0Kr/YFKr2r4FmXY5m/gAUvZly2ZrVQM5XsbTVCzq/JpI5fssNvSbU
+ AKmXzf4RAoGBAOO3d4/cstxERzW6hyOTjZIN1ppR52CsnZTsVPbfd0pCtmzmVZce
+ CtHKdcXSbTwZvvkK09QSWAp3MoSpd0gIOiLU8Wx/R/RIZsu9BlhTS3r3EQLnk72d
+ H/1TTA+j4T/LIYLSojQ1RxvIrHetAD44j732aTwKAHj/SybEAVqNkOB/AoGBAN0u
+ gLcrgqIHGrk4VjWSvlCGymfF40equcx+ud7XhfZDGETUOSahW4dPZ52cjPAkrCBQ
+ MMfcDwSVGsOAjd+mNt11BHUKobnhXwFaWWuyqyn9NmWFbjMbICVh7E3Of5aVN38o
+ lrmo/7LuKMVG7XRwphCv5NkaJmQG4njDyUQWlaW7AoGADCd8wDb9bPhP/LQqBmIX
+ ylXmwHHisaxE9O/wUQT4bwREjGd25gv6c9wkkRx8LBsLsGs9hzI7dMOL9Ly+2x9l
+ SvqmsC3S/1zl77X1Ir2/Z57MT6Vgo1xBmtnZU3Rhz2/eKAdqFPNLClaZrgGT475N
+ HcyLLWMzR0IJFtabY+Puea0CgYA8Zb5wRkldxWLewSuJZZDinGwY+kieAVjLJq/K
+ 0j+ah6fQ48LXcah0wpIgz+cMjHcUO9GWQdk3/x9X03rqX5EL2DBnZYfUIl63F9zj
+ M97ZkHOSNWVqPzX//0Vv2butewG0j3jZKfTo/2/SrxOYgEpYtC9huWpSVi7xm0US
+ erhSkQKBgFIf9JEsfgE57ANhvITZ3ZI0uZXNxZkXQaVg8jvScDi79IIhy9iPzhKC
+ aIIQoDNIlWv1ftCRZ5AlBvVXgvQ/QNrwy48JiQTzWZlb9Ezg8w+olQmSbG6fq7Y+
+ 7r3i+QUZ7RBdOb24QcQ618q54ozNTCB7OywY78ptFzeoBeptiNr1
+ -----END RSA PRIVATE KEY-----
+ xtrabackup:
+ server:
+ enabled: false
+ backup_dir: /srv/volumes/backup/xtrabackup
diff --git a/classes/cluster/virtual-offline-ssl/infra/backup/server.yml b/classes/cluster/virtual-offline-ssl/infra/backup/server.yml
new file mode 100644
index 0000000..8f84903
--- /dev/null
+++ b/classes/cluster/virtual-offline-ssl/infra/backup/server.yml
@@ -0,0 +1,15 @@
+classes:
+- system.backupninja.server.single
+- system.xtrabackup.server.single
+- system.glusterfs.client.cluster
+- system.glusterfs.client.volume.backup
+parameters:
+ _param:
+ backupninja_public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDEvr+tWAJ62wROllpSZeaSPxxnVY3R65sfUW8wM6L8tr1knJOTQLoBikmcjISb3ekyPlwubTypGoxb7al06FiNwfr3KDkytflKRGTyMKYgchighuFCfBuePd13cjf1l19TYU7u7a+VuCVWi7pmhDGUkMi24s23OroQb7D14XX17v46wLrqJQi2nrXzN/DWXcn/ycq8IZ7ZFgN/uYlbpfAKX8PCvImbDDO8+BgndAy4MPz8cWOWsnfGMVNePhvhazVcijLvx8Vu2Iuvg7CoJiSGjTe7YTms44/WpnFkHreyK8cwsw4wzls4BApu6UU2jIAsAMZh9zux/Rtni71dcNfF
+ xtrabackup_public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDEvr+tWAJ62wROllpSZeaSPxxnVY3R65sfUW8wM6L8tr1knJOTQLoBikmcjISb3ekyPlwubTypGoxb7al06FiNwfr3KDkytflKRGTyMKYgchighuFCfBuePd13cjf1l19TYU7u7a+VuCVWi7pmhDGUkMi24s23OroQb7D14XX17v46wLrqJQi2nrXzN/DWXcn/ycq8IZ7ZFgN/uYlbpfAKX8PCvImbDDO8+BgndAy4MPz8cWOWsnfGMVNePhvhazVcijLvx8Vu2Iuvg7CoJiSGjTe7YTms44/WpnFkHreyK8cwsw4wzls4BApu6UU2jIAsAMZh9zux/Rtni71dcNfF
+ backupninja:
+ server:
+ home_dir: /srv/volumes/backup/backupninja
+ xtrabackup:
+ server:
+ backup_dir: /srv/volumes/backup/xtrabackup
\ No newline at end of file
diff --git a/classes/cluster/virtual-offline-ssl/infra/config.yml b/classes/cluster/virtual-offline-ssl/infra/config.yml
new file mode 100644
index 0000000..31d00aa
--- /dev/null
+++ b/classes/cluster/virtual-offline-ssl/infra/config.yml
@@ -0,0 +1,214 @@
+classes:
+- service.git.client
+- system.linux.system.single
+- system.linux.system.single.debian
+- system.linux.system.repo_local.mcp.salt
+- system.linux.system.repo_local.mcp.apt_mirantis.openstack
+- system.openssh.client.lab
+- system.salt.master.pkg
+- system.salt.master.api
+- system.salt.master.formula.pkg.manila
+- system.salt.master.formula.pkg.gnocchi
+- system.salt.master.formula.pkg.panko
+# Add when reclass bumped
+#-salt/master/formula/pkg/dogtag.yml
+- system.reclass.storage.salt
+- system.salt.minion.ca.salt_master
+- system.sphinx.server.doc.reclass
+- system.keystone.client.single
+- system.keystone.client.service.nova21
+- system.keystone.client.service.nova-placement
+- system.keystone.client.service.cinder3
+- system.keystone.client.service.designate
+- system.keystone.client.service.manila
+- system.keystone.client.service.manila2
+- system.keystone.client.service.aodh
+- system.keystone.client.service.ceilometer
+- system.keystone.client.service.panko
+- system.keystone.client.service.gnocchi
+- system.keystone.client.service.barbican
+- system.reclass.storage.system.openstack_dns_cluster
+- system.reclass.storage.system.openstack_control_cluster
+- system.reclass.storage.system.openstack_compute_multi
+- system.reclass.storage.system.openstack_gateway_single
+- system.reclass.storage.system.openstack_dashboard_single
+- system.reclass.storage.system.openstack_share_single
+- system.reclass.storage.system.openstack_telemetry_cluster
+- cluster.virtual-offline-ssl
+parameters:
+ _param:
+ reclass_data_repository: https://gerrit.mcp.mirantis.net/salt-models/mcp-virtual-lab
+ reclass_data_revision: master
+ salt_master_environment_repository: "https://github.com/tcpcloud"
+ salt_master_environment_revision: master
+ salt_api_password_hash: "$6$sGnRlxGf$al5jMCetLP.vfI/fTl3Z0N7Za1aeiexL487jAtyRABVfT3NlwZxQGVhO7S1N8OwS/34VHYwZQA8lkXwKMN/GS1"
+ reclass_config_master: 192.168.10.90
+ single_address: 172.16.10.100
+ salt_master_host: 127.0.0.1
+ salt_master_base_environment: prd
+ linux:
+ network:
+ interface:
+ ens4:
+ enabled: true
+ type: eth
+ proto: static
+ address: ${_param:single_address}
+ netmask: 255.255.255.0
+ salt:
+ master:
+ reactor:
+ reclass/minion/classify:
+ - salt://reclass/reactor/node_register.sls
+ environment:
+ prd:
+ formula:
+ dogtag:
+ source: pkg
+ name: salt-formula-dogtag
+ reclass:
+ storage:
+ class_mapping:
+ common_node:
+ expression: all
+ node_param:
+ single_address:
+ value_template: <<node_control_ip>>
+ linux_system_codename:
+ value_template: <<node_os>>
+ salt_master_host:
+ value_template: <<node_master_ip>>
+ infra_config:
+ expression: <<node_hostname>>__startswith__cfg
+ cluster_param:
+ infra_config_address:
+ value_template: <<node_control_ip>>
+ infra_config_deploy_address:
+ value_template: <<node_deploy_ip>>
+ cluster_domain:
+ value_template: <<node_domain>>
+ openstack_control01:
+ expression: <<node_hostname>>__equals__ctl01
+ cluster_param:
+ openstack_control_node01_address:
+ value_template: <<node_control_ip>>
+ openstack_control02:
+ expression: <<node_hostname>>__equals__ctl02
+ cluster_param:
+ openstack_control_node02_address:
+ value_template: <<node_control_ip>>
+ openstack_control03:
+ expression: <<node_hostname>>__equals__ctl03
+ cluster_param:
+ openstack_control_node03_address:
+ value_template: <<node_control_ip>>
+ openstack_compute:
+ expression: <<node_hostname>>__startswith__cmp
+ node_class:
+ value_template:
+ - cluster.<<node_cluster>>.openstack.compute
+ node_param:
+ tenant_address:
+ value_template: <<node_tenant_ip>>
+ external_address:
+ value_template: <<node_external_ip>>
+ openstack_gateway:
+ expression: <<node_hostname>>__startswith__gtw
+ node_class:
+ value_template:
+ - cluster.<<node_cluster>>.openstack.gateway
+ node_param:
+ tenant_address:
+ value_template: <<node_tenant_ip>>
+ external_address:
+ value_template: <<node_external_ip>>
+ cluster_param:
+ openstack_gateway_node01_address:
+ value_template: <<node_control_ip>>
+ openstack_dashboard:
+ expression: <<node_hostname>>__startswith__prx
+ node_class:
+ value_template:
+ - cluster.<<node_cluster>>.openstack.dashboard
+ - cluster.<<node_cluster>>.openstack.proxy
+ cluster_param:
+ openstack_proxy_node01_address:
+ value_template: <<node_control_ip>>
+ openstack_share:
+ expression: <<node_hostname>>__startswith__share
+ node_class:
+ value_template:
+ - cluster.<<node_cluster>>.openstack.share
+ cluster_param:
+ openstack_share_node01_address:
+ value_template: <<node_control_ip>>
+ openstack_share_node01_share_address:
+ value_template: <<node_tenant_ip>>
+ openstack_telemetry01:
+ expression: <<node_hostname>>__equals__mdb01
+ cluster_param:
+ openstack_telemetry_node01_address:
+ value_template: <<node_control_ip>>
+ openstack_telemetry02:
+ expression: <<node_hostname>>__equals__mdb02
+ cluster_param:
+ openstack_telemetry_node02_address:
+ value_template: <<node_control_ip>>
+ openstack_telemetry03:
+ expression: <<node_hostname>>__equals__mdb03
+ cluster_param:
+ openstack_telemetry_node03_address:
+ value_template: <<node_control_ip>>
+ node:
+ openstack_control_node01:
+ classes:
+ - service.galera.master.cluster
+ - service.dogtag.server.cluster.master
+ params:
+ mysql_cluster_role: master
+ linux_system_codename: xenial
+ openstack_control_node02:
+ classes:
+ - service.galera.slave.cluster
+ - service.dogtag.server.cluster.slave
+ params:
+ mysql_cluster_role: slave
+ linux_system_codename: xenial
+ openstack_control_node03:
+ classes:
+ - service.galera.slave.cluster
+ - service.dogtag.server.cluster.slave
+ params:
+ mysql_cluster_role: slave
+ linux_system_codename: xenial
+ openstack_compute_node01:
+ params:
+ single_address: 172.16.10.105
+ tenant_address: 10.1.0.105
+ external_address: 10.16.0.105
+ openstack_compute_node02:
+ params:
+ single_address: 172.16.10.106
+ tenant_address: 10.1.0.106
+ external_address: 10.16.0.106
+ openstack_gateway_node01:
+ params:
+ tenant_address: 10.1.0.110
+ external_address: 10.16.0.110
+ openstack_proxy_node01:
+ classes:
+ - cluster.virtual-offline-ssl.openstack.proxy
+ params:
+ linux_system_codename: xenial
+ openstack_telemetry_node01:
+ params:
+ # create resources only from 1 controller
+ # to prevent race conditions
+ ceilometer_create_gnocchi_resources: true
+ redis_cluster_role: 'master'
+ openstack_telemetry_node02:
+ params:
+ redis_cluster_role: 'slave'
+ openstack_telemetry_node03:
+ params:
+ redis_cluster_role: 'slave'
diff --git a/classes/cluster/virtual-offline-ssl/infra/init.yml b/classes/cluster/virtual-offline-ssl/infra/init.yml
new file mode 100644
index 0000000..b01723d
--- /dev/null
+++ b/classes/cluster/virtual-offline-ssl/infra/init.yml
@@ -0,0 +1,14 @@
+parameters:
+ linux:
+ network:
+ host:
+ cfg01:
+ address: ${_param:infra_config_address}
+ names:
+ - ${_param:infra_config_hostname}
+ - ${_param:infra_config_hostname}.${_param:cluster_domain}
+ cfg:
+ address: ${_param:infra_config_address}
+ names:
+ - cfg
+ - cfg.${_param:cluster_domain}