Add MySQL DB and Keystone with LDAP Identity backend to model_manager cluster
Change-Id: I3bc79195be473df38c0473e610efcc6fce6cfd31
diff --git a/classes/cluster/model_manager/model_manager/dashboard.yml b/classes/cluster/model_manager/model_manager/dashboard.yml
index 43d883d..002e421 100644
--- a/classes/cluster/model_manager/model_manager/dashboard.yml
+++ b/classes/cluster/model_manager/model_manager/dashboard.yml
@@ -3,6 +3,7 @@
- system.linux.system.repo.mcp.extra
- system.linux.system.repo.saltstack.xenial
- system.model_manager.server.integration
+- cluster.model_manager.model_manager.identity
- cluster.model_manager
parameters:
model_manager:
diff --git a/classes/cluster/model_manager/model_manager/identity.yml b/classes/cluster/model_manager/model_manager/identity.yml
new file mode 100644
index 0000000..c2d2f27
--- /dev/null
+++ b/classes/cluster/model_manager/model_manager/identity.yml
@@ -0,0 +1,26 @@
+classes:
+- service.mysql.server.single
+- system.mysql.client
+- system.mysql.client.database.keystone
+- system.keystone.server.single
+- system.keystone.client.core
+- system.keystone.client.service.keystone
+- cluster.model_manager
+parameters:
+ keystone:
+ server:
+ backend: ldap
+ assignment:
+ backend: sql
+ ldap:
+ url: "ldap://ldap-scc.scc.mirantis.net"
+ suffix: "dc=mirantis,dc=net"
+ query_scope: "sub"
+ user_tree_dn: "ou=people,o=mirantis,dc=mirantis,dc=net"
+ group_tree_dn: "ou=groups,o=mirantis,dc=mirantis,dc=net"
+ read_only: true
+ auth: false
+ mysql:
+ server:
+ version: "5.7"
+
diff --git a/classes/cluster/model_manager/model_manager/init.yml b/classes/cluster/model_manager/model_manager/init.yml
index d69e4d7..db393b7 100644
--- a/classes/cluster/model_manager/model_manager/init.yml
+++ b/classes/cluster/model_manager/model_manager/init.yml
@@ -1,5 +1,6 @@
parameters:
_param:
+ # app params
model_manager_node00_hostname: web0
model_manager_node00_address: 172.16.10.90
cluster_vip_address: ${_param:model_manager_node00_address}
@@ -10,4 +11,12 @@
model_manager_jenkins_password: 't&2FLaB]2!'
model_manager_template_url: https://gerrit.mcp.mirantis.net/gitweb?p=mk/cookiecutter-templates.git;a=blob_plain;f=workflow_definition.yml;hb=HEAD
model_manager_template_job: generate-salt-model-separated-products
+ # identity params
+ openstack_region: RegionOne
+ admin_email: root@localhost
+ keystone_version: mitaka
+ keystone_service_token: qzWYJmNiiXYRSipdWda0
+ rabbitmq_openstack_password: workshop
+ keystone_service_host: ${_param:model_manager_node00_address}
+ nginx_proxy_openstack_api_host: ${_param:cluster_public_host}
diff --git a/classes/cluster/model_manager/model_manager/proxy.yml b/classes/cluster/model_manager/model_manager/proxy.yml
index 23090ac..d049c67 100644
--- a/classes/cluster/model_manager/model_manager/proxy.yml
+++ b/classes/cluster/model_manager/model_manager/proxy.yml
@@ -11,4 +11,34 @@
engine: salt
mode: secure
salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ nginx:
+ server:
+ enabled: true
+ site:
+ nginx_proxy_openstack_api_keystone:
+ enabled: true
+ type: nginx_proxy
+ name: openstack_api_keystone
+ check: false
+ proxy:
+ host: ${_param:keystone_service_host}
+ port: 5000
+ protocol: http
+ host:
+ name: ${_param:nginx_proxy_openstack_api_host}
+ port: 5000
+ ssl: ${_param:nginx_proxy_ssl}
+ nginx_proxy_openstack_api_keystone_private:
+ enabled: true
+ type: nginx_proxy
+ name: openstack_api_keystone_private
+ check: false
+ proxy:
+ host: ${_param:keystone_service_host}
+ port: 35357
+ protocol: http
+ host:
+ name: ${_param:nginx_proxy_openstack_api_host}
+ port: 35357
+ ssl: ${_param:nginx_proxy_ssl}