Merge "Bump reclass-system"
diff --git a/classes/cluster/k8s-ha-contrail-40/.env b/classes/cluster/k8s-ha-contrail-40/.env
new file mode 100644
index 0000000..8ea2d50
--- /dev/null
+++ b/classes/cluster/k8s-ha-contrail-40/.env
@@ -0,0 +1,4 @@
+EXTRA_FORMULAS="barbican linux salt reclass maas openssh ntp \
+ rsyslog glusterfs \
+ devops-portal rsync docker keepalived aptly jenkins \
+ gerrit artifactory nginx collectd opencontrail logrotate"
\ No newline at end of file
diff --git a/classes/cluster/k8s-ha-contrail-40/MAINTAINERS b/classes/cluster/k8s-ha-contrail-40/MAINTAINERS
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/classes/cluster/k8s-ha-contrail-40/MAINTAINERS
diff --git a/classes/cluster/k8s-ha-contrail-40/infra/config.yml b/classes/cluster/k8s-ha-contrail-40/infra/config.yml
new file mode 100644
index 0000000..69a8d1b
--- /dev/null
+++ b/classes/cluster/k8s-ha-contrail-40/infra/config.yml
@@ -0,0 +1,135 @@
+classes:
+- system.linux.system.single
+- system.linux.system.repo.ubuntu
+- system.linux.system.repo.mcp.salt
+- system.openssh.client.lab
+- system.salt.master.pkg
+- system.salt.minion.ca.salt_master
+- system.salt.master.api
+- system.salt.minion.cert.k8s_server
+- system.reclass.storage.salt
+- system.reclass.storage.system.kubernetes_control_cluster
+- cluster.k8s-ha-contrail-40.infra
+
+parameters:
+ _param:
+ salt_master_base_environment: prd
+ reclass_data_repository: "https://gerrit.mcp.mirantis.net/salt-models/mcp-virtual-lab"
+ reclass_data_revision: master
+ reclass_config_master: ${_param:infra_config_deploy_address}
+ single_address: ${_param:infra_config_address}
+ deploy_address: ${_param:infra_config_deploy_address}
+ linux_system_codename: xenial
+ salt_api_password_hash: "$6$WV0P1shnoDh2gI/Z$22/Bcd7ffMv0jDlFpT63cAU4PiXHz9pjXwngToKwqAsgoeK4HNR3PiKaushjxp3JsQ8hNoJmAC6TxzVqfV8WH/"
+ salt_master_host: ${_param:infra_config_deploy_address}
+ salt_master_environment_revision: master
+ salt_master_environment_repository: 'https://github.com/salt-formulas'
+ salt:
+ master:
+ reactor:
+ reclass/minion/classify:
+ - salt://reclass/reactor/node_register.sls
+ linux:
+ network:
+ interface:
+ ens4:
+ enabled: true
+ type: eth
+ proto: static
+ address: ${_param:single_address}
+ netmask: 255.255.255.0
+ pre_up_cmds:
+ - "iptables -t nat -A POSTROUTING -o ens3 -j MASQUERADE"
+ post_down_cmds:
+ - "iptables -t nat -F POSTROUTING"
+ system:
+ kernel:
+ sysctl:
+ net.ipv4.conf.ens3.forwarding: 1
+ net.ipv4.conf.ens3.send_redirects: 0
+ reclass:
+ storage:
+ class_mapping:
+ common_node:
+ expression: all
+ node_param:
+ single_address:
+ value_template: <<node_control_ip>>
+ linux_system_codename:
+ value_template: <<node_os>>
+ salt_master_host:
+ value_template: <<node_master_ip>>
+ deploy_address:
+ value_template: <<node_deploy_ip>>
+ infra_config:
+ expression: <<node_hostname>>__startswith__cfg
+ cluster_param:
+ infra_config_address:
+ value_template: <<node_control_ip>>
+ infra_config_deploy_address:
+ value_template: <<node_deploy_ip>>
+ cluster_domain:
+ value_template: <<node_domain>>
+ kubernetes_control01:
+ expression: <<node_hostname>>__equals__ctl01
+ cluster_param:
+ kubernetes_control_node01_address:
+ value_template: <<node_control_ip>>
+ kubernetes_control_node01_deploy_address:
+ value_template: <<node_deploy_ip>>
+ kubernetes_control02:
+ expression: <<node_hostname>>__equals__ctl02
+ cluster_param:
+ kubernetes_control_node02_address:
+ value_template: <<node_control_ip>>
+ kubernetes_control_node02_deploy_address:
+ value_template: <<node_deploy_ip>>
+ kubernetes_control03:
+ expression: <<node_hostname>>__equals__ctl03
+ cluster_param:
+ kubernetes_control_node03_address:
+ value_template: <<node_control_ip>>
+ kubernetes_control_node03_deploy_address:
+ value_template: <<node_deploy_ip>>
+ etcd_control01:
+ expression: <<node_hostname>>__equals__ctl01
+ cluster_param:
+ etcd_control_node01_address:
+ value_template: <<node_deploy_ip>>
+ etcd_control02:
+ expression: <<node_hostname>>__equals__ctl02
+ cluster_param:
+ etcd_control_node02_address:
+ value_template: <<node_deploy_ip>>
+ etcd_control03:
+ expression: <<node_hostname>>__equals__ctl03
+ cluster_param:
+ etcd_control_node03_address:
+ value_template: <<node_deploy_ip>>
+ kubernetes_compute:
+ expression: <<node_hostname>>__startswith__cmp
+ node_class:
+ value_template:
+ - cluster.<<node_cluster>>.kubernetes.compute
+ node:
+ kubernetes_control_node01:
+ params:
+ rabbitmq_cluster_role: master
+ opencontrail_database_id: 1
+ node_class:
+ value_template:
+ - cluster.<<node_cluster>>.opencontrail.control
+ kubernetes_control_node02:
+ params:
+ rabbitmq_cluster_role: slave
+ opencontrail_database_id: 2
+ node_class:
+ value_template:
+ - cluster.<<node_cluster>>.opencontrail.control
+ kubernetes_control_node03:
+ params:
+ rabbitmq_cluster_role: slave
+ opencontrail_database_id: 3
+ node_class:
+ value_template:
+ - cluster.<<node_cluster>>.opencontrail.control
diff --git a/classes/cluster/k8s-ha-contrail-40/infra/init.yml b/classes/cluster/k8s-ha-contrail-40/infra/init.yml
new file mode 100644
index 0000000..6254ab0
--- /dev/null
+++ b/classes/cluster/k8s-ha-contrail-40/infra/init.yml
@@ -0,0 +1,36 @@
+classes:
+- system.linux.system.single
+- system.linux.system.repo.mcp.extra
+- system.linux.system.repo.mcp.salt
+- system.linux.system.repo.ubuntu
+- system.openssh.server.team.tcpcloud
+- system.openssh.server.team.mcp_qa
+- cluster.k8s-ha-contrail-40.kubernetes
+- cluster.overrides
+
+parameters:
+ _param:
+ # infra service addresses
+ infra_config_hostname: cfg01
+ infra_config_address: 172.16.10.100
+ infra_config_deploy_address: 192.168.10.90
+
+ cluster_domain: k8s-ha-contrail-40.local
+ cluster_name: k8s-ha-contrail-40
+ apt_mk_version: nightly
+ linux:
+ network:
+ host:
+ self:
+ address: ${_param:single_address}
+ names:
+ - ${linux:system:name}
+ - ${linux:system:name}.${linux:system:domain}
+ cfg01:
+ address: ${_param:infra_config_address}
+ names:
+ - ${_param:infra_config_hostname}
+ - ${_param:infra_config_hostname}.${_param:cluster_domain}
+ system:
+ name: ${_param:infra_config_hostname}
+ domain: ${_param:cluster_domain}
diff --git a/classes/cluster/k8s-ha-contrail-40/init.yml b/classes/cluster/k8s-ha-contrail-40/init.yml
new file mode 100644
index 0000000..26eb15a
--- /dev/null
+++ b/classes/cluster/k8s-ha-contrail-40/init.yml
@@ -0,0 +1,10 @@
+parameters:
+ _param:
+ cluster_name: k8s-ha-contrail-40
+ infra_config_hostname: cfg01
+ infra_config_address: 172.16.10.100
+ infra_config_deploy_address: 192.168.10.90
+
+ cluster_domain: k8s-ha-contrail-40.local
+ cluster_name: k8s-ha-contrail-40
+ apt_mk_version: nightly
\ No newline at end of file
diff --git a/classes/cluster/k8s-ha-contrail-40/kubernetes/compute.yml b/classes/cluster/k8s-ha-contrail-40/kubernetes/compute.yml
new file mode 100644
index 0000000..c3addf5
--- /dev/null
+++ b/classes/cluster/k8s-ha-contrail-40/kubernetes/compute.yml
@@ -0,0 +1,60 @@
+classes:
+- system.linux.system.repo.docker_legacy
+- system.kubernetes.pool.cluster
+- system.linux.network.hosts
+- system.salt.minion.cert.k8s_client
+- system.salt.minion.cert.etcd_client
+- cluster.k8s-ha-contrail-40.opencontrail.compute
+- cluster.k8s-ha-contrail-40.kubernetes
+
+parameters:
+ linux:
+ network:
+ interface:
+ ens4:
+ enabled: true
+ type: eth
+ proto: manual
+ ipflush_onchange: true
+ vhost0:
+ enabled: true
+ type: eth
+ mtu: 1500
+ address: ${_param:single_address}
+ netmask: '255.255.255.0'
+ pre_up_cmds:
+ - /usr/lib/contrail/if-vhost0
+ use_interfaces:
+ - ens4
+ docker:
+ host:
+ pkgs:
+ - ${_param:kubernetes_docker_package}
+ - python-docker
+ options:
+ bip: 172.31.255.1/24
+ kubernetes:
+ pool:
+ kubelet:
+ address: ${_param:single_address}
+ fail_on_swap: ${_param:kubelet_fail_on_swap}
+ network:
+ opencontrail:
+ enabled: true
+ version: 4.0
+ config:
+ api:
+ host: ${_param:opencontrail_control_address}
+ common:
+ addons:
+ virtlet:
+ enabled: ${_param:kubernetes_virtlet_enabled}
+ namespace: ${_param:kubernetes_addon_namespace}
+ image: ${_param:kubernetes_virtlet_image}
+ criproxy_version: ${_param:kubernetes_criproxy_version}
+ criproxy_source: ${_param:kubernetes_criproxy_checksum}
+ hosts:
+ - ${linux:system:name}
+ hyperkube:
+ image: ${_param:kubernetes_hyperkube_image}
+# pause_image: ${_param:kubernetes_pause_image}
diff --git a/classes/cluster/k8s-ha-contrail-40/kubernetes/control.yml b/classes/cluster/k8s-ha-contrail-40/kubernetes/control.yml
new file mode 100644
index 0000000..161940e
--- /dev/null
+++ b/classes/cluster/k8s-ha-contrail-40/kubernetes/control.yml
@@ -0,0 +1,119 @@
+classes:
+- service.etcd.server.cluster
+- service.kubernetes.control.cluster
+- service.kubernetes.control.cluster-admin
+- system.haproxy.proxy.listen.kubernetes.apiserver
+- system.linux.system.repo.docker_legacy
+- system.kubernetes.pool.cluster
+- system.salt.minion.cert.k8s_client
+- system.salt.minion.cert.etcd_client
+- system.salt.minion.cert.etcd_server
+- system.kubernetes.master.cluster
+- cluster.k8s-ha-contrail-40.infra
+parameters:
+ _param:
+ keepalived_vip_interface: ens4
+ keepalived_vip_virtual_router_id: 60
+
+ linux:
+ network:
+ interface:
+ ens3:
+ enabled: true
+ type: eth
+ mtu: 1500
+ address: ${_param:deploy_address}
+ netmask: '255.255.255.0'
+
+ ens4:
+ enabled: true
+ type: eth
+ mtu: 1500
+ address: ${_param:single_address}
+ netmask: '255.255.255.0'
+ etcd:
+ server:
+ bind:
+ host: ${_param:deploy_address}
+ source:
+ engine: docker_hybrid
+ ssl:
+ enabled: true
+ kubernetes:
+ pool:
+ kubelet:
+ fail_on_swap: ${_param:kubelet_fail_on_swap}
+ enabled: true
+ network:
+ engine: none
+ opencontrail:
+ enabled: false
+ common:
+ addons:
+ dashboard:
+ enabled: ${_param:kubernetes_dashboard}
+ image: ${_param:kubernetes_dashboard_image}
+ helm:
+ enabled: ${_param:kubernetes_helm_enabled}
+ netchecker:
+ enabled: ${_param:kubernetes_netchecker_enabled}
+ agent_image: ${_param:kubernetes_netchecker_agent_image}
+ server_image: ${_param:kubernetes_netchecker_server_image}
+ dns:
+ enabled: ${_param:kubernetes_dns}
+ kubedns_image: ${_param:kubernetes_kubedns_image}
+ dnsmasq_image: ${_param:kubernetes_dnsmasq_image}
+ sidecar_image: ${_param:kubernetes_sidecar_image}
+ autoscaler:
+ image: ${_param:kubernetes_dns_autoscaler_image}
+ coredns:
+ enabled: ${_param:kubernetes_coredns_enabled}
+ externaldns:
+ enabled: ${_param:kubernetes_externaldns_enabled}
+ image: ${_param:kubernetes_externaldns_image}
+ provider: ${_param:kubernetes_externaldns_provider}
+ hyperkube:
+ image: ${_param:kubernetes_hyperkube_image}
+ master:
+ kubelet:
+ address: ${_param:single_address}
+ fail_on_swap: ${_param:kubelet_fail_on_swap}
+ etcd:
+ ssl:
+ enabled: true
+ network:
+ opencontrail:
+ enabled: true
+ version: 4.0
+ host: ${_param:keepalived_vip_address}
+ port: 8082
+ default_domain: default-domain
+ default_project: default-domain:default
+ public_network: default-domain:default:Public
+ public_ip_range: 185.22.97.128/26
+ public_network: default-domain:default-project:Public
+ private_ip_range: 10.150.0.0/16
+ network_manager:
+ image: docker-prod-local.artifactory.mirantis.com/opencontrail-oc40/opencontrail-kube-manager
+# config:
+# api:
+# host: ${_param:opencontrail_control_address}
+ identity:
+ auth_user: admin
+ auth_password: contrail123
+ auth_tenant: admin
+ message_queue:
+ host: ${_param:single_address}
+ database:
+ members:
+ - host: ${_param:kubernetes_control_node01_address}
+ port: 9161
+ - host: ${_param:kubernetes_control_node02_address}
+ port: 9161
+ - host: ${_param:kubernetes_control_node03_address}
+ port: 9161
+ collector:
+ members:
+ - host: ${_param:kubernetes_control_node01_address}
+ - host: ${_param:kubernetes_control_node02_address}
+ - host: ${_param:kubernetes_control_node03_address}
diff --git a/classes/cluster/k8s-ha-contrail-40/kubernetes/init.yml b/classes/cluster/k8s-ha-contrail-40/kubernetes/init.yml
new file mode 100644
index 0000000..d019809
--- /dev/null
+++ b/classes/cluster/k8s-ha-contrail-40/kubernetes/init.yml
@@ -0,0 +1,113 @@
+classes:
+- cluster.overrides
+
+parameters:
+ _param:
+ salt_minion_ca_host: ${_param:infra_config_hostname}.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+
+ # kubelet
+ kubelet_fail_on_swap: False
+
+ # kubernetes settings
+ kubernetes_admin_user: admin
+ kubernetes_admin_password: sbPfel23ZigJF3Bm
+ kubernetes_admin_token: PpP6Mm3pAoPVqcKOKUu0x1dh7b1959Fi
+ kubernetes_kubelet_token: JJ2PKHxjiU6EYvIt18BqwdSK1HvWh8pt
+ kubernetes_kube-proxy_token: jT0hJk9L6cIw5UpYDNhsRwcj3Z2n62B6
+ kubernetes_scheduler_token: VgkUHfrW07zNxrb0ucFyX7NBnSJN9Xp6
+ kubernetes_controller-manager_token: uXrdZ1YKF6qlYm3sHje2iEXMGAGDWOIU
+ kubernetes_dns_token: 0S1I4iJeFjq5fopPwwCwTp3xFpEZfeUl
+ etcd_initial_token: IN7KaRMSo3xkGxkjAAPtkRkAgqN4ZNRq
+
+ # docker package version
+ kubernetes_docker_package: docker-engine=1.12.6-0~ubuntu-xenial
+
+ # component docker images
+ kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.13-11
+ kubernetes_pause_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/pause-amd64:v1.8.13-11
+ kubernetes_virtlet_image: mirantis/virtlet:v1.0.2
+ kubernetes_criproxy_version: v0.10.0
+ kubernetes_criproxy_checksum: md5=52717b1f70f15558ef4bdb0e4d4948da
+ kubernetes_dashboard_image: gcr.io/google_containers/kubernetes-dashboard-amd64:v1.5.1
+ kubernetes_kubedns_image: gcr.io/google_containers/k8s-dns-kube-dns-amd64:1.14.5
+ kubernetes_dnsmasq_image: gcr.io/google_containers/k8s-dns-dnsmasq-amd64:1.14.5
+ kubernetes_sidecar_image: gcr.io/google_containers/k8s-dns-sidecar-amd64:1.14.5
+ kubernetes_dns_autoscaler_image: gcr.io/google_containers/cluster-proportional-autoscaler-amd64:1.0.0
+ kubernetes_netchecker_agent_image: mirantis/k8s-netchecker-agent:stable
+ kubernetes_netchecker_server_image: mirantis/k8s-netchecker-server:stable
+ kubernetes_netchecker_agent_probeurls: "http://ipinfo.io"
+ kubernetes_virtlet_image: mirantis/virtlet:v1.0.2
+ kubernetes_externaldns_image: mirantis/external-dns:latest
+ kubernetes_externaldns_provider: coredns
+
+ # switches of addons
+ kubernetes_addon_namespace: kube-system
+ kubernetes_dns: true
+ kubernetes_dashboard: false
+ kubernetes_helm_enabled: true
+ kubernetes_netchecker_enabled: true
+ kubernetes_calico_policy_enabled: false
+ kubernetes_virtlet_enabled: false
+ kubernetes_contrail_network_controller: true
+ kubernetes_coredns_enabled: false
+ kubernetes_externaldns_enabled: false
+
+ # addresses and hostnames
+ kubernetes_internal_api_address: 10.254.0.1
+ kubernetes_control_hostname: ctl
+ kubernetes_control_address: 172.16.10.253
+ kubernetes_control_node01_hostname: ctl01
+ kubernetes_control_node02_hostname: ctl02
+ kubernetes_control_node03_hostname: ctl03
+ kubernetes_control_node01_address: 172.16.10.101
+ kubernetes_control_node02_address: 172.16.10.102
+ kubernetes_control_node03_address: 172.16.10.103
+ etcd_control_node01_address: ${_param:kubernetes_control_node01_address}
+ etcd_control_node02_address: ${_param:kubernetes_control_node02_address}
+ etcd_control_node03_address: ${_param:kubernetes_control_node03_address}
+ kubernetes_proxy_node01_hostname: prx01
+ kubernetes_proxy_node01_address: 172.16.10.121
+
+ cluster_vip_address: ${_param:kubernetes_control_address}
+ cluster_local_address: ${_param:deploy_address}
+
+ # etcd stuff
+ cluster_node01_hostname: ${_param:kubernetes_control_node01_hostname}
+ cluster_node01_address: ${_param:etcd_control_node01_address}
+ cluster_node01_port: 4001
+ cluster_node02_hostname: ${_param:kubernetes_control_node02_hostname}
+ cluster_node02_address: ${_param:etcd_control_node02_address}
+ cluster_node02_port: 4001
+ cluster_node03_hostname: ${_param:kubernetes_control_node03_hostname}
+ cluster_node03_address: ${_param:etcd_control_node03_address}
+ cluster_node03_port: 4001
+
+ linux:
+ network:
+ host:
+ ctl:
+ address: ${_param:kubernetes_control_address}
+ names:
+ - ${_param:kubernetes_control_hostname}
+ - ${_param:kubernetes_control_hostname}.${_param:cluster_domain}
+ ctl01:
+ address: ${_param:kubernetes_control_node01_address}
+ names:
+ - ${_param:kubernetes_control_node01_hostname}
+ - ${_param:kubernetes_control_node01_hostname}.${_param:cluster_domain}
+ ctl02:
+ address: ${_param:kubernetes_control_node02_address}
+ names:
+ - ${_param:kubernetes_control_node02_hostname}
+ - ${_param:kubernetes_control_node02_hostname}.${_param:cluster_domain}
+ ctl03:
+ address: ${_param:kubernetes_control_node03_address}
+ names:
+ - ${_param:kubernetes_control_node03_hostname}
+ - ${_param:kubernetes_control_node03_hostname}.${_param:cluster_domain}
+ prx01:
+ address: ${_param:kubernetes_proxy_node01_address}
+ names:
+ - ${_param:kubernetes_proxy_node01_hostname}
+ - ${_param:kubernetes_proxy_node01_hostname}.${_param:cluster_domain}
diff --git a/classes/cluster/k8s-ha-contrail-40/opencontrail/compute.yml b/classes/cluster/k8s-ha-contrail-40/opencontrail/compute.yml
new file mode 100644
index 0000000..447ac9c
--- /dev/null
+++ b/classes/cluster/k8s-ha-contrail-40/opencontrail/compute.yml
@@ -0,0 +1,45 @@
+classes:
+- system.linux.system.repo.mcp.contrail
+- system.opencontrail.compute.cluster
+- system.opencontrail.client.cluster
+- system.opencontrail.client.resource.virtual_router
+- system.opencontrail.client.resource.k8s_api
+- system.opencontrail.compute.cluster4_0
+- cluster.k8s-ha-contrail-40.infra
+- cluster.k8s-ha-contrail-40.opencontrail
+
+parameters:
+ _param:
+ opencontrail_compute_address: ${_param:single_address}
+ opencontrail_compute_iface: ens4
+ opencontrail_compute_gateway: 172.16.10.1
+ opencontrail_compute_dns: 8.8.8.8
+ opencontrail:
+ common:
+ identity:
+ engine: k8s
+ host: none
+ token: none
+ password: none
+ network:
+ engine: k8s
+ host: none
+ client:
+ api:
+ host: ${_param:opencontrail_control_address}
+ port: 9100
+ identity:
+ engine: k8s
+ host: none
+ token: none
+ password: none
+
+ kubernetes:
+ pool:
+ network:
+ hash: 2276df10feae8f09fb50dce3a96fff6c
+ linux:
+ network:
+ concat_iface_files:
+ - src: '/etc/network/interfaces.d/50-cloud-init.cfg'
+ dst: '/etc/network/interfaces'
\ No newline at end of file
diff --git a/classes/cluster/k8s-ha-contrail-40/opencontrail/control.yml b/classes/cluster/k8s-ha-contrail-40/opencontrail/control.yml
new file mode 100644
index 0000000..c76cc57
--- /dev/null
+++ b/classes/cluster/k8s-ha-contrail-40/opencontrail/control.yml
@@ -0,0 +1,75 @@
+classes:
+- system.linux.system.lowmem
+- system.linux.system.repo.cassandra
+- system.linux.system.repo.mcp.contrail
+- system.linux.system.repo.mcp.openstack
+- system.linux.system.repo.mcp.extra
+- system.linux.system.repo.saltstack.xenial
+- system.opencontrail.client.resource.edge_router
+- system.opencontrail.control.cluster4_0
+- system.opencontrail.client.cluster
+- system.opencontrail.client.resource.control_node
+- system.opencontrail.client.resource.config_node
+- system.opencontrail.client.resource.database_node
+- system.opencontrail.client.resource.analytics_node
+- system.opencontrail.client.resource.global_vrouter_config
+- system.haproxy.proxy.listen.opencontrail.analytics
+- cluster.k8s-ha-contrail-40.infra
+- cluster.k8s-ha-contrail-40.opencontrail
+
+parameters:
+ _param:
+ cluster_local_address: ${_param:single_address}
+ cluster_node01_hostname: ${_param:opencontrail_control_node01_hostname}
+ cluster_node01_address: ${_param:opencontrail_control_node01_address}
+ cluster_node02_hostname: ${_param:opencontrail_control_node02_hostname}
+ cluster_node02_address: ${_param:opencontrail_control_node02_address}
+ cluster_node03_hostname: ${_param:opencontrail_control_node03_hostname}
+ cluster_node03_address: ${_param:opencontrail_control_node03_address}
+ opencontrail_router01_hostname: vsrx01.${_param:cluster_domain}
+ opencontrail_router01_address: 172.16.10.131
+ linux:
+ network:
+ interface:
+ eth1:
+ enabled: true
+ type: eth
+ proto: dhcp
+
+ opencontrail:
+ compute:
+ enabled: false
+ common:
+ identity:
+ host: none
+ engine: k8s
+ network:
+ engine: k8s
+ contrainer_folders:
+ - /var/lib/config_zookeeper_data
+ - /var/lib/analyticsdb-zookeeper-data
+ - /var/lib/configdb
+ - /var/lib/analyticsdb/
+ - /usr/share/kafka/logs
+ config:
+ network:
+ engine: k8s
+ identity:
+ engine: k8s
+ region: none
+ host: none
+ multi_tenancy: false
+ message_queue:
+ host: ${_param:opencontrail_control_address}
+ web:
+ http:
+ port: 8095
+ https:
+ port: 8143
+ network:
+ engine: k8s
+ identity:
+ engine: k8s
+ host: none
+ bind:
+ address: ${_param:single_address}
\ No newline at end of file
diff --git a/classes/cluster/k8s-ha-contrail-40/opencontrail/init.yml b/classes/cluster/k8s-ha-contrail-40/opencontrail/init.yml
new file mode 100644
index 0000000..0e57868
--- /dev/null
+++ b/classes/cluster/k8s-ha-contrail-40/opencontrail/init.yml
@@ -0,0 +1,27 @@
+parameters:
+ _param:
+ opencontrail_version: 4.0
+ linux_repo_contrail_component: oc40
+ opencontrail_control_node01_hostname: ctl01
+ opencontrail_control_node02_hostname: ctl02
+ opencontrail_control_node03_hostname: ctl03
+
+ opencontrail_control_address: 172.16.10.252
+ opencontrail_control_node01_address: 172.16.10.101
+ opencontrail_control_node02_address: 172.16.10.102
+ opencontrail_control_node03_address: 172.16.10.103
+ opencontrail_control_interface_name: ens4
+ opencontrail_analytics_address: ${_param:opencontrail_control_address}
+ opencontrail_analytics_node01_address: ${_param:opencontrail_control_node01_address}
+ opencontrail_analytics_node02_address: ${_param:opencontrail_control_node02_address}
+ opencontrail_analytics_node03_address: ${_param:opencontrail_control_node03_address}
+ opencontrail_message_queue_node01_address: ${_param:opencontrail_control_node01_address}
+ opencontrail_message_queue_node02_address: ${_param:opencontrail_control_node02_address}
+ opencontrail_message_queue_node03_address: ${_param:opencontrail_control_node03_address}
+
+ keystone_admin_password: none
+ opencontrail_stats_password: password
+ keystone_service_token: none
+ openstack_version: none
+ openstack_control_address: none
+ keystone_admin_password: none
diff --git a/classes/cluster/os-aio-contrail/openstack/proxy.yml b/classes/cluster/os-aio-contrail/openstack/proxy.yml
index c0688c2..1d61a39 100755
--- a/classes/cluster/os-aio-contrail/openstack/proxy.yml
+++ b/classes/cluster/os-aio-contrail/openstack/proxy.yml
@@ -15,3 +15,9 @@
engine: salt
mode: secure
salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
diff --git a/classes/cluster/os-aio-ovs/openstack/proxy.yml b/classes/cluster/os-aio-ovs/openstack/proxy.yml
index 142a984..cd409a4 100644
--- a/classes/cluster/os-aio-ovs/openstack/proxy.yml
+++ b/classes/cluster/os-aio-ovs/openstack/proxy.yml
@@ -14,3 +14,9 @@
engine: salt
mode: secure
salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
diff --git a/classes/cluster/os-ha-contrail-40/init.yml b/classes/cluster/os-ha-contrail-40/init.yml
index ca9b37a..dcdaab6 100644
--- a/classes/cluster/os-ha-contrail-40/init.yml
+++ b/classes/cluster/os-ha-contrail-40/init.yml
@@ -11,6 +11,8 @@
- cluster.os-ha-contrail-40.openstack
- cluster.overrides
parameters:
+ _param:
+ ssh_banner_company_name: Mirantis Inc.
salt:
minion:
trusted_ca_minions:
@@ -23,3 +25,7 @@
names:
- vsrx1
- vsrx1.${_param:cluster_domain}
+ openssh:
+ server:
+ alive:
+ interval: 0
diff --git a/classes/cluster/os-ha-contrail-40/openstack/proxy.yml b/classes/cluster/os-ha-contrail-40/openstack/proxy.yml
index cb9aff6..aeb0bb7 100644
--- a/classes/cluster/os-ha-contrail-40/openstack/proxy.yml
+++ b/classes/cluster/os-ha-contrail-40/openstack/proxy.yml
@@ -15,3 +15,9 @@
engine: salt
mode: secure
salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
diff --git a/classes/cluster/os-ha-contrail-ironic/openstack/proxy.yml b/classes/cluster/os-ha-contrail-ironic/openstack/proxy.yml
index f31a4fe..e402994 100755
--- a/classes/cluster/os-ha-contrail-ironic/openstack/proxy.yml
+++ b/classes/cluster/os-ha-contrail-ironic/openstack/proxy.yml
@@ -15,3 +15,9 @@
engine: salt
mode: secure
salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
diff --git a/classes/cluster/os-ha-contrail/init.yml b/classes/cluster/os-ha-contrail/init.yml
index 0fe368b..05de4a8 100755
--- a/classes/cluster/os-ha-contrail/init.yml
+++ b/classes/cluster/os-ha-contrail/init.yml
@@ -11,6 +11,8 @@
- cluster.os-ha-contrail.openstack
- cluster.overrides
parameters:
+ _param:
+ ssh_banner_company_name: Mirantis Inc.
salt:
minion:
trusted_ca_minions:
@@ -23,4 +25,7 @@
names:
- vsrx1
- vsrx1.${_param:cluster_domain}
-
+ openssh:
+ server:
+ alive:
+ interval: 0
diff --git a/classes/cluster/os-ha-contrail/openstack/proxy.yml b/classes/cluster/os-ha-contrail/openstack/proxy.yml
index f3dc4f1..9521511 100755
--- a/classes/cluster/os-ha-contrail/openstack/proxy.yml
+++ b/classes/cluster/os-ha-contrail/openstack/proxy.yml
@@ -17,3 +17,9 @@
engine: salt
mode: secure
salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
diff --git a/classes/cluster/os-ha-ovs-ceph/openstack/proxy.yml b/classes/cluster/os-ha-ovs-ceph/openstack/proxy.yml
index a34bc1b..67badc5 100644
--- a/classes/cluster/os-ha-ovs-ceph/openstack/proxy.yml
+++ b/classes/cluster/os-ha-ovs-ceph/openstack/proxy.yml
@@ -14,3 +14,9 @@
engine: salt
mode: secure
salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
diff --git a/classes/cluster/os-ha-ovs-pike/openstack/proxy.yml b/classes/cluster/os-ha-ovs-pike/openstack/proxy.yml
index ead28d0..31b3ab6 100644
--- a/classes/cluster/os-ha-ovs-pike/openstack/proxy.yml
+++ b/classes/cluster/os-ha-ovs-pike/openstack/proxy.yml
@@ -15,3 +15,9 @@
engine: salt
mode: secure
salt_minion_ca_host: cfg01.${linux:system:domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
diff --git a/classes/cluster/os-ha-ovs-syndic/openstack/proxy.yml b/classes/cluster/os-ha-ovs-syndic/openstack/proxy.yml
index 9469837..09e5fe9 100644
--- a/classes/cluster/os-ha-ovs-syndic/openstack/proxy.yml
+++ b/classes/cluster/os-ha-ovs-syndic/openstack/proxy.yml
@@ -12,4 +12,10 @@
authority: ${_param:salt_minion_ca_authority}
engine: salt
mode: secure
- salt_minion_ca_host: cfg01.${_param:cluster_domain}
\ No newline at end of file
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
diff --git a/classes/cluster/os-ha-ovs/openstack/proxy.yml b/classes/cluster/os-ha-ovs/openstack/proxy.yml
index 3f32322..6ffbf34 100644
--- a/classes/cluster/os-ha-ovs/openstack/proxy.yml
+++ b/classes/cluster/os-ha-ovs/openstack/proxy.yml
@@ -15,3 +15,9 @@
engine: salt
mode: secure
salt_minion_ca_host: cfg01.${linux:system:domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
diff --git a/classes/cluster/sl-os-contrail/openstack/proxy.yml b/classes/cluster/sl-os-contrail/openstack/proxy.yml
index d517b17..a7d3fb5 100755
--- a/classes/cluster/sl-os-contrail/openstack/proxy.yml
+++ b/classes/cluster/sl-os-contrail/openstack/proxy.yml
@@ -15,3 +15,9 @@
engine: salt
mode: secure
salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
diff --git a/classes/cluster/sl-os-ovs/openstack/proxy.yml b/classes/cluster/sl-os-ovs/openstack/proxy.yml
index c40845b..e4132a2 100644
--- a/classes/cluster/sl-os-ovs/openstack/proxy.yml
+++ b/classes/cluster/sl-os-ovs/openstack/proxy.yml
@@ -13,3 +13,9 @@
engine: salt
mode: secure
salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
diff --git a/classes/cluster/sl-pike-dvr/openstack/proxy.yml b/classes/cluster/sl-pike-dvr/openstack/proxy.yml
index 507d1e5..8b75dd7 100644
--- a/classes/cluster/sl-pike-dvr/openstack/proxy.yml
+++ b/classes/cluster/sl-pike-dvr/openstack/proxy.yml
@@ -12,4 +12,10 @@
authority: ${_param:salt_minion_ca_authority}
engine: salt
mode: secure
- salt_minion_ca_host: cfg01.${_param:cluster_domain}
\ No newline at end of file
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
diff --git a/classes/cluster/virtual-mcp-mitaka-dvr-trusty/openstack/proxy.yml b/classes/cluster/virtual-mcp-mitaka-dvr-trusty/openstack/proxy.yml
index 1aaf437..50d564a 100644
--- a/classes/cluster/virtual-mcp-mitaka-dvr-trusty/openstack/proxy.yml
+++ b/classes/cluster/virtual-mcp-mitaka-dvr-trusty/openstack/proxy.yml
@@ -12,4 +12,10 @@
authority: ${_param:salt_minion_ca_authority}
engine: salt
mode: secure
- salt_minion_ca_host: cfg01.${_param:cluster_domain}
\ No newline at end of file
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
diff --git a/classes/cluster/virtual-mcp-mitaka-dvr/openstack/proxy.yml b/classes/cluster/virtual-mcp-mitaka-dvr/openstack/proxy.yml
index 149abc1..4d32753 100644
--- a/classes/cluster/virtual-mcp-mitaka-dvr/openstack/proxy.yml
+++ b/classes/cluster/virtual-mcp-mitaka-dvr/openstack/proxy.yml
@@ -12,4 +12,10 @@
authority: ${_param:salt_minion_ca_authority}
engine: salt
mode: secure
- salt_minion_ca_host: cfg01.${_param:cluster_domain}
\ No newline at end of file
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
diff --git a/classes/cluster/virtual-mcp-mitaka-ovs-trusty/openstack/proxy.yml b/classes/cluster/virtual-mcp-mitaka-ovs-trusty/openstack/proxy.yml
index 64f6c6a..cfe273e 100644
--- a/classes/cluster/virtual-mcp-mitaka-ovs-trusty/openstack/proxy.yml
+++ b/classes/cluster/virtual-mcp-mitaka-ovs-trusty/openstack/proxy.yml
@@ -12,4 +12,10 @@
authority: ${_param:salt_minion_ca_authority}
engine: salt
mode: secure
- salt_minion_ca_host: cfg01.${_param:cluster_domain}
\ No newline at end of file
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
diff --git a/classes/cluster/virtual-mcp-mitaka-ovs/openstack/proxy.yml b/classes/cluster/virtual-mcp-mitaka-ovs/openstack/proxy.yml
index 1354e85..98cc9a0 100644
--- a/classes/cluster/virtual-mcp-mitaka-ovs/openstack/proxy.yml
+++ b/classes/cluster/virtual-mcp-mitaka-ovs/openstack/proxy.yml
@@ -12,4 +12,10 @@
authority: ${_param:salt_minion_ca_authority}
engine: salt
mode: secure
- salt_minion_ca_host: cfg01.${_param:cluster_domain}
\ No newline at end of file
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
diff --git a/classes/cluster/virtual-mcp-newton-dvr/openstack/proxy.yml b/classes/cluster/virtual-mcp-newton-dvr/openstack/proxy.yml
index 03d3685..170aea0 100644
--- a/classes/cluster/virtual-mcp-newton-dvr/openstack/proxy.yml
+++ b/classes/cluster/virtual-mcp-newton-dvr/openstack/proxy.yml
@@ -12,4 +12,10 @@
authority: ${_param:salt_minion_ca_authority}
engine: salt
mode: secure
- salt_minion_ca_host: cfg01.${_param:cluster_domain}
\ No newline at end of file
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
diff --git a/classes/cluster/virtual-mcp-newton-ovs/openstack/proxy.yml b/classes/cluster/virtual-mcp-newton-ovs/openstack/proxy.yml
index d5b6ba6..834a475 100644
--- a/classes/cluster/virtual-mcp-newton-ovs/openstack/proxy.yml
+++ b/classes/cluster/virtual-mcp-newton-ovs/openstack/proxy.yml
@@ -12,4 +12,10 @@
authority: ${_param:salt_minion_ca_authority}
engine: salt
mode: secure
- salt_minion_ca_host: cfg01.${_param:cluster_domain}
\ No newline at end of file
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
diff --git a/classes/cluster/virtual-mcp-ocata-dvr-ceph-local/openstack/proxy.yml b/classes/cluster/virtual-mcp-ocata-dvr-ceph-local/openstack/proxy.yml
index 1f7a6ca..bcf9f77 100644
--- a/classes/cluster/virtual-mcp-ocata-dvr-ceph-local/openstack/proxy.yml
+++ b/classes/cluster/virtual-mcp-ocata-dvr-ceph-local/openstack/proxy.yml
@@ -12,4 +12,10 @@
authority: ${_param:salt_minion_ca_authority}
engine: salt
mode: secure
- salt_minion_ca_host: cfg01.${_param:cluster_domain}
\ No newline at end of file
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
diff --git a/classes/cluster/virtual-mcp-ocata-dvr/openstack/proxy.yml b/classes/cluster/virtual-mcp-ocata-dvr/openstack/proxy.yml
index 66e2ae6..4f0cb81 100644
--- a/classes/cluster/virtual-mcp-ocata-dvr/openstack/proxy.yml
+++ b/classes/cluster/virtual-mcp-ocata-dvr/openstack/proxy.yml
@@ -12,4 +12,10 @@
authority: ${_param:salt_minion_ca_authority}
engine: salt
mode: secure
- salt_minion_ca_host: cfg01.${_param:cluster_domain}
\ No newline at end of file
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
diff --git a/classes/cluster/virtual-mcp-ocata-ovs-ceph-local/openstack/proxy.yml b/classes/cluster/virtual-mcp-ocata-ovs-ceph-local/openstack/proxy.yml
index 64a1e0e..6d64763 100644
--- a/classes/cluster/virtual-mcp-ocata-ovs-ceph-local/openstack/proxy.yml
+++ b/classes/cluster/virtual-mcp-ocata-ovs-ceph-local/openstack/proxy.yml
@@ -12,4 +12,10 @@
authority: ${_param:salt_minion_ca_authority}
engine: salt
mode: secure
- salt_minion_ca_host: cfg01.${_param:cluster_domain}
\ No newline at end of file
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
diff --git a/classes/cluster/virtual-mcp-ocata-ovs-ceph/openstack/proxy.yml b/classes/cluster/virtual-mcp-ocata-ovs-ceph/openstack/proxy.yml
index 92a4c1b..cd0e7a0 100644
--- a/classes/cluster/virtual-mcp-ocata-ovs-ceph/openstack/proxy.yml
+++ b/classes/cluster/virtual-mcp-ocata-ovs-ceph/openstack/proxy.yml
@@ -12,4 +12,10 @@
authority: ${_param:salt_minion_ca_authority}
engine: salt
mode: secure
- salt_minion_ca_host: cfg01.${_param:cluster_domain}
\ No newline at end of file
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
diff --git a/classes/cluster/virtual-mcp-ocata-ovs/openstack/proxy.yml b/classes/cluster/virtual-mcp-ocata-ovs/openstack/proxy.yml
index 93bfd56..9123a18 100644
--- a/classes/cluster/virtual-mcp-ocata-ovs/openstack/proxy.yml
+++ b/classes/cluster/virtual-mcp-ocata-ovs/openstack/proxy.yml
@@ -12,4 +12,10 @@
authority: ${_param:salt_minion_ca_authority}
engine: salt
mode: secure
- salt_minion_ca_host: cfg01.${_param:cluster_domain}
\ No newline at end of file
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
diff --git a/classes/cluster/virtual-mcp-pike-dvr-ceph-rgw/openstack/proxy.yml b/classes/cluster/virtual-mcp-pike-dvr-ceph-rgw/openstack/proxy.yml
index 088af83..a178d05 100644
--- a/classes/cluster/virtual-mcp-pike-dvr-ceph-rgw/openstack/proxy.yml
+++ b/classes/cluster/virtual-mcp-pike-dvr-ceph-rgw/openstack/proxy.yml
@@ -8,9 +8,16 @@
- cluster.virtual-mcp-pike-dvr-ceph-rgw
parameters:
_param:
+ cluster_public_host: ${_param:openstack_proxy_address}
nginx_proxy_ssl:
enabled: true
authority: ${_param:salt_minion_ca_authority}
engine: salt
mode: secure
- salt_minion_ca_host: cfg01.${_param:cluster_domain}
\ No newline at end of file
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
diff --git a/classes/cluster/virtual-mcp-pike-dvr-ssl-barbican/openstack/proxy.yml b/classes/cluster/virtual-mcp-pike-dvr-ssl-barbican/openstack/proxy.yml
index 69159d4..fe85d74 100644
--- a/classes/cluster/virtual-mcp-pike-dvr-ssl-barbican/openstack/proxy.yml
+++ b/classes/cluster/virtual-mcp-pike-dvr-ssl-barbican/openstack/proxy.yml
@@ -14,3 +14,9 @@
engine: salt
mode: secure
salt_minion_ca_host: cfg01.${linux:system:domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
diff --git a/classes/cluster/virtual-mcp-pike-dvr-ssl/openstack/proxy.yml b/classes/cluster/virtual-mcp-pike-dvr-ssl/openstack/proxy.yml
index 0abc6b8..1a50bb6 100644
--- a/classes/cluster/virtual-mcp-pike-dvr-ssl/openstack/proxy.yml
+++ b/classes/cluster/virtual-mcp-pike-dvr-ssl/openstack/proxy.yml
@@ -14,3 +14,9 @@
engine: salt
mode: secure
salt_minion_ca_host: cfg01.${linux:system:domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
diff --git a/classes/cluster/virtual-mcp-pike-dvr/openstack/proxy.yml b/classes/cluster/virtual-mcp-pike-dvr/openstack/proxy.yml
index d6ea854..dd30f35 100644
--- a/classes/cluster/virtual-mcp-pike-dvr/openstack/proxy.yml
+++ b/classes/cluster/virtual-mcp-pike-dvr/openstack/proxy.yml
@@ -14,3 +14,9 @@
engine: salt
mode: secure
salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
diff --git a/classes/cluster/virtual-mcp-pike-ovs-ceph/openstack/proxy.yml b/classes/cluster/virtual-mcp-pike-ovs-ceph/openstack/proxy.yml
index 00eb616..01ee8f0 100644
--- a/classes/cluster/virtual-mcp-pike-ovs-ceph/openstack/proxy.yml
+++ b/classes/cluster/virtual-mcp-pike-ovs-ceph/openstack/proxy.yml
@@ -7,9 +7,16 @@
- cluster.virtual-mcp-pike-ovs-ceph
parameters:
_param:
+ cluster_public_host: ${_param:openstack_proxy_address}
nginx_proxy_ssl:
enabled: true
authority: ${_param:salt_minion_ca_authority}
engine: salt
mode: secure
- salt_minion_ca_host: cfg01.${_param:cluster_domain}
\ No newline at end of file
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
diff --git a/classes/cluster/virtual-mcp-pike-ovs/openstack/proxy.yml b/classes/cluster/virtual-mcp-pike-ovs/openstack/proxy.yml
index 83edc51..2305418 100644
--- a/classes/cluster/virtual-mcp-pike-ovs/openstack/proxy.yml
+++ b/classes/cluster/virtual-mcp-pike-ovs/openstack/proxy.yml
@@ -14,3 +14,9 @@
engine: salt
mode: secure
salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
diff --git a/classes/cluster/virtual-mcp05-dvr/openstack/proxy.yml b/classes/cluster/virtual-mcp05-dvr/openstack/proxy.yml
index 3c03b07..391f22d 100644
--- a/classes/cluster/virtual-mcp05-dvr/openstack/proxy.yml
+++ b/classes/cluster/virtual-mcp05-dvr/openstack/proxy.yml
@@ -13,3 +13,9 @@
engine: salt
mode: secure
salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
diff --git a/classes/cluster/virtual-mcp05-ovs/openstack/proxy.yml b/classes/cluster/virtual-mcp05-ovs/openstack/proxy.yml
index fdfd00e..0369787 100644
--- a/classes/cluster/virtual-mcp05-ovs/openstack/proxy.yml
+++ b/classes/cluster/virtual-mcp05-ovs/openstack/proxy.yml
@@ -12,4 +12,10 @@
authority: ${_param:salt_minion_ca_authority}
engine: salt
mode: secure
- salt_minion_ca_host: cfg01.${_param:cluster_domain}
\ No newline at end of file
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
diff --git a/classes/cluster/virtual-mcp10-contrail/openstack/proxy.yml b/classes/cluster/virtual-mcp10-contrail/openstack/proxy.yml
index 3c3838a..8b85a6c 100755
--- a/classes/cluster/virtual-mcp10-contrail/openstack/proxy.yml
+++ b/classes/cluster/virtual-mcp10-contrail/openstack/proxy.yml
@@ -15,6 +15,12 @@
engine: salt
mode: secure
salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
linux:
system:
package:
diff --git a/classes/cluster/virtual-mcp10-dvr/openstack/proxy.yml b/classes/cluster/virtual-mcp10-dvr/openstack/proxy.yml
index 600819d..2fbbbbd 100644
--- a/classes/cluster/virtual-mcp10-dvr/openstack/proxy.yml
+++ b/classes/cluster/virtual-mcp10-dvr/openstack/proxy.yml
@@ -13,6 +13,12 @@
engine: salt
mode: secure
salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
linux:
system:
package:
diff --git a/classes/cluster/virtual-mcp10-ovs/openstack/proxy.yml b/classes/cluster/virtual-mcp10-ovs/openstack/proxy.yml
index 8916abc..43741cd 100644
--- a/classes/cluster/virtual-mcp10-ovs/openstack/proxy.yml
+++ b/classes/cluster/virtual-mcp10-ovs/openstack/proxy.yml
@@ -13,6 +13,12 @@
engine: salt
mode: secure
salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
linux:
system:
package:
diff --git a/classes/cluster/virtual-mcp11-contrail-nfv/openstack/proxy.yml b/classes/cluster/virtual-mcp11-contrail-nfv/openstack/proxy.yml
index 85377e2..360979b 100755
--- a/classes/cluster/virtual-mcp11-contrail-nfv/openstack/proxy.yml
+++ b/classes/cluster/virtual-mcp11-contrail-nfv/openstack/proxy.yml
@@ -15,3 +15,9 @@
engine: salt
mode: secure
salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
diff --git a/classes/cluster/virtual-mcp11-contrail/openstack/proxy.yml b/classes/cluster/virtual-mcp11-contrail/openstack/proxy.yml
index 690389b..0422b38 100755
--- a/classes/cluster/virtual-mcp11-contrail/openstack/proxy.yml
+++ b/classes/cluster/virtual-mcp11-contrail/openstack/proxy.yml
@@ -15,3 +15,9 @@
engine: salt
mode: secure
salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
diff --git a/classes/cluster/virtual-mcp11-dvr/openstack/proxy.yml b/classes/cluster/virtual-mcp11-dvr/openstack/proxy.yml
index cd7bbd6..2ce252d 100644
--- a/classes/cluster/virtual-mcp11-dvr/openstack/proxy.yml
+++ b/classes/cluster/virtual-mcp11-dvr/openstack/proxy.yml
@@ -12,4 +12,10 @@
authority: ${_param:salt_minion_ca_authority}
engine: salt
mode: secure
- salt_minion_ca_host: cfg01.${_param:cluster_domain}
\ No newline at end of file
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
diff --git a/classes/cluster/virtual-mcp11-ovs-dpdk/openstack/proxy.yml b/classes/cluster/virtual-mcp11-ovs-dpdk/openstack/proxy.yml
index be66fa7..c12de32 100644
--- a/classes/cluster/virtual-mcp11-ovs-dpdk/openstack/proxy.yml
+++ b/classes/cluster/virtual-mcp11-ovs-dpdk/openstack/proxy.yml
@@ -12,4 +12,10 @@
authority: ${_param:salt_minion_ca_authority}
engine: salt
mode: secure
- salt_minion_ca_host: cfg01.${_param:cluster_domain}
\ No newline at end of file
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
diff --git a/classes/cluster/virtual-mcp11-ovs-ironic-ssl/openstack/proxy.yml b/classes/cluster/virtual-mcp11-ovs-ironic-ssl/openstack/proxy.yml
index eb1e5d4..31f80f3 100644
--- a/classes/cluster/virtual-mcp11-ovs-ironic-ssl/openstack/proxy.yml
+++ b/classes/cluster/virtual-mcp11-ovs-ironic-ssl/openstack/proxy.yml
@@ -12,4 +12,10 @@
authority: ${_param:salt_minion_ca_authority}
engine: salt
mode: secure
- salt_minion_ca_host: cfg01.${_param:cluster_domain}
\ No newline at end of file
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
diff --git a/classes/cluster/virtual-mcp11-ovs-ironic/openstack/proxy.yml b/classes/cluster/virtual-mcp11-ovs-ironic/openstack/proxy.yml
index cff2a88..4025d89 100644
--- a/classes/cluster/virtual-mcp11-ovs-ironic/openstack/proxy.yml
+++ b/classes/cluster/virtual-mcp11-ovs-ironic/openstack/proxy.yml
@@ -12,4 +12,10 @@
authority: ${_param:salt_minion_ca_authority}
engine: salt
mode: secure
- salt_minion_ca_host: cfg01.${_param:cluster_domain}
\ No newline at end of file
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
diff --git a/classes/cluster/virtual-mcp11-ovs/openstack/proxy.yml b/classes/cluster/virtual-mcp11-ovs/openstack/proxy.yml
index 1943969..77365d5 100644
--- a/classes/cluster/virtual-mcp11-ovs/openstack/proxy.yml
+++ b/classes/cluster/virtual-mcp11-ovs/openstack/proxy.yml
@@ -12,4 +12,10 @@
authority: ${_param:salt_minion_ca_authority}
engine: salt
mode: secure
- salt_minion_ca_host: cfg01.${_param:cluster_domain}
\ No newline at end of file
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
diff --git a/classes/cluster/virtual-offline-pike-ovs-dpdk/openstack/proxy.yml b/classes/cluster/virtual-offline-pike-ovs-dpdk/openstack/proxy.yml
index fe5783a..e1bf876 100644
--- a/classes/cluster/virtual-offline-pike-ovs-dpdk/openstack/proxy.yml
+++ b/classes/cluster/virtual-offline-pike-ovs-dpdk/openstack/proxy.yml
@@ -7,9 +7,16 @@
- cluster.virtual-offline-pike-ovs-dpdk
parameters:
_param:
+ cluster_public_host: ${_param:openstack_proxy_address}
nginx_proxy_ssl:
enabled: true
authority: ${_param:salt_minion_ca_authority}
engine: salt
mode: secure
- salt_minion_ca_host: cfg01.${_param:cluster_domain}
\ No newline at end of file
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
diff --git a/classes/cluster/virtual-offline-pike-ovs/openstack/proxy.yml b/classes/cluster/virtual-offline-pike-ovs/openstack/proxy.yml
index e055dee..aa34b49 100644
--- a/classes/cluster/virtual-offline-pike-ovs/openstack/proxy.yml
+++ b/classes/cluster/virtual-offline-pike-ovs/openstack/proxy.yml
@@ -7,9 +7,16 @@
- cluster.virtual-offline-pike-ovs
parameters:
_param:
+ cluster_public_host: ${_param:openstack_proxy_address}
nginx_proxy_ssl:
enabled: true
authority: ${_param:salt_minion_ca_authority}
engine: salt
mode: secure
- salt_minion_ca_host: cfg01.${_param:cluster_domain}
\ No newline at end of file
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"
diff --git a/classes/cluster/virtual-offline-ssl/openstack/proxy.yml b/classes/cluster/virtual-offline-ssl/openstack/proxy.yml
index bea4384..59b941d 100644
--- a/classes/cluster/virtual-offline-ssl/openstack/proxy.yml
+++ b/classes/cluster/virtual-offline-ssl/openstack/proxy.yml
@@ -14,3 +14,9 @@
engine: salt
mode: secure
salt_minion_ca_host: cfg01.${linux:system:domain}
+ nginx:
+ server:
+ site:
+ nginx_ssl_redirect_openstack_web:
+ host:
+ name: "$host"