Merge "Add AAA an readme"
diff --git a/classes/cluster/aaa-ha-freeipa/infra/init.yml b/classes/cluster/aaa-ha-freeipa/infra/init.yml
index 38ee22a..fdf066a 100644
--- a/classes/cluster/aaa-ha-freeipa/infra/init.yml
+++ b/classes/cluster/aaa-ha-freeipa/infra/init.yml
@@ -3,11 +3,7 @@
- system.linux.system.repo.mcp.extra
- system.linux.system.repo.mcp.salt
- system.linux.system.repo.ubuntu
-- system.openssh.server.team.lab
-- system.openssh.server.team.tcpcloud
-- system.openssh.server.team.mcp_qa
-- system.openssh.server.team.mmo_devops
-- system.openssh.server.team.services
+- system.openssh.server.team.all
- system.rsyslog.client.single
parameters:
_param:
diff --git a/classes/cluster/ceph-ha/ceph/init.yml b/classes/cluster/ceph-ha/ceph/init.yml
index 6bfb3db..a2600a9 100644
--- a/classes/cluster/ceph-ha/ceph/init.yml
+++ b/classes/cluster/ceph-ha/ceph/init.yml
@@ -22,6 +22,8 @@
ceph_cfs_node01_hostname: cfs01
ceph_cfs_node01_address: 172.16.10.97
+ single_address: ''
+
ceph_cluster_fsid: a619c5fc-c4ed-4f22-9ed2-66cf2feca23d
ceph_mon_keyring: AQAnQIhZ6in5KxAAdf467upoRMWFcVg5pbh1yg==
ceph_admin_keyring: AQBHPYhZv5mYDBAAvisaSzCTQkC5gywGUp/voA==
diff --git a/classes/cluster/ceph-ha/ceph/setup.yml b/classes/cluster/ceph-ha/ceph/setup.yml
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/classes/cluster/ceph-ha/ceph/setup.yml
diff --git a/classes/cluster/ceph-ha/infra/config.yml b/classes/cluster/ceph-ha/infra/config.yml
index cc97968..2de9d4c 100644
--- a/classes/cluster/ceph-ha/infra/config.yml
+++ b/classes/cluster/ceph-ha/infra/config.yml
@@ -76,33 +76,48 @@
cluster_param:
ceph_osd_node01_address:
value_template: <<node_control_ip>>
+ single_address:
+ value_template: <<node_control_ip>>
ceph_osd_02:
expression: <<node_hostname>>__equals__osd1
cluster_param:
ceph_osd_node02_address:
value_template: <<node_control_ip>>
+ single_address:
+ value_template: <<node_control_ip>>
ceph_osd_03:
expression: <<node_hostname>>__equals__osd2
cluster_param:
ceph_osd_node03_address:
value_template: <<node_control_ip>>
+ single_address:
+ value_template: <<node_control_ip>>
ceph_mon_01:
expression: <<node_hostname>>__equals__cmn01
cluster_param:
ceph_mon_node01_address:
value_template: <<node_control_ip>>
+ single_address:
+ value_template: <<node_control_ip>>
ceph_mon_02:
expression: <<node_hostname>>__equals__cmn02
cluster_param:
ceph_mon_node02_address:
value_template: <<node_control_ip>>
+ single_address:
+ value_template: <<node_control_ip>>
ceph_mon_03:
expression: <<node_hostname>>__equals__cmn03
cluster_param:
ceph_mon_node03_address:
value_template: <<node_control_ip>>
+ single_address:
+ value_template: <<node_control_ip>>
ceph_cfs:
expression: <<node_hostname>>__startswith__cfs
node_class:
value_template:
- cluster.<<node_cluster>>.ceph.cfs
+ cluster_param:
+ single_address:
+ value_template: <<node_control_ip>>
diff --git a/classes/cluster/ceph-ha/infra/init.yml b/classes/cluster/ceph-ha/infra/init.yml
index 8767fa2..3c13d80 100644
--- a/classes/cluster/ceph-ha/infra/init.yml
+++ b/classes/cluster/ceph-ha/infra/init.yml
@@ -4,8 +4,7 @@
- system.linux.system.repo.mcp.salt #FIXME
- system.linux.system.repo.saltstack.xenial
- system.linux.system.repo.ubuntu
-- system.openssh.server.team.members.mlos
-- system.openssh.server.team.tcpcloud
+- system.openssh.server.team.all
- cluster.ceph-ha.ceph
- cluster.overrides
parameters:
diff --git a/classes/cluster/drivetrain-ha-clusters/cicd/control/init.yml b/classes/cluster/drivetrain-ha-clusters/cicd/control/init.yml
index 2ce0ac6..6dce5b4 100644
--- a/classes/cluster/drivetrain-ha-clusters/cicd/control/init.yml
+++ b/classes/cluster/drivetrain-ha-clusters/cicd/control/init.yml
@@ -48,7 +48,6 @@
- system.docker.swarm.stack.rundeck
- system.docker.swarm.stack.security_monkey
# Docker networks
- - system.docker.swarm.network.runbook
- system.docker.swarm.network.oss_backend
# Aptly
@@ -91,9 +90,10 @@
# Rundeck
- system.rundeck.client.runbook
- - cluster.drivetrain-ha-clusters
+ - cluster.drivetrain-ha-clusters.cicd
parameters:
_param:
+ cluster_name: cicd-lab-dev
cluster_node01_name: ci01
cluster_node01_address: ${_param:control_node01_address}
cluster_node02_name: ci02
diff --git a/classes/cluster/drivetrain-ha-clusters/cicd/control/master.yml b/classes/cluster/drivetrain-ha-clusters/cicd/control/master.yml
index dadabbb..b02ce35 100644
--- a/classes/cluster/drivetrain-ha-clusters/cicd/control/master.yml
+++ b/classes/cluster/drivetrain-ha-clusters/cicd/control/master.yml
@@ -43,4 +43,4 @@
# ..projects
- system.rundeck.client.project.cicd
# At last
- - cluster.drivetrain-ha-clusters.cicd.control
+ - cluster.drivetrain-ha-clusters
diff --git a/classes/cluster/drivetrain-ha-clusters/cicd/control/slave.yml b/classes/cluster/drivetrain-ha-clusters/cicd/control/slave.yml
index b5d63e2..415190d 100644
--- a/classes/cluster/drivetrain-ha-clusters/cicd/control/slave.yml
+++ b/classes/cluster/drivetrain-ha-clusters/cicd/control/slave.yml
@@ -1,3 +1,3 @@
classes:
- - cluster.drivetrain-ha-clusters.cicd.control
- system.docker.swarm.manager
+ - cluster.drivetrain-ha-clusters
diff --git a/classes/cluster/drivetrain-ha-clusters/cicd/init.yml b/classes/cluster/drivetrain-ha-clusters/cicd/init.yml
index 9d81f5d..d5bf397 100644
--- a/classes/cluster/drivetrain-ha-clusters/cicd/init.yml
+++ b/classes/cluster/drivetrain-ha-clusters/cicd/init.yml
@@ -38,4 +38,3 @@
names:
- ${_param:cicd_control_node03_hostname}
- ${_param:cicd_control_node03_hostname}.${_param:cluster_domain}
-
diff --git a/classes/cluster/drivetrain-ha-clusters/cicd/worker.yml b/classes/cluster/drivetrain-ha-clusters/cicd/worker.yml
index 7d856cc..4a5ab79 100644
--- a/classes/cluster/drivetrain-ha-clusters/cicd/worker.yml
+++ b/classes/cluster/drivetrain-ha-clusters/cicd/worker.yml
@@ -1,6 +1,5 @@
classes:
-- system.linux.system.single
-- system.jenkins.slave.docker
-- system.aptly.client.publisher
-- cluster.drivetrain-ha-clusters
-
+ - system.linux.system.single
+ - system.jenkins.slave.docker
+ - system.aptly.client.publisher
+ - cluster.drivetrain-ha-clusters
diff --git a/classes/cluster/drivetrain-ha-clusters/infra/config.yml b/classes/cluster/drivetrain-ha-clusters/infra/config.yml
index c4ad9a6..a96d9fe 100644
--- a/classes/cluster/drivetrain-ha-clusters/infra/config.yml
+++ b/classes/cluster/drivetrain-ha-clusters/infra/config.yml
@@ -1,10 +1,10 @@
classes:
-- system.salt.master.pkg
-- system.salt.master.api
-- system.salt.minion.ca.salt_master
-- system.reclass.storage.salt
-- system.sphinx.server.doc.reclass
-- cluster.drivetrain-ha-clusters
+ - system.salt.master.pkg
+ - system.salt.master.api
+ - system.salt.minion.ca.salt_master
+ - system.reclass.storage.salt
+ - system.sphinx.server.doc.reclass
+ - cluster.drivetrain-ha-clusters
parameters:
_param:
reclass_data_repository: "https://gerrit.mcp.mirantis.net/salt-models/mcp-virtual-lab"
@@ -16,6 +16,8 @@
salt_minion_ca_host: ${linux:network:fqdn}
salt_master_host: ${_param:infra_config_deploy_address}
cluster_public_host: ${_param:infra_config_address}
+ salt_api_password: hovno12345!
+ salt_api_password_hash: "$6$sGnRlxGf$al5jMCetLP.vfI/fTl3Z0N7Za1aeiexL487jAtyRABVfT3NlwZxQGVhO7S1N8OwS/34VHYwZQA8lkXwKMN/GS1"
salt:
master:
order_masters: true
@@ -74,7 +76,9 @@
name: ${_param:cicd_control_node01_hostname}
domain: ${_param:cluster_domain}
classes:
+ - cluster.${_param:cluster_name}.infra.config
- cluster.${_param:cluster_name}.cicd.control.master
+ - cluster.overrides
params:
salt_master_host: ${_param:reclass_config_master}
linux_system_codename: xenial
@@ -85,6 +89,7 @@
domain: ${_param:cluster_domain}
classes:
- cluster.${_param:cluster_name}.cicd.control.slave
+ - cluster.overrides
params:
salt_master_host: ${_param:reclass_config_master}
linux_system_codename: xenial
@@ -96,10 +101,10 @@
domain: ${_param:cluster_domain}
classes:
- cluster.${_param:cluster_name}.cicd.control.slave
+ - cluster.overrides
params:
salt_master_host: ${_param:reclass_config_master}
linux_system_codename: xenial
single_address: ${_param:cicd_control_node03_address}
keepalived_vip_priority: 101
docker_swarm_role: worker
-
diff --git a/classes/cluster/drivetrain-ha-clusters/infra/init.yml b/classes/cluster/drivetrain-ha-clusters/infra/init.yml
index c5a0164..d385985 100644
--- a/classes/cluster/drivetrain-ha-clusters/infra/init.yml
+++ b/classes/cluster/drivetrain-ha-clusters/infra/init.yml
@@ -1,13 +1,3 @@
-classes:
-- system.linux.system.single
-- system.rsyslog.client.single
-- system.linux.system.haveged
-- system.linux.system.prompt
-- system.linux.system.motd.dynamic
-- system.openssh.server.team.lab
-- system.openssh.server.team.tcpcloud
-- system.openssh.server.team.mcp_qa
-- system.openssh.server.team.oss_team
parameters:
_param:
cluster_domain: drivetrain-ha-clusters.local
@@ -19,8 +9,6 @@
infra_config_deploy_address: 192.168.10.90
salt_minion_ca_host: ci01.${_param:cluster_domain}
salt_minion_ca_authority: salt_master_ca
- salt_api_password: hovno12345!
- salt_api_password_hash: "$6$sGnRlxGf$al5jMCetLP.vfI/fTl3Z0N7Za1aeiexL487jAtyRABVfT3NlwZxQGVhO7S1N8OwS/34VHYwZQA8lkXwKMN/GS1"
linux:
network:
host:
@@ -32,4 +20,3 @@
system:
name: ${_param:infra_config_hostname}
domain: ${_param:cluster_domain}
-
diff --git a/classes/cluster/drivetrain-ha-clusters/init.yml b/classes/cluster/drivetrain-ha-clusters/init.yml
index 634ecc6..aa9cb9b 100644
--- a/classes/cluster/drivetrain-ha-clusters/init.yml
+++ b/classes/cluster/drivetrain-ha-clusters/init.yml
@@ -1,6 +1,10 @@
classes:
-- system.linux.network.dynamic_hosts
-- cluster.drivetrain-ha-clusters.infra
-- cluster.drivetrain-ha-clusters.cicd
-- cluster.overrides
-
+ - system.linux.network.dynamic_hosts
+ - system.linux.system.single
+ - system.linux.system.haveged
+ - system.linux.system.prompt
+ - system.linux.system.motd.dynamic
+ - system.openssh.server.team.all
+ - cluster.drivetrain-ha.infra
+ - cluster.drivetrain-ha.cicd.control
+ - cluster.overrides
diff --git a/classes/cluster/drivetrain-ha/cicd/control/init.yml b/classes/cluster/drivetrain-ha/cicd/control/init.yml
index 52b6079..01c7686 100644
--- a/classes/cluster/drivetrain-ha/cicd/control/init.yml
+++ b/classes/cluster/drivetrain-ha/cicd/control/init.yml
@@ -48,7 +48,6 @@
- system.docker.swarm.stack.rundeck
- system.docker.swarm.stack.security_monkey
# Docker networks
- - system.docker.swarm.network.runbook
- system.docker.swarm.network.oss_backend
# Aptly
@@ -92,9 +91,9 @@
- system.rundeck.client.runbook
- cluster.drivetrain-ha.cicd
- # - cluster.drivetrain-ha
parameters:
_param:
+ cluster_name: cicd-lab-dev
cluster_node01_name: ci01
cluster_node01_address: ${_param:control_node01_address}
cluster_node02_name: ci02
@@ -329,14 +328,26 @@
pushkin_smtp_port: 25
pushkin_email_sender_password: ''
+ # OSS managed openstack
+ oss_target_openstack_ip: 172.17.16.190
+ oss_openstack_auth_url: http://172.17.16.190/identity/v3
+ oss_openstack_username: admin
+ oss_openstack_password: nova
+
+ # Janitor Monkey
+ janitor_monkey_openstack:
+ username: ${_param:oss_openstack_username}
+ password: ${_param:oss_openstack_password}
+ auth_url: ${_param:oss_openstack_auth_url}
+
# SecurityMonkey
secmonkey_db_user: secmonkey
secmonkey_db_user_password: secmonkey
secmonkey_db_host: ${_param:haproxy_postgresql_bind_host}
security_monkey_openstack:
- username: admin
- password: password
- auth_url: http://172.17.16.129/identity/v3
+ username: ${_param:oss_openstack_username}
+ password: ${_param:oss_openstack_password}
+ auth_url: ${_param:oss_openstack_auth_url}
# Rundeck
rundeck_db_host: ${_param:haproxy_postgresql_bind_host}
@@ -346,7 +357,10 @@
rundeck_postgresql_password: ${_param:rundeck_db_user_password}
rundeck_postgresql_database: rundeck
rundeck_postgresql_host: ${_param:rundeck_db_host}
- rundeck_cis_os_auth_url: http://172.17.16.129:5000/v3/auth/tokens
+ rundeck_cis_openstack:
+ username: ${_param:oss_openstack_username}/auth/tokens
+ password: ${_param:oss_openstack_password}
+ auth_url: ${_param:oss_openstack_auth_url}
rundeck_cis_elasticsearch_url: http://${_param:haproxy_elasticsearch_bind_host}:${_param:haproxy_elasticsearch_http_bind_port}
rundeck_runbook_public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDBPHRctBuN16hVe05HxKeN1AqPqbjvWvqQ1zcr/sbJJXHgVBTACRD6G+DAi7SSJr7dLzyeNo042szJclsH/qf9h0tcytINATzye//x6MtzXZ4YIDkcd1Yhz1LRgCXk1PvIensJAdClYOymx+SRaJxEEzbLxgqhSnYOUY3xVGbUrgfXI9+ZG9hs9zfq5JEMRjQay5p+xuYv/wCoU+pbFPDmsW0hQ99O+XBHcwrpU3crkImetTM2WfnRlBkoJypLv/HicTJtnL91/BWcebvW50oxrEq1QQ82T1Wl3pQsJw24M48fXyl/HbF2QVP6O1Ptqr3O7cIByxJWHih3paZncVEj
rundeck_runbook_private_key: |
diff --git a/classes/cluster/drivetrain-ha/cicd/control/slave.yml b/classes/cluster/drivetrain-ha/cicd/control/slave.yml
index f46c1e4..52f21eb 100644
--- a/classes/cluster/drivetrain-ha/cicd/control/slave.yml
+++ b/classes/cluster/drivetrain-ha/cicd/control/slave.yml
@@ -1,3 +1,3 @@
classes:
-- system.docker.swarm.manager
-- cluster.drivetrain-ha
+ - system.docker.swarm.manager
+ - cluster.drivetrain-ha
diff --git a/classes/cluster/drivetrain-ha/cicd/worker.yml b/classes/cluster/drivetrain-ha/cicd/worker.yml
index 9dc8d0c..ad824f8 100644
--- a/classes/cluster/drivetrain-ha/cicd/worker.yml
+++ b/classes/cluster/drivetrain-ha/cicd/worker.yml
@@ -1,6 +1,5 @@
classes:
-- system.linux.system.single
-- system.jenkins.slave.docker
-- system.aptly.client.publisher
-- cluster.drivetrain-ha
-
+ - system.linux.system.single
+ - system.jenkins.slave.docker
+ - system.aptly.client.publisher
+ - cluster.drivetrain-ha
diff --git a/classes/cluster/drivetrain-ha/infra/config.yml b/classes/cluster/drivetrain-ha/infra/config.yml
index 4e413b5..ed421d2 100644
--- a/classes/cluster/drivetrain-ha/infra/config.yml
+++ b/classes/cluster/drivetrain-ha/infra/config.yml
@@ -1,10 +1,10 @@
classes:
-- system.salt.master.pkg
-- system.salt.master.api
-- system.salt.minion.ca.salt_master
-- system.reclass.storage.salt
-- system.sphinx.server.doc.reclass
-- cluster.drivetrain-ha
+ - system.salt.master.pkg
+ - system.salt.master.api
+ - system.salt.minion.ca.salt_master
+ - system.reclass.storage.salt
+ - system.sphinx.server.doc.reclass
+ - cluster.drivetrain-ha
parameters:
_param:
reclass_data_repository: "https://gerrit.mcp.mirantis.net/salt-models/mcp-virtual-lab"
@@ -77,6 +77,7 @@
classes:
- cluster.${_param:cluster_name}.infra.config
- cluster.${_param:cluster_name}.cicd.control.master
+ - cluster.overrides
params:
salt_master_host: 127.0.0.1
linux_system_codename: xenial
@@ -87,6 +88,7 @@
domain: ${_param:cluster_domain}
classes:
- cluster.${_param:cluster_name}.cicd.control.slave
+ - cluster.overrides
params:
salt_master_host: ${_param:reclass_config_master}
linux_system_codename: xenial
@@ -98,6 +100,7 @@
domain: ${_param:cluster_domain}
classes:
- cluster.${_param:cluster_name}.cicd.control.slave
+ - cluster.overrides
params:
salt_master_host: ${_param:reclass_config_master}
linux_system_codename: xenial
diff --git a/classes/cluster/drivetrain-ha/infra/init.yml b/classes/cluster/drivetrain-ha/infra/init.yml
index f3fe176..0b205e5 100644
--- a/classes/cluster/drivetrain-ha/infra/init.yml
+++ b/classes/cluster/drivetrain-ha/infra/init.yml
@@ -1,13 +1,3 @@
-classes:
-- system.linux.system.single
-- system.rsyslog.client.single
-- system.linux.system.haveged
-- system.linux.system.prompt
-- system.linux.system.motd.dynamic
-- system.openssh.server.team.lab
-- system.openssh.server.team.tcpcloud
-- system.openssh.server.team.mcp_qa
-- system.openssh.server.team.oss_team
parameters:
_param:
cluster_domain: drivetrain-ha.local
@@ -29,4 +19,3 @@
system:
name: ${_param:infra_config_hostname}
domain: ${_param:cluster_domain}
-
diff --git a/classes/cluster/drivetrain-ha/init.yml b/classes/cluster/drivetrain-ha/init.yml
index fa0c93c..aa9cb9b 100644
--- a/classes/cluster/drivetrain-ha/init.yml
+++ b/classes/cluster/drivetrain-ha/init.yml
@@ -1,7 +1,10 @@
classes:
-- system.linux.network.dynamic_hosts
-- cluster.drivetrain-ha.cicd.control
-- cluster.drivetrain-ha.infra
-#- cluster.drivetrain-ha.cicd
-- cluster.overrides
-
+ - system.linux.network.dynamic_hosts
+ - system.linux.system.single
+ - system.linux.system.haveged
+ - system.linux.system.prompt
+ - system.linux.system.motd.dynamic
+ - system.openssh.server.team.all
+ - cluster.drivetrain-ha.infra
+ - cluster.drivetrain-ha.cicd.control
+ - cluster.overrides
diff --git a/classes/cluster/k8s-aio-calico/infra/init.yml b/classes/cluster/k8s-aio-calico/infra/init.yml
index 763d163..d6c546e 100644
--- a/classes/cluster/k8s-aio-calico/infra/init.yml
+++ b/classes/cluster/k8s-aio-calico/infra/init.yml
@@ -3,10 +3,7 @@
- system.linux.system.repo.mcp.extra
- system.linux.system.repo.mcp.salt
- system.linux.system.repo.ubuntu
-- system.openssh.server.team.lab
-- system.openssh.server.team.tcpcloud
-- system.openssh.server.team.mcp_qa
-- system.openssh.server.team.k8s_team
+- system.openssh.server.team.all
- system.rsyslog.client.single
parameters:
_param:
diff --git a/classes/cluster/k8s-aio-contrail/infra/init.yml b/classes/cluster/k8s-aio-contrail/infra/init.yml
index 812d237..af57b51 100644
--- a/classes/cluster/k8s-aio-contrail/infra/init.yml
+++ b/classes/cluster/k8s-aio-contrail/infra/init.yml
@@ -3,10 +3,7 @@
- system.linux.system.repo.mcp.extra
- system.linux.system.repo.mcp.salt
- system.linux.system.repo.ubuntu
-- system.openssh.server.team.lab
-- system.openssh.server.team.tcpcloud
-- system.openssh.server.team.mcp_qa
-- system.openssh.server.team.k8s_team
+- system.openssh.server.team.all
- system.rsyslog.client.single
parameters:
_param:
diff --git a/classes/cluster/k8s-ha-calico-syndic/infra/init.yml b/classes/cluster/k8s-ha-calico-syndic/infra/init.yml
index afc025c..d91fab5 100644
--- a/classes/cluster/k8s-ha-calico-syndic/infra/init.yml
+++ b/classes/cluster/k8s-ha-calico-syndic/infra/init.yml
@@ -3,10 +3,7 @@
- system.linux.system.repo.mcp.extra
- system.linux.system.repo.mcp.salt
- system.linux.system.repo.ubuntu
-- system.openssh.server.team.lab
-- system.openssh.server.team.tcpcloud
-- system.openssh.server.team.mcp_qa
-- system.openssh.server.team.k8s_team
+- system.openssh.server.team.all
parameters:
_param:
# infra service addresses
diff --git a/classes/cluster/k8s-ha-calico/kubernetes/compute.yml b/classes/cluster/k8s-ha-calico/kubernetes/compute.yml
index 2681e7f..7d5acb7 100644
--- a/classes/cluster/k8s-ha-calico/kubernetes/compute.yml
+++ b/classes/cluster/k8s-ha-calico/kubernetes/compute.yml
@@ -13,6 +13,7 @@
- python-docker
options:
bip: 172.31.255.1/24
+ storage-driver: overlay2
kubernetes:
pool:
kubelet:
diff --git a/classes/cluster/k8s-ha-calico/kubernetes/init.yml b/classes/cluster/k8s-ha-calico/kubernetes/init.yml
index d8e5c25..7eecf89 100644
--- a/classes/cluster/k8s-ha-calico/kubernetes/init.yml
+++ b/classes/cluster/k8s-ha-calico/kubernetes/init.yml
@@ -31,11 +31,11 @@
# switches of addons
kubernetes_addon_namespace: kube-system
- kubernetes_dashboard: false
+ kubernetes_dashboard: true
kubernetes_helm_enabled: false
kubernetes_netchecker_enabled: true
kubernetes_calico_policy_enabled: false
- kubernetes_virtlet_enabled: false
+ kubernetes_virtlet_enabled: true
# addresses and hostnames
kubernetes_internal_api_address: 10.254.0.1
diff --git a/classes/cluster/os-ha-contrail-40/openstack/control.yml b/classes/cluster/os-ha-contrail-40/openstack/control.yml
index e3c086f..7fd147b 100644
--- a/classes/cluster/os-ha-contrail-40/openstack/control.yml
+++ b/classes/cluster/os-ha-contrail-40/openstack/control.yml
@@ -43,7 +43,6 @@
cluster_node02_address: ${_param:openstack_control_node02_address}
cluster_node03_hostname: ctl03
cluster_node03_address: ${_param:openstack_control_node03_address}
- keepalived_openstack_telemetry_vip_interface: ens4
linux:
system:
package:
@@ -164,4 +163,3 @@
notification:
driver: messagingv2
topics: "notifications"
-
diff --git a/classes/cluster/os-ha-contrail/openstack/control.yml b/classes/cluster/os-ha-contrail/openstack/control.yml
index 1e9733a..ce6c800 100755
--- a/classes/cluster/os-ha-contrail/openstack/control.yml
+++ b/classes/cluster/os-ha-contrail/openstack/control.yml
@@ -46,7 +46,6 @@
cluster_node02_address: ${_param:openstack_control_node02_address}
cluster_node03_hostname: ctl03
cluster_node03_address: ${_param:openstack_control_node03_address}
- keepalived_openstack_telemetry_vip_interface: ens4
linux:
system:
package:
@@ -174,4 +173,3 @@
notification:
driver: messagingv2
topics: "notifications"
-
diff --git a/classes/cluster/os-ha-ovs-syndic/openstack/control.yml b/classes/cluster/os-ha-ovs-syndic/openstack/control.yml
index 9bc0f6e..0b7f2a2 100644
--- a/classes/cluster/os-ha-ovs-syndic/openstack/control.yml
+++ b/classes/cluster/os-ha-ovs-syndic/openstack/control.yml
@@ -32,7 +32,6 @@
parameters:
_param:
keepalived_vip_interface: ens4
- keepalived_openstack_telemetry_vip_interface: ens4
linux:
system:
package:
@@ -100,4 +99,3 @@
notification:
driver: messagingv2
topics: "notifications"
-
diff --git a/classes/cluster/os-ha-ovs/openstack/control.yml b/classes/cluster/os-ha-ovs/openstack/control.yml
index ee20aa0..a01afb8 100644
--- a/classes/cluster/os-ha-ovs/openstack/control.yml
+++ b/classes/cluster/os-ha-ovs/openstack/control.yml
@@ -35,7 +35,6 @@
parameters:
_param:
keepalived_vip_interface: ens4
- keepalived_openstack_telemetry_vip_interface: ens4
linux:
system:
package:
@@ -147,4 +146,3 @@
notification:
driver: messagingv2
topics: "notifications"
-
diff --git a/classes/cluster/sl-k8s-calico/infra/init.yml b/classes/cluster/sl-k8s-calico/infra/init.yml
index 758544b..d6c546e 100644
--- a/classes/cluster/sl-k8s-calico/infra/init.yml
+++ b/classes/cluster/sl-k8s-calico/infra/init.yml
@@ -3,11 +3,7 @@
- system.linux.system.repo.mcp.extra
- system.linux.system.repo.mcp.salt
- system.linux.system.repo.ubuntu
-- system.openssh.server.team.lab
-- system.openssh.server.team.stacklight
-- system.openssh.server.team.tcpcloud
-- system.openssh.server.team.mcp_qa
-- system.openssh.server.team.k8s_team
+- system.openssh.server.team.all
- system.rsyslog.client.single
parameters:
_param:
diff --git a/classes/cluster/sl-k8s-calico/stacklight/server.yml b/classes/cluster/sl-k8s-calico/stacklight/server.yml
index 4a1df78..050ed5e 100644
--- a/classes/cluster/sl-k8s-calico/stacklight/server.yml
+++ b/classes/cluster/sl-k8s-calico/stacklight/server.yml
@@ -37,7 +37,7 @@
docker_image_remote_agent: docker-prod-virtual.docker.mirantis.net/openstack-docker/telegraf:latest
docker_image_remote_storage_adapter: docker-prod-virtual.docker.mirantis.net/openstack-docker/remote_storage_adapter:latest
docker_image_prometheus_relay: docker-prod-virtual.docker.mirantis.net/openstack-docker/prometheus_relay:latest
- docker_image_grafana: grafana/grafana:4.3.2
+ docker_image_grafana: grafana/grafana:4.5.2
docker_influxdb_image: influxdb:1.2
grafana_admin_password: admin
keepalived_prometheus_vip_address: ${_param:cluster_vip_address}
diff --git a/classes/cluster/sl-k8s-contrail/stacklight/server.yml b/classes/cluster/sl-k8s-contrail/stacklight/server.yml
index 8dbe8d8..e82a3d9 100644
--- a/classes/cluster/sl-k8s-contrail/stacklight/server.yml
+++ b/classes/cluster/sl-k8s-contrail/stacklight/server.yml
@@ -37,7 +37,7 @@
docker_image_remote_agent: docker-prod-virtual.docker.mirantis.net/openstack-docker/telegraf:latest
docker_image_remote_storage_adapter: docker-prod-virtual.docker.mirantis.net/openstack-docker/remote_storage_adapter:latest
docker_image_prometheus_relay: docker-prod-virtual.docker.mirantis.net/openstack-docker/prometheus_relay:latest
- docker_image_grafana: grafana/grafana:4.3.2
+ docker_image_grafana: grafana/grafana:4.5.2
grafana_admin_password: admin
keepalived_prometheus_vip_address: ${_param:cluster_vip_address}
keepalived_prometheus_vip_password: password
diff --git a/classes/cluster/sl-os-contrail/stacklight/client.yml b/classes/cluster/sl-os-contrail/stacklight/client.yml
index 4f6323a..7373bd3 100755
--- a/classes/cluster/sl-os-contrail/stacklight/client.yml
+++ b/classes/cluster/sl-os-contrail/stacklight/client.yml
@@ -17,3 +17,4 @@
grafana_password: ${_param:grafana_admin_password}
grafana_prometheus_address: ${_param:stacklight_monitor_address}
grafana_prometheus_port: 15016
+ stacklight_prometheus_port: 15010
diff --git a/classes/cluster/sl-os-contrail/stacklight/server.yml b/classes/cluster/sl-os-contrail/stacklight/server.yml
index e22bd8e..1b71f88 100755
--- a/classes/cluster/sl-os-contrail/stacklight/server.yml
+++ b/classes/cluster/sl-os-contrail/stacklight/server.yml
@@ -50,7 +50,7 @@
docker_image_remote_collector: docker-prod-virtual.docker.mirantis.net/openstack-docker/heka:latest
docker_image_remote_storage_adapter: docker-prod-virtual.docker.mirantis.net/openstack-docker/remote_storage_adapter:latest
docker_image_prometheus_relay: docker-prod-virtual.docker.mirantis.net/openstack-docker/prometheus_relay:latest
- docker_image_grafana: grafana/grafana:4.3.2
+ docker_image_grafana: grafana/grafana:4.5.2
grafana_admin_password: admin
grafana_database_type: mysql
grafana_database_host: ${_param:cluster_vip_address}
diff --git a/classes/cluster/sl-os-ovs/infra/config.yml b/classes/cluster/sl-os-ovs/infra/config.yml
index 25cf3d8..992394a 100644
--- a/classes/cluster/sl-os-ovs/infra/config.yml
+++ b/classes/cluster/sl-os-ovs/infra/config.yml
@@ -53,6 +53,7 @@
salt_master_base_environment: prd
salt_minion_ca_host: ${linux:network:fqdn}
salt_api_password_hash: "$6$sGnRlxGf$al5jMCetLP.vfI/fTl3Z0N7Za1aeiexL487jAtyRABVfT3NlwZxQGVhO7S1N8OwS/34VHYwZQA8lkXwKMN/GS1"
+ openstack_control_system_codename: xenial
linux:
network:
interface:
@@ -136,6 +137,7 @@
cluster_param:
stacklight_monitor_node03_address:
value_template: <<node_control_ip>>
+ node:
prx_node:
name: ${_param:openstack_proxy_node01_hostname}
domain: ${_param:cluster_domain}
@@ -185,4 +187,3 @@
single_address: ${_param:stacklight_monitor_node03_address}
keepalived_vip_priority: 102
mysql_cluster_role: slave
-
diff --git a/classes/cluster/sl-os-ovs/openstack/control.yml b/classes/cluster/sl-os-ovs/openstack/control.yml
index 0c6cbeb..ea1cdd6 100644
--- a/classes/cluster/sl-os-ovs/openstack/control.yml
+++ b/classes/cluster/sl-os-ovs/openstack/control.yml
@@ -32,7 +32,6 @@
parameters:
_param:
keepalived_vip_interface: ens4
- keepalived_openstack_telemetry_vip_interface: ens4
linux:
system:
package:
@@ -103,4 +102,3 @@
notification:
driver: messagingv2
topics: "notifications,${_param:stacklight_notification_topic}"
-
diff --git a/classes/cluster/sl-os-ovs/stacklight/client.yml b/classes/cluster/sl-os-ovs/stacklight/client.yml
index fde267a..607fe5f 100644
--- a/classes/cluster/sl-os-ovs/stacklight/client.yml
+++ b/classes/cluster/sl-os-ovs/stacklight/client.yml
@@ -17,3 +17,4 @@
grafana_password: ${_param:grafana_admin_password}
grafana_prometheus_address: ${_param:stacklight_monitor_address}
grafana_prometheus_port: 15016
+ stacklight_prometheus_port: 15010
diff --git a/classes/cluster/sl-os-ovs/stacklight/server.yml b/classes/cluster/sl-os-ovs/stacklight/server.yml
index 7c927b4..3a19b44 100644
--- a/classes/cluster/sl-os-ovs/stacklight/server.yml
+++ b/classes/cluster/sl-os-ovs/stacklight/server.yml
@@ -52,7 +52,7 @@
docker_image_remote_collector: docker-prod-virtual.docker.mirantis.net/openstack-docker/heka:latest
docker_image_remote_storage_adapter: docker-prod-virtual.docker.mirantis.net/openstack-docker/remote_storage_adapter:latest
docker_image_prometheus_relay: docker-prod-virtual.docker.mirantis.net/openstack-docker/prometheus_relay:latest
- docker_image_grafana: grafana/grafana:4.3.2
+ docker_image_grafana: grafana/grafana:4.5.2
grafana_admin_password: admin
grafana_database_type: mysql
grafana_database_host: ${_param:cluster_vip_address}
diff --git a/classes/cluster/virtual-mcp-ocata-cicd/cicd/control/init.yml b/classes/cluster/virtual-mcp-ocata-cicd/cicd/control/init.yml
index d9f86ab..21759c1 100644
--- a/classes/cluster/virtual-mcp-ocata-cicd/cicd/control/init.yml
+++ b/classes/cluster/virtual-mcp-ocata-cicd/cicd/control/init.yml
@@ -36,7 +36,7 @@
- system.docker.swarm.stack.rundeck
- system.docker.swarm.stack.security_monkey
# Docker networks
- - system.docker.swarm.network.runbook
+ - system.docker.swarm.network.oss_backend
# Keepalived
- system.keepalived.cluster.instance.cicd_control_vip
diff --git a/classes/cluster/virtual-mcp-ocata-cicd/infra/init.yml b/classes/cluster/virtual-mcp-ocata-cicd/infra/init.yml
index 93014c8..e535f83 100644
--- a/classes/cluster/virtual-mcp-ocata-cicd/infra/init.yml
+++ b/classes/cluster/virtual-mcp-ocata-cicd/infra/init.yml
@@ -3,10 +3,7 @@
- system.linux.system.repo.mcp.extra
- system.linux.system.repo.mcp.salt
- system.linux.system.repo.ubuntu
-- system.openssh.server.team.lab
-- system.openssh.server.team.stacklight
-- system.openssh.server.team.tcpcloud
-- system.openssh.server.team.mcp_qa
+- system.openssh.server.team.all
- system.rsyslog.client.single
- cluster.virtual-mcp-ocata-cicd.cicd
- cluster.virtual-mcp-ocata-cicd.openstack
diff --git a/classes/cluster/virtual-mcp-ocata-cicd/openstack/control.yml b/classes/cluster/virtual-mcp-ocata-cicd/openstack/control.yml
index e10b2a0..8d2061d 100644
--- a/classes/cluster/virtual-mcp-ocata-cicd/openstack/control.yml
+++ b/classes/cluster/virtual-mcp-ocata-cicd/openstack/control.yml
@@ -39,7 +39,6 @@
_param:
glusterfs_service_host: ${_param:cluster_vip_address}
keepalived_vip_interface: ens4
- keepalived_openstack_telemetry_vip_interface: ens4
linux_system_codename: xenial
linux:
system:
@@ -152,4 +151,3 @@
notification:
driver: messagingv2
topics: "notifications,${_param:stacklight_notification_topic}"
-
diff --git a/classes/cluster/virtual-mcp-ocata-cicd/openstack/init.yml b/classes/cluster/virtual-mcp-ocata-cicd/openstack/init.yml
index 92abd7b..ea809d9 100644
--- a/classes/cluster/virtual-mcp-ocata-cicd/openstack/init.yml
+++ b/classes/cluster/virtual-mcp-ocata-cicd/openstack/init.yml
@@ -69,7 +69,7 @@
heat_service_host: ${_param:cluster_vip_address}
heat_domain_admin_password: workshop
ceilometer_version: ${_param:openstack_version}
- ceilometer_service_host: 172.16.10.108
+ ceilometer_service_host: ${_param:cluster_vip_address}
cinder_version: ${_param:openstack_version}
cinder_service_host: ${_param:cluster_vip_address}
ceilometer_graphite_publisher_host: 172.16.10.107
diff --git a/classes/cluster/virtual-mcp-ocata-cicd/stacklight/server.yml b/classes/cluster/virtual-mcp-ocata-cicd/stacklight/server.yml
index 3a493c4..2902d76 100644
--- a/classes/cluster/virtual-mcp-ocata-cicd/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp-ocata-cicd/stacklight/server.yml
@@ -35,12 +35,15 @@
docker_image_remote_agent: docker-prod-virtual.docker.mirantis.net/openstack-docker/telegraf:latest
docker_image_remote_storage_adapter: docker-prod-virtual.docker.mirantis.net/openstack-docker/remote_storage_adapter:latest
docker_image_prometheus_relay: docker-prod-virtual.docker.mirantis.net/openstack-docker/prometheus_relay:latest
- docker_image_grafana: grafana/grafana:4.3.2
+ docker_image_grafana: grafana/grafana:4.5.2
grafana_admin_password: admin
keepalived_prometheus_vip_address: ${_param:cluster_vip_address}
keepalived_prometheus_vip_password: password
keepalived_prometheus_vip_interface: ens3
# Docker/Elasticsearch
+ cluster_elasticsearch_port: 9200
+ cluster_kibana_port: 5601
+ cluster_grafana_port: 3000
cluster_node01_hostname: ${_param:stacklight_node01_hostname}
cluster_node01_address: ${_param:stacklight_node01_address}
cluster_node02_hostname: ${_param:stacklight_node02_hostname}
diff --git a/classes/cluster/virtual-mcp-ocata-dvr/infra/config.yml b/classes/cluster/virtual-mcp-ocata-dvr/infra/config.yml
index 10010ae..e206416 100644
--- a/classes/cluster/virtual-mcp-ocata-dvr/infra/config.yml
+++ b/classes/cluster/virtual-mcp-ocata-dvr/infra/config.yml
@@ -54,7 +54,7 @@
site:
nginx_proxy_openstack_web:
proxy:
- host: prx
+ host: ${_param:openstack_proxy_address}
nginx_proxy_openstack_api_heat_cfn:
enabled: false
salt:
diff --git a/classes/cluster/virtual-mcp-ocata-dvr/openstack/control.yml b/classes/cluster/virtual-mcp-ocata-dvr/openstack/control.yml
index 8e756a2..650e02a 100644
--- a/classes/cluster/virtual-mcp-ocata-dvr/openstack/control.yml
+++ b/classes/cluster/virtual-mcp-ocata-dvr/openstack/control.yml
@@ -41,8 +41,6 @@
parameters:
_param:
keepalived_vip_interface: ens4
- keepalived_openstack_telemetry_vip_interface: ens4
- keepalived_openstack_telemetry_vip_address: 172.16.10.252
linux:
system:
package:
diff --git a/classes/cluster/virtual-mcp-ocata-dvr/openstack/init.yml b/classes/cluster/virtual-mcp-ocata-dvr/openstack/init.yml
index 544abea..9bc063d 100644
--- a/classes/cluster/virtual-mcp-ocata-dvr/openstack/init.yml
+++ b/classes/cluster/virtual-mcp-ocata-dvr/openstack/init.yml
@@ -92,7 +92,7 @@
heat_service_host: ${_param:cluster_vip_address}
heat_domain_admin_password: workshop
ceilometer_version: ${_param:openstack_version}
- ceilometer_service_host: 172.16.10.108
+ ceilometer_service_host: ${_param:cluster_vip_address}
cinder_version: ${_param:openstack_version}
cinder_service_host: ${_param:cluster_vip_address}
aodh_version: ${_param:openstack_version}
diff --git a/classes/cluster/virtual-mcp-ocata-dvr/stacklight/server.yml b/classes/cluster/virtual-mcp-ocata-dvr/stacklight/server.yml
index d36763a..72d2b76 100644
--- a/classes/cluster/virtual-mcp-ocata-dvr/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp-ocata-dvr/stacklight/server.yml
@@ -52,7 +52,7 @@
docker_image_remote_storage_adapter: docker-prod-virtual.docker.mirantis.net/openstack-docker/remote_storage_adapter:latest
docker_image_remote_collector: docker-prod-virtual.docker.mirantis.net/openstack-docker/heka:latest
docker_image_prometheus_relay: docker-prod-virtual.docker.mirantis.net/openstack-docker/prometheus_relay:latest
- docker_image_grafana: grafana/grafana:4.3.2
+ docker_image_grafana: grafana/grafana:4.5.2
influxdb_port: 8086
influxdb_admin_password: password
influxdb_stacklight_password: lmapass
diff --git a/classes/cluster/virtual-mcp-ocata-ovs/openstack/control.yml b/classes/cluster/virtual-mcp-ocata-ovs/openstack/control.yml
index c88b3f9..81d89f7 100644
--- a/classes/cluster/virtual-mcp-ocata-ovs/openstack/control.yml
+++ b/classes/cluster/virtual-mcp-ocata-ovs/openstack/control.yml
@@ -42,7 +42,6 @@
parameters:
_param:
keepalived_vip_interface: ens4
- keepalived_openstack_telemetry_vip_interface: ens4
linux:
system:
package:
@@ -154,4 +153,3 @@
notification:
driver: messagingv2
topics: "notifications,${_param:stacklight_notification_topic}"
-
diff --git a/classes/cluster/virtual-mcp-ocata-ovs/openstack/init.yml b/classes/cluster/virtual-mcp-ocata-ovs/openstack/init.yml
index 8f78734..b564e0b 100644
--- a/classes/cluster/virtual-mcp-ocata-ovs/openstack/init.yml
+++ b/classes/cluster/virtual-mcp-ocata-ovs/openstack/init.yml
@@ -69,7 +69,7 @@
heat_service_host: ${_param:cluster_vip_address}
heat_domain_admin_password: workshop
ceilometer_version: ${_param:openstack_version}
- ceilometer_service_host: 172.16.10.108
+ ceilometer_service_host: ${_param:cluster_vip_address}
cinder_version: ${_param:openstack_version}
cinder_service_host: ${_param:cluster_vip_address}
aodh_version: ${_param:openstack_version}
diff --git a/classes/cluster/virtual-mcp-ocata-ovs/stacklight/server.yml b/classes/cluster/virtual-mcp-ocata-ovs/stacklight/server.yml
index fd31ac3..205afd6 100644
--- a/classes/cluster/virtual-mcp-ocata-ovs/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp-ocata-ovs/stacklight/server.yml
@@ -52,7 +52,7 @@
docker_image_remote_storage_adapter: docker-prod-virtual.docker.mirantis.net/openstack-docker/remote_storage_adapter:latest
docker_image_remote_collector: docker-prod-virtual.docker.mirantis.net/openstack-docker/heka:latest
docker_image_prometheus_relay: docker-prod-virtual.docker.mirantis.net/openstack-docker/prometheus_relay:latest
- docker_image_grafana: grafana/grafana:4.3.2
+ docker_image_grafana: grafana/grafana:4.5.2
influxdb_port: 8086
influxdb_admin_password: password
influxdb_stacklight_password: lmapass
diff --git a/classes/cluster/virtual-mcp10-contrail/openstack/control.yml b/classes/cluster/virtual-mcp10-contrail/openstack/control.yml
index 46d5e14..3295d9c 100755
--- a/classes/cluster/virtual-mcp10-contrail/openstack/control.yml
+++ b/classes/cluster/virtual-mcp10-contrail/openstack/control.yml
@@ -47,7 +47,6 @@
parameters:
_param:
keepalived_vip_interface: eth1
- keepalived_openstack_telemetry_vip_address: 172.16.10.251
cluster_vip_address: ${_param:openstack_control_address}
cluster_local_address: ${_param:single_address}
cluster_node01_hostname: ctl01
diff --git a/classes/cluster/virtual-mcp10-dvr/openstack/control.yml b/classes/cluster/virtual-mcp10-dvr/openstack/control.yml
index 515cb99..7a60877 100644
--- a/classes/cluster/virtual-mcp10-dvr/openstack/control.yml
+++ b/classes/cluster/virtual-mcp10-dvr/openstack/control.yml
@@ -33,7 +33,6 @@
parameters:
_param:
keepalived_vip_interface: eth1
- keepalived_openstack_telemetry_vip_address: 172.16.10.252
linux:
system:
package:
diff --git a/classes/cluster/virtual-mcp10-ovs/openstack/control.yml b/classes/cluster/virtual-mcp10-ovs/openstack/control.yml
index 01358b1..62bb45c 100644
--- a/classes/cluster/virtual-mcp10-ovs/openstack/control.yml
+++ b/classes/cluster/virtual-mcp10-ovs/openstack/control.yml
@@ -32,7 +32,6 @@
parameters:
_param:
keepalived_vip_interface: eth1
- keepalived_openstack_telemetry_vip_address: 172.16.10.252
linux:
system:
package:
@@ -100,4 +99,3 @@
notification:
driver: messagingv2
topics: "notifications,${_param:stacklight_notification_topic}"
-
diff --git a/classes/cluster/virtual-mcp11-aio/.env b/classes/cluster/virtual-mcp11-aio/.env
index bdf599f..5b16136 100644
--- a/classes/cluster/virtual-mcp11-aio/.env
+++ b/classes/cluster/virtual-mcp11-aio/.env
@@ -1 +1 @@
-FORMULAS_SALT_MASTER+=(java openssh ntp nginx collectd sensu heka sphinx mysql galera grafana libvirt rsyslog glusterfs postfix xtrabackup freeipa prometheus telegraf elasticsearch kibana rundeck devops-portal mysql libvirt rsyslog memcached rabbitmq apache keystone glance nova neutron cinder heat horizon ironic tftpd-hpa bind powerdns designate)
+FORMULAS_SALT_MASTER+=(java openssh ntp nginx collectd sensu heka sphinx mysql galera grafana libvirt rsyslog glusterfs postfix xtrabackup freeipa prometheus telegraf elasticsearch kibana rundeck devops-portal libvirt rsyslog memcached rabbitmq apache keystone glance nova neutron cinder heat horizon ironic tftpd-hpa bind powerdns designate barbican)
diff --git a/classes/cluster/virtual-mcp11-aio/init.yml b/classes/cluster/virtual-mcp11-aio/init.yml
index 5e2071a..1694dd3 100755
--- a/classes/cluster/virtual-mcp11-aio/init.yml
+++ b/classes/cluster/virtual-mcp11-aio/init.yml
@@ -25,6 +25,8 @@
single_address: 172.16.10.90
infra_config_address: ${_param:single_address}
cluster_domain: virtual-mcp11-aio.local
+ cluster_name: virtual-mcp11-aio
+ infra_config_hostname: cfg01
mysql_admin_user: root
mysql_admin_password: workshop
diff --git a/classes/cluster/virtual-mcp11-aio/openstack/init.yml b/classes/cluster/virtual-mcp11-aio/openstack/init.yml
index e54d94c..d0f3364 100755
--- a/classes/cluster/virtual-mcp11-aio/openstack/init.yml
+++ b/classes/cluster/virtual-mcp11-aio/openstack/init.yml
@@ -13,7 +13,9 @@
- system.galera.server.database.heat
- system.galera.server.database.keystone
- system.galera.server.database.nova
+- system.galera.server.database.barbican
- system.keystone.client.single
+- system.keystone.client.service.barbican
- system.keystone.client.service.nova21
- system.keystone.client.service.nova-placement
- system.keystone.client.service.designate
@@ -30,6 +32,8 @@
- system.cinder.volume.backend.lvm
- system.horizon.server.single
- system.bind.server.single
+- system.barbican.server.single
+- service.barbican.server.plugin.simple_crypto
- system.designate.server.single
- system.designate.server.backend.bind
parameters:
@@ -44,6 +48,7 @@
galera_server_maintenance_password: workshop
galera_server_admin_password: workshop
keystone_version: ${_param:openstack_version}
+ barbican_version: ${_param:openstack_version}
glance_version: ${_param:openstack_version}
nova_version: ${_param:openstack_version}
neutron_version: ${_param:openstack_version}
@@ -53,6 +58,7 @@
designate_version: ${_param:openstack_version}
keystone_service_token: workshop
keystone_admin_password: workshop
+ keystone_barbican_password: workshop
keystone_ceilometer_password: workshop
keystone_cinder_password: workshop
keystone_glance_password: workshop
@@ -62,12 +68,14 @@
keystone_designate_password: workshop
keystone_service_host: ${_param:single_address}
mysql_keystone_password: workshop
+ mysql_barbican_password: workshop
mysql_glance_password: workshop
mysql_nova_password: workshop
mysql_neutron_password: workshop
mysql_cinder_password: workshop
mysql_heat_password: workshop
mysql_designate_password: workshop
+ barbican_service_host: ${_param:single_address}
heat_service_host: ${_param:single_address}
neutron_service_host: ${_param:single_address}
glance_service_host: ${_param:single_address}
@@ -111,6 +119,8 @@
openstack_public_neutron_subnet_cidr: 192.168.130.0/24
openstack_public_neutron_subnet_allocation_start: 192.168.130.10
openstack_public_neutron_subnet_allocation_end: 192.168.130.254
+ barbican_simple_crypto_kek: YWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXoxMjM0NTY=
+ barbican_integration_enabled: True
galera:
master:
members: ~
@@ -118,6 +128,14 @@
max_connections: 1000
slave:
enabled: false
+ barbican:
+ server:
+ ks_notifications_enable: True
+ store:
+ software:
+ crypto_plugin: simple_crypto
+ store_plugin: store_crypto
+ global_default: True
neutron:
server:
message_queue:
@@ -127,6 +145,8 @@
dvr: True
nova:
compute:
+ barbican:
+ enable: ${_param:barbican_integration_enabled}
vncproxy_url: http://${_param:single_address}:6080
network:
user: neutron
@@ -135,8 +155,13 @@
cache:
members: ~
controller:
+ barbican:
+ enabled: ${_param:barbican_integration_enabled}
vncproxy_url: http://${_param:single_address}:6080
cinder:
+ controller:
+ barbican:
+ enabled: ${_param:barbican_integration_enabled}
volume:
cache:
members: ~
@@ -146,3 +171,7 @@
designate:
worker:
enabled: ${_param:designate_worker_enabled}
+ glance:
+ server:
+ barbican:
+ enabled: ${_param:barbican_integration_enabled}
diff --git a/classes/cluster/virtual-mcp11-contrail-nfv/openstack/control.yml b/classes/cluster/virtual-mcp11-contrail-nfv/openstack/control.yml
index f319493..975d121 100755
--- a/classes/cluster/virtual-mcp11-contrail-nfv/openstack/control.yml
+++ b/classes/cluster/virtual-mcp11-contrail-nfv/openstack/control.yml
@@ -46,7 +46,6 @@
parameters:
_param:
keepalived_vip_interface: ens4
- keepalived_openstack_telemetry_vip_address: 172.16.10.251
cluster_vip_address: ${_param:openstack_control_address}
cluster_local_address: ${_param:single_address}
cluster_node01_hostname: ctl01
@@ -55,7 +54,6 @@
cluster_node02_address: ${_param:openstack_control_node02_address}
cluster_node03_hostname: ctl03
cluster_node03_address: ${_param:openstack_control_node03_address}
- keepalived_openstack_telemetry_vip_interface: ens4
linux:
system:
package:
diff --git a/classes/cluster/virtual-mcp11-contrail/openstack/control.yml b/classes/cluster/virtual-mcp11-contrail/openstack/control.yml
index 0415236..5cd7f19 100755
--- a/classes/cluster/virtual-mcp11-contrail/openstack/control.yml
+++ b/classes/cluster/virtual-mcp11-contrail/openstack/control.yml
@@ -44,7 +44,6 @@
parameters:
_param:
keepalived_vip_interface: ens4
- keepalived_openstack_telemetry_vip_address: 172.16.10.251
cluster_vip_address: ${_param:openstack_control_address}
cluster_local_address: ${_param:single_address}
cluster_node01_hostname: ctl01
@@ -53,7 +52,6 @@
cluster_node02_address: ${_param:openstack_control_node02_address}
cluster_node03_hostname: ctl03
cluster_node03_address: ${_param:openstack_control_node03_address}
- keepalived_openstack_telemetry_vip_interface: ens4
linux:
system:
package:
diff --git a/classes/cluster/virtual-mcp11-contrail/stacklight/server.yml b/classes/cluster/virtual-mcp11-contrail/stacklight/server.yml
index b89b08d..cc47bb7 100755
--- a/classes/cluster/virtual-mcp11-contrail/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp11-contrail/stacklight/server.yml
@@ -52,7 +52,7 @@
docker_image_remote_storage_adapter: docker-prod-virtual.docker.mirantis.net/openstack-docker/remote_storage_adapter:latest
docker_image_remote_collector: docker-prod-virtual.docker.mirantis.net/openstack-docker/heka:latest
docker_image_prometheus_relay: docker-prod-virtual.docker.mirantis.net/openstack-docker/prometheus_relay:latest
- docker_image_grafana: grafana/grafana:4.3.2
+ docker_image_grafana: grafana/grafana:4.5.2
influxdb_port: 8086
influxdb_admin_password: password
influxdb_stacklight_password: lmapass
diff --git a/classes/cluster/virtual-mcp11-dvr/openstack/control.yml b/classes/cluster/virtual-mcp11-dvr/openstack/control.yml
index 12431c9..ee9785b 100644
--- a/classes/cluster/virtual-mcp11-dvr/openstack/control.yml
+++ b/classes/cluster/virtual-mcp11-dvr/openstack/control.yml
@@ -38,8 +38,6 @@
parameters:
_param:
keepalived_vip_interface: ens4
- keepalived_openstack_telemetry_vip_address: 172.16.10.252
- keepalived_openstack_telemetry_vip_interface: ens4
linux:
system:
package:
diff --git a/classes/cluster/virtual-mcp11-dvr/stacklight/server.yml b/classes/cluster/virtual-mcp11-dvr/stacklight/server.yml
index 34efd21..193a51c 100644
--- a/classes/cluster/virtual-mcp11-dvr/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp11-dvr/stacklight/server.yml
@@ -52,7 +52,7 @@
docker_image_remote_storage_adapter: docker-prod-virtual.docker.mirantis.net/openstack-docker/remote_storage_adapter:latest
docker_image_remote_collector: docker-prod-virtual.docker.mirantis.net/openstack-docker/heka:latest
docker_image_prometheus_relay: docker-prod-virtual.docker.mirantis.net/openstack-docker/prometheus_relay:latest
- docker_image_grafana: grafana/grafana:4.3.2
+ docker_image_grafana: grafana/grafana:4.5.2
influxdb_port: 8086
influxdb_admin_password: password
influxdb_stacklight_password: lmapass
diff --git a/classes/cluster/virtual-mcp11-k8s-calico-dyn/infra/init.yml b/classes/cluster/virtual-mcp11-k8s-calico-dyn/infra/init.yml
index 5e01c17..9eec8d0 100644
--- a/classes/cluster/virtual-mcp11-k8s-calico-dyn/infra/init.yml
+++ b/classes/cluster/virtual-mcp11-k8s-calico-dyn/infra/init.yml
@@ -3,11 +3,7 @@
- system.linux.system.repo.mcp.extra
- system.linux.system.repo.mcp.salt
- system.linux.system.repo.ubuntu
-- system.openssh.server.team.lab
-- system.openssh.server.team.stacklight
-- system.openssh.server.team.tcpcloud
-- system.openssh.server.team.mcp_qa
-- system.openssh.server.team.k8s_team
+- system.openssh.server.team.all
- system.rsyslog.client.single
- system.telegraf.agent
- system.prometheus.collector
diff --git a/classes/cluster/virtual-mcp11-k8s-calico-dyn/stacklight/server.yml b/classes/cluster/virtual-mcp11-k8s-calico-dyn/stacklight/server.yml
index dea0f28..fca5814 100644
--- a/classes/cluster/virtual-mcp11-k8s-calico-dyn/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp11-k8s-calico-dyn/stacklight/server.yml
@@ -30,7 +30,7 @@
docker_image_remote_agent: docker-prod-virtual.docker.mirantis.net/openstack-docker/telegraf:latest
docker_image_remote_storage_adapter: docker-prod-virtual.docker.mirantis.net/openstack-docker/remote_storage_adapter:latest
docker_image_prometheus_relay: docker-prod-virtual.docker.mirantis.net/openstack-docker/prometheus_relay:latest
- docker_image_grafana: grafana/grafana:4.3.2
+ docker_image_grafana: grafana/grafana:4.5.2
grafana_admin_password: admin
keepalived_prometheus_vip_address: ${_param:cluster_vip_address}
keepalived_prometheus_vip_password: password
diff --git a/classes/cluster/virtual-mcp11-k8s-calico-minimal/infra/init.yml b/classes/cluster/virtual-mcp11-k8s-calico-minimal/infra/init.yml
index bdd4642..017d4d6 100644
--- a/classes/cluster/virtual-mcp11-k8s-calico-minimal/infra/init.yml
+++ b/classes/cluster/virtual-mcp11-k8s-calico-minimal/infra/init.yml
@@ -3,11 +3,7 @@
- system.linux.system.repo.mcp.extra
- system.linux.system.repo.mcp.salt
- system.linux.system.repo.ubuntu
-- system.openssh.server.team.lab
-- system.openssh.server.team.stacklight
-- system.openssh.server.team.tcpcloud
-- system.openssh.server.team.mcp_qa
-- system.openssh.server.team.k8s_team
+- system.openssh.server.team.all
- system.rsyslog.client.single
parameters:
_param:
diff --git a/classes/cluster/virtual-mcp11-k8s-calico/infra/init.yml b/classes/cluster/virtual-mcp11-k8s-calico/infra/init.yml
index 736117d..4bd38d7 100644
--- a/classes/cluster/virtual-mcp11-k8s-calico/infra/init.yml
+++ b/classes/cluster/virtual-mcp11-k8s-calico/infra/init.yml
@@ -3,11 +3,7 @@
- system.linux.system.repo.mcp.extra
- system.linux.system.repo.mcp.salt
- system.linux.system.repo.ubuntu
-- system.openssh.server.team.lab
-- system.openssh.server.team.stacklight
-- system.openssh.server.team.tcpcloud
-- system.openssh.server.team.mcp_qa
-- system.openssh.server.team.k8s_team
+- system.openssh.server.team.all
- system.rsyslog.client.single
parameters:
_param:
diff --git a/classes/cluster/virtual-mcp11-k8s-calico/stacklight/server.yml b/classes/cluster/virtual-mcp11-k8s-calico/stacklight/server.yml
index 984443d..3bfee95 100644
--- a/classes/cluster/virtual-mcp11-k8s-calico/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp11-k8s-calico/stacklight/server.yml
@@ -37,13 +37,16 @@
docker_image_remote_agent: docker-prod-virtual.docker.mirantis.net/openstack-docker/telegraf:latest
docker_image_remote_storage_adapter: docker-prod-virtual.docker.mirantis.net/openstack-docker/remote_storage_adapter:latest
docker_image_prometheus_relay: docker-prod-virtual.docker.mirantis.net/openstack-docker/prometheus_relay:latest
- docker_image_grafana: grafana/grafana:4.3.2
+ docker_image_grafana: grafana/grafana:4.5.2
docker_influxdb_image: influxdb:1.2
grafana_admin_password: admin
keepalived_prometheus_vip_address: ${_param:cluster_vip_address}
keepalived_prometheus_vip_password: password
keepalived_prometheus_vip_interface: ens4
# Docker/Elasticsearch
+ cluster_elasticsearch_port: 9200
+ cluster_kibana_port: 5601
+ cluster_grafana_port: 3000
cluster_node01_hostname: ${_param:stacklight_node01_hostname}
cluster_node01_address: ${_param:stacklight_node01_address}
cluster_node02_hostname: ${_param:stacklight_node02_hostname}
diff --git a/classes/cluster/virtual-mcp11-k8s-contrail/infra/init.yml b/classes/cluster/virtual-mcp11-k8s-contrail/infra/init.yml
index 34a8fe1..234544f 100644
--- a/classes/cluster/virtual-mcp11-k8s-contrail/infra/init.yml
+++ b/classes/cluster/virtual-mcp11-k8s-contrail/infra/init.yml
@@ -3,11 +3,7 @@
- system.linux.system.repo.mcp.extra
- system.linux.system.repo.mcp.salt
- system.linux.system.repo.ubuntu
-- system.openssh.server.team.lab
-- system.openssh.server.team.stacklight
-- system.openssh.server.team.tcpcloud
-- system.openssh.server.team.mcp_qa
-- system.openssh.server.team.k8s_team
+- system.openssh.server.team.all
- system.rsyslog.client.single
- system.heka.log_collector.single
- system.heka.log_collector.output.telegraf
diff --git a/classes/cluster/virtual-mcp11-k8s-contrail/stacklight/server.yml b/classes/cluster/virtual-mcp11-k8s-contrail/stacklight/server.yml
index f3f8a33..fc5ea3f 100644
--- a/classes/cluster/virtual-mcp11-k8s-contrail/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp11-k8s-contrail/stacklight/server.yml
@@ -37,7 +37,7 @@
docker_image_remote_agent: docker-prod-virtual.docker.mirantis.net/openstack-docker/telegraf:latest
docker_image_remote_storage_adapter: docker-prod-virtual.docker.mirantis.net/openstack-docker/remote_storage_adapter:latest
docker_image_prometheus_relay: docker-prod-virtual.docker.mirantis.net/openstack-docker/prometheus_relay:latest
- docker_image_grafana: grafana/grafana:4.3.2
+ docker_image_grafana: grafana/grafana:4.5.2
grafana_admin_password: admin
keepalived_prometheus_vip_address: ${_param:cluster_vip_address}
keepalived_prometheus_vip_password: password
@@ -53,6 +53,9 @@
# Kibana
kibana_elasticsearch_host: ${_param:cluster_vip_address}
# Docker/Elasticsearch
+ cluster_elasticsearch_port: 9200
+ cluster_kibana_port: 5601
+ cluster_grafana_port: 3000
cluster_node01_hostname: ${_param:stacklight_node01_hostname}
cluster_node01_address: ${_param:stacklight_node01_address}
cluster_node02_hostname: ${_param:stacklight_node02_hostname}
diff --git a/classes/cluster/virtual-mcp11-ovs-dpdk/openstack/control.yml b/classes/cluster/virtual-mcp11-ovs-dpdk/openstack/control.yml
index 8d86179..2e2ec97 100644
--- a/classes/cluster/virtual-mcp11-ovs-dpdk/openstack/control.yml
+++ b/classes/cluster/virtual-mcp11-ovs-dpdk/openstack/control.yml
@@ -36,8 +36,6 @@
parameters:
_param:
keepalived_vip_interface: ens4
- keepalived_openstack_telemetry_vip_address: 172.16.10.252
- keepalived_openstack_telemetry_vip_interface: ens4
linux:
system:
package:
@@ -149,4 +147,3 @@
notification:
driver: messagingv2
topics: "notifications,${_param:stacklight_notification_topic}"
-
diff --git a/classes/cluster/virtual-mcp11-ovs-ironic/openstack/control.yml b/classes/cluster/virtual-mcp11-ovs-ironic/openstack/control.yml
index c2b5b99..0a88de2 100644
--- a/classes/cluster/virtual-mcp11-ovs-ironic/openstack/control.yml
+++ b/classes/cluster/virtual-mcp11-ovs-ironic/openstack/control.yml
@@ -38,10 +38,8 @@
parameters:
_param:
keepalived_vip_interface: ens4
- keepalived_openstack_telemetry_vip_interface: ens4
cluster_vip_address: ${_param:openstack_control_address}
cluster_local_address: ${_param:single_address}
- keepalived_openstack_telemetry_vip_interface: ens4
linux:
system:
package:
@@ -109,4 +107,3 @@
notification:
driver: messagingv2
topics: "notifications,${_param:stacklight_notification_topic}"
-
diff --git a/classes/cluster/virtual-mcp11-ovs/openstack/control.yml b/classes/cluster/virtual-mcp11-ovs/openstack/control.yml
index 9f0477a..7617480 100644
--- a/classes/cluster/virtual-mcp11-ovs/openstack/control.yml
+++ b/classes/cluster/virtual-mcp11-ovs/openstack/control.yml
@@ -33,8 +33,6 @@
parameters:
_param:
keepalived_vip_interface: ens4
- keepalived_openstack_telemetry_vip_address: 172.16.10.252
- keepalived_openstack_telemetry_vip_interface: ens4
linux:
system:
package:
@@ -102,4 +100,3 @@
notification:
driver: messagingv2
topics: "notifications,${_param:stacklight_notification_topic}"
-
diff --git a/classes/cluster/virtual-mcp11-ovs/openstack/init.yml b/classes/cluster/virtual-mcp11-ovs/openstack/init.yml
index d96f0d0..c7cf751 100644
--- a/classes/cluster/virtual-mcp11-ovs/openstack/init.yml
+++ b/classes/cluster/virtual-mcp11-ovs/openstack/init.yml
@@ -67,7 +67,7 @@
heat_service_host: ${_param:cluster_vip_address}
heat_domain_admin_password: workshop
ceilometer_version: ${_param:openstack_version}
- ceilometer_service_host: 172.16.10.108
+ ceilometer_service_host: ${_param:cluster_vip_address}
cinder_version: ${_param:openstack_version}
cinder_service_host: ${_param:cluster_vip_address}
ceilometer_graphite_publisher_host: 172.16.10.107
diff --git a/classes/system b/classes/system
index 91f7c58..fe4aa38 160000
--- a/classes/system
+++ b/classes/system
@@ -1 +1 @@
-Subproject commit 91f7c583759a99539f4e6176360f4f3c085bfdf1
+Subproject commit fe4aa384d17b441219c2f0da24d9cc3bb711ccef