Merge "Update reclass-system ironic support"
diff --git a/docker/swarm/network/runbook.yml b/docker/swarm/network/runbook.yml
new file mode 100644
index 0000000..557b852
--- /dev/null
+++ b/docker/swarm/network/runbook.yml
@@ -0,0 +1,10 @@
+parameters:
+ _param:
+ docker_runbook_subnet: 10.40.0.0/24
+ docker:
+ client:
+ network:
+ runbook:
+ subnet: ${_param:docker_runbook_subnet}
+ driver: overlay
+ attachable: true
diff --git a/docker/swarm/stack/dashboard.yml b/docker/swarm/stack/dashboard.yml
index 2ee123b..934920f 100644
--- a/docker/swarm/stack/dashboard.yml
+++ b/docker/swarm/stack/dashboard.yml
@@ -1,10 +1,12 @@
parameters:
_param:
- docker_grafana_replicas: 1
+ docker_grafana_replicas: 3
grafana_database_type: sqlite3
grafana_database_host: localhost
grafana_database_port: 3306
grafana_database_password: password
+ grafana_session_directory: /data/sessions
+ grafana_session_life_time: 86400
docker:
client:
stack:
@@ -18,6 +20,8 @@
image: ${_param:docker_image_grafana}
ports:
- 15013:3000
+ volumes:
+ - /srv/glusterfs/grafana:${_param:grafana_session_directory}
environment:
GF_DATABASE_TYPE: ${_param:grafana_database_type}
GF_DATABASE_NAME: grafana
@@ -25,3 +29,6 @@
GF_DATABASE_PASSWORD: ${_param:grafana_database_password}
GF_DATABASE_HOST: "${_param:grafana_database_host}:${_param:grafana_database_port}"
GF_SECURITY_ADMIN_PASSWORD: ${_param:grafana_admin_password}
+ GF_SESSION_PROVIDER: file
+ GF_SESSION_PROVIDER_CONFIG: ${_param:grafana_session_directory}
+ GF_SESSION_LIFE_TIME: ${_param:grafana_session_life_time}
diff --git a/docker/swarm/stack/monitoring.yml b/docker/swarm/stack/monitoring.yml
index 7c03c35..a11024d 100644
--- a/docker/swarm/stack/monitoring.yml
+++ b/docker/swarm/stack/monitoring.yml
@@ -2,6 +2,7 @@
- service.prometheus.server.container
- service.prometheus.alertmanager.container
- service.prometheus.pushgateway.container
+- service.prometheus.remote_storage_adapter.container
- system.prometheus.server
- system.prometheus.alertmanager
parameters:
@@ -15,6 +16,27 @@
driver_opts:
encrypted: 1
service:
+ remote_storage_adapter:
+ networks:
+ - monitoring
+ deploy:
+ replicas: 1
+ labels:
+ com.mirantis.monitoring: "remote_storage_adapter"
+ restart_policy:
+ condition: any
+ labels:
+ com.mirantis.monitoring: "remote_storage_adapter"
+ image: ${_param:docker_image_remote_storage_adapter}
+ ports:
+ - 15015:${prometheus:remote_storage_adapter:bind:port}
+ environment:
+ bind_port: ${prometheus:remote_storage_adapter:bind:port}
+ bind_address: ${prometheus:remote_storage_adapter:bind:address}
+ influxdb_url: ${_param:prometheus_influxdb_url}
+ influxdb_db: ${_param:prometheus_influxdb_db}
+ influxdb_username: ${_param:prometheus_influxdb_username}
+ influxdb_password: ${_param:prometheus_influxdb_password}
remote_agent:
networks:
- monitoring
diff --git a/docker/swarm/stack/security_monkey.yml b/docker/swarm/stack/security_monkey.yml
index b3b4074..143b321 100644
--- a/docker/swarm/stack/security_monkey.yml
+++ b/docker/swarm/stack/security_monkey.yml
@@ -5,10 +5,11 @@
docker_image_security_monkey_api: docker-sandbox.sandbox.mirantis.net/vstoiko/oss/security-monkey-api:4435
docker_image_security_monkey_scheduler: docker-sandbox.sandbox.mirantis.net/vstoiko/oss/security-monkey-scheduler:4435
security_monkey_db: secmonkey
- notification_service_url: ${_param:haproxy_pushkin_bind_host}:${_param:haproxy_pushkin_bind_port}/post_notification_json
+ notification_service_url: http://${_param:haproxy_pushkin_bind_host}:${_param:haproxy_pushkin_bind_port}/post_notification_json
security_monkey_user: devopsportal@devopsportal.local
security_monkey_password: devopsportal
security_monkey_role: Justify
+ devops_portal_sm_wtf_csrf_enabled: False
security_monkey_openstack:
os_account_id: mcp_cloud
os_account_name: mcp_cloud
@@ -39,6 +40,7 @@
OS_PROJECT_DOMAIN_NAME: ${_param:security_monkey_openstack:project_domain_name}
OS_PROJECT_NAME: ${_param:security_monkey_openstack:project_name}
USER_DOMAIN_NAME: ${_param:security_monkey_openstack:user_domain_name}
+ SM_WTF_CSRF_ENABLED: ${_param:devops_portal_sm_wtf_csrf_enabled}
service:
api:
image: ${_param:docker_image_security_monkey_api}
diff --git a/glusterfs/client/volume/grafana.yml b/glusterfs/client/volume/grafana.yml
new file mode 100644
index 0000000..bd939c1
--- /dev/null
+++ b/glusterfs/client/volume/grafana.yml
@@ -0,0 +1,13 @@
+parameters:
+ _param:
+ grafana_glusterfs_service_host: ${_param:glusterfs_service_host}
+ glusterfs_node01_address: ${_param:cluster_node01_address}
+ glusterfs_node02_address: ${_param:cluster_node02_address}
+ glusterfs_node03_address: ${_param:cluster_node03_address}
+ glusterfs:
+ client:
+ volumes:
+ grafana:
+ path: /srv/volumes/grafana
+ server: ${_param:grafana_glusterfs_service_host}
+ opts: "defaults,backup-volfile-servers=${_param:glusterfs_node01_address}:${_param:glusterfs_node02_address}:${_param:glusterfs_node03_address}"
diff --git a/glusterfs/server/volume/grafana.yml b/glusterfs/server/volume/grafana.yml
new file mode 100644
index 0000000..f099c99
--- /dev/null
+++ b/glusterfs/server/volume/grafana.yml
@@ -0,0 +1,17 @@
+parameters:
+ glusterfs:
+ server:
+ volumes:
+ grafana:
+ storage: /srv/glusterfs/grafana
+ replica: 3
+ bricks:
+ - ${_param:cluster_node01_address}:/srv/glusterfs/grafana
+ - ${_param:cluster_node02_address}:/srv/glusterfs/grafana
+ - ${_param:cluster_node03_address}:/srv/glusterfs/grafana
+ options:
+ cluster.readdir-optimize: On
+ nfs.disable: On
+ network.remote-dio: On
+ diagnostics.client-log-level: WARNING
+ diagnostics.brick-log-level: WARNING
diff --git a/horizon/server/plugin/lbaasv2.yml b/horizon/server/plugin/lbaasv2.yml
new file mode 100644
index 0000000..69e2682
--- /dev/null
+++ b/horizon/server/plugin/lbaasv2.yml
@@ -0,0 +1,9 @@
+parameters:
+ horizon:
+ server:
+ plugin:
+ lbaasv2:
+ source:
+ engine: pkg
+ name: python-horizon-neutron-lbaasv2-panel
+
diff --git a/jenkins/client/job/debian/packages/horizon/modules.yml b/jenkins/client/job/debian/packages/horizon/modules.yml
index 0df27ad..d3deab7 100644
--- a/jenkins/client/job/debian/packages/horizon/modules.yml
+++ b/jenkins/client/job/debian/packages/horizon/modules.yml
@@ -18,6 +18,18 @@
os_version: ocata
branch: stable/ocata
# Trusty
+ - name: horizon-neutron-lbaasv2-panel
+ os: ubuntu
+ dist: trusty
+ os_version: mitaka
+ branch: stable/mitaka
+ # Xenial
+ - name: horizon-neutron-lbaasv2-panel
+ os: ubuntu
+ dist: xenial
+ os_version: mitaka
+ branch: stable/mitaka
+ # Trusty
- name: horizon-overrides-plugin
os: ubuntu
dist: trusty
diff --git a/jenkins/client/job/debian/packages/salt-multi.yml b/jenkins/client/job/debian/packages/salt-multi.yml
index 85b95c7..a57a8ab 100644
--- a/jenkins/client/job/debian/packages/salt-multi.yml
+++ b/jenkins/client/job/debian/packages/salt-multi.yml
@@ -25,8 +25,6 @@
dist: trusty
- name: swift
dist: trusty
- - name: ironic
- dist: trusty
- name: ceilometer
dist: xenial
- name: cinder
@@ -47,8 +45,6 @@
dist: xenial
- name: swift
dist: xenial
- - name: ironic
- dist: xenial
template:
discard:
build:
diff --git a/jenkins/client/job/debian/packages/salt.yml b/jenkins/client/job/debian/packages/salt.yml
index 1fbee1e..c5a6709 100644
--- a/jenkins/client/job/debian/packages/salt.yml
+++ b/jenkins/client/job/debian/packages/salt.yml
@@ -79,6 +79,8 @@
dist: trusty
- name: iptables
dist: trusty
+ - name: ironic
+ dist: trusty
- name: isc-dhcp
dist: trusty
- name: java
@@ -147,6 +149,8 @@
dist: trusty
- name: postgresql
dist: trusty
+ - name: powerdns
+ dist: trusty
- name: pritunl
dist: trusty
- name: prometheus
@@ -257,6 +261,8 @@
dist: xenial
- name: glusterfs
dist: xenial
+ - name: gnocchi
+ dist: xenial
- name: grafana
dist: xenial
- name: graphite
@@ -269,6 +275,8 @@
dist: xenial
- name: iptables
dist: xenial
+ - name: ironic
+ dist: xenial
- name: isc-dhcp
dist: xenial
- name: java
@@ -333,6 +341,8 @@
dist: xenial
- name: owncloud
dist: xenial
+ - name: panko
+ dist: xenial
- name: postfix
dist: xenial
- name: postgresql
@@ -341,6 +351,8 @@
dist: xenial
- name: prometheus
dist: xenial
+ - name: powerdns
+ dist: xenial
- name: python
dist: xenial
- name: rabbitmq
diff --git a/jenkins/client/job/deploy/openstack.yml b/jenkins/client/job/deploy/openstack.yml
index cad1182..c2eb71b 100644
--- a/jenkins/client/job/deploy/openstack.yml
+++ b/jenkins/client/job/deploy/openstack.yml
@@ -34,3 +34,23 @@
ASK_ON_ERROR:
type: boolean
default: 'false'
+ deploy-openstack-compute:
+ type: workflow-scm
+ concurrent: true
+ display_name: "Deploy - OpenStack Compute node"
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
+ credentials: "gerrit"
+ script: openstack-compute-install.groovy
+ param:
+ SALT_MASTER_URL:
+ type: string
+ default: "${_param:jenkins_salt_api_url}"
+ SALT_MASTER_CREDENTIALS:
+ type: string
+ default: "salt"
+ TARGET_SERVERS:
+ type: string
+ default: ""
+ description: "Salt compound target to match nodes to be updated [*, G@osfamily:debian]."
\ No newline at end of file
diff --git a/jenkins/client/job/deploy/update/saltenv.yml b/jenkins/client/job/deploy/update/saltenv.yml
index 397e3f3..1ce1494 100644
--- a/jenkins/client/job/deploy/update/saltenv.yml
+++ b/jenkins/client/job/deploy/update/saltenv.yml
@@ -5,6 +5,7 @@
_param:
jenkins_salt_api_url: "http://${_param:salt_master_host}:6969"
jenkins_salt_model_name: "salt"
+ jenkins_salt_model_branch: "master"
jenkins:
client:
job_template:
@@ -21,6 +22,7 @@
scm:
type: git
url: "${_param:jenkins_gerrit_url}/salt-models/{{name}}"
+ branch: ${_param:jenkins_salt_model_branch}
credentials: "gerrit"
script: Jenkinsfile
param:
diff --git a/jenkins/client/job/salt-formulas/git-mirrors/2way.yml b/jenkins/client/job/salt-formulas/git-mirrors/2way.yml
index cf39dbd..a170ba9 100644
--- a/jenkins/client/job/salt-formulas/git-mirrors/2way.yml
+++ b/jenkins/client/job/salt-formulas/git-mirrors/2way.yml
@@ -40,6 +40,7 @@
- name: gitlab
- name: glance
- name: glusterfs
+ - name: gnocchi
- name: grafana
- name: graphite
- name: haproxy
@@ -85,8 +86,10 @@
- name: openvpn
- name: openvstorage
- name: owncloud
+ - name: panko
- name: postfix
- name: postgresql
+ - name: powerdns
- name: pritunl
- name: prometheus
- name: python
diff --git a/jenkins/client/job/salt-formulas/tests.yml b/jenkins/client/job/salt-formulas/tests.yml
index 68792d4..99ac553 100644
--- a/jenkins/client/job/salt-formulas/tests.yml
+++ b/jenkins/client/job/salt-formulas/tests.yml
@@ -39,6 +39,7 @@
- name: gitlab
- name: glance
- name: glusterfs
+ - name: gnocchi
- name: grafana
- name: graphite
- name: haproxy
@@ -84,8 +85,10 @@
- name: openvpn
- name: openvstorage
- name: owncloud
+ - name: panko
- name: postfix
- name: postgresql
+ - name: powerdns
- name: pritunl
- name: prometheus
- name: python
diff --git a/jenkins/client/job/salt-models/git-mirrors.yml b/jenkins/client/job/salt-models/git-mirrors.yml
index 514663b..034f8d5 100644
--- a/jenkins/client/job/salt-models/git-mirrors.yml
+++ b/jenkins/client/job/salt-models/git-mirrors.yml
@@ -6,37 +6,6 @@
job_template:
git_mirror_2way_salt_model:
name: git-mirror-2way-salt-model-{{name}}
- jobs:
- - name: reclass-system
- upstream_name: reclass-system
- branches: "master"
- - name: slovaktelekom
- upstream_name: slovaktelekom
- branches: "master"
- - name: stacklight
- upstream_name: stacklight
- branches: "master"
- - name: statens
- upstream_name: statensit
- branches: "master"
- - name: aeg
- upstream_name: aeg
- branches: "master"
- - name: att-cicd
- upstream_name: att-cicd
- branches: "master"
- - name: mall
- upstream_name: mall
- branches: "master"
- - name: quickplay
- upstream_name: quickplay
- branches: "master"
- - name: ril-jamnagar
- upstream_name: ril-jamnagar-lab
- branches: "master,jlab,next"
- - name: vf-cloudstore
- upstream_name: vf-cloudstore
- branches: "master"
template:
type: workflow-scm
concurrent: false
diff --git a/jenkins/client/job/salt-models/tests.yml b/jenkins/client/job/salt-models/tests.yml
index 3b5f647..c2c8996 100644
--- a/jenkins/client/job/salt-models/tests.yml
+++ b/jenkins/client/job/salt-models/tests.yml
@@ -6,35 +6,6 @@
job_template:
test_salt_model:
name: test-salt-model-{{name}}
- jobs:
- - name: aeg
- extra_formulas: ""
- - name: att-cicd
- extra_formulas: ""
- - name: mall
- extra_formulas: ""
- - name: mcp-baremetal-lab
- extra_formulas: ""
- - name: mcp-virtual-lab
- extra_formulas: "prometheus telegraf"
- - name: mk-ci
- extra_formulas: ""
- - name: qa
- extra_formulas: ""
- - name: quickplay
- extra_formulas: ""
- - name: ril-jamnagar
- extra_formulas: ""
- - name: slovaktelekom
- extra_formulas: ""
- - name: stacklight
- extra_formulas: ""
- - name: statens
- extra_formulas: ""
- - name: training
- extra_formulas: ""
- - name: vf-cloudstore
- extra_formulas: ""
template:
type: workflow-scm
scm:
@@ -48,7 +19,8 @@
project:
salt-models/{{name}}:
branches:
- - master
+ - compare_type: "REG_EXP"
+ name: "{{branch}}"
event:
patchset:
- created:
@@ -81,9 +53,6 @@
default: "{{extra_formulas}}"
test_system_reclass:
name: test-salt-model-{{name}}
- jobs:
- - name: reclass-system
- clusters: "mcp-baremetal-lab,mcp-virtual-lab,qa,stacklight,training"
template:
type: workflow-scm
scm:
@@ -161,3 +130,6 @@
PARALLEL_NODE_GROUP_SIZE:
type: string
default: "1"
+ EXTRA_FORMULAS:
+ type: string
+ default: "xtrabackup"
diff --git a/opencontrail/compute/cluster.yml b/opencontrail/compute/cluster.yml
index 375e600..d10b361 100644
--- a/opencontrail/compute/cluster.yml
+++ b/opencontrail/compute/cluster.yml
@@ -20,6 +20,8 @@
version: ${_param:opencontrail_version}
disable_flow_collection: true
enabled: True
+ bind:
+ address: ${_param:single_address}
discovery:
host: ${_param:opencontrail_control_address}
interface:
diff --git a/openldap/client/groups/mirantis.yml b/openldap/client/groups/mirantis.yml
new file mode 100644
index 0000000..003eba0
--- /dev/null
+++ b/openldap/client/groups/mirantis.yml
@@ -0,0 +1,19 @@
+classes:
+ - system.openldap.client.groups
+parameters:
+ openldap:
+ client:
+ entry:
+ groups:
+ entry:
+ mirantis:
+ attr:
+ description: Mirantis Administrators
+ gidNumber: 20002
+ memberUid:
+ - akomarek
+ - fpytloun
+ - jpavlik
+ classes:
+ - posixGroup
+ - top
diff --git a/openldap/client/people/mirantis.yml b/openldap/client/people/mirantis.yml
new file mode 100644
index 0000000..3673783
--- /dev/null
+++ b/openldap/client/people/mirantis.yml
@@ -0,0 +1,64 @@
+#
+# This class defines Mirantis users. To crypt user password, use this command:
+# echo "{CRYPT}$(mkpasswd --rounds 500000 -m sha-512 --salt `head -c 40 /dev/random | base64 | sed -e 's/+/./g' | cut -b 10-25` 'password')"
+#
+classes:
+ - system.openldap.client.people
+ - system.openldap.client.groups.mirantis
+parameters:
+ openldap:
+ client:
+ entry:
+ people:
+ entry:
+ jpavlik:
+ attr:
+ uid: jpavlik
+ userPassword: '{CRYPT}$6$rounds=500000$sSdm1peCUw78UsaP$l55AuiLv3j.0avLg.k8B2jM.xBczuf9CMursuS4QUm0ZEUgIZkmToPU1PiaTJB37zGgv2ubAYbr2oME7.TX8G1'
+ uidNumber: 20051
+ gidNumber: ${openldap:client:entry:groups:entry:mirantis:attr:gidNumber}
+ gecos: "Jakub Pavlik"
+ givenName: Jakub
+ sn: Pavlik
+ homeDirectory: /home/jpavlik
+ loginShell: /bin/bash
+ mail: jpavlik@mirantis.com
+ classes:
+ - posixAccount
+ - inetOrgPerson
+ - top
+ - shadowAccount
+ akomarek:
+ attr:
+ uid: akomarek
+ userPassword: '{CRYPT}$6$rounds=500000$sSdm1peCUw78UsaP$l55AuiLv3j.0avLg.k8B2jM.xBczuf9CMursuS4QUm0ZEUgIZkmToPU1PiaTJB37zGgv2ubAYbr2oME7.TX8G1'
+ uidNumber: 20052
+ gidNumber: ${openldap:client:entry:groups:entry:mirantis:attr:gidNumber}
+ gecos: "Ales Komarek"
+ givenName: Ales
+ sn: Komarek
+ homeDirectory: /home/akomarek
+ loginShell: /bin/bash
+ mail: akomarek@mirantis.com
+ classes:
+ - posixAccount
+ - inetOrgPerson
+ - top
+ - shadowAccount
+ fpytloun:
+ attr:
+ uid: fpytloun
+ userPassword: '{CRYPT}$6$rounds=500000$T84bEG26yetA1384$.Zh2GZu6pjWdS3hA2WVFzMnWe/hD15IeNIiGM.clq4XpKkwzbNeLbIs7F21vMsxzdOs0R8P8fvjepVHyrPrjQ.'
+ uidNumber: 20053
+ gidNumber: ${openldap:client:entry:groups:entry:mirantis:attr:gidNumber}
+ gecos: "Filip Pytloun"
+ givenName: Filip
+ sn: Pytloun
+ homeDirectory: /home/fpytloun
+ loginShell: /bin/bash
+ mail: fpytloun@mirantis.com
+ classes:
+ - posixAccount
+ - inetOrgPerson
+ - top
+ - shadowAccount
diff --git a/openssh/server/team/stacklight.yml b/openssh/server/team/stacklight.yml
index 8e28534..46ba395 100644
--- a/openssh/server/team/stacklight.yml
+++ b/openssh/server/team/stacklight.yml
@@ -93,6 +93,13 @@
full_name: Krzysztof Szukiełojć
home: /home/kszukielojc
email: kszukielojc@mirantis.com
+ isviridov:
+ enabled: true
+ name: isviridov
+ sudo: true
+ full_name: Illia Svyrydov
+ home: /home/isviridov
+ email: isviridov@mirantis.com
openssh:
client:
enabled: true
@@ -164,6 +171,11 @@
public_keys:
- ${public_keys:kszukielojc}
user: ${linux:system:user:kszukielojc}
+ isviridov:
+ enable: true
+ public_keys:
+ - ${public_keys:isviridov}
+ user: ${linux:system:user:isviridov}
public_keys:
newt:
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC3odU+3V2uDA2ptAFL9hrJRPNEEdAyztWOZFQ5Oyd9oerTGOU3p4xmrgWWjfKFKbYGhiiIUcYAol5PkTfKukGEkkjCHYA1t023soCaaAj85wCZCnw2zQNAziwxTYmAzTqgxiSvtZNMMrtJvFHRIRDzJ3M1lV0prWNWkMM1/3FAd4W49y6VT3fkMCo8uqG7CfGdgR2DgBCxf9KaNPfW5eDEPOgmE5lK8tVSEI6T+Cg7hbcTf4lFYnlFBnlQgp/0JstsM4Vbwb4B34LOpOsf2S8rrWk2xQMjwaMHXkc2s/E8iW3F5nVFuyEXYISFQIiAHw8dzC6CHgLcyHUVWwznKawZ newt@newt-dev1
@@ -191,3 +203,5 @@
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDjpy9RI6iEDH/04eOOwreDa+R32USZiWxyFiKHa8zoDAlOfwaZVg6mZWepOxzwxCJPYusPGXCwQ6Zw9tHxVWOCgtzzPpsCCfhUU4v+99Wh08//W8d/s/WFka+5vqyskAO5Z8Ekk+kQU+jpUBG8/gMxAPBjj0fFc5BNeqDY9r9nmMNK6N2RVjvA6wZ8G5hLGxL9bn5Prhf/+avui1NAfy6gsT/mRt1W+eHWTvpijyNGm+m83jU34dQO6gE48n6WdSylLh/fY/p31rzAURaq1V/AZhdbSuZ8aJYDnfHevpK5+hMjoOop3v3hb7WHEmybGujQfW5HVaaWmG7SFlHeKGE/gZ2P9T+bQ+SgO+PmEAw4LayiBkzTPAHdZ2UGZe+3BI5gdM/ayovK2WVO1jS5FNlNGIvEQW+ws9V+ph+S1jL4jobDJEjs358iXrAYpf4JL+LvxFHiuj6EL51tbo8EU22z5mmgRQQ5eFrDzBuVLhcim651A3a5iSlmCeAQ5rTmHX/Op/PbK+3vAtI8vnlK4AhycLvWQ3kK2DRx+Uhzrlk5v6E14SopAhvpGOHqrLgmoHwHp1xt/9M1JgxkOUK5gccFKTQduxLHoTNBaNcP60IOG/MjqUPcOXSBcAN4Y1RDBg+pwXe4PFgOzwKdFoYeuhvtm8y185S0IvvfCHLCD8pNfQ== akholkin@mirantis.com
kszukielojc:
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCiUm3Z3W3t4v7oe143rCNM/hbg9NU2bYUmQXek8DJPA4c3Xm6u0q+RL9kEXME+3zcj2HKqMxKsCBLXXdFIsgdUbOBV8AYiuySE220FTnEKRmdxsEnfSaBhXxFyIBNoew4gI7URSqAOclt5WuPJTqRM7K4VhbtzwEgeWVd/NUhxMCCtgkdJCYTSmycxmxs7R6V8vMr9Mb8DOqKkSpOu6f3JkR0lwnFN9zGGC4V/60FlJSDzvvI5Tn40ANPHITivs8xME0znsx7t0bF4vQUimvhYn1mumQCY1NwIaxJ/QqasD6Ag9Sn5dxSg9b3SeLn0JM6qKoIqZtfPYVuCp9gmlH0fyzJUdqu4lKKb2wBw/H5lK6icH4+owMawkav55rbvinHQOqmVCr/Bg/rTfc35ycVqjTXH/5J7OhzioKjU0yFkXFS2X/s8gpyxp3beJ+Ea4faoX+kcs0gyhMYzqC7/DOamrau7aVyEAjKYJNy60xRfjCQzjqiurbxVFh+3Fi64UUn7Bl1QV8VEiU3ztJ118psEI7zA+x2VROLZ1jrtaBYZTYB118JZicaFDycEVgg3+BHX3pFH/QSOjLsA4SK+HJjSz8CFKvWwaO6QJv1/3KHpcGEacMvmqKxwpQK0E4WpjWhglZRMPObQ0dBaGClOujgoOIHXtFGILEpWy2SdzDQkHw== kszukielojc@w541
+ isviridov:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGNZxzOm7OsZi/q6Qk71fnvjCfWk4BfxpZ5hDig6N1f9D0iAMaINyNmlF2PxstSLW0Mjdq2tXTUvVWlYpGrw+YLHQmVk8dckmLdUAxe2Z0oEvtWhiQC64927ibBTgQ2Tjfkao+PFYPbdjiO4FgRymS1/FpGKhvpdyPDCcOLrxsMSK9YpPi4kbkd4GmlGMercuaEzP3JOOzJioOOLtEw3LOLWG5mAIzXjGFxuCNdTI4gqxQm/iw/tOpb9PcsY10EapZsS4Pd8j58vuhJlwdoTxI3gzySJcTlWm0tcphex0g8X0tEUI+zVjemJcrYkZgUpb6x5/mUjNxC4nv+4A4yMTP
diff --git a/prometheus/server/remote_write/docker.yml b/prometheus/server/remote_write/docker.yml
new file mode 100644
index 0000000..356f31f
--- /dev/null
+++ b/prometheus/server/remote_write/docker.yml
@@ -0,0 +1,8 @@
+parameters:
+ prometheus:
+ server:
+ config:
+ remote_write:
+ docker_remote_write:
+ enabled: true
+ url: http://monitoring_remote_storage_adapter:${prometheus:remote_storage_adapter:bind:port}/write
diff --git a/rundeck/client/project/cicd.yml b/rundeck/client/project/cicd.yml
index e33fcae..1a4b228 100644
--- a/rundeck/client/project/cicd.yml
+++ b/rundeck/client/project/cicd.yml
@@ -1,4 +1,13 @@
parameters:
+ _param:
+ rundeck_cis_os_auth_url: none
+ rundeck_cis_os_username: admin
+ rundeck_cis_os_password: password
+ rundeck_cis_os_project_name: admin
+ rundeck_cis_os_domain_id: default
+ rundeck_cis_jobs_repository: https://gerrit.mcp.mirantis.net/oss/rundeck-cis-jobs
+ rundeck_cis_jobs_revision: master
+ rundeck_cis_elasticsearch_url: none
rundeck:
client:
project:
@@ -20,3 +29,26 @@
hostname: ${_param:cluster_node03_address}
username: ${_param:rundeck_runbook_user}
tags: [cicd, docker]
+ plugin:
+ import:
+ address: ${_param:rundeck_cis_jobs_repository}
+ branch: ${_param:rundeck_cis_jobs_revision}
+ secret:
+ cis/elasticsearch/url:
+ type: password
+ content: ${_param:rundeck_cis_elasticsearch_url}
+ cis/openstack/auth_url:
+ type: password
+ content: ${_param:rundeck_cis_os_auth_url}
+ cis/openstack/username:
+ type: password
+ content: ${_param:rundeck_cis_os_username}
+ cis/openstack/password:
+ type: password
+ content: ${_param:rundeck_cis_os_password}
+ cis/openstack/project_name:
+ type: password
+ content: ${_param:rundeck_cis_os_project_name}
+ cis/openstack/domain_id:
+ type: password
+ content: ${_param:rundeck_cis_os_domain_id}
diff --git a/rundeck/client/runbook.yml b/rundeck/client/runbook.yml
index cb94025..a41481a 100644
--- a/rundeck/client/runbook.yml
+++ b/rundeck/client/runbook.yml
@@ -9,6 +9,8 @@
name: ${_param:rundeck_runbook_user}
system: true
sudo: true
+ groups:
+ - docker
full_name: Rundeck Remote
home: /var/lib/runbook
openssh:
@@ -20,3 +22,5 @@
public_keys:
- key: ${_param:rundeck_runbook_public_key}
user: ${linux:system:user:runbook}
+ accept_env:
+ - RD_OPTION_*
diff --git a/telegraf/agent/remote.yml b/telegraf/agent/remote.yml
index ecbae25..c634d54 100644
--- a/telegraf/agent/remote.yml
+++ b/telegraf/agent/remote.yml
@@ -3,6 +3,7 @@
parameters:
telegraf:
remote_agent:
+ omit_hostname: true
dir:
config: /srv/volumes/local/telegraf
config_d: /srv/volumes/local/telegraf/telegraf.d