oss single cluster model for v-lab
related us: https://mirantis.jira.com/browse/PROD-15544
Change-Id: I79ccbc1153091aa708fbdcf2a0e41f6aedc9b4bb
diff --git a/classes/cluster/drivetrain-ha-oss/oss/client.yml b/classes/cluster/drivetrain-ha-oss/oss/client.yml
new file mode 100644
index 0000000..dc99d6e
--- /dev/null
+++ b/classes/cluster/drivetrain-ha-oss/oss/client.yml
@@ -0,0 +1,142 @@
+classes:
+ # Docker services
+ - system.docker.swarm.stack.devops_portal
+ - system.docker.swarm.stack.elasticsearch
+ - system.docker.swarm.stack.janitor_monkey
+ - system.docker.swarm.stack.postgresql
+ - system.docker.swarm.stack.pushkin
+ - system.docker.swarm.stack.rundeck
+ - system.docker.swarm.stack.security_monkey
+ # Docker networks
+ - system.docker.swarm.network.oss_backend
+
+ # OSS Tooling
+ - system.devops_portal.service.elasticsearch
+ - system.devops_portal.service.gerrit
+ - system.devops_portal.service.janitor_monkey
+ - system.devops_portal.service.jenkins
+ - system.devops_portal.service.pushkin
+ - system.devops_portal.service.rundeck
+ - system.devops_portal.service.security_monkey
+
+ # DevOps Portal
+ - service.devops_portal.config
+
+ # Rundeck
+ - system.rundeck.server.docker
+ - system.rundeck.client
+ - system.rundeck.client.project.cicd
+
+ # PostgreSQL
+ - system.postgresql.client.pushkin
+ - system.postgresql.client.rundeck
+ - system.postgresql.client.security_monkey
+ - system.postgresql.client.janitor_monkey
+ - system.postgresql.client.sfdc
+ - system.postgresql.client.alertmanager
+
+ # Elasticsearch
+ - system.elasticsearch.client
+ - system.elasticsearch.client.index.pushkin
+ - system.elasticsearch.client.index.cis_openstack
+
+parameters:
+ _param:
+ # OSS docker images
+ docker_image_elasticsearch: docker.elastic.co/elasticsearch/elasticsearch:5.4.1
+ docker_image_security_monkey_api: docker-prod-local.artifactory.mirantis.com/mirantis/oss/security-monkey-api:latest
+ docker_image_security_monkey_scheduler: docker-prod-local.artifactory.mirantis.com/mirantis/oss/security-monkey-scheduler:latest
+ docker_image_janitor_monkey: docker-prod-local.artifactory.mirantis.com/mirantis/oss/janitor-monkey:latest
+ docker_image_mongodb: mongo:3.4
+ docker_image_rundeck: docker-prod-local.artifactory.mirantis.com/mirantis/oss/rundeck:latest
+ docker_image_devops_portal: docker-prod-local.artifactory.mirantis.com/mirantis/oss/devops-portal:latest
+ docker_image_postgresql: postgres:9.6
+
+ # PostgreSQL
+ postgresql_client_user: ${_param:postgresql_admin_user}
+ postgresql_client_password: ${_param:postgresql_admin_user_password}
+ postgresql_client_host: ${_param:haproxy_postgresql_bind_host}
+ postgresql_client_port: ${_param:haproxy_postgresql_bind_port}
+
+ # Pushkin
+ pushkin_db_user: pushkin
+ pushkin_db_user_password: pushkin
+ pushkin_db_host: ${_param:haproxy_postgresql_bind_host}
+ pushkin_smtp_host: smtp.gmail.com
+ pushkin_smtp_port: 587
+ webhook_from: yourmail
+ pushkin_email_sender_password: yourpass
+ webhook_recipients: "recipients@gmail.com,recipients2@mail.com"
+ webhook_login_id: 13
+ webhook_application_id: 24
+ # SFDC configuration
+ sfdc_auth_url: https://mirantis--prodteam.cs17.my.salesforce.com
+ sfdc_username: kadamovich+mmo+user@mirantis.com
+ sfdc_password: m1raTest
+ sfdc_consumer_key: 3MVG9ahGHqp.k2_wmbjHwYMdmX4gGy1d5W1wttknHnCXxdMDPF8BdW._xiFumg4Csg60mf7G3.R3Laz3Xbh3h
+ sfdc_consumer_secret: 398663349641456049
+ sfdc_organization_id: 00Dg0000001qRWF
+ sfdc_sandbox_enabled: True
+
+ # OSS openstack
+ oss_openstack_auth_url: https://cloud-cz.bud.mirantis.net:5000/v3
+ oss_openstack_username: admin
+ oss_openstack_password: passwd
+ oss_openstack_project: admin
+ oss_openstack_domain_id: default
+ oss_openstack_ssl_verify: True
+ oss_openstack_endpoint_type: public
+ oss_openstack_credentials_path: /srv/volumes/rundeck/storage
+ oss_openstack_cert: |
+ ---cert----
+
+ # SecurityMonkey
+ secmonkey_db_user: secmonkey
+ secmonkey_db_user_password: secmonkey
+ secmonkey_db_host: ${_param:postgresql_bind_host}
+ security_monkey_openstack:
+ username: ${_param:oss_openstack_username}
+ password: ${_param:oss_openstack_password}
+ auth_url: ${_param:oss_openstack_auth_url}
+ user_domain_name: ${_param:oss_openstack_domain_id}
+ project_domain_name: ${_param:oss_openstack_domain_id}
+ ssl_verify: ${_param:oss_openstack_ssl_verify}
+ endpoint_type: ${_param:oss_openstack_endpoint_type}
+ source_credentials: ${_param:oss_openstack_credentials_path}
+
+ # JanitorMonkey
+ janitor_monkey_openstack:
+ username: ${_param:oss_openstack_username}
+ password: ${_param:oss_openstack_password}
+ auth_url: ${_param:oss_openstack_auth_url}
+ project_name: ${_param:oss_openstack_project}
+ project_domain_name: ${_param:oss_openstack_domain_id}
+ ssl_verify: ${_param:oss_openstack_ssl_verify}
+# endpoint_type: ${_param:oss_openstack_endpoint_type}
+ source_credentials: ${_param:oss_openstack_credentials_path}
+
+
+ # Rundeck
+ rundeck_db_host: ${_param:haproxy_postgresql_bind_host}
+ rundeck_db_user: rundeck
+ rundeck_db_user_password: password
+ rundeck_server_ssh_timeout: 900000000
+
+ rundeck_forward_iframe: False
+ rundeck_iframe_host: ''
+ rundeck_iframe_port: ${_param:haproxy_rundeck_exposed_port}
+ rundeck_iframe_ssl: False
+
+ rundeck_postgresql_username: ${_param:rundeck_db_user}
+ rundeck_postgresql_password: ${_param:rundeck_db_user_password}
+ rundeck_postgresql_database: rundeck
+ rundeck_postgresql_host: ${_param:rundeck_db_host}
+ rundeck_cis_openstack:
+ auth_url: ${_param:oss_openstack_auth_url}/auth/tokens
+ username: ${_param:oss_openstack_username}
+ password: ${_param:oss_openstack_password}
+ project_name: ${_param:oss_openstack_project}
+ domain_id: ${_param:oss_openstack_domain_id}
+ cert: ${_param:oss_openstack_cert}
+ ssl_cert_file: cert.pem
+ rundeck_cis_elasticsearch_url: http://${_param:haproxy_elasticsearch_bind_host}:${_param:haproxy_elasticsearch_http_bind_port}
diff --git a/classes/cluster/drivetrain-ha-oss/oss/server.yml b/classes/cluster/drivetrain-ha-oss/oss/server.yml
new file mode 100644
index 0000000..2f5b62d
--- /dev/null
+++ b/classes/cluster/drivetrain-ha-oss/oss/server.yml
@@ -0,0 +1,62 @@
+classes:
+ # GlusterFS
+ - system.glusterfs.server.volume.elasticsearch
+ - system.glusterfs.server.volume.devops_portal
+ - system.glusterfs.server.volume.mongodb
+ - system.glusterfs.server.volume.postgresql
+ - system.glusterfs.server.volume.pushkin
+ - system.glusterfs.server.volume.rundeck
+ - system.glusterfs.server.volume.security_monkey
+
+ - system.glusterfs.client.volume.devops_portal
+ - system.glusterfs.client.volume.elasticsearch
+ - system.glusterfs.client.volume.mongodb
+ - system.glusterfs.client.volume.postgresql
+ - system.glusterfs.client.volume.pushkin
+ - system.glusterfs.client.volume.rundeck
+ - system.glusterfs.client.volume.security_monkey
+
+ # HAProxy
+ - system.haproxy.proxy.listen.oss.devops_portal
+ - system.haproxy.proxy.listen.oss.elasticsearch
+ - system.haproxy.proxy.listen.oss.janitor_monkey
+ - system.haproxy.proxy.listen.oss.mongodb
+ - system.haproxy.proxy.listen.oss.postgresql
+ - system.haproxy.proxy.listen.oss.pushkin
+ - system.haproxy.proxy.listen.oss.rundeck
+ - system.haproxy.proxy.listen.oss.security_monkey
+
+ # Rundeck
+ - system.rundeck.client.runbook
+
+parameters:
+ _param:
+ rundeck_runbook_public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDBPHRctBuN16hVe05HxKeN1AqPqbjvWvqQ1zcr/sbJJXHgVBTACRD6G+DAi7SSJr7dLzyeNo042szJclsH/qf9h0tcytINATzye//x6MtzXZ4YIDkcd1Yhz1LRgCXk1PvIensJAdClYOymx+SRaJxEEzbLxgqhSnYOUY3xVGbUrgfXI9+ZG9hs9zfq5JEMRjQay5p+xuYv/wCoU+pbFPDmsW0hQ99O+XBHcwrpU3crkImetTM2WfnRlBkoJypLv/HicTJtnL91/BWcebvW50oxrEq1QQ82T1Wl3pQsJw24M48fXyl/HbF2QVP6O1Ptqr3O7cIByxJWHih3paZncVEj
+ rundeck_runbook_private_key: |
+ -----BEGIN RSA PRIVATE KEY-----
+ MIIEpAIBAAKCAQEAwTx0XLQbjdeoVXtOR8SnjdQKj6m471r6kNc3K/7GySVx4FQU
+ wAkQ+hvgwIu0kia+3S88njaNONrMyXJbB/6n/YdLXMrSDQE88nv/8ejLc12eGCA5
+ HHdWIc9S0YAl5NT7yHp7CQHQpWDspsfkkWicRBM2y8YKoUp2DlGN8VRm1K4H1yPf
+ mRvYbPc36uSRDEY0GsuafsbmL/8AqFPqWxTw5rFtIUPfTvlwR3MK6VN3K5CJnrUz
+ Nln50ZQZKCcqS7/x4nEybZy/dfwVnHm71udKMaxKtUEPNk9Vpd6ULCcNuDOPH18p
+ fx2xdkFT+jtT7aq9zu3CAcsSVh4od6WmZ3FRIwIDAQABAoIBAQCsnUNY2G7Quzec
+ /KQFyi7eq+6vPK596ihwIEAhpdqPLkrWWGWc0bx/n02a0nGAKOpQjPS6ZAKtKg7L
+ WMLmll4cRLJWdrtCcLuv5ILS5uBu8s7ZwFckDZo8Y4YYrT+sdXFhOcAUYLGwOa/M
+ oD2WgvsseHl3eDZgtDJXQhTo4jtleW4/ZETmduUBx2djSfwx2vv8N6V7+5bH2kvL
+ 3PgR3PYp1uD+dPDy00SwuiWDDwljubQzpres8K4ikIWWaU4/t9TUBv+PJt3Kbavi
+ 0ca+jdpRdPCW4QmEhNT+D10B3DCN9uVt9leCrYzvcrT1ElqiL4ODBefG0clKq64d
+ Zc59IVypAoGBAO2PX2qApylv+uuVe2dscH10qUjgYIuXeszJYtSCiPbu7yMcuFWo
+ c6sqU2/l/4vdd8qeHvS75VPzmX2QfF9p1EsL+LE5tzc3m54WfJ884LLI+nx8ynKU
+ HrbaLCGCK09bLNXM7XkFTe9s+XrJzgqdff/rF2nZHHyoqPObSgaG//HnAoGBANA8
+ TusN74PUX4ABLwGCLEd4/qRa0kgFtwngrcUY9XMWhrJUqi9tKJLN2URhqTbOzFA0
+ qv3n6TgZQSVH4ojmgL8EElSU2qKjDQ/jk/kEr5A+sBLdzXWZWdGv/BdB2yn95JH4
+ qoD4E9PWkNwz+e6I5PivXrVVIA0PEZ2cthutR/dlAoGBAORHzvfoEzpliijSZ1h2
+ Qw67iWUngH8DnJSnvRnbKkSoTBJgqd5eVnCX5r/zs4Ky2kdRdQvWd0QaJVgc/Pcv
+ GjrXkS60+JPOEvNyRmU6ue3z5Yi03lIGdhFeS+QTUw0Z31bAaz7NUxwNixtsS1u2
+ Bftj7QbhBFfiNyCJDDSDi/XnAoGAbsd2sIO0ZSypNZ7rk+Ddj5Rl26fZcKlhq+aU
+ a2OQyI42UE7MTvjCef760+8kp1yywwSR5wvmPYrp5lxsvqnp2jTfT5H1Ekqt20MV
+ 6Ic+ov1GjHLlJ+fSKcR21ySY5KkGXUWt53iSi8L9Q7h/ARBgx4/8UXmc2HWoyHGj
+ S+wOeiUCgYA2EMH3QOP+LewScNkdgDr9e20+NxmZs+b0ZOk6JAUE+/YLSNDlRQZV
+ fL0f0cjIyCdKfv+nR4gdMnm8RDHBiAqrKK3X9tiZ0fGmPHB+OLwYV8wE1u9jkJDA
+ IJA5GNU+Uj6+WbPO+hGn3NBWfb7/tR3ojSv7cBf2eEUh/vLSE9joKA==
+ -----END RSA PRIVATE KEY-----