Merge "Set ipflush_onchange on cmp and gtw nodes for mitaka/newton models"
diff --git a/classes/cluster/k8s-aio-calico/kubernetes/init.yml b/classes/cluster/k8s-aio-calico/kubernetes/init.yml
index 29467bc..f6575ad 100644
--- a/classes/cluster/k8s-aio-calico/kubernetes/init.yml
+++ b/classes/cluster/k8s-aio-calico/kubernetes/init.yml
@@ -23,7 +23,7 @@
kubernetes_calico_cni_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/cni:latest
kubernetes_calico_policy_image: calico/kube-policy-controller:v0.5.4
- kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.6-5
+ kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.9-7
kubernetes_virtlet_image: mirantis/virtlet:latest
kubernetes_criproxy_version: v0.10.0
kubernetes_criproxy_checksum: md5=52717b1f70f15558ef4bdb0e4d4948da
diff --git a/classes/cluster/k8s-aio-contrail/kubernetes/init.yml b/classes/cluster/k8s-aio-contrail/kubernetes/init.yml
index ccbd551..f6ba52c 100644
--- a/classes/cluster/k8s-aio-contrail/kubernetes/init.yml
+++ b/classes/cluster/k8s-aio-contrail/kubernetes/init.yml
@@ -16,7 +16,7 @@
etcd_initial_token: IN7KaRMSo3xkGxkjAAPtkRkAgqN4ZNRq
# component docker images
- kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.6-5
+ kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.9-7
kubernetes_netchecker_agent_image: quay.io/l23network/k8s-netchecker-agent:v1.0
kubernetes_netchecker_server_image: quay.io/l23network/k8s-netchecker-server:v1.0
kubernetes_externaldns_image: mirantis/external-dns:latest
diff --git a/classes/cluster/k8s-ha-calico-cloudprovider/kubernetes/compute.yml b/classes/cluster/k8s-ha-calico-cloudprovider/kubernetes/compute.yml
index a594585..ffc429e 100644
--- a/classes/cluster/k8s-ha-calico-cloudprovider/kubernetes/compute.yml
+++ b/classes/cluster/k8s-ha-calico-cloudprovider/kubernetes/compute.yml
@@ -10,7 +10,7 @@
kubernetes_calico_calicoctl_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/ctl:latest
kubernetes_calico_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/node:latest
kubernetes_calico_cni_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/cni:latest
- kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.6-5
+ kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.9-7
docker:
host:
pkgs:
diff --git a/classes/cluster/k8s-ha-calico-syndic/kubernetes/compute.yml b/classes/cluster/k8s-ha-calico-syndic/kubernetes/compute.yml
index 2718fc1..4e6f16a 100644
--- a/classes/cluster/k8s-ha-calico-syndic/kubernetes/compute.yml
+++ b/classes/cluster/k8s-ha-calico-syndic/kubernetes/compute.yml
@@ -10,7 +10,7 @@
kubernetes_calico_calicoctl_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/ctl:latest
kubernetes_calico_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/node:latest
kubernetes_calico_cni_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/cni:latest
- kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.6-5
+ kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.9-7
docker:
host:
pkgs:
diff --git a/classes/cluster/k8s-ha-calico/kubernetes/init.yml b/classes/cluster/k8s-ha-calico/kubernetes/init.yml
index 8ec23c8..fa838d4 100644
--- a/classes/cluster/k8s-ha-calico/kubernetes/init.yml
+++ b/classes/cluster/k8s-ha-calico/kubernetes/init.yml
@@ -26,7 +26,7 @@
kubernetes_calico_cni_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/cni:latest
kubernetes_calico_policy_image: calico/kube-policy-controller:v0.5.4
- kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.6-5
+ kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.9-7
kubernetes_virtlet_image: mirantis/virtlet:latest
kubernetes_criproxy_version: v0.10.0
kubernetes_criproxy_checksum: md5=52717b1f70f15558ef4bdb0e4d4948da
diff --git a/classes/cluster/k8s-ha-contrail/kubernetes/init.yml b/classes/cluster/k8s-ha-contrail/kubernetes/init.yml
index ded77f5..ee7b1ac 100644
--- a/classes/cluster/k8s-ha-contrail/kubernetes/init.yml
+++ b/classes/cluster/k8s-ha-contrail/kubernetes/init.yml
@@ -24,7 +24,7 @@
# component docker images
kubernetes_opencontrail_cni_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/contrail-integration/contrail-cni:v1.0.0
- kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.6-5
+ kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.9-7
kubernetes_virtlet_image: mirantis/virtlet:latest
kubernetes_criproxy_version: v0.10.0
kubernetes_criproxy_checksum: md5=52717b1f70f15558ef4bdb0e4d4948da
diff --git a/classes/cluster/sl-k8s-calico/kubernetes/init.yml b/classes/cluster/sl-k8s-calico/kubernetes/init.yml
index 9e16911..c216b01 100644
--- a/classes/cluster/sl-k8s-calico/kubernetes/init.yml
+++ b/classes/cluster/sl-k8s-calico/kubernetes/init.yml
@@ -27,7 +27,7 @@
kubernetes_calico_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/node:latest
kubernetes_calico_cni_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/cni:latest
kubernetes_calico_policy_image: calico/kube-policy-controller:v0.5.4
- kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.6-5
+ kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.9-7
kubernetes_netchecker_agent_image: mirantis/k8s-netchecker-agent:stable
kubernetes_netchecker_server_image: mirantis/k8s-netchecker-server:stable
kubernetes_netchecker_agent_probeurls: "http://ipinfo.io"
diff --git a/classes/cluster/sl-k8s-contrail/kubernetes/init.yml b/classes/cluster/sl-k8s-contrail/kubernetes/init.yml
index f6898b3..3c2f85e 100644
--- a/classes/cluster/sl-k8s-contrail/kubernetes/init.yml
+++ b/classes/cluster/sl-k8s-contrail/kubernetes/init.yml
@@ -16,7 +16,7 @@
etcd_initial_token: IN7KaRMSo3xkGxkjAAPtkRkAgqN4ZNRq
# component docker images
- kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.6-5
+ kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.9-7
kubernetes_netchecker_agent_image: quay.io/l23network/k8s-netchecker-agent:v1.0
kubernetes_netchecker_server_image: quay.io/l23network/k8s-netchecker-server:v1.0
kubernetes_externaldns_image: mirantis/external-dns:latest
diff --git a/classes/cluster/virtual-mcp-pike-dvr-ssl-barbican/.env b/classes/cluster/virtual-mcp-pike-dvr-ssl-barbican/.env
index ad9daba..11849f2 100644
--- a/classes/cluster/virtual-mcp-pike-dvr-ssl-barbican/.env
+++ b/classes/cluster/virtual-mcp-pike-dvr-ssl-barbican/.env
@@ -1 +1 @@
-FORMULAS_SALT_MASTER+=(java openssh ntp nginx collectd sensu heka sphinx mysql galera grafana libvirt rsyslog glusterfs postfix xtrabackup freeipa prometheus telegraf elasticsearch kibana rundeck devops-portal libvirt rsyslog memcached rabbitmq apache keystone glance nova neutron cinder heat horizon ironic tftpd-hpa bind powerdns designate barbican iptables fluentd dogtag barbican runtest artifactory)
+FORMULAS_SALT_MASTER+=(java openssh ntp nginx collectd sensu heka sphinx mysql galera grafana libvirt rsyslog glusterfs postfix xtrabackup freeipa prometheus telegraf elasticsearch kibana rundeck devops-portal libvirt rsyslog memcached rabbitmq apache keystone glance nova neutron cinder heat horizon ironic tftpd-hpa bind powerdns designate barbican iptables fluentd dogtag barbican)
diff --git a/classes/cluster/virtual-mcp-pike-dvr-ssl-barbican/infra/config.yml b/classes/cluster/virtual-mcp-pike-dvr-ssl-barbican/infra/config.yml
index 10fd41e..3733bf8 100644
--- a/classes/cluster/virtual-mcp-pike-dvr-ssl-barbican/infra/config.yml
+++ b/classes/cluster/virtual-mcp-pike-dvr-ssl-barbican/infra/config.yml
@@ -35,7 +35,6 @@
- system.reclass.storage.system.openstack_share_single
- system.reclass.storage.system.openstack_telemetry_cluster
- cluster.virtual-mcp-pike-dvr-ssl-barbican
-- service.runtest.tempest
parameters:
_param:
reclass_data_repository: https://gerrit.mcp.mirantis.net/salt-models/mcp-virtual-lab
@@ -47,10 +46,6 @@
single_address: 172.16.10.100
salt_master_host: 127.0.0.1
salt_master_base_environment: prd
- runtest_tempest_cfg_dir: /root/rally_reports/
- runtest_tempest_cfg_name: tempest_generated.conf
- artifactory_user: artifactory_user
- artifactory_password: artifactory_password
linux:
network:
interface:
@@ -71,9 +66,6 @@
dogtag:
source: pkg
name: salt-formula-dogtag
- neutron:
- client:
- enabled: true
reclass:
storage:
class_mapping:
@@ -230,46 +222,3 @@
openstack_telemetry_node03:
params:
redis_cluster_role: 'slave'
- runtest:
- enabled: True
- test_target: gtw0*
- keystonerc_node: ctl01*
- tempest:
- enabled: True
- cfg_dir: ${_param:runtest_tempest_cfg_dir}
- cfg_name: ${_param:runtest_tempest_cfg_name}
- DEFAULT:
- log_file: /home/rally/rally_reports/tempest.log
- compute:
- build_timeout: 600
- min_microversion: 2.1
- max_microversion: 2.42
- orchestration:
- max_template_size: 5440000
- max_resources_per_stack: 20000
- dns_feature_enabled:
- # Switch this to designate_admin_api_enabled once [1] is promoted to stable packages
- # [1] https://gerrit.mcp.mirantis.net/gitweb?p=salt-formulas/designate.git;a=commit;h=96a3f43f6cf1149559e54a00b5548bdf46333749
- api_admin: false
- api_v1: false
- api_v2: true
- api_v2_quotas: true
- api_v2_root_recordsets: true
- bug_1573141_fixed: true
- volume-feature-enabled:
- backup: false
- artifact_collector:
- enabled: true
- artifactory:
- enabled: true
- user: ${_param:artifactory_user}
- password: ${_param:artifactory_password}
- host: artifactory.mcp.mirantis.net
- port: 443
- proto: https
- endpoint: /oscore-local/${_param:cluster_domain}/${_param:infra_config_hostname}
- artifacts:
- sys_logs:
- path: /var/log
- etc:
- path: /etc
diff --git a/classes/cluster/virtual-mcp11-k8s-calico-dyn/kubernetes/init.yml b/classes/cluster/virtual-mcp11-k8s-calico-dyn/kubernetes/init.yml
index a769d1c..236379e 100644
--- a/classes/cluster/virtual-mcp11-k8s-calico-dyn/kubernetes/init.yml
+++ b/classes/cluster/virtual-mcp11-k8s-calico-dyn/kubernetes/init.yml
@@ -23,7 +23,7 @@
kubernetes_calico_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/node:latest
kubernetes_calico_cni_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/cni:latest
kubernetes_calico_policy_image: calico/kube-policy-controller:v0.5.4
- kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.6-5
+ kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.9-7
kubernetes_netchecker_agent_image: mirantis/k8s-netchecker-agent:v1.1.0
kubernetes_netchecker_server_image: mirantis/k8s-netchecker-server:v1.1.0
kubernetes_netchecker_agent_probeurls: "http://ipinfo.io"
diff --git a/classes/cluster/virtual-mcp11-k8s-calico-minimal/kubernetes/init.yml b/classes/cluster/virtual-mcp11-k8s-calico-minimal/kubernetes/init.yml
index e35f3c5..8f43462 100644
--- a/classes/cluster/virtual-mcp11-k8s-calico-minimal/kubernetes/init.yml
+++ b/classes/cluster/virtual-mcp11-k8s-calico-minimal/kubernetes/init.yml
@@ -22,7 +22,7 @@
kubernetes_calico_calicoctl_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/ctl:latest
kubernetes_calico_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/node:latest
kubernetes_calico_cni_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/cni:latest
- kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.6-5
+ kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.9-7
kubernetes_netchecker_agent_image: mirantis/k8s-netchecker-agent:v1.1.0
kubernetes_netchecker_server_image: mirantis/k8s-netchecker-server:v1.1.0
kubernetes_netchecker_agent_probeurls: "http://ipinfo.io"
diff --git a/classes/cluster/virtual-mcp11-k8s-calico/kubernetes/init.yml b/classes/cluster/virtual-mcp11-k8s-calico/kubernetes/init.yml
index f93ee90..3f9911d 100644
--- a/classes/cluster/virtual-mcp11-k8s-calico/kubernetes/init.yml
+++ b/classes/cluster/virtual-mcp11-k8s-calico/kubernetes/init.yml
@@ -27,7 +27,7 @@
kubernetes_calico_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/node:latest
kubernetes_calico_cni_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/cni:latest
kubernetes_calico_policy_image: calico/kube-policy-controller:v0.5.4
- kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.6-5
+ kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.9-7
kubernetes_netchecker_agent_image: mirantis/k8s-netchecker-agent:v1.1.0
kubernetes_netchecker_server_image: mirantis/k8s-netchecker-server:v1.1.0
kubernetes_netchecker_agent_probeurls: "http://ipinfo.io"
diff --git a/classes/cluster/virtual-mcp11-k8s-contrail/.env b/classes/cluster/virtual-mcp11-k8s-contrail/.env
index e5922db..49c1ca4 100644
--- a/classes/cluster/virtual-mcp11-k8s-contrail/.env
+++ b/classes/cluster/virtual-mcp11-k8s-contrail/.env
@@ -1 +1 @@
-EXTRA_FORMULAS="heka"
+EXTRA_FORMULAS="fluentd grafana heka nginx ntp prometheus rsyslog sphinx telegraf"
diff --git a/classes/cluster/virtual-mcp11-k8s-contrail/infra/config.yml b/classes/cluster/virtual-mcp11-k8s-contrail/infra/config.yml
index 422adc9..717aa88 100644
--- a/classes/cluster/virtual-mcp11-k8s-contrail/infra/config.yml
+++ b/classes/cluster/virtual-mcp11-k8s-contrail/infra/config.yml
@@ -1,18 +1,21 @@
classes:
+- system.linux.system.single
+- system.linux.system.single.debian
+- system.linux.system.repo.mcp.salt
- system.linux.system.repo.mcp.apt_mirantis.ubuntu
- system.linux.system.repo.mcp.apt_mirantis.saltstack_2016_3
-- system.linux.system.repo.mcp.salt
- system.openssh.client.lab
- system.salt.master.pkg
-- system.salt.minion.ca.salt_master
- system.salt.master.api
+- system.salt.minion.ca.salt_master
- system.salt.minion.cert.k8s_server
- system.mysql.client
- system.mysql.client.database.grafana
- system.reclass.storage.salt
- system.reclass.storage.system.kubernetes_control_cluster
- system.reclass.storage.system.opencontrail_control_cluster
-- cluster.virtual-mcp11-k8s-contrail.infra
+- system.sphinx.server.doc.reclass
+- cluster.virtual-mcp11-k8s-contrail
parameters:
_param:
salt_master_base_environment: prd
@@ -20,10 +23,16 @@
reclass_data_revision: master
reclass_config_master: ${_param:infra_config_deploy_address}
single_address: ${_param:infra_config_address}
+ deploy_address: ${_param:infra_config_deploy_address}
linux_system_codename: xenial
salt_api_password_hash: "$6$WV0P1shnoDh2gI/Z$22/Bcd7ffMv0jDlFpT63cAU4PiXHz9pjXwngToKwqAsgoeK4HNR3PiKaushjxp3JsQ8hNoJmAC6TxzVqfV8WH/"
salt_master_host: ${_param:infra_config_deploy_address}
openstack_version: pike
+ salt:
+ master:
+ reactor:
+ reclass/minion/classify:
+ - salt://reclass/reactor/node_register.sls
linux:
network:
interface:
@@ -33,11 +42,15 @@
proto: static
address: ${_param:single_address}
netmask: 255.255.255.0
- salt:
- master:
- reactor:
- reclass/minion/classify:
- - salt://reclass/reactor/node_register.sls
+ pre_up_cmds:
+ - "iptables -t nat -A POSTROUTING -o ens3 -j MASQUERADE"
+ post_down_cmds:
+ - "iptables -t nat -F POSTROUTING"
+ system:
+ kernel:
+ sysctl:
+ net.ipv4.conf.ens3.forwarding: 1
+ net.ipv4.conf.ens3.send_redirects: 0
reclass:
storage:
class_mapping:
@@ -50,6 +63,8 @@
value_template: <<node_os>>
salt_master_host:
value_template: <<node_master_ip>>
+ deploy_address:
+ value_template: <<node_deploy_ip>>
infra_config:
expression: <<node_hostname>>__equals__cfg01
cluster_param:
@@ -57,6 +72,8 @@
value_template: <<node_control_ip>>
infra_config_deploy_address:
value_template: <<node_deploy_ip>>
+ cluster_domain:
+ value_template: <<node_domain>>
infra_proxy:
expression: <<node_hostname>>__startswith__prx
node_class:
@@ -67,16 +84,37 @@
cluster_param:
kubernetes_control_node01_address:
value_template: <<node_control_ip>>
+ kubernetes_control_node01_deploy_address:
+ value_template: <<node_deploy_ip>>
kubernetes_control02:
expression: <<node_hostname>>__equals__ctl02
cluster_param:
kubernetes_control_node02_address:
value_template: <<node_control_ip>>
+ kubernetes_control_node02_deploy_address:
+ value_template: <<node_deploy_ip>>
kubernetes_control03:
expression: <<node_hostname>>__equals__ctl03
cluster_param:
kubernetes_control_node03_address:
value_template: <<node_control_ip>>
+ kubernetes_control_node03_deploy_address:
+ value_template: <<node_deploy_ip>>
+ etcd_control01:
+ expression: <<node_hostname>>__equals__ctl01
+ cluster_param:
+ etcd_control_node01_address:
+ value_template: <<node_deploy_ip>>
+ etcd_control02:
+ expression: <<node_hostname>>__equals__ctl02
+ cluster_param:
+ etcd_control_node02_address:
+ value_template: <<node_deploy_ip>>
+ etcd_control03:
+ expression: <<node_hostname>>__equals__ctl03
+ cluster_param:
+ etcd_control_node03_address:
+ value_template: <<node_deploy_ip>>
kubernetes_compute:
expression: <<node_hostname>>__startswith__cmp
node_class:
diff --git a/classes/cluster/virtual-mcp11-k8s-contrail/infra/init.yml b/classes/cluster/virtual-mcp11-k8s-contrail/infra/init.yml
index b5a73b2..9b30986 100644
--- a/classes/cluster/virtual-mcp11-k8s-contrail/infra/init.yml
+++ b/classes/cluster/virtual-mcp11-k8s-contrail/infra/init.yml
@@ -1,31 +1,10 @@
-classes:
-- system.linux.system.single
-- system.linux.system.single.debian
-- system.linux.system.repo.mcp.extra
-- system.linux.system.repo.mcp.salt
-- system.linux.system.repo.mcp.apt_mirantis.ubuntu
-- system.linux.system.repo.mcp.apt_mirantis.fluentd
-- system.linux.system.repo.mcp.apt_mirantis.openstack
-- system.openssh.server.team.all
-- system.rsyslog.client.single
-- system.fluentd
-- system.fluentd.label.default_metric
-- system.fluentd.label.default_metric.prometheus
-- system.fluentd.label.default_output.elasticsearch
-- system.fluentd.label.default_output.drop_event
-- system.telegraf.agent
-- system.prometheus.collector
-- service.grafana.collector
-- cluster.virtual-mcp11-k8s-contrail.kubernetes
-- cluster.virtual-mcp11-k8s-contrail.opencontrail
-- cluster.virtual-mcp11-k8s-contrail.stacklight
-- cluster.overrides
parameters:
_param:
# infra service addresses
infra_config_hostname: cfg01
infra_config_address: 172.16.10.100
infra_config_deploy_address: 192.168.10.90
+ cluster_public_host: 172.16.10.254
cluster_domain: virtual-mcp11-k8s-contrail.local
cluster_name: virtual-mcp11-k8s-contrail
@@ -33,6 +12,11 @@
linux:
network:
host:
+ self:
+ address: ${_param:single_address}
+ names:
+ - ${linux:system:name}
+ - ${linux:system:name}.${linux:system:domain}
cfg01:
address: ${_param:infra_config_address}
names:
diff --git a/classes/cluster/virtual-mcp11-k8s-contrail/init.yml b/classes/cluster/virtual-mcp11-k8s-contrail/init.yml
new file mode 100644
index 0000000..3577228
--- /dev/null
+++ b/classes/cluster/virtual-mcp11-k8s-contrail/init.yml
@@ -0,0 +1,38 @@
+classes:
+- service.grafana.collector
+- system.linux.network.dynamic_hosts
+- system.linux.system.single
+- system.linux.system.single.debian
+- system.linux.system.repo.mcp.extra
+- system.linux.system.repo.mcp.apt_mirantis.fluentd
+- system.linux.system.repo.mcp.apt_mirantis.openstack
+- system.fluentd
+- system.fluentd.label.default_metric
+- system.fluentd.label.default_metric.prometheus
+- system.fluentd.label.default_output.elasticsearch
+- system.fluentd.label.default_output.drop_event
+- system.openssh.server.team.lab
+- system.openssh.server.team.tcpcloud
+- system.openssh.server.team.mcp_qa
+- system.openssh.server.team.k8s_team
+- system.rsyslog.client.single
+- system.prometheus.collector
+- system.telegraf.agent
+- cluster.virtual-mcp11-k8s-contrail.infra
+- cluster.virtual-mcp11-k8s-contrail.opencontrail
+- cluster.virtual-mcp11-k8s-contrail.kubernetes
+- cluster.virtual-mcp11-k8s-contrail.stacklight
+- cluster.overrides
+parameters:
+ salt:
+ minion:
+ trusted_ca_minions:
+ - cfg01
+ linux:
+ network:
+ host:
+ vsrx1:
+ address: 172.16.10.131
+ names:
+ - vsrx1
+ - vsrx1.${_param:cluster_domain}
\ No newline at end of file
diff --git a/classes/cluster/virtual-mcp11-k8s-contrail/kubernetes/compute.yml b/classes/cluster/virtual-mcp11-k8s-contrail/kubernetes/compute.yml
index f8f568b..3f1d2c3 100644
--- a/classes/cluster/virtual-mcp11-k8s-contrail/kubernetes/compute.yml
+++ b/classes/cluster/virtual-mcp11-k8s-contrail/kubernetes/compute.yml
@@ -1,11 +1,11 @@
classes:
- system.linux.system.repo.docker_legacy
- system.kubernetes.pool.cluster
+- system.linux.network.hosts
- system.salt.minion.cert.k8s_client
- system.salt.minion.cert.etcd_client
-- cluster.virtual-mcp11-k8s-contrail.infra
- cluster.virtual-mcp11-k8s-contrail.opencontrail.compute
-- cluster.overrides
+- cluster.virtual-mcp11-k8s-contrail
parameters:
linux:
network:
@@ -14,6 +14,7 @@
enabled: true
type: eth
proto: manual
+ ipflush_onchange: true
vhost0:
enabled: true
type: eth
@@ -34,6 +35,7 @@
kubernetes:
pool:
kubelet:
+ address: ${_param:single_address}
fail_on_swap: ${_param:kubelet_fail_on_swap}
network:
opencontrail:
@@ -46,12 +48,11 @@
addons:
virtlet:
enabled: ${_param:kubernetes_virtlet_enabled}
- namespace: kube-system
+ namespace: ${_param:kubernetes_addon_namespace}
image: ${_param:kubernetes_virtlet_image}
criproxy_version: ${_param:kubernetes_criproxy_version}
criproxy_source: ${_param:kubernetes_criproxy_checksum}
hosts:
- - ${_param:kubernetes_compute_node01_hostname}
- - ${_param:kubernetes_compute_node02_hostname}
+ - ${linux:system:name}
hyperkube:
image: ${_param:kubernetes_hyperkube_image}
diff --git a/classes/cluster/virtual-mcp11-k8s-contrail/kubernetes/control.yml b/classes/cluster/virtual-mcp11-k8s-contrail/kubernetes/control.yml
index ddfd347..552047c 100644
--- a/classes/cluster/virtual-mcp11-k8s-contrail/kubernetes/control.yml
+++ b/classes/cluster/virtual-mcp11-k8s-contrail/kubernetes/control.yml
@@ -7,13 +7,16 @@
- system.salt.minion.cert.etcd_server
- system.kubernetes.master.cluster
- cluster.virtual-mcp11-k8s-contrail.kubernetes.compute
-- cluster.overrides
+- cluster.virtual-mcp11-k8s-contrail
parameters:
_param:
- keepalived_vip_interface: ens3
+ keepalived_vip_interface: vhost0
keepalived_vip_virtual_router_id: 60
+ cluster_local_address: ${_param:deploy_address}
etcd:
server:
+ bind:
+ host: ${_param:deploy_address}
source:
engine: docker_hybrid
ssl:
@@ -22,7 +25,8 @@
common:
addons:
dashboard:
- enabled: false
+ enabled: ${_param:kubernetes_dashboard}
+ image: ${_param:kubernetes_dashboard_image}
helm:
enabled: ${_param:kubernetes_helm_enabled}
netchecker:
@@ -30,9 +34,16 @@
agent_image: ${_param:kubernetes_netchecker_agent_image}
server_image: ${_param:kubernetes_netchecker_server_image}
contrail_network_controller:
- namespace: kube-system
- enabled: true
+ namespace: ${_param:kubernetes_addon_namespace}
+ enabled: ${_param:kubernetes_contrail_network_controller}
image: ${_param:kubernetes_contrail_network_controller_image}
+ dns:
+ enabled: ${_param:kubernetes_dns}
+ kubedns_image: ${_param:kubernetes_kubedns_image}
+ dnsmasq_image: ${_param:kubernetes_dnsmasq_image}
+ sidecar_image: ${_param:kubernetes_sidecar_image}
+ autoscaler:
+ image: ${_param:kubernetes_dns_autoscaler_image}
coredns:
enabled: ${_param:kubernetes_coredns_enabled}
externaldns:
@@ -41,15 +52,13 @@
provider: ${_param:kubernetes_externaldns_provider}
master:
kubelet:
+ address: ${_param:single_address}
fail_on_swap: ${_param:kubelet_fail_on_swap}
etcd:
ssl:
enabled: true
namespace:
netchecker:
- enabled: true
- namespace:
- netchecker:
enabled: ${_param:kubernetes_netchecker_enabled}
network:
opencontrail:
diff --git a/classes/cluster/virtual-mcp11-k8s-contrail/kubernetes/init.yml b/classes/cluster/virtual-mcp11-k8s-contrail/kubernetes/init.yml
index adfdfff..6185904 100644
--- a/classes/cluster/virtual-mcp11-k8s-contrail/kubernetes/init.yml
+++ b/classes/cluster/virtual-mcp11-k8s-contrail/kubernetes/init.yml
@@ -2,7 +2,6 @@
parameters:
_param:
openstack_version: pike
-
salt_minion_ca_host: ${_param:infra_config_hostname}.${_param:cluster_domain}
salt_minion_ca_authority: salt_master_ca
@@ -26,28 +25,37 @@
# component docker images
kubernetes_opencontrail_cni_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/contrail-integration/contrail-cni:v1.0.0
- kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.6-5
- kubernetes_netchecker_agent_image: mirantis/k8s-netchecker-agent:v1.1.0
- kubernetes_netchecker_server_image: mirantis/k8s-netchecker-server:v1.1.0
- kubernetes_netchecker_agent_probeurls: "http://ipinfo.io"
- kubernetes_externaldns_image: mirantis/external-dns:latest
- kubernetes_externaldns_provider: coredns
+ kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.9-7
kubernetes_criproxy_version: v0.10.0
kubernetes_criproxy_checksum: md5=52717b1f70f15558ef4bdb0e4d4948da
+ kubernetes_dashboard_image: gcr.io/google_containers/kubernetes-dashboard-amd64:v1.5.1
+ kubernetes_kubedns_image: gcr.io/google_containers/k8s-dns-kube-dns-amd64:1.14.5
+ kubernetes_dnsmasq_image: gcr.io/google_containers/k8s-dns-dnsmasq-amd64:1.14.5
+ kubernetes_sidecar_image: gcr.io/google_containers/k8s-dns-sidecar-amd64:1.14.5
+ kubernetes_dns_autoscaler_image: gcr.io/google_containers/cluster-proportional-autoscaler-amd64:1.0.0
+ kubernetes_netchecker_agent_image: mirantis/k8s-netchecker-agent:stable
+ kubernetes_netchecker_server_image: mirantis/k8s-netchecker-server:stable
+ kubernetes_netchecker_agent_probeurls: "http://ipinfo.io"
+ kubernetes_virtlet_image: mirantis/virtlet:v0.9.4
+ kubernetes_externaldns_image: mirantis/external-dns:latest
+ kubernetes_externaldns_provider: coredns
# switches of addons
+ kubernetes_addon_namespace: kube-system
+ kubernetes_dns: true
+ kubernetes_dashboard: false
kubernetes_helm_enabled: true
kubernetes_netchecker_enabled: true
kubernetes_calico_policy_enabled: false
kubernetes_virtlet_enabled: false
- kubernetes_virtlet_image: mirantis/virtlet:latest
+ kubernetes_contrail_network_controller: true
kubernetes_coredns_enabled: false
kubernetes_externaldns_enabled: false
# addresses and hostnames
kubernetes_internal_api_address: 10.254.0.1
kubernetes_control_hostname: ctl
- kubernetes_control_address: 192.168.10.253
+ kubernetes_control_address: 172.16.10.253
kubernetes_control_node01_hostname: ctl01
kubernetes_control_node02_hostname: ctl02
kubernetes_control_node03_hostname: ctl03
@@ -56,28 +64,32 @@
kubernetes_control_node01_address: 172.16.10.101
kubernetes_control_node02_address: 172.16.10.102
kubernetes_control_node03_address: 172.16.10.103
+ kubernetes_control_node01_deploy_address: 192.168.10.101
+ kubernetes_control_node02_deploy_address: 192.168.10.102
+ kubernetes_control_node03_deploy_address: 192.168.10.103
kubernetes_compute_node01_address: 172.16.10.105
kubernetes_compute_node02_address: 172.16.10.106
+ etcd_control_node01_address: 192.168.10.101
+ etcd_control_node02_address: 192.168.10.102
+ etcd_control_node03_address: 192.168.10.103
kubernetes_proxy_node01_hostname: prx01
kubernetes_proxy_node01_address: 172.16.10.121
cluster_vip_address: ${_param:kubernetes_control_address}
- cluster_local_address: ${_param:single_address}
# etcd stuff
cluster_node01_hostname: ${_param:kubernetes_control_node01_hostname}
- cluster_node01_address: ${_param:kubernetes_control_node01_address}
+ cluster_node01_address: ${_param:etcd_control_node01_address}
cluster_node01_port: 4001
cluster_node02_hostname: ${_param:kubernetes_control_node02_hostname}
- cluster_node02_address: ${_param:kubernetes_control_node02_address}
+ cluster_node02_address: ${_param:etcd_control_node02_address}
cluster_node02_port: 4001
cluster_node03_hostname: ${_param:kubernetes_control_node03_hostname}
- cluster_node03_address: ${_param:kubernetes_control_node03_address}
+ cluster_node03_address: ${_param:etcd_control_node03_address}
cluster_node03_port: 4001
linux:
network:
- purge_hosts: true
host:
ctl:
address: ${_param:kubernetes_control_address}
diff --git a/classes/cluster/virtual-mcp11-k8s-contrail/opencontrail/control.yml b/classes/cluster/virtual-mcp11-k8s-contrail/opencontrail/control.yml
index d3dde42..0945af2 100644
--- a/classes/cluster/virtual-mcp11-k8s-contrail/opencontrail/control.yml
+++ b/classes/cluster/virtual-mcp11-k8s-contrail/opencontrail/control.yml
@@ -1,10 +1,10 @@
classes:
- system.linux.system.lowmem
-- system.linux.system.repo.cassandra
- system.linux.system.repo.mcp.contrail
- system.linux.system.repo.mcp.openstack
- system.linux.system.repo.mcp.extra
-- system.linux.system.repo.saltstack.trusty
+- system.linux.system.repo.mcp.apt_mirantis.cassandra
+- system.linux.system.repo.mcp.apt_mirantis.saltstack_2016_3
- system.opencontrail.client.resource.edge_router
- system.rabbitmq.server.cluster
- system.opencontrail.control.cluster
@@ -13,9 +13,10 @@
- system.opencontrail.client.resource.config_node
- system.opencontrail.client.resource.database_node
- system.opencontrail.client.resource.analytics_node
+- system.opencontrail.client.resource.global_vrouter_config
- system.haproxy.proxy.listen.opencontrail.analytics
- system.prometheus.exporters.jmx
-- cluster.virtual-mcp11-k8s-contrail.infra
+- cluster.virtual-mcp11-k8s-contrail
parameters:
_param:
openstack_version: mitaka
diff --git a/classes/cluster/virtual-mcp11-k8s-contrail/opencontrail/init.yml b/classes/cluster/virtual-mcp11-k8s-contrail/opencontrail/init.yml
index ad264cb..3ad59f2 100644
--- a/classes/cluster/virtual-mcp11-k8s-contrail/opencontrail/init.yml
+++ b/classes/cluster/virtual-mcp11-k8s-contrail/opencontrail/init.yml
@@ -1,6 +1,7 @@
parameters:
_param:
opencontrail_version: 3.0
+ linux_repo_contrail_component: oc323
opencontrail_control_hostname: ntw
opencontrail_control_node01_hostname: ntw01
opencontrail_control_node02_hostname: ntw02
diff --git a/classes/cluster/virtual-mcp11-k8s-contrail/stacklight/proxy.yml b/classes/cluster/virtual-mcp11-k8s-contrail/stacklight/proxy.yml
index 52b8fbf..5bea43d 100644
--- a/classes/cluster/virtual-mcp11-k8s-contrail/stacklight/proxy.yml
+++ b/classes/cluster/virtual-mcp11-k8s-contrail/stacklight/proxy.yml
@@ -5,7 +5,7 @@
- system.nginx.server.proxy.monitoring.prometheus_server
- system.nginx.server.proxy.monitoring.prometheus_alertmanager
- system.salt.minion.cert.proxy
-- cluster.virtual-mcp11-k8s-contrail.infra
+- cluster.virtual-mcp11-k8s-contrail
parameters:
_param:
nginx_proxy_grafana_port: 15013
diff --git a/classes/cluster/virtual-mcp11-k8s-contrail/stacklight/server.yml b/classes/cluster/virtual-mcp11-k8s-contrail/stacklight/server.yml
index 603d3c7..2c33d30 100644
--- a/classes/cluster/virtual-mcp11-k8s-contrail/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp11-k8s-contrail/stacklight/server.yml
@@ -26,7 +26,7 @@
- system.prometheus.server.target.dns
- system.docker.swarm.stack.monitoring.prometheus_global
- system.docker.swarm.stack.dashboard
-- cluster.virtual-mcp11-k8s-contrail.infra
+- cluster.virtual-mcp11-k8s-contrail
parameters:
_param:
cluster_public_host: mon
diff --git a/classes/system b/classes/system
index 47cdd84..00b52f8 160000
--- a/classes/system
+++ b/classes/system
@@ -1 +1 @@
-Subproject commit 47cdd84c7f8249e8e7bf5ddd656a61bbd842fb5b
+Subproject commit 00b52f8b45f69f9d76c08c550319251b10c08284