| Vnaumov | a152184 | 2017-12-08 16:07:16 +0300 | [diff] [blame] | 1 | classes: |
| 2 | - system.linux.system.repo.docker |
| 3 | - system.linux.system.repo.glusterfs |
| 4 | # GlusterFS |
| 5 | - system.glusterfs.server.cluster |
| 6 | - system.glusterfs.server.volume.aptly |
| 7 | - system.glusterfs.server.volume.gerrit |
| 8 | - system.glusterfs.server.volume.jenkins |
| 9 | - system.glusterfs.server.volume.mysql |
| 10 | - system.glusterfs.server.volume.openldap |
| 11 | - system.glusterfs.server.volume.registry |
| 12 | |
| 13 | - system.glusterfs.client.cluster |
| 14 | - system.glusterfs.client.volume.aptly |
| 15 | - system.glusterfs.client.volume.gerrit |
| 16 | - system.glusterfs.client.volume.jenkins |
| 17 | - system.glusterfs.client.volume.mysql |
| 18 | - system.glusterfs.client.volume.openldap |
| 19 | - system.glusterfs.client.volume.registry |
| 20 | # Aptly |
| 21 | # We need aptly-publisher.yml on each node for our Jenkins slaves in docker |
| 22 | - system.aptly.client.publisher |
| 23 | |
| 24 | # Keepalived |
| 25 | - system.keepalived.cluster.instance.cicd_control_vip |
| 26 | |
| 27 | # HAProxy |
| 28 | - system.salt.minion.cert.proxy |
| 29 | - system.haproxy.proxy.single |
| 30 | - system.haproxy.proxy.listen.cicd.aptly |
| 31 | - system.haproxy.proxy.listen.cicd.gerrit |
| 32 | - system.haproxy.proxy.listen.cicd.jenkins |
| 33 | - system.haproxy.proxy.listen.docker.registry |
| 34 | - system.haproxy.proxy.listen.docker.visualizer |
| 35 | - system.haproxy.proxy.listen.mysql |
| 36 | - system.haproxy.proxy.listen.openldap |
| 37 | - system.haproxy.proxy.listen.phpldapadmin |
| 38 | - system.haproxy.proxy.listen.stats |
| 39 | |
| 40 | - cluster.drivetrain-ha-oss.cicd |
| 41 | parameters: |
| 42 | _param: |
| 43 | cluster_name: drivetrain-ha-oss |
| 44 | cluster_node01_name: cid01 |
| 45 | cluster_node01_address: ${_param:control_node01_address} |
| 46 | cluster_node02_name: cid02 |
| 47 | cluster_node02_address: ${_param:control_node02_address} |
| 48 | cluster_node03_name: cid03 |
| 49 | cluster_node03_address: ${_param:control_node03_address} |
| 50 | |
| 51 | keepalived_vip_virtual_router_id: 180 |
| 52 | keepalived_vip_priority: 103 |
| 53 | keepalived_vip_password: password |
| 54 | keepalived_vip_interface: ens4 |
| 55 | |
| 56 | cluster_vip_address: ${_param:control_vip_address} |
| 57 | cluster_public_host: ${_param:control_public_host} |
| 58 | glusterfs_service_host: ${_param:control_vip_address} |
| 59 | |
| 60 | admin_email: root@localhost |
| 61 | |
| 62 | # Haproxy SSL configuration |
| 63 | cluster_ssl_certificate: |
| 64 | enabled: true |
| 65 | pem_file: /etc/haproxy/ssl/${_param:cluster_public_host}-all.pem |
| 66 | haproxy_bind_address: ${_param:cluster_vip_address} |
| 67 | haproxy_mysql_source_port: 13306 |
| 68 | |
| 69 | docker_registry_http_secret: aikemee4AhK0Eechai2eh6aa3eeWiet9 |
| 70 | |
| 71 | # CI/CD service databases |
| 72 | mysql_admin_password: password |
| 73 | mysql_gerrit_password: password |
| 74 | |
| 75 | salt: |
| 76 | minion: |
| 77 | cert: |
| 78 | proxy: |
| 79 | alternative_names: "DNS:${_param:cluster_public_host}, DNS:*.${_param:cluster_public_host}, IP:${_param:control_vip_address}, IP:${_param:single_address}" |
| 80 | key_file: /etc/haproxy/ssl/${_param:cluster_public_host}.key |
| 81 | cert_file: /etc/haproxy/ssl/${_param:cluster_public_host}.crt |
| 82 | all_file: /etc/haproxy/ssl/${_param:cluster_public_host}-all.pem |
| 83 | ca_file: /etc/haproxy/ssl/${_param:salt_minion_ca_authority}-ca.crt |
| 84 | user: root |
| 85 | group: haproxy |
| 86 | mode: 640 |
| 87 | haproxy: |
| 88 | proxy: |
| 89 | enabled: true |
| 90 | linux: |
| 91 | network: |
| 92 | resolv: |
| 93 | dns: |
| 94 | - 172.18.176.4 |
| 95 | - 172.18.176.5 |
| 96 | - 8.8.8.8 |
| 97 | system: |
| 98 | package: |
| 99 | ca-certificates-java: |
| 100 | version: latest |