Merge pull request #45 from damjanek/master

Add MWilson and MLos to DE users
diff --git a/ceilometer/server/backend/influxdb.yml b/ceilometer/server/backend/influxdb.yml
index b5ce904..8faeceb 100644
--- a/ceilometer/server/backend/influxdb.yml
+++ b/ceilometer/server/backend/influxdb.yml
@@ -3,7 +3,7 @@
     server:
       database:
         influxdb:
-          host: ${_param:stacklight_telementry_node01_address}
+          host: ${_param:stacklight_telemetry_node01_address}
           port: 8086
           user: ceilometer
           password: ${_param:ceilometer_influxdb_password}
diff --git a/haproxy/proxy/listen/kubernetes/apiserver.yml b/haproxy/proxy/listen/kubernetes/apiserver.yml
new file mode 100644
index 0000000..a365c51
--- /dev/null
+++ b/haproxy/proxy/listen/kubernetes/apiserver.yml
@@ -0,0 +1,40 @@
+parameters:
+  haproxy:
+    proxy:
+      listen:
+        k8s_cluster:
+          type: kubernetes
+          binds:
+          - address: ${_param:cluster_vip_address}
+            port: 8080
+          servers:
+          - name: ${_param:cluster_node01_hostname}
+            host: ${_param:cluster_node01_address}
+            port: 8080
+            params: check
+          - name: ${_param:cluster_node02_hostname}
+            host: ${_param:cluster_node02_address}
+            port: 8080
+            params: check
+          - name: ${_param:cluster_node03_hostname}
+            host: ${_param:cluster_node03_address}
+            port: 8080
+            params: check
+        k8s_cluster_localhost:
+          type: kubernetes
+          binds:
+          - address: localhost
+            port: 8080
+          servers:
+          - name: ${_param:cluster_node01_hostname}
+            host: ${_param:cluster_node01_address}
+            port: 8080
+            params: check
+          - name: ${_param:cluster_node02_hostname}
+            host: ${_param:cluster_node02_address}
+            port: 8080
+            params: check
+          - name: ${_param:cluster_node03_hostname}
+            host: ${_param:cluster_node03_address}
+            port: 8080
+            params: check
\ No newline at end of file
diff --git a/haproxy/proxy/listen/kubernetes/etcd.yml b/haproxy/proxy/listen/kubernetes/etcd.yml
new file mode 100644
index 0000000..c314191
--- /dev/null
+++ b/haproxy/proxy/listen/kubernetes/etcd.yml
@@ -0,0 +1,22 @@
+parameters:
+  haproxy:
+    proxy:
+      listen:
+        etcd_cluster:
+          type: etcd
+          binds:
+          - address: ${_param:cluster_vip_address}
+            port: 4001
+          servers:
+          - name: etc01
+            host: ${_param:cluster_node01_address}
+            port: 4001
+            params: check
+          - name: etc02
+            host: ${_param:cluster_node02_address}
+            port: 4001
+            params: backup check
+          - name: etc03
+            host: ${_param:cluster_node03_address}
+            port: 4001
+            params: backup check
\ No newline at end of file
diff --git a/kubernetes/master/cluster.yml b/kubernetes/master/cluster.yml
new file mode 100644
index 0000000..0539331
--- /dev/null
+++ b/kubernetes/master/cluster.yml
@@ -0,0 +1,12 @@
+classes:
+- service.kubernetes.master.cluster
+- service.keepalived.cluster.single
+- service.haproxy.proxy.single
+- system.haproxy.proxy.listen.kubernetes.apiserver
+parameters:
+  kubernetes:
+    master:
+      container: false
+      network:
+        engine: calico
+        private_ip_range: ${_param:calico_private_network}/${_param:calico_private_netmask}
\ No newline at end of file
diff --git a/kubernetes/pool/cluster.yml b/kubernetes/pool/cluster.yml
new file mode 100644
index 0000000..b38cf07
--- /dev/null
+++ b/kubernetes/pool/cluster.yml
@@ -0,0 +1,9 @@
+classes:
+- service.kubernetes.pool.cluster
+- service.docker.host
+parameters:
+  kubernetes:
+    pool:
+      container: false
+      network:
+        engine: calico
\ No newline at end of file
diff --git a/linux/system/repo/docker.yml b/linux/system/repo/docker.yml
new file mode 100644
index 0000000..6eae575
--- /dev/null
+++ b/linux/system/repo/docker.yml
@@ -0,0 +1,9 @@
+parameters:
+  linux:
+    system:
+      repo:
+        docker:
+          source: "deb https://apt.dockerproject.org/repo ubuntu-${_param:linux_system_codename} main"
+          architectures: amd64
+          key_id: 58118E89F3A912897C070ADBF76221572C52609D
+          key_server: hkp://p80.pool.sks-keyservers.net:80
diff --git a/linux/system/repo/mos9_latest.yml b/linux/system/repo/mos9_latest.yml
index a55c8ae..d986602 100644
--- a/linux/system/repo/mos9_latest.yml
+++ b/linux/system/repo/mos9_latest.yml
@@ -5,14 +5,20 @@
         python-msgpack:
           version: latest
       repo:
-      # This repository is needed because the python-influxdb package
-      # required for Mitaka Ceilometer is only present in
-      # mos9.0-proposed from the 9.0-latest repository
         mirantis_latest_openstack_proposed:
           source: "deb http://mirror.fuel-infra.org/mos-repos/ubuntu/snapshots/9.0-latest/ mos9.0-proposed main"
           architectures: amd64
           key_url: "http://mirror.fuel-infra.org/mos-repos/ubuntu/snapshots/9.0-latest/archive-mos9.0.key"
           pin:
+            # Ceilometer packages should be picked from mos9.0-proposed
+            # if more recent versions exist there because the packages
+            # from mos9.0-stable have bugs related to the Events API.
+            - pin: "release a=mos9.0-proposed"
+              priority: 800
+              package: "/ceilometer/"
+            # This repository is needed because the python-influxdb package
+            # required for Mitaka Ceilometer is only present in
+            # mos9.0-proposed from the 9.0-latest repository
             - pin: "release a=mos9.0-proposed"
               priority: 400
               package: "*"
diff --git a/reclass/storage/system/kubernetes_control_cluster.yml b/reclass/storage/system/kubernetes_control_cluster.yml
new file mode 100644
index 0000000..5180ab6
--- /dev/null
+++ b/reclass/storage/system/kubernetes_control_cluster.yml
@@ -0,0 +1,38 @@
+parameters:
+  _param:
+    kubernetes_control_node01_hostname: ctl01
+    kubernetes_control_node02_hostname: ctl02
+    kubernetes_control_node03_hostname: ctl03
+  reclass:
+    storage:
+      node:
+        kubernetes_control_node01:
+          name: ${_param:kubernetes_control_node01_hostname}
+          domain: ${_param:cluster_domain}
+          classes:
+          - cluster.${_param:cluster_name}.kubernetes.control
+          params:
+            salt_master_host: ${_param:reclass_config_master}
+            linux_system_codename: xenial
+            single_address: ${_param:kubernetes_control_node01_address}
+            keepalived_vip_priority: 103
+        kubernetes_control_node02:
+          name: ${_param:kubernetes_control_node02_hostname}
+          domain: ${_param:cluster_domain}
+          classes:
+          - cluster.${_param:cluster_name}.kubernetes.control
+          params:
+            salt_master_host: ${_param:reclass_config_master}
+            linux_system_codename: xenial
+            single_address: ${_param:kubernetes_control_node02_address}
+            keepalived_vip_priority: 102
+        kubernetes_control_node03:
+          name: ${_param:kubernetes_control_node03_hostname}
+          domain: ${_param:cluster_domain}
+          classes:
+          - cluster.${_param:cluster_name}.kubernetes.control
+          params:
+            salt_master_host: ${_param:reclass_config_master}
+            linux_system_codename: xenial
+            single_address: ${_param:kubernetes_control_node03_address}
+            keepalived_vip_priority: 101
\ No newline at end of file
diff --git a/reclass/storage/system/physical_control_cluster.yml b/reclass/storage/system/physical_control_cluster.yml
index 813b0e5..12b83c9 100644
--- a/reclass/storage/system/physical_control_cluster.yml
+++ b/reclass/storage/system/physical_control_cluster.yml
@@ -23,7 +23,7 @@
           name: ${_param:infra_compute_node01_hostname}
           domain: ${_param:cluster_domain}
           classes:
-          - cluster.${_param:cluster_name}.infra.compute
+          - cluster.${_param:cluster_name}.infra.kvm
           params:
             salt_master_host: ${_param:reclass_config_master}
             linux_system_codename: trusty
@@ -35,7 +35,7 @@
           name: ${_param:infra_compute_node02_hostname}
           domain: ${_param:cluster_domain}
           classes:
-          - cluster.${_param:cluster_name}.infra.compute
+          - cluster.${_param:cluster_name}.infra.kvm
           params:
             salt_master_host: ${_param:reclass_config_master}
             linux_system_codename: trusty
@@ -47,7 +47,7 @@
           name: ${_param:infra_compute_node03_hostname}
           domain: ${_param:cluster_domain}
           classes:
-          - cluster.${_param:cluster_name}.infra.compute
+          - cluster.${_param:cluster_name}.infra.kvm
           params:
             salt_master_host: ${_param:reclass_config_master}
             linux_system_codename: trusty
diff --git a/reclass/storage/system/physical_control_full.yml b/reclass/storage/system/physical_control_full.yml
index d3dc46f..7591113 100644
--- a/reclass/storage/system/physical_control_full.yml
+++ b/reclass/storage/system/physical_control_full.yml
@@ -47,7 +47,7 @@
           name: ${_param:infra_compute_node01_hostname}
           domain: ${_param:cluster_domain}
           classes:
-          - cluster.${_param:cluster_name}.infra.compute
+          - cluster.${_param:cluster_name}.infra.kvm
           params:
             salt_master_host: ${_param:reclass_config_master}
             linux_system_codename: trusty
@@ -59,7 +59,7 @@
           name: ${_param:infra_compute_node02_hostname}
           domain: ${_param:cluster_domain}
           classes:
-          - cluster.${_param:cluster_name}.infra.compute
+          - cluster.${_param:cluster_name}.infra.kvm
           params:
             salt_master_host: ${_param:reclass_config_master}
             linux_system_codename: trusty
@@ -71,7 +71,7 @@
           name: ${_param:infra_compute_node03_hostname}
           domain: ${_param:cluster_domain}
           classes:
-          - cluster.${_param:cluster_name}.infra.compute
+          - cluster.${_param:cluster_name}.infra.kvm
           params:
             salt_master_host: ${_param:reclass_config_master}
             linux_system_codename: trusty
@@ -83,7 +83,7 @@
           name: ${_param:infra_compute_node04_hostname}
           domain: ${_param:cluster_domain}
           classes:
-          - cluster.${_param:cluster_name}.infra.compute
+          - cluster.${_param:cluster_name}.infra.kvm
           params:
             salt_master_host: ${_param:reclass_config_master}
             linux_system_codename: trusty
@@ -95,7 +95,7 @@
           name: ${_param:infra_compute_node05_hostname}
           domain: ${_param:cluster_domain}
           classes:
-          - cluster.${_param:cluster_name}.infra.compute
+          - cluster.${_param:cluster_name}.infra.kvm
           params:
             salt_master_host: ${_param:reclass_config_master}
             linux_system_codename: trusty
@@ -107,7 +107,7 @@
           name: ${_param:infra_compute_node06_hostname}
           domain: ${_param:cluster_domain}
           classes:
-          - cluster.${_param:cluster_name}.infra.compute
+          - cluster.${_param:cluster_name}.infra.kvm
           params:
             salt_master_host: ${_param:reclass_config_master}
             linux_system_codename: trusty
@@ -119,7 +119,7 @@
           name: ${_param:infra_compute_node07_hostname}
           domain: ${_param:cluster_domain}
           classes:
-          - cluster.${_param:cluster_name}.infra.compute
+          - cluster.${_param:cluster_name}.infra.kvm
           params:
             salt_master_host: ${_param:reclass_config_master}
             linux_system_codename: trusty
@@ -131,7 +131,7 @@
           name: ${_param:infra_compute_node08_hostname}
           domain: ${_param:cluster_domain}
           classes:
-          - cluster.${_param:cluster_name}.infra.compute
+          - cluster.${_param:cluster_name}.infra.kvm
           params:
             salt_master_host: ${_param:reclass_config_master}
             linux_system_codename: trusty
@@ -143,7 +143,7 @@
           name: ${_param:infra_compute_node09_hostname}
           domain: ${_param:cluster_domain}
           classes:
-          - cluster.${_param:cluster_name}.infra.compute
+          - cluster.${_param:cluster_name}.infra.kvm
           params:
             salt_master_host: ${_param:reclass_config_master}
             linux_system_codename: trusty
diff --git a/reclass/storage/system/physical_control_single.yml b/reclass/storage/system/physical_control_single.yml
index e4d8f10..1a604f1 100644
--- a/reclass/storage/system/physical_control_single.yml
+++ b/reclass/storage/system/physical_control_single.yml
@@ -11,7 +11,7 @@
           name: ${_param:infra_compute_node01_hostname}
           domain: ${_param:cluster_domain}
           classes:
-          - cluster.${_param:cluster_name}.infra.compute
+          - cluster.${_param:cluster_name}.infra.kvm
           params:
             salt_master_host: ${_param:reclass_config_master}
             linux_system_codename: trusty
diff --git a/salt/master/formula/git/kubernetes.yml b/salt/master/formula/git/kubernetes.yml
new file mode 100644
index 0000000..c827caf
--- /dev/null
+++ b/salt/master/formula/git/kubernetes.yml
@@ -0,0 +1,22 @@
+parameters:
+  salt:
+    master:
+      environment:
+        dev:
+          formula:
+            kubernetes:
+              source: git
+              address: 'https://github.com/openstack/salt-formula-kubernetes.git'
+              revision: ${_param:salt_master_environment_revision}
+            etcd:
+              source: git
+              address: 'https://github.com/tcpcloud/salt-formula-etcd.git'
+              revision: ${_param:salt_master_environment_revision}
+            bird:
+              source: git
+              address: 'https://github.com/tcpcloud/salt-formula-bird.git'
+              revision: ${_param:salt_master_environment_revision}
+            docker:
+              source: git
+              address: 'https://github.com/tcpcloud/salt-formula-docker.git'
+              revision: ${_param:salt_master_environment_revision}
\ No newline at end of file
diff --git a/salt/master/formula/pkg/kubernetes.yml b/salt/master/formula/pkg/kubernetes.yml
new file mode 100644
index 0000000..7b3af30
--- /dev/null
+++ b/salt/master/formula/pkg/kubernetes.yml
@@ -0,0 +1,18 @@
+parameters:
+  salt:
+    master:
+      environment:
+        prd:
+          formula:
+            kubernetes:
+              source: pkg
+              name: salt-formula-kubernetes
+            etcd:
+              source: pkg
+              name: salt-formula-etcd
+            bird:
+              source: pkg
+              name: salt-formula-bird
+            docker:
+              source: pkg
+              name: salt-formula-docker
\ No newline at end of file
diff --git a/salt/master/git.yml b/salt/master/git.yml
index 5a922af..7b57a26 100644
--- a/salt/master/git.yml
+++ b/salt/master/git.yml
@@ -3,6 +3,7 @@
 - system.salt.master.formula.git.openstack
 - system.salt.master.formula.git.saltstack
 - system.salt.master.formula.git.stacklight
+- system.salt.master.formula.git.kubernetes
 parameters:
   _param:
     salt_master_environment_repository: "https://github.com/tcpcloud"
diff --git a/salt/master/pkg.yml b/salt/master/pkg.yml
index d1c8a1a..baae04c 100644
--- a/salt/master/pkg.yml
+++ b/salt/master/pkg.yml
@@ -3,4 +3,5 @@
 - system.salt.master.formula.pkg.openstack
 - system.salt.master.formula.pkg.saltstack
 - system.salt.master.formula.pkg.stacklight
+- system.salt.master.formula.pkg.kubernetes
 - system.linux.system.repo.tcp_salt
diff --git a/salt/minion/cert/k8s_client_certificate.yml b/salt/minion/cert/k8s_client_certificate.yml
new file mode 100644
index 0000000..37bf618
--- /dev/null
+++ b/salt/minion/cert/k8s_client_certificate.yml
@@ -0,0 +1,12 @@
+parameters:
+  salt:
+    minion:
+      cert:
+        k8s_client:
+          host: ${_param:salt_minion_ca_host}
+          authority: ${_param:salt_minion_ca_authority}
+          key_file: /etc/kubernetes/ssl/kubelet-client.key
+          cert_file: /etc/kubernetes/ssl/kubelet-client.crt
+          common_name: kubelet-client
+          signing_policy: cert_client
+          alternative_names: IP:${_param:cluster_vip_address},IP:${_param:cluster_node01_address},IP:${_param:cluster_node02_address},IP:${_param:cluster_node03_address},IP:${_param:kubernetes_internal_api_address}
\ No newline at end of file
diff --git a/salt/minion/cert/k8s_server_certificate.yml b/salt/minion/cert/k8s_server_certificate.yml
new file mode 100644
index 0000000..835f043
--- /dev/null
+++ b/salt/minion/cert/k8s_server_certificate.yml
@@ -0,0 +1,13 @@
+parameters:
+  salt:
+    minion:
+      cert:
+        k8s_server:
+          host: ${_param:salt_minion_ca_host}
+          authority: ${_param:salt_minion_ca_authority}
+          common_name: kubernetes-server
+          key_file: /etc/kubernetes/ssl/kubernetes-server.key
+          cert_file: /etc/kubernetes/ssl/kubernetes-server.crt
+          ca_file: /etc/kubernetes/ssl/ca-kubernetes.crt
+          signing_policy: cert_server
+          alternative_names: IP:${_param:cluster_vip_address},IP:${_param:cluster_node01_address},IP:${_param:cluster_node02_address},IP:${_param:cluster_node03_address},IP:${_param:kubernetes_internal_api_address}
\ No newline at end of file
diff --git a/salt/minion/pki/authority.yml b/salt/minion/pki/authority.yml
deleted file mode 100644
index fa84966..0000000
--- a/salt/minion/pki/authority.yml
+++ /dev/null
@@ -1,19 +0,0 @@
-parameters:
-  salt:
-    minion:
-      ca:
-        mk_lab_ca:
-          common_name: mk_lab_ca
-          country: cz
-          locality: Prague
-          organization: Mirantis
-          signing_policy:
-            cert_server:
-              type: v3_edge_cert_server
-              minions: '*'
-            cert_client:
-              type: v3_edge_cert_client
-              minions: '*'
-          days_valid:
-            authority: 3650
-            certificate: 3650
diff --git a/salt/minion/pki/certificate.yml b/salt/minion/pki/certificate.yml
deleted file mode 100644
index 4bf4ef3..0000000
--- a/salt/minion/pki/certificate.yml
+++ /dev/null
@@ -1,9 +0,0 @@
-parameters:
-  salt:
-    minion:
-      cert:
-        proxy_cert:
-          host: ${_param:salt_minion_ca_host}
-          signing_policy: cert_server
-          authority: mk_lab_ca
-          common_name: ${_param:cluster_public_host}