Merge "prometheus port variable defined"
diff --git a/classes/cluster/aaa-ha-freeipa/infra/init.yml b/classes/cluster/aaa-ha-freeipa/infra/init.yml
index 38ee22a..fdf066a 100644
--- a/classes/cluster/aaa-ha-freeipa/infra/init.yml
+++ b/classes/cluster/aaa-ha-freeipa/infra/init.yml
@@ -3,11 +3,7 @@
- system.linux.system.repo.mcp.extra
- system.linux.system.repo.mcp.salt
- system.linux.system.repo.ubuntu
-- system.openssh.server.team.lab
-- system.openssh.server.team.tcpcloud
-- system.openssh.server.team.mcp_qa
-- system.openssh.server.team.mmo_devops
-- system.openssh.server.team.services
+- system.openssh.server.team.all
- system.rsyslog.client.single
parameters:
_param:
diff --git a/classes/cluster/ceph-ha/ceph/init.yml b/classes/cluster/ceph-ha/ceph/init.yml
index 6bfb3db..a2600a9 100644
--- a/classes/cluster/ceph-ha/ceph/init.yml
+++ b/classes/cluster/ceph-ha/ceph/init.yml
@@ -22,6 +22,8 @@
ceph_cfs_node01_hostname: cfs01
ceph_cfs_node01_address: 172.16.10.97
+ single_address: ''
+
ceph_cluster_fsid: a619c5fc-c4ed-4f22-9ed2-66cf2feca23d
ceph_mon_keyring: AQAnQIhZ6in5KxAAdf467upoRMWFcVg5pbh1yg==
ceph_admin_keyring: AQBHPYhZv5mYDBAAvisaSzCTQkC5gywGUp/voA==
diff --git a/classes/cluster/ceph-ha/infra/config.yml b/classes/cluster/ceph-ha/infra/config.yml
index cc97968..2de9d4c 100644
--- a/classes/cluster/ceph-ha/infra/config.yml
+++ b/classes/cluster/ceph-ha/infra/config.yml
@@ -76,33 +76,48 @@
cluster_param:
ceph_osd_node01_address:
value_template: <<node_control_ip>>
+ single_address:
+ value_template: <<node_control_ip>>
ceph_osd_02:
expression: <<node_hostname>>__equals__osd1
cluster_param:
ceph_osd_node02_address:
value_template: <<node_control_ip>>
+ single_address:
+ value_template: <<node_control_ip>>
ceph_osd_03:
expression: <<node_hostname>>__equals__osd2
cluster_param:
ceph_osd_node03_address:
value_template: <<node_control_ip>>
+ single_address:
+ value_template: <<node_control_ip>>
ceph_mon_01:
expression: <<node_hostname>>__equals__cmn01
cluster_param:
ceph_mon_node01_address:
value_template: <<node_control_ip>>
+ single_address:
+ value_template: <<node_control_ip>>
ceph_mon_02:
expression: <<node_hostname>>__equals__cmn02
cluster_param:
ceph_mon_node02_address:
value_template: <<node_control_ip>>
+ single_address:
+ value_template: <<node_control_ip>>
ceph_mon_03:
expression: <<node_hostname>>__equals__cmn03
cluster_param:
ceph_mon_node03_address:
value_template: <<node_control_ip>>
+ single_address:
+ value_template: <<node_control_ip>>
ceph_cfs:
expression: <<node_hostname>>__startswith__cfs
node_class:
value_template:
- cluster.<<node_cluster>>.ceph.cfs
+ cluster_param:
+ single_address:
+ value_template: <<node_control_ip>>
diff --git a/classes/cluster/ceph-ha/infra/init.yml b/classes/cluster/ceph-ha/infra/init.yml
index 8767fa2..3c13d80 100644
--- a/classes/cluster/ceph-ha/infra/init.yml
+++ b/classes/cluster/ceph-ha/infra/init.yml
@@ -4,8 +4,7 @@
- system.linux.system.repo.mcp.salt #FIXME
- system.linux.system.repo.saltstack.xenial
- system.linux.system.repo.ubuntu
-- system.openssh.server.team.members.mlos
-- system.openssh.server.team.tcpcloud
+- system.openssh.server.team.all
- cluster.ceph-ha.ceph
- cluster.overrides
parameters:
diff --git a/classes/cluster/drivetrain-ha-clusters/cicd/control/init.yml b/classes/cluster/drivetrain-ha-clusters/cicd/control/init.yml
index 2ce0ac6..6dce5b4 100644
--- a/classes/cluster/drivetrain-ha-clusters/cicd/control/init.yml
+++ b/classes/cluster/drivetrain-ha-clusters/cicd/control/init.yml
@@ -48,7 +48,6 @@
- system.docker.swarm.stack.rundeck
- system.docker.swarm.stack.security_monkey
# Docker networks
- - system.docker.swarm.network.runbook
- system.docker.swarm.network.oss_backend
# Aptly
@@ -91,9 +90,10 @@
# Rundeck
- system.rundeck.client.runbook
- - cluster.drivetrain-ha-clusters
+ - cluster.drivetrain-ha-clusters.cicd
parameters:
_param:
+ cluster_name: cicd-lab-dev
cluster_node01_name: ci01
cluster_node01_address: ${_param:control_node01_address}
cluster_node02_name: ci02
diff --git a/classes/cluster/drivetrain-ha-clusters/cicd/control/master.yml b/classes/cluster/drivetrain-ha-clusters/cicd/control/master.yml
index dadabbb..b02ce35 100644
--- a/classes/cluster/drivetrain-ha-clusters/cicd/control/master.yml
+++ b/classes/cluster/drivetrain-ha-clusters/cicd/control/master.yml
@@ -43,4 +43,4 @@
# ..projects
- system.rundeck.client.project.cicd
# At last
- - cluster.drivetrain-ha-clusters.cicd.control
+ - cluster.drivetrain-ha-clusters
diff --git a/classes/cluster/drivetrain-ha-clusters/cicd/control/slave.yml b/classes/cluster/drivetrain-ha-clusters/cicd/control/slave.yml
index b5d63e2..415190d 100644
--- a/classes/cluster/drivetrain-ha-clusters/cicd/control/slave.yml
+++ b/classes/cluster/drivetrain-ha-clusters/cicd/control/slave.yml
@@ -1,3 +1,3 @@
classes:
- - cluster.drivetrain-ha-clusters.cicd.control
- system.docker.swarm.manager
+ - cluster.drivetrain-ha-clusters
diff --git a/classes/cluster/drivetrain-ha-clusters/cicd/init.yml b/classes/cluster/drivetrain-ha-clusters/cicd/init.yml
index 9d81f5d..d5bf397 100644
--- a/classes/cluster/drivetrain-ha-clusters/cicd/init.yml
+++ b/classes/cluster/drivetrain-ha-clusters/cicd/init.yml
@@ -38,4 +38,3 @@
names:
- ${_param:cicd_control_node03_hostname}
- ${_param:cicd_control_node03_hostname}.${_param:cluster_domain}
-
diff --git a/classes/cluster/drivetrain-ha-clusters/cicd/worker.yml b/classes/cluster/drivetrain-ha-clusters/cicd/worker.yml
index 7d856cc..4a5ab79 100644
--- a/classes/cluster/drivetrain-ha-clusters/cicd/worker.yml
+++ b/classes/cluster/drivetrain-ha-clusters/cicd/worker.yml
@@ -1,6 +1,5 @@
classes:
-- system.linux.system.single
-- system.jenkins.slave.docker
-- system.aptly.client.publisher
-- cluster.drivetrain-ha-clusters
-
+ - system.linux.system.single
+ - system.jenkins.slave.docker
+ - system.aptly.client.publisher
+ - cluster.drivetrain-ha-clusters
diff --git a/classes/cluster/drivetrain-ha-clusters/infra/config.yml b/classes/cluster/drivetrain-ha-clusters/infra/config.yml
index c4ad9a6..a96d9fe 100644
--- a/classes/cluster/drivetrain-ha-clusters/infra/config.yml
+++ b/classes/cluster/drivetrain-ha-clusters/infra/config.yml
@@ -1,10 +1,10 @@
classes:
-- system.salt.master.pkg
-- system.salt.master.api
-- system.salt.minion.ca.salt_master
-- system.reclass.storage.salt
-- system.sphinx.server.doc.reclass
-- cluster.drivetrain-ha-clusters
+ - system.salt.master.pkg
+ - system.salt.master.api
+ - system.salt.minion.ca.salt_master
+ - system.reclass.storage.salt
+ - system.sphinx.server.doc.reclass
+ - cluster.drivetrain-ha-clusters
parameters:
_param:
reclass_data_repository: "https://gerrit.mcp.mirantis.net/salt-models/mcp-virtual-lab"
@@ -16,6 +16,8 @@
salt_minion_ca_host: ${linux:network:fqdn}
salt_master_host: ${_param:infra_config_deploy_address}
cluster_public_host: ${_param:infra_config_address}
+ salt_api_password: hovno12345!
+ salt_api_password_hash: "$6$sGnRlxGf$al5jMCetLP.vfI/fTl3Z0N7Za1aeiexL487jAtyRABVfT3NlwZxQGVhO7S1N8OwS/34VHYwZQA8lkXwKMN/GS1"
salt:
master:
order_masters: true
@@ -74,7 +76,9 @@
name: ${_param:cicd_control_node01_hostname}
domain: ${_param:cluster_domain}
classes:
+ - cluster.${_param:cluster_name}.infra.config
- cluster.${_param:cluster_name}.cicd.control.master
+ - cluster.overrides
params:
salt_master_host: ${_param:reclass_config_master}
linux_system_codename: xenial
@@ -85,6 +89,7 @@
domain: ${_param:cluster_domain}
classes:
- cluster.${_param:cluster_name}.cicd.control.slave
+ - cluster.overrides
params:
salt_master_host: ${_param:reclass_config_master}
linux_system_codename: xenial
@@ -96,10 +101,10 @@
domain: ${_param:cluster_domain}
classes:
- cluster.${_param:cluster_name}.cicd.control.slave
+ - cluster.overrides
params:
salt_master_host: ${_param:reclass_config_master}
linux_system_codename: xenial
single_address: ${_param:cicd_control_node03_address}
keepalived_vip_priority: 101
docker_swarm_role: worker
-
diff --git a/classes/cluster/drivetrain-ha-clusters/infra/init.yml b/classes/cluster/drivetrain-ha-clusters/infra/init.yml
index c5a0164..d385985 100644
--- a/classes/cluster/drivetrain-ha-clusters/infra/init.yml
+++ b/classes/cluster/drivetrain-ha-clusters/infra/init.yml
@@ -1,13 +1,3 @@
-classes:
-- system.linux.system.single
-- system.rsyslog.client.single
-- system.linux.system.haveged
-- system.linux.system.prompt
-- system.linux.system.motd.dynamic
-- system.openssh.server.team.lab
-- system.openssh.server.team.tcpcloud
-- system.openssh.server.team.mcp_qa
-- system.openssh.server.team.oss_team
parameters:
_param:
cluster_domain: drivetrain-ha-clusters.local
@@ -19,8 +9,6 @@
infra_config_deploy_address: 192.168.10.90
salt_minion_ca_host: ci01.${_param:cluster_domain}
salt_minion_ca_authority: salt_master_ca
- salt_api_password: hovno12345!
- salt_api_password_hash: "$6$sGnRlxGf$al5jMCetLP.vfI/fTl3Z0N7Za1aeiexL487jAtyRABVfT3NlwZxQGVhO7S1N8OwS/34VHYwZQA8lkXwKMN/GS1"
linux:
network:
host:
@@ -32,4 +20,3 @@
system:
name: ${_param:infra_config_hostname}
domain: ${_param:cluster_domain}
-
diff --git a/classes/cluster/drivetrain-ha-clusters/init.yml b/classes/cluster/drivetrain-ha-clusters/init.yml
index 634ecc6..aa9cb9b 100644
--- a/classes/cluster/drivetrain-ha-clusters/init.yml
+++ b/classes/cluster/drivetrain-ha-clusters/init.yml
@@ -1,6 +1,10 @@
classes:
-- system.linux.network.dynamic_hosts
-- cluster.drivetrain-ha-clusters.infra
-- cluster.drivetrain-ha-clusters.cicd
-- cluster.overrides
-
+ - system.linux.network.dynamic_hosts
+ - system.linux.system.single
+ - system.linux.system.haveged
+ - system.linux.system.prompt
+ - system.linux.system.motd.dynamic
+ - system.openssh.server.team.all
+ - cluster.drivetrain-ha.infra
+ - cluster.drivetrain-ha.cicd.control
+ - cluster.overrides
diff --git a/classes/cluster/drivetrain-ha/cicd/control/init.yml b/classes/cluster/drivetrain-ha/cicd/control/init.yml
index 52b6079..01c7686 100644
--- a/classes/cluster/drivetrain-ha/cicd/control/init.yml
+++ b/classes/cluster/drivetrain-ha/cicd/control/init.yml
@@ -48,7 +48,6 @@
- system.docker.swarm.stack.rundeck
- system.docker.swarm.stack.security_monkey
# Docker networks
- - system.docker.swarm.network.runbook
- system.docker.swarm.network.oss_backend
# Aptly
@@ -92,9 +91,9 @@
- system.rundeck.client.runbook
- cluster.drivetrain-ha.cicd
- # - cluster.drivetrain-ha
parameters:
_param:
+ cluster_name: cicd-lab-dev
cluster_node01_name: ci01
cluster_node01_address: ${_param:control_node01_address}
cluster_node02_name: ci02
@@ -329,14 +328,26 @@
pushkin_smtp_port: 25
pushkin_email_sender_password: ''
+ # OSS managed openstack
+ oss_target_openstack_ip: 172.17.16.190
+ oss_openstack_auth_url: http://172.17.16.190/identity/v3
+ oss_openstack_username: admin
+ oss_openstack_password: nova
+
+ # Janitor Monkey
+ janitor_monkey_openstack:
+ username: ${_param:oss_openstack_username}
+ password: ${_param:oss_openstack_password}
+ auth_url: ${_param:oss_openstack_auth_url}
+
# SecurityMonkey
secmonkey_db_user: secmonkey
secmonkey_db_user_password: secmonkey
secmonkey_db_host: ${_param:haproxy_postgresql_bind_host}
security_monkey_openstack:
- username: admin
- password: password
- auth_url: http://172.17.16.129/identity/v3
+ username: ${_param:oss_openstack_username}
+ password: ${_param:oss_openstack_password}
+ auth_url: ${_param:oss_openstack_auth_url}
# Rundeck
rundeck_db_host: ${_param:haproxy_postgresql_bind_host}
@@ -346,7 +357,10 @@
rundeck_postgresql_password: ${_param:rundeck_db_user_password}
rundeck_postgresql_database: rundeck
rundeck_postgresql_host: ${_param:rundeck_db_host}
- rundeck_cis_os_auth_url: http://172.17.16.129:5000/v3/auth/tokens
+ rundeck_cis_openstack:
+ username: ${_param:oss_openstack_username}/auth/tokens
+ password: ${_param:oss_openstack_password}
+ auth_url: ${_param:oss_openstack_auth_url}
rundeck_cis_elasticsearch_url: http://${_param:haproxy_elasticsearch_bind_host}:${_param:haproxy_elasticsearch_http_bind_port}
rundeck_runbook_public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDBPHRctBuN16hVe05HxKeN1AqPqbjvWvqQ1zcr/sbJJXHgVBTACRD6G+DAi7SSJr7dLzyeNo042szJclsH/qf9h0tcytINATzye//x6MtzXZ4YIDkcd1Yhz1LRgCXk1PvIensJAdClYOymx+SRaJxEEzbLxgqhSnYOUY3xVGbUrgfXI9+ZG9hs9zfq5JEMRjQay5p+xuYv/wCoU+pbFPDmsW0hQ99O+XBHcwrpU3crkImetTM2WfnRlBkoJypLv/HicTJtnL91/BWcebvW50oxrEq1QQ82T1Wl3pQsJw24M48fXyl/HbF2QVP6O1Ptqr3O7cIByxJWHih3paZncVEj
rundeck_runbook_private_key: |
diff --git a/classes/cluster/drivetrain-ha/cicd/control/slave.yml b/classes/cluster/drivetrain-ha/cicd/control/slave.yml
index f46c1e4..52f21eb 100644
--- a/classes/cluster/drivetrain-ha/cicd/control/slave.yml
+++ b/classes/cluster/drivetrain-ha/cicd/control/slave.yml
@@ -1,3 +1,3 @@
classes:
-- system.docker.swarm.manager
-- cluster.drivetrain-ha
+ - system.docker.swarm.manager
+ - cluster.drivetrain-ha
diff --git a/classes/cluster/drivetrain-ha/cicd/worker.yml b/classes/cluster/drivetrain-ha/cicd/worker.yml
index 9dc8d0c..ad824f8 100644
--- a/classes/cluster/drivetrain-ha/cicd/worker.yml
+++ b/classes/cluster/drivetrain-ha/cicd/worker.yml
@@ -1,6 +1,5 @@
classes:
-- system.linux.system.single
-- system.jenkins.slave.docker
-- system.aptly.client.publisher
-- cluster.drivetrain-ha
-
+ - system.linux.system.single
+ - system.jenkins.slave.docker
+ - system.aptly.client.publisher
+ - cluster.drivetrain-ha
diff --git a/classes/cluster/drivetrain-ha/infra/config.yml b/classes/cluster/drivetrain-ha/infra/config.yml
index 4e413b5..ed421d2 100644
--- a/classes/cluster/drivetrain-ha/infra/config.yml
+++ b/classes/cluster/drivetrain-ha/infra/config.yml
@@ -1,10 +1,10 @@
classes:
-- system.salt.master.pkg
-- system.salt.master.api
-- system.salt.minion.ca.salt_master
-- system.reclass.storage.salt
-- system.sphinx.server.doc.reclass
-- cluster.drivetrain-ha
+ - system.salt.master.pkg
+ - system.salt.master.api
+ - system.salt.minion.ca.salt_master
+ - system.reclass.storage.salt
+ - system.sphinx.server.doc.reclass
+ - cluster.drivetrain-ha
parameters:
_param:
reclass_data_repository: "https://gerrit.mcp.mirantis.net/salt-models/mcp-virtual-lab"
@@ -77,6 +77,7 @@
classes:
- cluster.${_param:cluster_name}.infra.config
- cluster.${_param:cluster_name}.cicd.control.master
+ - cluster.overrides
params:
salt_master_host: 127.0.0.1
linux_system_codename: xenial
@@ -87,6 +88,7 @@
domain: ${_param:cluster_domain}
classes:
- cluster.${_param:cluster_name}.cicd.control.slave
+ - cluster.overrides
params:
salt_master_host: ${_param:reclass_config_master}
linux_system_codename: xenial
@@ -98,6 +100,7 @@
domain: ${_param:cluster_domain}
classes:
- cluster.${_param:cluster_name}.cicd.control.slave
+ - cluster.overrides
params:
salt_master_host: ${_param:reclass_config_master}
linux_system_codename: xenial
diff --git a/classes/cluster/drivetrain-ha/infra/init.yml b/classes/cluster/drivetrain-ha/infra/init.yml
index f3fe176..0b205e5 100644
--- a/classes/cluster/drivetrain-ha/infra/init.yml
+++ b/classes/cluster/drivetrain-ha/infra/init.yml
@@ -1,13 +1,3 @@
-classes:
-- system.linux.system.single
-- system.rsyslog.client.single
-- system.linux.system.haveged
-- system.linux.system.prompt
-- system.linux.system.motd.dynamic
-- system.openssh.server.team.lab
-- system.openssh.server.team.tcpcloud
-- system.openssh.server.team.mcp_qa
-- system.openssh.server.team.oss_team
parameters:
_param:
cluster_domain: drivetrain-ha.local
@@ -29,4 +19,3 @@
system:
name: ${_param:infra_config_hostname}
domain: ${_param:cluster_domain}
-
diff --git a/classes/cluster/drivetrain-ha/init.yml b/classes/cluster/drivetrain-ha/init.yml
index fa0c93c..aa9cb9b 100644
--- a/classes/cluster/drivetrain-ha/init.yml
+++ b/classes/cluster/drivetrain-ha/init.yml
@@ -1,7 +1,10 @@
classes:
-- system.linux.network.dynamic_hosts
-- cluster.drivetrain-ha.cicd.control
-- cluster.drivetrain-ha.infra
-#- cluster.drivetrain-ha.cicd
-- cluster.overrides
-
+ - system.linux.network.dynamic_hosts
+ - system.linux.system.single
+ - system.linux.system.haveged
+ - system.linux.system.prompt
+ - system.linux.system.motd.dynamic
+ - system.openssh.server.team.all
+ - cluster.drivetrain-ha.infra
+ - cluster.drivetrain-ha.cicd.control
+ - cluster.overrides
diff --git a/classes/cluster/k8s-aio-calico/infra/init.yml b/classes/cluster/k8s-aio-calico/infra/init.yml
index 763d163..d6c546e 100644
--- a/classes/cluster/k8s-aio-calico/infra/init.yml
+++ b/classes/cluster/k8s-aio-calico/infra/init.yml
@@ -3,10 +3,7 @@
- system.linux.system.repo.mcp.extra
- system.linux.system.repo.mcp.salt
- system.linux.system.repo.ubuntu
-- system.openssh.server.team.lab
-- system.openssh.server.team.tcpcloud
-- system.openssh.server.team.mcp_qa
-- system.openssh.server.team.k8s_team
+- system.openssh.server.team.all
- system.rsyslog.client.single
parameters:
_param:
diff --git a/classes/cluster/k8s-aio-contrail/infra/init.yml b/classes/cluster/k8s-aio-contrail/infra/init.yml
index 812d237..af57b51 100644
--- a/classes/cluster/k8s-aio-contrail/infra/init.yml
+++ b/classes/cluster/k8s-aio-contrail/infra/init.yml
@@ -3,10 +3,7 @@
- system.linux.system.repo.mcp.extra
- system.linux.system.repo.mcp.salt
- system.linux.system.repo.ubuntu
-- system.openssh.server.team.lab
-- system.openssh.server.team.tcpcloud
-- system.openssh.server.team.mcp_qa
-- system.openssh.server.team.k8s_team
+- system.openssh.server.team.all
- system.rsyslog.client.single
parameters:
_param:
diff --git a/classes/cluster/k8s-ha-calico-syndic/infra/init.yml b/classes/cluster/k8s-ha-calico-syndic/infra/init.yml
index afc025c..d91fab5 100644
--- a/classes/cluster/k8s-ha-calico-syndic/infra/init.yml
+++ b/classes/cluster/k8s-ha-calico-syndic/infra/init.yml
@@ -3,10 +3,7 @@
- system.linux.system.repo.mcp.extra
- system.linux.system.repo.mcp.salt
- system.linux.system.repo.ubuntu
-- system.openssh.server.team.lab
-- system.openssh.server.team.tcpcloud
-- system.openssh.server.team.mcp_qa
-- system.openssh.server.team.k8s_team
+- system.openssh.server.team.all
parameters:
_param:
# infra service addresses
diff --git a/classes/cluster/sl-k8s-calico/infra/init.yml b/classes/cluster/sl-k8s-calico/infra/init.yml
index 758544b..d6c546e 100644
--- a/classes/cluster/sl-k8s-calico/infra/init.yml
+++ b/classes/cluster/sl-k8s-calico/infra/init.yml
@@ -3,11 +3,7 @@
- system.linux.system.repo.mcp.extra
- system.linux.system.repo.mcp.salt
- system.linux.system.repo.ubuntu
-- system.openssh.server.team.lab
-- system.openssh.server.team.stacklight
-- system.openssh.server.team.tcpcloud
-- system.openssh.server.team.mcp_qa
-- system.openssh.server.team.k8s_team
+- system.openssh.server.team.all
- system.rsyslog.client.single
parameters:
_param:
diff --git a/classes/cluster/sl-k8s-calico/stacklight/server.yml b/classes/cluster/sl-k8s-calico/stacklight/server.yml
index 4a1df78..050ed5e 100644
--- a/classes/cluster/sl-k8s-calico/stacklight/server.yml
+++ b/classes/cluster/sl-k8s-calico/stacklight/server.yml
@@ -37,7 +37,7 @@
docker_image_remote_agent: docker-prod-virtual.docker.mirantis.net/openstack-docker/telegraf:latest
docker_image_remote_storage_adapter: docker-prod-virtual.docker.mirantis.net/openstack-docker/remote_storage_adapter:latest
docker_image_prometheus_relay: docker-prod-virtual.docker.mirantis.net/openstack-docker/prometheus_relay:latest
- docker_image_grafana: grafana/grafana:4.3.2
+ docker_image_grafana: grafana/grafana:4.5.2
docker_influxdb_image: influxdb:1.2
grafana_admin_password: admin
keepalived_prometheus_vip_address: ${_param:cluster_vip_address}
diff --git a/classes/cluster/sl-k8s-contrail/stacklight/server.yml b/classes/cluster/sl-k8s-contrail/stacklight/server.yml
index 8dbe8d8..e82a3d9 100644
--- a/classes/cluster/sl-k8s-contrail/stacklight/server.yml
+++ b/classes/cluster/sl-k8s-contrail/stacklight/server.yml
@@ -37,7 +37,7 @@
docker_image_remote_agent: docker-prod-virtual.docker.mirantis.net/openstack-docker/telegraf:latest
docker_image_remote_storage_adapter: docker-prod-virtual.docker.mirantis.net/openstack-docker/remote_storage_adapter:latest
docker_image_prometheus_relay: docker-prod-virtual.docker.mirantis.net/openstack-docker/prometheus_relay:latest
- docker_image_grafana: grafana/grafana:4.3.2
+ docker_image_grafana: grafana/grafana:4.5.2
grafana_admin_password: admin
keepalived_prometheus_vip_address: ${_param:cluster_vip_address}
keepalived_prometheus_vip_password: password
diff --git a/classes/cluster/sl-os-contrail/stacklight/server.yml b/classes/cluster/sl-os-contrail/stacklight/server.yml
index e22bd8e..1b71f88 100755
--- a/classes/cluster/sl-os-contrail/stacklight/server.yml
+++ b/classes/cluster/sl-os-contrail/stacklight/server.yml
@@ -50,7 +50,7 @@
docker_image_remote_collector: docker-prod-virtual.docker.mirantis.net/openstack-docker/heka:latest
docker_image_remote_storage_adapter: docker-prod-virtual.docker.mirantis.net/openstack-docker/remote_storage_adapter:latest
docker_image_prometheus_relay: docker-prod-virtual.docker.mirantis.net/openstack-docker/prometheus_relay:latest
- docker_image_grafana: grafana/grafana:4.3.2
+ docker_image_grafana: grafana/grafana:4.5.2
grafana_admin_password: admin
grafana_database_type: mysql
grafana_database_host: ${_param:cluster_vip_address}
diff --git a/classes/cluster/sl-os-ovs/stacklight/server.yml b/classes/cluster/sl-os-ovs/stacklight/server.yml
index 7c927b4..3a19b44 100644
--- a/classes/cluster/sl-os-ovs/stacklight/server.yml
+++ b/classes/cluster/sl-os-ovs/stacklight/server.yml
@@ -52,7 +52,7 @@
docker_image_remote_collector: docker-prod-virtual.docker.mirantis.net/openstack-docker/heka:latest
docker_image_remote_storage_adapter: docker-prod-virtual.docker.mirantis.net/openstack-docker/remote_storage_adapter:latest
docker_image_prometheus_relay: docker-prod-virtual.docker.mirantis.net/openstack-docker/prometheus_relay:latest
- docker_image_grafana: grafana/grafana:4.3.2
+ docker_image_grafana: grafana/grafana:4.5.2
grafana_admin_password: admin
grafana_database_type: mysql
grafana_database_host: ${_param:cluster_vip_address}
diff --git a/classes/cluster/virtual-mcp-ocata-cicd/cicd/control/init.yml b/classes/cluster/virtual-mcp-ocata-cicd/cicd/control/init.yml
index d9f86ab..21759c1 100644
--- a/classes/cluster/virtual-mcp-ocata-cicd/cicd/control/init.yml
+++ b/classes/cluster/virtual-mcp-ocata-cicd/cicd/control/init.yml
@@ -36,7 +36,7 @@
- system.docker.swarm.stack.rundeck
- system.docker.swarm.stack.security_monkey
# Docker networks
- - system.docker.swarm.network.runbook
+ - system.docker.swarm.network.oss_backend
# Keepalived
- system.keepalived.cluster.instance.cicd_control_vip
diff --git a/classes/cluster/virtual-mcp-ocata-cicd/infra/init.yml b/classes/cluster/virtual-mcp-ocata-cicd/infra/init.yml
index 93014c8..e535f83 100644
--- a/classes/cluster/virtual-mcp-ocata-cicd/infra/init.yml
+++ b/classes/cluster/virtual-mcp-ocata-cicd/infra/init.yml
@@ -3,10 +3,7 @@
- system.linux.system.repo.mcp.extra
- system.linux.system.repo.mcp.salt
- system.linux.system.repo.ubuntu
-- system.openssh.server.team.lab
-- system.openssh.server.team.stacklight
-- system.openssh.server.team.tcpcloud
-- system.openssh.server.team.mcp_qa
+- system.openssh.server.team.all
- system.rsyslog.client.single
- cluster.virtual-mcp-ocata-cicd.cicd
- cluster.virtual-mcp-ocata-cicd.openstack
diff --git a/classes/cluster/virtual-mcp-ocata-cicd/stacklight/server.yml b/classes/cluster/virtual-mcp-ocata-cicd/stacklight/server.yml
index 3a493c4..18904ad 100644
--- a/classes/cluster/virtual-mcp-ocata-cicd/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp-ocata-cicd/stacklight/server.yml
@@ -35,7 +35,7 @@
docker_image_remote_agent: docker-prod-virtual.docker.mirantis.net/openstack-docker/telegraf:latest
docker_image_remote_storage_adapter: docker-prod-virtual.docker.mirantis.net/openstack-docker/remote_storage_adapter:latest
docker_image_prometheus_relay: docker-prod-virtual.docker.mirantis.net/openstack-docker/prometheus_relay:latest
- docker_image_grafana: grafana/grafana:4.3.2
+ docker_image_grafana: grafana/grafana:4.5.2
grafana_admin_password: admin
keepalived_prometheus_vip_address: ${_param:cluster_vip_address}
keepalived_prometheus_vip_password: password
diff --git a/classes/cluster/virtual-mcp-ocata-dvr/stacklight/server.yml b/classes/cluster/virtual-mcp-ocata-dvr/stacklight/server.yml
index d36763a..72d2b76 100644
--- a/classes/cluster/virtual-mcp-ocata-dvr/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp-ocata-dvr/stacklight/server.yml
@@ -52,7 +52,7 @@
docker_image_remote_storage_adapter: docker-prod-virtual.docker.mirantis.net/openstack-docker/remote_storage_adapter:latest
docker_image_remote_collector: docker-prod-virtual.docker.mirantis.net/openstack-docker/heka:latest
docker_image_prometheus_relay: docker-prod-virtual.docker.mirantis.net/openstack-docker/prometheus_relay:latest
- docker_image_grafana: grafana/grafana:4.3.2
+ docker_image_grafana: grafana/grafana:4.5.2
influxdb_port: 8086
influxdb_admin_password: password
influxdb_stacklight_password: lmapass
diff --git a/classes/cluster/virtual-mcp-ocata-ovs/stacklight/server.yml b/classes/cluster/virtual-mcp-ocata-ovs/stacklight/server.yml
index fd31ac3..205afd6 100644
--- a/classes/cluster/virtual-mcp-ocata-ovs/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp-ocata-ovs/stacklight/server.yml
@@ -52,7 +52,7 @@
docker_image_remote_storage_adapter: docker-prod-virtual.docker.mirantis.net/openstack-docker/remote_storage_adapter:latest
docker_image_remote_collector: docker-prod-virtual.docker.mirantis.net/openstack-docker/heka:latest
docker_image_prometheus_relay: docker-prod-virtual.docker.mirantis.net/openstack-docker/prometheus_relay:latest
- docker_image_grafana: grafana/grafana:4.3.2
+ docker_image_grafana: grafana/grafana:4.5.2
influxdb_port: 8086
influxdb_admin_password: password
influxdb_stacklight_password: lmapass
diff --git a/classes/cluster/virtual-mcp11-aio/.env b/classes/cluster/virtual-mcp11-aio/.env
index bdf599f..5b16136 100644
--- a/classes/cluster/virtual-mcp11-aio/.env
+++ b/classes/cluster/virtual-mcp11-aio/.env
@@ -1 +1 @@
-FORMULAS_SALT_MASTER+=(java openssh ntp nginx collectd sensu heka sphinx mysql galera grafana libvirt rsyslog glusterfs postfix xtrabackup freeipa prometheus telegraf elasticsearch kibana rundeck devops-portal mysql libvirt rsyslog memcached rabbitmq apache keystone glance nova neutron cinder heat horizon ironic tftpd-hpa bind powerdns designate)
+FORMULAS_SALT_MASTER+=(java openssh ntp nginx collectd sensu heka sphinx mysql galera grafana libvirt rsyslog glusterfs postfix xtrabackup freeipa prometheus telegraf elasticsearch kibana rundeck devops-portal libvirt rsyslog memcached rabbitmq apache keystone glance nova neutron cinder heat horizon ironic tftpd-hpa bind powerdns designate barbican)
diff --git a/classes/cluster/virtual-mcp11-aio/openstack/init.yml b/classes/cluster/virtual-mcp11-aio/openstack/init.yml
index e54d94c..ff213c4 100755
--- a/classes/cluster/virtual-mcp11-aio/openstack/init.yml
+++ b/classes/cluster/virtual-mcp11-aio/openstack/init.yml
@@ -13,7 +13,9 @@
- system.galera.server.database.heat
- system.galera.server.database.keystone
- system.galera.server.database.nova
+- system.galera.server.database.barbican
- system.keystone.client.single
+- system.keystone.client.service.barbican
- system.keystone.client.service.nova21
- system.keystone.client.service.nova-placement
- system.keystone.client.service.designate
@@ -30,6 +32,8 @@
- system.cinder.volume.backend.lvm
- system.horizon.server.single
- system.bind.server.single
+- system.barbican.server.single
+- service.barbican.server.plugin.simple_crypto
- system.designate.server.single
- system.designate.server.backend.bind
parameters:
@@ -44,6 +48,7 @@
galera_server_maintenance_password: workshop
galera_server_admin_password: workshop
keystone_version: ${_param:openstack_version}
+ barbican_version: ${_param:openstack_version}
glance_version: ${_param:openstack_version}
nova_version: ${_param:openstack_version}
neutron_version: ${_param:openstack_version}
@@ -53,6 +58,7 @@
designate_version: ${_param:openstack_version}
keystone_service_token: workshop
keystone_admin_password: workshop
+ keystone_barbican_password: workshop
keystone_ceilometer_password: workshop
keystone_cinder_password: workshop
keystone_glance_password: workshop
@@ -62,12 +68,14 @@
keystone_designate_password: workshop
keystone_service_host: ${_param:single_address}
mysql_keystone_password: workshop
+ mysql_barbican_password: workshop
mysql_glance_password: workshop
mysql_nova_password: workshop
mysql_neutron_password: workshop
mysql_cinder_password: workshop
mysql_heat_password: workshop
mysql_designate_password: workshop
+ barbican_service_host: ${_param:single_address}
heat_service_host: ${_param:single_address}
neutron_service_host: ${_param:single_address}
glance_service_host: ${_param:single_address}
@@ -111,6 +119,7 @@
openstack_public_neutron_subnet_cidr: 192.168.130.0/24
openstack_public_neutron_subnet_allocation_start: 192.168.130.10
openstack_public_neutron_subnet_allocation_end: 192.168.130.254
+ barbican_simple_crypto_kek: YWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXoxMjM0NTY=
galera:
master:
members: ~
@@ -118,6 +127,13 @@
max_connections: 1000
slave:
enabled: false
+ barbican:
+ server:
+ store:
+ software:
+ crypto_plugin: simple_crypto
+ store_plugin: store_crypto
+ global_default: True
neutron:
server:
message_queue:
diff --git a/classes/cluster/virtual-mcp11-contrail/stacklight/server.yml b/classes/cluster/virtual-mcp11-contrail/stacklight/server.yml
index b89b08d..cc47bb7 100755
--- a/classes/cluster/virtual-mcp11-contrail/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp11-contrail/stacklight/server.yml
@@ -52,7 +52,7 @@
docker_image_remote_storage_adapter: docker-prod-virtual.docker.mirantis.net/openstack-docker/remote_storage_adapter:latest
docker_image_remote_collector: docker-prod-virtual.docker.mirantis.net/openstack-docker/heka:latest
docker_image_prometheus_relay: docker-prod-virtual.docker.mirantis.net/openstack-docker/prometheus_relay:latest
- docker_image_grafana: grafana/grafana:4.3.2
+ docker_image_grafana: grafana/grafana:4.5.2
influxdb_port: 8086
influxdb_admin_password: password
influxdb_stacklight_password: lmapass
diff --git a/classes/cluster/virtual-mcp11-dvr/stacklight/server.yml b/classes/cluster/virtual-mcp11-dvr/stacklight/server.yml
index 34efd21..193a51c 100644
--- a/classes/cluster/virtual-mcp11-dvr/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp11-dvr/stacklight/server.yml
@@ -52,7 +52,7 @@
docker_image_remote_storage_adapter: docker-prod-virtual.docker.mirantis.net/openstack-docker/remote_storage_adapter:latest
docker_image_remote_collector: docker-prod-virtual.docker.mirantis.net/openstack-docker/heka:latest
docker_image_prometheus_relay: docker-prod-virtual.docker.mirantis.net/openstack-docker/prometheus_relay:latest
- docker_image_grafana: grafana/grafana:4.3.2
+ docker_image_grafana: grafana/grafana:4.5.2
influxdb_port: 8086
influxdb_admin_password: password
influxdb_stacklight_password: lmapass
diff --git a/classes/cluster/virtual-mcp11-k8s-calico-dyn/infra/init.yml b/classes/cluster/virtual-mcp11-k8s-calico-dyn/infra/init.yml
index 5e01c17..9eec8d0 100644
--- a/classes/cluster/virtual-mcp11-k8s-calico-dyn/infra/init.yml
+++ b/classes/cluster/virtual-mcp11-k8s-calico-dyn/infra/init.yml
@@ -3,11 +3,7 @@
- system.linux.system.repo.mcp.extra
- system.linux.system.repo.mcp.salt
- system.linux.system.repo.ubuntu
-- system.openssh.server.team.lab
-- system.openssh.server.team.stacklight
-- system.openssh.server.team.tcpcloud
-- system.openssh.server.team.mcp_qa
-- system.openssh.server.team.k8s_team
+- system.openssh.server.team.all
- system.rsyslog.client.single
- system.telegraf.agent
- system.prometheus.collector
diff --git a/classes/cluster/virtual-mcp11-k8s-calico-dyn/stacklight/server.yml b/classes/cluster/virtual-mcp11-k8s-calico-dyn/stacklight/server.yml
index dea0f28..fca5814 100644
--- a/classes/cluster/virtual-mcp11-k8s-calico-dyn/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp11-k8s-calico-dyn/stacklight/server.yml
@@ -30,7 +30,7 @@
docker_image_remote_agent: docker-prod-virtual.docker.mirantis.net/openstack-docker/telegraf:latest
docker_image_remote_storage_adapter: docker-prod-virtual.docker.mirantis.net/openstack-docker/remote_storage_adapter:latest
docker_image_prometheus_relay: docker-prod-virtual.docker.mirantis.net/openstack-docker/prometheus_relay:latest
- docker_image_grafana: grafana/grafana:4.3.2
+ docker_image_grafana: grafana/grafana:4.5.2
grafana_admin_password: admin
keepalived_prometheus_vip_address: ${_param:cluster_vip_address}
keepalived_prometheus_vip_password: password
diff --git a/classes/cluster/virtual-mcp11-k8s-calico-minimal/infra/init.yml b/classes/cluster/virtual-mcp11-k8s-calico-minimal/infra/init.yml
index bdd4642..017d4d6 100644
--- a/classes/cluster/virtual-mcp11-k8s-calico-minimal/infra/init.yml
+++ b/classes/cluster/virtual-mcp11-k8s-calico-minimal/infra/init.yml
@@ -3,11 +3,7 @@
- system.linux.system.repo.mcp.extra
- system.linux.system.repo.mcp.salt
- system.linux.system.repo.ubuntu
-- system.openssh.server.team.lab
-- system.openssh.server.team.stacklight
-- system.openssh.server.team.tcpcloud
-- system.openssh.server.team.mcp_qa
-- system.openssh.server.team.k8s_team
+- system.openssh.server.team.all
- system.rsyslog.client.single
parameters:
_param:
diff --git a/classes/cluster/virtual-mcp11-k8s-calico/infra/init.yml b/classes/cluster/virtual-mcp11-k8s-calico/infra/init.yml
index 736117d..4bd38d7 100644
--- a/classes/cluster/virtual-mcp11-k8s-calico/infra/init.yml
+++ b/classes/cluster/virtual-mcp11-k8s-calico/infra/init.yml
@@ -3,11 +3,7 @@
- system.linux.system.repo.mcp.extra
- system.linux.system.repo.mcp.salt
- system.linux.system.repo.ubuntu
-- system.openssh.server.team.lab
-- system.openssh.server.team.stacklight
-- system.openssh.server.team.tcpcloud
-- system.openssh.server.team.mcp_qa
-- system.openssh.server.team.k8s_team
+- system.openssh.server.team.all
- system.rsyslog.client.single
parameters:
_param:
diff --git a/classes/cluster/virtual-mcp11-k8s-calico/stacklight/server.yml b/classes/cluster/virtual-mcp11-k8s-calico/stacklight/server.yml
index 984443d..a5abebb 100644
--- a/classes/cluster/virtual-mcp11-k8s-calico/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp11-k8s-calico/stacklight/server.yml
@@ -37,7 +37,7 @@
docker_image_remote_agent: docker-prod-virtual.docker.mirantis.net/openstack-docker/telegraf:latest
docker_image_remote_storage_adapter: docker-prod-virtual.docker.mirantis.net/openstack-docker/remote_storage_adapter:latest
docker_image_prometheus_relay: docker-prod-virtual.docker.mirantis.net/openstack-docker/prometheus_relay:latest
- docker_image_grafana: grafana/grafana:4.3.2
+ docker_image_grafana: grafana/grafana:4.5.2
docker_influxdb_image: influxdb:1.2
grafana_admin_password: admin
keepalived_prometheus_vip_address: ${_param:cluster_vip_address}
diff --git a/classes/cluster/virtual-mcp11-k8s-contrail/infra/init.yml b/classes/cluster/virtual-mcp11-k8s-contrail/infra/init.yml
index 34a8fe1..234544f 100644
--- a/classes/cluster/virtual-mcp11-k8s-contrail/infra/init.yml
+++ b/classes/cluster/virtual-mcp11-k8s-contrail/infra/init.yml
@@ -3,11 +3,7 @@
- system.linux.system.repo.mcp.extra
- system.linux.system.repo.mcp.salt
- system.linux.system.repo.ubuntu
-- system.openssh.server.team.lab
-- system.openssh.server.team.stacklight
-- system.openssh.server.team.tcpcloud
-- system.openssh.server.team.mcp_qa
-- system.openssh.server.team.k8s_team
+- system.openssh.server.team.all
- system.rsyslog.client.single
- system.heka.log_collector.single
- system.heka.log_collector.output.telegraf
diff --git a/classes/cluster/virtual-mcp11-k8s-contrail/stacklight/server.yml b/classes/cluster/virtual-mcp11-k8s-contrail/stacklight/server.yml
index f3f8a33..78c9849 100644
--- a/classes/cluster/virtual-mcp11-k8s-contrail/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp11-k8s-contrail/stacklight/server.yml
@@ -37,7 +37,7 @@
docker_image_remote_agent: docker-prod-virtual.docker.mirantis.net/openstack-docker/telegraf:latest
docker_image_remote_storage_adapter: docker-prod-virtual.docker.mirantis.net/openstack-docker/remote_storage_adapter:latest
docker_image_prometheus_relay: docker-prod-virtual.docker.mirantis.net/openstack-docker/prometheus_relay:latest
- docker_image_grafana: grafana/grafana:4.3.2
+ docker_image_grafana: grafana/grafana:4.5.2
grafana_admin_password: admin
keepalived_prometheus_vip_address: ${_param:cluster_vip_address}
keepalived_prometheus_vip_password: password
diff --git a/classes/system b/classes/system
index 91f7c58..c314d5a 160000
--- a/classes/system
+++ b/classes/system
@@ -1 +1 @@
-Subproject commit 91f7c583759a99539f4e6176360f4f3c085bfdf1
+Subproject commit c314d5a3af310a7cfe198619be3f5aa15c0b25a5