Add Barbican to os-ha-contrail
Change-Id: I4655c28797998bc289ae58014b9e9089f29609d5
diff --git a/classes/cluster/os-ha-contrail/openstack/compute.yml b/classes/cluster/os-ha-contrail/openstack/compute.yml
index f32f983..8346f2f 100755
--- a/classes/cluster/os-ha-contrail/openstack/compute.yml
+++ b/classes/cluster/os-ha-contrail/openstack/compute.yml
@@ -9,6 +9,8 @@
- system.opencontrail.client.cluster
- system.opencontrail.client.resource.virtual_router
- service.opencontrail.compute.cluster
+- service.opencontrail.compute.lbaas.barbican
+- service.barbican.client.cluster
- cluster.os-ha-contrail
parameters:
_param:
diff --git a/classes/cluster/os-ha-contrail/openstack/control.yml b/classes/cluster/os-ha-contrail/openstack/control.yml
index 2b6c6f8..e5ab6a3 100755
--- a/classes/cluster/os-ha-contrail/openstack/control.yml
+++ b/classes/cluster/os-ha-contrail/openstack/control.yml
@@ -24,6 +24,7 @@
- system.designate.server.cluster
- system.designate.server.backend.bind
- system.galera.server.cluster
+- system.galera.server.database.barbican
- system.galera.server.database.cinder
- system.galera.server.database.glance
- system.galera.server.database.heat
@@ -31,6 +32,8 @@
- system.galera.server.database.nova
- system.galera.server.database.designate
- system.haproxy.proxy.listen.openstack.nova-placement
+- system.barbican.server.cluster
+- service.barbican.server.plugin.simple_crypto
- cluster.os-ha-contrail
parameters:
_param:
@@ -62,6 +65,13 @@
instance:
VIP:
virtual_router_id: 150
+ barbican:
+ server:
+ store:
+ software:
+ crypto_plugin: simple_crypto
+ store_plugin: store_crypto
+ global_default: True
bind:
server:
control:
diff --git a/classes/cluster/os-ha-contrail/openstack/init.yml b/classes/cluster/os-ha-contrail/openstack/init.yml
index 826c807..a6c09ff 100755
--- a/classes/cluster/os-ha-contrail/openstack/init.yml
+++ b/classes/cluster/os-ha-contrail/openstack/init.yml
@@ -75,6 +75,7 @@
rndc_host: ${_param:openstack_control_node01_address}
rndc_port: 953
rndc_key_file: /etc/designate/rndc.key
+ barbican_version: ${_param:openstack_version}
designate_version: ${_param:openstack_version}
cluster_vip_address: ${_param:openstack_control_address}
glance_version: ${_param:openstack_version}
@@ -93,10 +94,12 @@
neutron_service_host: ${_param:openstack_control_address}
glusterfs_service_host: ${_param:openstack_control_address}
designate_service_host: ${_param:openstack_control_address}
+ barbican_service_host: ${_param:openstack_control_address}
mysql_admin_user: root
mysql_admin_password: workshop
- mysql_designate_password: workshop
+ mysql_barbican_password: workshop
mysql_cinder_password: workshop
+ mysql_designate_password: workshop
mysql_glance_password: workshop
mysql_heat_password: workshop
mysql_keystone_password: workshop
@@ -104,6 +107,7 @@
mysql_nova_password: workshop
keystone_service_token: workshop
keystone_admin_password: workshop
+ keystone_barbican_password: workshop
keystone_cinder_password: workshop
keystone_glance_password: workshop
keystone_heat_password: workshop
@@ -117,6 +121,10 @@
horizon_identity_host: ${_param:openstack_control_address}
horizon_identity_encryption: none
horizon_identity_version: 2
+ opencontrail_barbican_user: admin
+ opencontrail_barbican_password: ${_param:keystone_admin_password}
+ opencontrail_barbican_tenant: admin
+ barbican_simple_crypto_kek: "YWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXoxMjM0NTY="
linux:
network:
host:
diff --git a/classes/cluster/os-ha-contrail/openstack/proxy.yml b/classes/cluster/os-ha-contrail/openstack/proxy.yml
index 23c0c2b..37a9234 100755
--- a/classes/cluster/os-ha-contrail/openstack/proxy.yml
+++ b/classes/cluster/os-ha-contrail/openstack/proxy.yml
@@ -4,6 +4,7 @@
- system.nginx.server.proxy.openstack_api
- system.nginx.server.proxy.openstack_vnc
- system.nginx.server.proxy.openstack_web
+- system.nginx.server.proxy.openstack.barbican
- system.salt.minion.cert.proxy
- cluster.os-ha-contrail
parameters: