| Petr Michalec | 56e329c | 2017-07-03 14:32:04 +0200 | [diff] [blame] | 1 | classes: |
| Petr Michalec | 6463b43 | 2017-08-17 11:52:59 +0200 | [diff] [blame] | 2 | #- cluster.aaa_ha_freeipa.aaa |
| Petr Michalec | 56e329c | 2017-07-03 14:32:04 +0200 | [diff] [blame] | 3 | - system.linux.system.single |
| 4 | - system.openssh.server.team.lab |
| 5 | - system.openssh.server.team.tcpcloud |
| 6 | - system.openssh.server.team.mcp_qa |
| 7 | - system.openssh.server.team.mmo_devops |
| 8 | parameters: |
| 9 | _param: |
| 10 | salt_minion_ca_host: ${_param:infra_config_hostname}.${_param:cluster_domain} |
| 11 | salt_minion_ca_authority: salt_master_ca |
| 12 | |
| 13 | # freeipa settings |
| 14 | |
| 15 | # addresses and hostnames |
| 16 | identity_control_hostname: idm |
| 17 | identity_control_address: 172.16.10.240 |
| 18 | identity_control_node01_hostname: idm01 |
| 19 | identity_control_node02_hostname: idm02 |
| 20 | identity_control_node03_hostname: idm03 |
| 21 | identity_control_node01_address: 172.16.10.241 |
| 22 | identity_control_node02_address: 172.16.10.242 |
| 23 | identity_control_node03_address: 172.16.10.243 |
| 24 | identity_proxy_node01_hostname: prx01 |
| 25 | identity_proxy_node02_hostname: prx02 |
| 26 | identity_proxy_node01_address: 172.16.10.244 |
| 27 | identity_proxy_node02_address: 172.16.10.245 |
| 28 | |
| 29 | # cluster meta |
| 30 | cluster_vip_address: ${_param:identity_control_address} |
| 31 | cluster_local_address: ${_param:single_address} |
| 32 | cluster_node01_hostname: ${_param:identity_control_node01_hostname} |
| 33 | cluster_node01_address: ${_param:identity_control_node01_address} |
| 34 | cluster_node02_hostname: ${_param:identity_control_node02_hostname} |
| 35 | cluster_node02_address: ${_param:identity_control_node02_address} |
| 36 | cluster_node03_hostname: ${_param:identity_control_node03_hostname} |
| 37 | cluster_node03_address: ${_param:identity_control_node03_address} |
| 38 | |
| Petr Michalec | 6463b43 | 2017-08-17 11:52:59 +0200 | [diff] [blame] | 39 | # FIXME |
| 40 | # temporarily - fix on reclass model or here |
| Petr Michalec | 56e329c | 2017-07-03 14:32:04 +0200 | [diff] [blame] | 41 | freeipa_node01_hostname: ${_param:cluster_node01_address} |
| 42 | freeipa_node02_hostname: ${_param:cluster_node02_address} |
| 43 | freeipa_node03_hostname: ${_param:cluster_node03_address} |
| 44 | freeipa_client_nsupdate_01_address: ${_param:cluster_node01_address} |
| Petr Michalec | 6463b43 | 2017-08-17 11:52:59 +0200 | [diff] [blame] | 45 | # temporarily - fix on reclass model or here |
| 46 | infra_freeipa_node01_hostname: ${_param:freeipa_node01_hostname} |
| 47 | infra_freeipa_node02_hostname: ${_param:freeipa_node02_hostname} |
| 48 | infra_freeipa_node03_hostname: ${_param:freeipa_node03_hostname} |
| 49 | infra_idm_node01_address: ${_param:identity_control_node01_address} |
| 50 | infra_idm_node02_address: ${_param:identity_control_node02_address} |
| 51 | infra_idm_node03_address: ${_param:identity_control_node03_address} |
| Petr Michalec | 56e329c | 2017-07-03 14:32:04 +0200 | [diff] [blame] | 52 | |
| 53 | linux: |
| 54 | network: |
| 55 | resolv: |
| 56 | domain: virtual-aaa-freeipa.local |
| 57 | options: |
| 58 | - ndots:5 |
| 59 | - timeout:2 |
| 60 | - attempts:2 |
| 61 | host: |
| 62 | idm: |
| 63 | address: ${_param:identity_control_address} |
| 64 | names: |
| 65 | - ${_param:identity_control_hostname} |
| 66 | - ${_param:identity_control_hostname}.${_param:cluster_domain} |
| 67 | idm01: |
| 68 | address: ${_param:identity_control_node01_address} |
| 69 | names: |
| 70 | - ${_param:identity_control_node01_hostname} |
| 71 | - ${_param:identity_control_node01_hostname}.${_param:cluster_domain} |
| 72 | idm02: |
| 73 | address: ${_param:identity_control_node02_address} |
| 74 | names: |
| 75 | - ${_param:identity_control_node02_hostname} |
| 76 | - ${_param:identity_control_node02_hostname}.${_param:cluster_domain} |
| 77 | idm03: |
| 78 | address: ${_param:identity_control_node03_address} |
| 79 | names: |
| 80 | - ${_param:identity_control_node03_hostname} |
| 81 | - ${_param:identity_control_node03_hostname}.${_param:cluster_domain} |
| Petr Michalec | 56e329c | 2017-07-03 14:32:04 +0200 | [diff] [blame] | 82 | prx01: |
| 83 | address: ${_param:identity_proxy_node01_address} |
| 84 | names: |
| 85 | - ${_param:identity_proxy_node01_hostname} |
| 86 | - ${_param:identity_proxy_node01_hostname}.${_param:cluster_domain} |
| Petr Michalec | 6463b43 | 2017-08-17 11:52:59 +0200 | [diff] [blame] | 87 | prx02: |
| 88 | address: ${_param:identity_proxy_node02_address} |
| 89 | names: |
| 90 | - ${_param:identity_proxy_node02_hostname} |
| 91 | - ${_param:identity_proxy_node02_hostname}.${_param:cluster_domain} |
| Petr Michalec | 56e329c | 2017-07-03 14:32:04 +0200 | [diff] [blame] | 92 | system: |
| 93 | rc: |
| 94 | local: | |
| 95 | #!/bin/sh -e |
| 96 | # |
| 97 | # rc.local |
| 98 | # |
| 99 | ######### This file is managed by Salt! ########## |
| 100 | # This script is executed at the end of each multiuser runlevel. |
| 101 | # Make sure that the script will "exit 0" on success or any other |
| 102 | # value on error. |
| 103 | # |
| 104 | ip r a 10.254.0.0/16 dev ens3 |
| 105 | exit 0 |