Merge "Add nodes for MCP Multi instances"

commit: 87d57d3edba43d883f3832358ba5b04b8f144ed0 [log] [tgz]
author: Petr Michalec <epcim@apealive.net> Fri Sep 08 11:06:34 2017 +0000
committer: Gerrit Code Review <gerrit2@b3fef64565ee> Fri Sep 08 11:06:36 2017 +0000
tree: 65ab283c80ff4ff36219d711f7b48a8993aff931
parent: 1850e5077dab9f8d55d376a18af1819a08c3e972 [diff]
parent: 9503dace962ad647a515eecb418efbc304e415d0 [diff]
diff --git a/classes/cluster/aaa-ha-freeipa/infra/config.yml b/classes/cluster/aaa-ha-freeipa/infra/config.yml
index c24f8ae..e69242a 100644
--- a/classes/cluster/aaa-ha-freeipa/infra/config.yml
+++ b/classes/cluster/aaa-ha-freeipa/infra/config.yml

@@ -23,10 +23,10 @@
     salt_master_host: 127.0.0.1
   salt:
     master:
-      enabled: true
       reactor:
         reclass/minion/classify:
         - salt://reclass/reactor/node_register.sls
+
   reclass:
     storage:
       class_mapping:

diff --git a/classes/cluster/os-ha-contrail/infra/config.yml b/classes/cluster/os-ha-contrail/infra/config.yml
index 28d7e3b..3fec3ee 100755
--- a/classes/cluster/os-ha-contrail/infra/config.yml
+++ b/classes/cluster/os-ha-contrail/infra/config.yml

@@ -10,10 +10,11 @@
 - system.salt.minion.cert.proxy
 - system.sphinx.server.doc.reclass
 - system.keystone.client.core
-- system.keystone.client.service.designate
+- system.keystone.client.service.barbican
 - system.keystone.client.service.cinder
 - system.keystone.client.service.cinder2
 - system.keystone.client.service.cinder3
+- system.keystone.client.service.designate
 - system.keystone.client.service.glance
 - system.keystone.client.service.glare
 - system.keystone.client.service.heat
@@ -24,6 +25,7 @@
 - system.keystone.client.service.nova21
 - system.keystone.client.service.nova-placement
 - system.mysql.client
+- system.mysql.client.database.barbican
 - system.mysql.client.database.cinder
 - system.mysql.client.database.glance
 - system.mysql.client.database.heat

diff --git a/classes/cluster/os-ha-contrail/init.yml b/classes/cluster/os-ha-contrail/init.yml
index 5e876d7..203f799 100755
--- a/classes/cluster/os-ha-contrail/init.yml
+++ b/classes/cluster/os-ha-contrail/init.yml

@@ -9,3 +9,8 @@
 - cluster.os-ha-contrail.opencontrail
 - cluster.os-ha-contrail.openstack
 - cluster.overrides
+parameters:
+  salt:
+    minion:
+      trusted_ca_minions:
+        - cfg01

diff --git a/classes/cluster/os-ha-contrail/opencontrail/control.yml b/classes/cluster/os-ha-contrail/opencontrail/control.yml
index a281452..4c03393 100644
--- a/classes/cluster/os-ha-contrail/opencontrail/control.yml
+++ b/classes/cluster/os-ha-contrail/opencontrail/control.yml

@@ -12,6 +12,7 @@
 - system.opencontrail.client.resource.config_node
 - system.opencontrail.client.resource.database_node
 - system.opencontrail.client.resource.analytics_node
+- system.opencontrail.client.resource.openstack_metadata
 - system.haproxy.proxy.listen.opencontrail.analytics
 - cluster.os-ha-contrail
 parameters:

diff --git a/classes/cluster/os-ha-contrail/openstack/compute.yml b/classes/cluster/os-ha-contrail/openstack/compute.yml
index f32f983..8346f2f 100755
--- a/classes/cluster/os-ha-contrail/openstack/compute.yml
+++ b/classes/cluster/os-ha-contrail/openstack/compute.yml

@@ -9,6 +9,8 @@
 - system.opencontrail.client.cluster
 - system.opencontrail.client.resource.virtual_router
 - service.opencontrail.compute.cluster
+- service.opencontrail.compute.lbaas.barbican
+- service.barbican.client.cluster
 - cluster.os-ha-contrail
 parameters:
   _param:

diff --git a/classes/cluster/os-ha-contrail/openstack/control.yml b/classes/cluster/os-ha-contrail/openstack/control.yml
index 2b6c6f8..e5ab6a3 100755
--- a/classes/cluster/os-ha-contrail/openstack/control.yml
+++ b/classes/cluster/os-ha-contrail/openstack/control.yml

@@ -24,6 +24,7 @@
 - system.designate.server.cluster
 - system.designate.server.backend.bind
 - system.galera.server.cluster
+- system.galera.server.database.barbican
 - system.galera.server.database.cinder
 - system.galera.server.database.glance
 - system.galera.server.database.heat
@@ -31,6 +32,8 @@
 - system.galera.server.database.nova
 - system.galera.server.database.designate
 - system.haproxy.proxy.listen.openstack.nova-placement
+- system.barbican.server.cluster
+- service.barbican.server.plugin.simple_crypto
 - cluster.os-ha-contrail
 parameters:
   _param:
@@ -62,6 +65,13 @@
       instance:
         VIP:
           virtual_router_id: 150
+  barbican:
+    server:
+      store:
+        software:
+          crypto_plugin: simple_crypto
+          store_plugin: store_crypto
+          global_default: True
   bind:
     server:
       control:

diff --git a/classes/cluster/os-ha-contrail/openstack/init.yml b/classes/cluster/os-ha-contrail/openstack/init.yml
index 826c807..a6c09ff 100755
--- a/classes/cluster/os-ha-contrail/openstack/init.yml
+++ b/classes/cluster/os-ha-contrail/openstack/init.yml

@@ -75,6 +75,7 @@
       rndc_host: ${_param:openstack_control_node01_address}
       rndc_port: 953
       rndc_key_file: /etc/designate/rndc.key
+    barbican_version: ${_param:openstack_version}
     designate_version: ${_param:openstack_version}
     cluster_vip_address: ${_param:openstack_control_address}
     glance_version: ${_param:openstack_version}
@@ -93,10 +94,12 @@
     neutron_service_host: ${_param:openstack_control_address}
     glusterfs_service_host: ${_param:openstack_control_address}
     designate_service_host: ${_param:openstack_control_address}
+    barbican_service_host: ${_param:openstack_control_address}
     mysql_admin_user: root
     mysql_admin_password: workshop
-    mysql_designate_password: workshop
+    mysql_barbican_password: workshop
     mysql_cinder_password: workshop
+    mysql_designate_password: workshop
     mysql_glance_password: workshop
     mysql_heat_password: workshop
     mysql_keystone_password: workshop
@@ -104,6 +107,7 @@
     mysql_nova_password: workshop
     keystone_service_token: workshop
     keystone_admin_password: workshop
+    keystone_barbican_password: workshop
     keystone_cinder_password: workshop
     keystone_glance_password: workshop
     keystone_heat_password: workshop
@@ -117,6 +121,10 @@
     horizon_identity_host: ${_param:openstack_control_address}
     horizon_identity_encryption: none
     horizon_identity_version: 2
+    opencontrail_barbican_user: admin
+    opencontrail_barbican_password: ${_param:keystone_admin_password}
+    opencontrail_barbican_tenant: admin
+    barbican_simple_crypto_kek: "YWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXoxMjM0NTY="
   linux:
     network:
       host:

diff --git a/classes/cluster/os-ha-contrail/openstack/proxy.yml b/classes/cluster/os-ha-contrail/openstack/proxy.yml
index 23c0c2b..37a9234 100755
--- a/classes/cluster/os-ha-contrail/openstack/proxy.yml
+++ b/classes/cluster/os-ha-contrail/openstack/proxy.yml

@@ -4,6 +4,7 @@
 - system.nginx.server.proxy.openstack_api
 - system.nginx.server.proxy.openstack_vnc
 - system.nginx.server.proxy.openstack_web
+- system.nginx.server.proxy.openstack.barbican
 - system.salt.minion.cert.proxy
 - cluster.os-ha-contrail
 parameters:
commit	87d57d3edba43d883f3832358ba5b04b8f144ed0	[log] [tgz]
author	Petr Michalec <epcim@apealive.net>	Fri Sep 08 11:06:34 2017 +0000
committer	Gerrit Code Review <gerrit2@b3fef64565ee>	Fri Sep 08 11:06:36 2017 +0000
tree	65ab283c80ff4ff36219d711f7b48a8993aff931
parent	1850e5077dab9f8d55d376a18af1819a08c3e972 [diff]
parent	9503dace962ad647a515eecb418efbc304e415d0 [diff]