Merge "Add build-debian-salt-formula-auditd jobs"
diff --git a/aodh/server/cluster.yml b/aodh/server/cluster.yml
index d1f6583..fb6839b 100644
--- a/aodh/server/cluster.yml
+++ b/aodh/server/cluster.yml
@@ -6,13 +6,15 @@
parameters:
_param:
openstack_event_alarm_topic: alarm.all
+ # Keep alarm history in database for 30 days
+ aodh_alarm_history_ttl: 2592000
aodh:
server:
enabled: true
role: ${_param:openstack_node_role}
version: ${_param:aodh_version}
cluster: true
- ttl: 86400
+ ttl: ${_param:aodh_alarm_history_ttl}
debug: false
verbose: true
region: ${_param:openstack_region}
@@ -45,3 +47,8 @@
- host: ${_param:openstack_message_queue_node01_address}
- host: ${_param:openstack_message_queue_node02_address}
- host: ${_param:openstack_message_queue_node03_address}
+ # Check for expired alarm history every day at 2 AM
+ expirer:
+ cron:
+ minute: 0
+ hour: 2
diff --git a/aodh/server/single.yml b/aodh/server/single.yml
index b2a55a6..6fec2a6 100644
--- a/aodh/server/single.yml
+++ b/aodh/server/single.yml
@@ -3,10 +3,18 @@
parameters:
_param:
openstack_event_alarm_topic: alarm.all
+ # Keep alarm history in database for 30 days
+ aodh_alarm_history_ttl: 2592000
aodh:
server:
+ ttl: ${_param:aodh_alarm_history_ttl}
role: ${_param:openstack_node_role}
region: ${_param:openstack_region}
event_alarm_topic: ${_param:openstack_event_alarm_topic}
identity:
region: ${_param:openstack_region}
+ # Check for expired alarm history every day at 2 AM
+ expirer:
+ cron:
+ minute: 0
+ hour: 2
diff --git a/debmirror/mirror_mirantis_com/ubuntu/xenial.yml b/debmirror/mirror_mirantis_com/ubuntu/xenial.yml
index d869e94..91eafb0 100644
--- a/debmirror/mirror_mirantis_com/ubuntu/xenial.yml
+++ b/debmirror/mirror_mirantis_com/ubuntu/xenial.yml
@@ -183,3 +183,5 @@
804: "--include='/main(.*)libbluetooth3'" # python-guestfs
805: "--include='/main(.*)llvm-toolchain-5.0'" # pki-ca: < 389-ds-base < dogtag
806: "--include='/main(.*)man-db'" # include man tool
+ 807: "--include='/main(.*)zfs-doc'" # Some extra fs dep's for MAAS provision stage.PROD-21531
+
diff --git a/designate/server/cluster/init.yml b/designate/server/cluster/init.yml
new file mode 100644
index 0000000..f5935d1
--- /dev/null
+++ b/designate/server/cluster/init.yml
@@ -0,0 +1,5 @@
+classes:
+- service.keepalived.cluster.single
+- service.haproxy.proxy.single
+- system.haproxy.proxy.listen.openstack.designate
+- system.designate.server.cluster.simple
\ No newline at end of file
diff --git a/designate/server/cluster.yml b/designate/server/cluster/simple.yml
similarity index 94%
rename from designate/server/cluster.yml
rename to designate/server/cluster/simple.yml
index f60f883..9f9b18b 100644
--- a/designate/server/cluster.yml
+++ b/designate/server/cluster/simple.yml
@@ -1,8 +1,5 @@
classes:
- service.designate.server.cluster
-- service.keepalived.cluster.single
-- system.haproxy.proxy.listen.openstack.designate
-- service.haproxy.proxy.single
parameters:
_param:
designate_admin_api_enabled: false
diff --git a/glance/control/storage/ceph.yml b/glance/control/storage/ceph.yml
index d48fb6d..3c5c8d9 100644
--- a/glance/control/storage/ceph.yml
+++ b/glance/control/storage/ceph.yml
@@ -2,7 +2,8 @@
glance:
server:
storage:
+ default_store: rbd
engine: rbd,http
user: ${_param:glance_storage_user}
pool: ${_param:glance_storage_pool}
- chunk_size: 8
\ No newline at end of file
+ chunk_size: 8
diff --git a/haproxy/proxy/listen/cicd/jenkins.yml b/haproxy/proxy/listen/cicd/jenkins.yml
index 93a9fdd..d8c67d0 100644
--- a/haproxy/proxy/listen/cicd/jenkins.yml
+++ b/haproxy/proxy/listen/cicd/jenkins.yml
@@ -17,6 +17,9 @@
- httpclose
- httplog
balance: source
+ timeout:
+ server: 90m
+ client: 90m
http_request:
- action: "add-header X-Forwarded-Proto https"
condition: "if { ssl_fc }"
diff --git a/haproxy/proxy/listen/openstack/ceilometer_large.yml b/haproxy/proxy/listen/openstack/ceilometer_large.yml
new file mode 100644
index 0000000..8b9fa7e
--- /dev/null
+++ b/haproxy/proxy/listen/openstack/ceilometer_large.yml
@@ -0,0 +1,31 @@
+parameters:
+ haproxy:
+ proxy:
+ listen:
+ ceilometer_api:
+ type: general-service
+ check: false
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 8777
+ servers:
+ - name: ${_param:cluster_node01_hostname}
+ host: ${_param:cluster_node01_address}
+ port: 8777
+ params: check
+ - name: ${_param:cluster_node02_hostname}
+ host: ${_param:cluster_node02_address}
+ port: 8777
+ params: check
+ - name: ${_param:cluster_node03_hostname}
+ host: ${_param:cluster_node03_address}
+ port: 8777
+ params: check
+ - name: ${_param:cluster_node04_hostname}
+ host: ${_param:cluster_node04_address}
+ port: 8777
+ params: check
+ - name: ${_param:cluster_node05_hostname}
+ host: ${_param:cluster_node05_address}
+ port: 8777
+ params: check
diff --git a/haproxy/proxy/listen/openstack/cinder_large.yml b/haproxy/proxy/listen/openstack/cinder_large.yml
new file mode 100644
index 0000000..7721f94
--- /dev/null
+++ b/haproxy/proxy/listen/openstack/cinder_large.yml
@@ -0,0 +1,31 @@
+parameters:
+ haproxy:
+ proxy:
+ listen:
+ cinder_api:
+ type: openstack-service
+ service_name: cinder
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 8776
+ servers:
+ - name: ${_param:cluster_node01_hostname}
+ host: ${_param:cluster_node01_address}
+ port: 8776
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node02_hostname}
+ host: ${_param:cluster_node02_address}
+ port: 8776
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node03_hostname}
+ host: ${_param:cluster_node03_address}
+ port: 8776
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node04_hostname}
+ host: ${_param:cluster_node04_address}
+ port: 8776
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node05_hostname}
+ host: ${_param:cluster_node05_address}
+ port: 8776
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
\ No newline at end of file
diff --git a/haproxy/proxy/listen/openstack/glance_large.yml b/haproxy/proxy/listen/openstack/glance_large.yml
new file mode 100644
index 0000000..6d88933
--- /dev/null
+++ b/haproxy/proxy/listen/openstack/glance_large.yml
@@ -0,0 +1,58 @@
+parameters:
+ haproxy:
+ proxy:
+ listen:
+ glance_api:
+ type: openstack-service
+ service_name: glance
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 9292
+ servers:
+ - name: ${_param:cluster_node01_hostname}
+ host: ${_param:cluster_node01_address}
+ port: 9292
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node02_hostname}
+ host: ${_param:cluster_node02_address}
+ port: 9292
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node03_hostname}
+ host: ${_param:cluster_node03_address}
+ port: 9292
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node04_hostname}
+ host: ${_param:cluster_node04_address}
+ port: 9292
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node05_hostname}
+ host: ${_param:cluster_node05_address}
+ port: 9292
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ glance_registry_api:
+ type: general-service
+ service_name: glance
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 9191
+ servers:
+ - name: ${_param:cluster_node01_hostname}
+ host: ${_param:cluster_node01_address}
+ port: 9191
+ params: check
+ - name: ${_param:cluster_node02_hostname}
+ host: ${_param:cluster_node02_address}
+ port: 9191
+ params: check
+ - name: ${_param:cluster_node03_hostname}
+ host: ${_param:cluster_node03_address}
+ port: 9191
+ params: check
+ - name: ${_param:cluster_node04_hostname}
+ host: ${_param:cluster_node04_address}
+ port: 9191
+ params: check
+ - name: ${_param:cluster_node05_hostname}
+ host: ${_param:cluster_node05_address}
+ port: 9191
+ params: check
\ No newline at end of file
diff --git a/haproxy/proxy/listen/openstack/glare_large.yml b/haproxy/proxy/listen/openstack/glare_large.yml
new file mode 100644
index 0000000..4e3bd08
--- /dev/null
+++ b/haproxy/proxy/listen/openstack/glare_large.yml
@@ -0,0 +1,31 @@
+parameters:
+ haproxy:
+ proxy:
+ listen:
+ glare:
+ type: general-service
+ service_name: glare
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 9494
+ servers:
+ - name: ${_param:cluster_node01_hostname}
+ host: ${_param:cluster_node01_address}
+ port: 9494
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node02_hostname}
+ host: ${_param:cluster_node02_address}
+ port: 9494
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node03_hostname}
+ host: ${_param:cluster_node03_address}
+ port: 9494
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node04_hostname}
+ host: ${_param:cluster_node04_address}
+ port: 9494
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node05_hostname}
+ host: ${_param:cluster_node05_address}
+ port: 9494
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
\ No newline at end of file
diff --git a/haproxy/proxy/listen/openstack/heat_large.yml b/haproxy/proxy/listen/openstack/heat_large.yml
new file mode 100644
index 0000000..50ba69f
--- /dev/null
+++ b/haproxy/proxy/listen/openstack/heat_large.yml
@@ -0,0 +1,85 @@
+parameters:
+ haproxy:
+ proxy:
+ listen:
+ heat_cloudwatch_api:
+ type: openstack-service
+ service_name: heat
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 8003
+ servers:
+ - name: ${_param:cluster_node01_hostname}
+ host: ${_param:cluster_node01_address}
+ port: 8003
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node02_hostname}
+ host: ${_param:cluster_node02_address}
+ port: 8003
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node03_hostname}
+ host: ${_param:cluster_node03_address}
+ port: 8003
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node04_hostname}
+ host: ${_param:cluster_node04_address}
+ port: 8003
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node05_hostname}
+ host: ${_param:cluster_node05_address}
+ port: 8003
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ heat_api:
+ type: openstack-service
+ service_name: heat
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 8004
+ servers:
+ - name: ${_param:cluster_node01_hostname}
+ host: ${_param:cluster_node01_address}
+ port: 8004
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node02_hostname}
+ host: ${_param:cluster_node02_address}
+ port: 8004
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node03_hostname}
+ host: ${_param:cluster_node03_address}
+ port: 8004
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node04_hostname}
+ host: ${_param:cluster_node04_address}
+ port: 8004
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node05_hostname}
+ host: ${_param:cluster_node05_address}
+ port: 8004
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ heat_cfn_api:
+ type: openstack-service
+ service_name: heat
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 8000
+ servers:
+ - name: ${_param:cluster_node01_hostname}
+ host: ${_param:cluster_node01_address}
+ port: 8000
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node02_hostname}
+ host: ${_param:cluster_node02_address}
+ port: 8000
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node03_hostname}
+ host: ${_param:cluster_node03_address}
+ port: 8000
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node04_hostname}
+ host: ${_param:cluster_node04_address}
+ port: 8000
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node05_hostname}
+ host: ${_param:cluster_node05_address}
+ port: 8000
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
\ No newline at end of file
diff --git a/haproxy/proxy/listen/openstack/keystone/large.yml b/haproxy/proxy/listen/openstack/keystone/large.yml
new file mode 100644
index 0000000..17510ac
--- /dev/null
+++ b/haproxy/proxy/listen/openstack/keystone/large.yml
@@ -0,0 +1,54 @@
+parameters:
+ haproxy:
+ proxy:
+ listen:
+ keystone_public_api:
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 5000
+ servers:
+ - name: ${_param:cluster_node01_hostname}
+ host: ${_param:cluster_node01_address}
+ port: 5000
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node02_hostname}
+ host: ${_param:cluster_node02_address}
+ port: 5000
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node03_hostname}
+ host: ${_param:cluster_node03_address}
+ port: 5000
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node04_hostname}
+ host: ${_param:cluster_node04_address}
+ port: 5000
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node05_hostname}
+ host: ${_param:cluster_node05_address}
+ port: 5000
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ keystone_admin_api:
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 35357
+ servers:
+ - name: ${_param:cluster_node01_hostname}
+ host: ${_param:cluster_node01_address}
+ port: 35357
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node02_hostname}
+ host: ${_param:cluster_node02_address}
+ port: 35357
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node03_hostname}
+ host: ${_param:cluster_node03_address}
+ port: 35357
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node04_hostname}
+ host: ${_param:cluster_node04_address}
+ port: 35357
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node05_hostname}
+ host: ${_param:cluster_node05_address}
+ port: 35357
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
diff --git a/haproxy/proxy/listen/openstack/large_setup.yml b/haproxy/proxy/listen/openstack/large_setup.yml
new file mode 100644
index 0000000..947cfce
--- /dev/null
+++ b/haproxy/proxy/listen/openstack/large_setup.yml
@@ -0,0 +1,11 @@
+classes:
+- system.haproxy.proxy.listen.openstack.aodh_large
+- system.haproxy.proxy.listen.openstack.ceilometer_large
+- system.haproxy.proxy.listen.openstack.cinder_large
+- system.haproxy.proxy.listen.openstack.glance_large
+- system.haproxy.proxy.listen.openstack.glare_large
+- system.haproxy.proxy.listen.openstack.heat_large
+- system.haproxy.proxy.listen.openstack.keystone.large
+- system.haproxy.proxy.listen.openstack.neutron_large
+- system.haproxy.proxy.listen.openstack.nova_large
+- system.haproxy.proxy.listen.openstack.novanc_large
diff --git a/haproxy/proxy/listen/openstack/neutron_large.yml b/haproxy/proxy/listen/openstack/neutron_large.yml
new file mode 100644
index 0000000..8df1243
--- /dev/null
+++ b/haproxy/proxy/listen/openstack/neutron_large.yml
@@ -0,0 +1,31 @@
+parameters:
+ haproxy:
+ proxy:
+ listen:
+ neutron_api:
+ type: openstack-service
+ service_name: neutron
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 9696
+ servers:
+ - name: ${_param:cluster_node01_hostname}
+ host: ${_param:cluster_node01_address}
+ port: 9696
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node02_hostname}
+ host: ${_param:cluster_node02_address}
+ port: 9696
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node03_hostname}
+ host: ${_param:cluster_node03_address}
+ port: 9696
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node04_hostname}
+ host: ${_param:cluster_node04_address}
+ port: 9696
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node05_hostname}
+ host: ${_param:cluster_node05_address}
+ port: 9696
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
\ No newline at end of file
diff --git a/haproxy/proxy/listen/openstack/nova-placement_large.yml b/haproxy/proxy/listen/openstack/nova-placement_large.yml
new file mode 100644
index 0000000..0139959
--- /dev/null
+++ b/haproxy/proxy/listen/openstack/nova-placement_large.yml
@@ -0,0 +1,40 @@
+parameters:
+ haproxy:
+ proxy:
+ listen:
+ # Nova placement API returns 401 when doing GET to root URL, while
+ # other serivces normally returns 200 and API versions data.
+ nova_placement_api:
+ mode: http
+ service_name: nova_placement
+ options:
+ - httpclose
+ - httplog
+ health-check:
+ http:
+ options:
+ - expect status 401
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 8778
+ servers:
+ - name: ${_param:cluster_node01_hostname}
+ host: ${_param:cluster_node01_address}
+ port: 8778
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node02_hostname}
+ host: ${_param:cluster_node02_address}
+ port: 8778
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node03_hostname}
+ host: ${_param:cluster_node03_address}
+ port: 8778
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node04_hostname}
+ host: ${_param:cluster_node04_address}
+ port: 8778
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node05_hostname}
+ host: ${_param:cluster_node05_address}
+ port: 8778
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
diff --git a/haproxy/proxy/listen/openstack/nova_large.yml b/haproxy/proxy/listen/openstack/nova_large.yml
new file mode 100644
index 0000000..645e904
--- /dev/null
+++ b/haproxy/proxy/listen/openstack/nova_large.yml
@@ -0,0 +1,57 @@
+parameters:
+ haproxy:
+ proxy:
+ listen:
+ nova_api:
+ type: openstack-service
+ service_name: nova
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 8774
+ servers:
+ - name: ${_param:cluster_node01_hostname}
+ host: ${_param:cluster_node01_address}
+ port: 8774
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node02_hostname}
+ host: ${_param:cluster_node02_address}
+ port: 8774
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node03_hostname}
+ host: ${_param:cluster_node03_address}
+ port: 8774
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node04_hostname}
+ host: ${_param:cluster_node04_address}
+ port: 8774
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node05_hostname}
+ host: ${_param:cluster_node05_address}
+ port: 8774
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ nova_metadata_api:
+ type: openstack-service
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 8775
+ servers:
+ - name: ${_param:cluster_node01_hostname}
+ host: ${_param:cluster_node01_address}
+ port: 8775
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node02_hostname}
+ host: ${_param:cluster_node02_address}
+ port: 8775
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node03_hostname}
+ host: ${_param:cluster_node03_address}
+ port: 8775
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node04_hostname}
+ host: ${_param:cluster_node04_address}
+ port: 8775
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node05_hostname}
+ host: ${_param:cluster_node05_address}
+ port: 8775
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
diff --git a/haproxy/proxy/listen/openstack/novnc_large.yml b/haproxy/proxy/listen/openstack/novnc_large.yml
new file mode 100644
index 0000000..0951777
--- /dev/null
+++ b/haproxy/proxy/listen/openstack/novnc_large.yml
@@ -0,0 +1,32 @@
+parameters:
+ haproxy:
+ proxy:
+ listen:
+ nova_novnc:
+ type: general-service
+ service_name: http
+ check: true
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 6080
+ servers:
+ - name: ${_param:cluster_node01_hostname}
+ host: ${_param:cluster_node01_address}
+ port: 6080
+ params: check
+ - name: ${_param:cluster_node02_hostname}
+ host: ${_param:cluster_node02_address}
+ port: 6080
+ params: check
+ - name: ${_param:cluster_node03_hostname}
+ host: ${_param:cluster_node03_address}
+ port: 6080
+ params: check
+ - name: ${_param:cluster_node04_hostname}
+ host: ${_param:cluster_node04_address}
+ port: 6080
+ params: check
+ - name: ${_param:cluster_node05_hostname}
+ host: ${_param:cluster_node05_address}
+ port: 6080
+ params: check
diff --git a/haproxy/proxy/listen/openstack/placement_large.yml b/haproxy/proxy/listen/openstack/placement_large.yml
new file mode 100644
index 0000000..c871fd7
--- /dev/null
+++ b/haproxy/proxy/listen/openstack/placement_large.yml
@@ -0,0 +1,34 @@
+# Starting with Nova (17.0.0) Queens - accessing to / of placement service
+# returns 200 with version data instead of 401 as it was before.
+# This file should be included for nova/placement higher than Queens.
+parameters:
+ haproxy:
+ proxy:
+ listen:
+ placement_api:
+ type: openstack-service
+ service_name: placement
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 8778
+ servers:
+ - name: ${_param:cluster_node01_hostname}
+ host: ${_param:cluster_node01_address}
+ port: 8778
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node02_hostname}
+ host: ${_param:cluster_node02_address}
+ port: 8778
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node03_hostname}
+ host: ${_param:cluster_node03_address}
+ port: 8778
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node04_hostname}
+ host: ${_param:cluster_node04_address}
+ port: 8778
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node05_hostname}
+ host: ${_param:cluster_node05_address}
+ port: 8778
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
diff --git a/heat/server/single.yml b/heat/server/single.yml
index e686050..2f28613 100644
--- a/heat/server/single.yml
+++ b/heat/server/single.yml
@@ -15,3 +15,9 @@
name: heat_domain_admin
password: ${_param:heat_domain_admin_password}
domain: heat
+ metadata:
+ protocol: ${_param:cluster_public_protocol}
+ waitcondition:
+ protocol: ${_param:cluster_public_protocol}
+ watch:
+ protocol: ${_param:cluster_public_protocol}
\ No newline at end of file
diff --git a/jenkins/client/init.yml b/jenkins/client/init.yml
index 409b3f3..a64c76f 100644
--- a/jenkins/client/init.yml
+++ b/jenkins/client/init.yml
@@ -2,6 +2,7 @@
- service.jenkins.support
- service.jenkins.client
- system.jenkins.client.approved_scripts
+ - system.jenkins.client.plugins
parameters:
_param:
jenkins_client_user: none
@@ -21,49 +22,6 @@
port: ${_param:jenkins_master_port}
username: ${_param:jenkins_client_user}
password: ${_param:jenkins_client_password}
- plugin:
- antisamy-markup-formatter: {}
- artifactory: {}
- blueocean: {}
- build-blocker-plugin: {}
- build-monitor-plugin: {}
- build-timeout: {}
- build-user-vars-plugin: {}
- categorized-view: {}
- copyartifact: {}
- description-setter: {}
- discard-old-build: {}
- docker-workflow: {}
- email-ext: {}
- envinject: {}
- extended-choice-parameter: {}
- extensible-choice-parameter: {}
- gerrit-trigger: {}
- git: {}
- github: {}
- heavy-job: {}
- jobConfigHistory: {}
- jira: {}
- ldap: {}
- lockable-resources: {}
- matrix-auth: {}
- monitoring: {}
- multiple-scms: {}
- performance: {}
- permissive-script-security: {}
- pipeline-utility-steps: {}
- plot: {}
- prometheus: {}
- rebuild: {}
- simple-theme-plugin: {}
- slack: {}
- ssh-agent: {}
- test-stability: {}
- throttle-concurrents: {}
- workflow-cps: {}
- workflow-remote-loader: {}
- workflow-scm-step:
- restart: true
lib:
pipeline-library:
enabled: true
diff --git a/jenkins/client/job/debian/packages/salt.yml b/jenkins/client/job/debian/packages/salt.yml
index 498b718..9c81b8e 100644
--- a/jenkins/client/job/debian/packages/salt.yml
+++ b/jenkins/client/job/debian/packages/salt.yml
@@ -205,6 +205,10 @@
upload_source_package: false
upload_to_aptly: true
dist: trusty
+ - name: keycloak
+ upload_source_package: false
+ upload_to_aptly: true
+ dist: trusty
- name: kibana
upload_source_package: false
upload_to_aptly: true
@@ -661,6 +665,10 @@
upload_source_package: true
upload_to_aptly: true
dist: xenial
+ - name: keycloak
+ upload_source_package: true
+ upload_to_aptly: true
+ dist: xenial
- name: kibana
upload_source_package: true
upload_to_aptly: true
diff --git a/jenkins/client/job/salt-formulas/tests.yml b/jenkins/client/job/salt-formulas/tests.yml
index 7d659e8..d1dc00b 100644
--- a/jenkins/client/job/salt-formulas/tests.yml
+++ b/jenkins/client/job/salt-formulas/tests.yml
@@ -64,6 +64,7 @@
- name: jenkins
- name: kedb
- name: keepalived
+ - name: keycloak
- name: keystone
- name: kibana
- name: kubernetes
diff --git a/jenkins/client/job/salt-models/generate.yml b/jenkins/client/job/salt-models/generate.yml
index 686e74d..002c618 100644
--- a/jenkins/client/job/salt-models/generate.yml
+++ b/jenkins/client/job/salt-models/generate.yml
@@ -28,3 +28,7 @@
TEST_MODEL:
type: boolean
default: false
+ RECLASS_VERSION:
+ type: string
+ default: 'v1.5.4'
+ description: "Version (branch) of Reclass we will use"
diff --git a/jenkins/client/job/salt-models/tests.yml b/jenkins/client/job/salt-models/tests.yml
index c820d26..f061e76 100644
--- a/jenkins/client/job/salt-models/tests.yml
+++ b/jenkins/client/job/salt-models/tests.yml
@@ -294,7 +294,11 @@
default: "1"
EXTRA_FORMULAS:
type: string
- default: "aptly artifactory auditd backupninja collectd devops-portal docker elasticsearch fluentd freeipa gerrit glusterfs grafana haproxy heka horizon influxdb jenkins keepalived kibana libvirt maas memcached mysql nginx ntp openldap openssh postfix prometheus rsync rsyslog rundeck sensu sphinx telegraf xtrabackup watchdog"
+ default: "aptly artifactory auditd backupninja collectd devops-portal docker elasticsearch fluentd freeipa gerrit glusterfs grafana haproxy heka horizon influxdb jenkins keepalived kibana libvirt maas memcached mysql nginx ntp openldap openssh postfix prometheus rsync rsyslog rundeck sensu sphinx telegraf xtrabackup watchdog logrotate"
+ RECLASS_VERSION:
+ type: string
+ default: 'v1.5.4'
+ description: "Version (branch) of Reclass we will use"
job:
test-salt-model-node:
name: test-salt-model-node
diff --git a/jenkins/client/plugins/init.yml b/jenkins/client/plugins/init.yml
new file mode 100644
index 0000000..903aae3
--- /dev/null
+++ b/jenkins/client/plugins/init.yml
@@ -0,0 +1,46 @@
+parameters:
+ jenkins:
+ client:
+ plugin:
+ antisamy-markup-formatter: {}
+ artifactory: {}
+ blueocean: {}
+ build-blocker-plugin: {}
+ build-monitor-plugin: {}
+ build-timeout: {}
+ build-user-vars-plugin: {}
+ categorized-view: {}
+ copyartifact: {}
+ description-setter: {}
+ discard-old-build: {}
+ docker-workflow: {}
+ email-ext: {}
+ envinject: {}
+ extended-choice-parameter: {}
+ extensible-choice-parameter: {}
+ gerrit-trigger: {}
+ git: {}
+ github: {}
+ heavy-job: {}
+ jobConfigHistory: {}
+ jira: {}
+ ldap: {}
+ lockable-resources: {}
+ matrix-auth: {}
+ monitoring: {}
+ multiple-scms: {}
+ performance: {}
+ permissive-script-security: {}
+ pipeline-utility-steps: {}
+ plot: {}
+ prometheus: {}
+ rebuild: {}
+ simple-theme-plugin: {}
+ slack: {}
+ ssh-agent: {}
+ test-stability: {}
+ throttle-concurrents: {}
+ workflow-cps: {}
+ workflow-remote-loader: {}
+ workflow-scm-step:
+ restart: true
diff --git a/kubernetes/control/roles/genie-pod-patch.yml b/kubernetes/control/roles/genie-pod-patch.yml
new file mode 100644
index 0000000..2cfa17e
--- /dev/null
+++ b/kubernetes/control/roles/genie-pod-patch.yml
@@ -0,0 +1,2 @@
+classes:
+ - service.kubernetes.control.roles.genie-pod-patch
\ No newline at end of file
diff --git a/linux/system/repo/keystorage/influxdb.yml b/linux/system/repo/keystorage/influxdb.yml
new file mode 100644
index 0000000..2d154cc
--- /dev/null
+++ b/linux/system/repo/keystorage/influxdb.yml
@@ -0,0 +1,59 @@
+parameters:
+ linux:
+ system:
+ repo:
+ mcp_influxdb:
+ # pub 4096R/2582E0C5 2015-09-28
+ key: |
+ -----BEGIN PGP PUBLIC KEY BLOCK-----
+ Version: GnuPG v1
+
+ mQINBFYJmwQBEADCw7mob8Vzk+DmkYyiv0dTU/xgoSlp4SQwrTzat8MB8jxmx60l
+ QjmhqEyuB8ho4zzZF9KV+gJWrG6Rj4t69JMTJWM7jFz+0B1PC7kJfNM+VcBmkTnj
+ fP+KJjqz50ETnsF0kQTG++UJeRYjG1dDK0JQNQJAM6NQpIWJI339lcDf15vzrMnb
+ OgIlNxV6j1ZZqkle4fvScF1NQxYScRiL+sRgVx92SI4SyD/xZnVGD/szB+4OCzah
+ +0Q/MnNGV6TtN0RiCDZjIUYiHoeT9iQXEONKf7T62T4zUafO734HyqGvht93MLVU
+ GQAeuyx0ikGsULfOsJfBmb3XJS9u+16v7oPFt5WIbeyyNuhUu0ocK/PKt5sPYR4u
+ ouPq6Ls3RY3BGCH9DpokcYsdalo51NMrMdnYwdkeq9MEpsEKrKIN5ke7fk4weamJ
+ BiLI/bTcfM7Fy5r4ghdI9Ksw/ULXLm4GNabkIOSfT7UjTzcBDOvWfKRBLX4qvsx4
+ YzA5kR+nX85u6I7W10aSqBiaLqk6vCj0QmBmCjlSeYqNQqSzH/6OoL6FZ7lP6AiG
+ F2NyGveJKjugoXlreLEhOYp20F81PNwlRBCAlMC2Q9mpcFu0dtAriVoG4gVDdYn5
+ t+BiGfD2rJlCinYLgYBDpTPcdRT3VKHWqL9fcC4HKmic0mwWg9homx550wARAQAB
+ tDFJbmZsdXhEQiBQYWNrYWdpbmcgU2VydmljZSA8c3VwcG9ydEBpbmZsdXhkYi5j
+ b20+iQI3BBMBCgAhBQJWCZsEAhsDBQsJCAcDBRUKCQgLBRYDAgEAAh4BAheAAAoJ
+ EGhKFM8lguDF9XEQAK9rREnZt6ujh7GXfeNki35bkn39q8GYh0mouShFbFY9o0i3
+ UJVChsxokJSRPgFh9GOhOPTupl3rzfdpD+IlWI2Myt6han2HOjZKNZ4RGNrYJ5UR
+ uxt4dKMWlMbpkzL56bhHlx97RoXKv2d2zRQfw9nyZb6t3lw2k2kKXsMxjGa0agM+
+ 2SropwYOXdtkz8UWaGd3LYxwEvW3AuhI8EEEHdLetQaYe9sANDvUEofgFbdsuICH
+ 9QLmbYavk7wyGTPBKfPBbeyTxwW2rMUnFCNccMKLm1i5NpZYineBtQbX2cfx9Xsk
+ 1JLOzEBmNal53H2ob0kjev6ufzOD3s8hLu4KMCivbIz4YT3fZyeExn0/0lUtsQ56
+ 5fCxE983+ygDzKsCnfdXqm3GgjaI90OkNr1y4gWbcd5hicVDv5fD3TD9f0GbpDVw
+ yDz8YmvNzxMILt5Glisr6aH7gLG/u8jxy0D8YcBiyv5kfY4vMI2yXHpGg1cn/sVu
+ ZB01sU09VVIM2BznnimyAayI430wquxkZCyMx//BqFM1qetIgk1wDZTlFd0n6qtA
+ fDmXAC4s5pM5rfM5V57WmPaIqnRIaESJ35tFUFlCHfkfl/N/ribGVDg1z2KDW08r
+ 96oEiIIiV4GfXl+NprJqpNS3Cn+aCXtd7/TsDScDEgs4sMaR29Lsf26cuWk8uQIN
+ BFYJmwQBEADDPi3fmwn6iwkiDcH2E2V31cHlBw9OdJfxKVUdyAQEhTtqmG9P8XFZ
+ ERRQF155XLQPLvRlUlq7vEYSROn5J6BAnsjdjsH9LmFMOEV8CIRCRIDePG/Mez2d
+ nIK5yiU6GkS3IFaQg2T9/tOBKxm0ZJPfqTXbT4jFSfvYJ3oUqc+AyYxtb8gj1GRk
+ X283/86/bA3C98u7re1vPtiDRyM8r0+lhEc59Yx/EAOL+X2gZyTgyUoH+LLuOWQK
+ s1egI8y80R8NZfM1nMiQk2ywMsTFwQjSVimScvzqv5Nt8k8CvHUQ3a6R+6doXGNX
+ 5RnUqn9Qvmh0JY5sNgFsoaGbuk2PJrVaGBRnfnjaDqAlZpDhwkWhcCcguNhRbRHp
+ N7/a0pQr70bAG9VikzLyGC17EU0sxney/hyNHkr4Uyy2OXHpuJvRjVKy/BwZ3fxA
+ AYX2oZIOxQB3/OulzO/DppaCVhRtp1bt+Z5f+fpisiVb5DvZcMdeyAoQ4+oOr7v3
+ EasIs2XYcQ+kOE3Y2kdlHWBeuXzxgWgJZ1OOpwGMjR3Uy6IwhuSWtreJBA4er+Df
+ vgSPwKBsRLNLbPe3ftjArnC5GfMiGgikVdAUdN4OkEqvUbkRoAVGKTOMLUKm+ZkG
+ OskJOVYS+JAina0qkYEFF7haycMjf9olhqLmTIC+6X7Ox9R2plaOhQARAQABiQIf
+ BBgBCgAJBQJWCZsEAhsMAAoJEGhKFM8lguDF8ZIP/1q9Sdz8oMvf9AJXZ7AYxm77
+ V+kJzJqi62nZLWJnrFXDZJpU+LkYlb3fstsZ1rvBhnrEPSmFxoj72CP0RtcyX7wJ
+ dA7K1Fl9LpJi5H8300cC7UyG94MUYbrXijbLTbnFTfNr1tGx4a1T/7Yyxx/wZGrT
+ H/X8cvNybkl33SxDdlQQ9kx3lFOwC41e3TkGsUWxn3TCfvDh8VdA6Py6JeSPFGOb
+ MEO2/q7oUgvjfV+ivN5ayZi9bWgeqm1sgtmTHHQ4RqwwKrAb5ynXpn1b9QrkevgT
+ b91uzMA22Prl4DuzKiaMYDcZOQ3vtf0eFBP0GOSSgUKS4bQ3dGgi1JmQ7VuAM4uj
+ +Ug5TnGoLwclTwLksc7v89C5MMPgm2vVXvCUDzyzQA7bIHFeX+Rziby4nymec4Nr
+ eeXYNBJWrEp8XR7UNWmEgroXRoN1x9/6esh5pnoUXGAIWuKzSLQM70/wWxS67+v2
+ aC1GNb+pXXAzYeIIiyLWaZwCSr8sWMvshFT9REk2+lnb6sAeJswQtfTUWI00mVqZ
+ dvI3Wys2h0IyIejuwetTUvGhr9VgpqiLLfGzGlt/y2sg27wdHzSJbMh0VrVAK26/
+ BlvEwWDCFT0ZJUMG9Lvre25DD0ycbougLsRYjzmGb/3k3UktS3XTCxyBa/k3TPw3
+ vqIHrEqk446nGPDqJPS5
+ =9iF7
+ -----END PGP PUBLIC KEY BLOCK-----
diff --git a/linux/system/repo/mcp/apt_mirantis/influxdb.yml b/linux/system/repo/mcp/apt_mirantis/influxdb.yml
index e6ebcb3..f5f4c90 100644
--- a/linux/system/repo/mcp/apt_mirantis/influxdb.yml
+++ b/linux/system/repo/mcp/apt_mirantis/influxdb.yml
@@ -1,13 +1,18 @@
+classes:
+- system.linux.system.repo.keystorage.influxdb
parameters:
_param:
apt_mk_version: stable
- linux_system_repo_mcp_influxdb_version: ${_param:apt_mk_version}
+ linux_system_repo_url: http://mirror.mirantis.com/${_param:apt_mk_version}/
+ linux_system_repo_mcp_influxdb_url: ${_param:linux_system_repo_url}/influxdb/
linux:
system:
repo:
mcp_influxdb:
- source: "deb [arch=amd64] http://mirror.mirantis.com/${_param:linux_system_repo_mcp_influxdb_version}/influxdb/${_param:linux_system_codename}/ ${_param:linux_system_codename} stable"
+ source: "deb [arch=amd64] ${_param:linux_system_repo_mcp_influxdb_url}/${_param:linux_system_codename}/ ${_param:linux_system_codename} stable"
architectures: amd64
- key_id: 684A14CF2582E0C5
- key_server: keyserver.ubuntu.com
clean_file: true
+ pin:
+ - pin: 'release l=InfluxDB'
+ priority: 1100
+ package: '*'
diff --git a/linux/system/repo/mcp/extra.yml b/linux/system/repo/mcp/extra.yml
index 9839a23..7711fa0 100644
--- a/linux/system/repo/mcp/extra.yml
+++ b/linux/system/repo/mcp/extra.yml
@@ -12,5 +12,5 @@
clean_file: true
pin:
- pin: 'release a=${_param:linux_system_repo_mcp_extra_version}'
- priority: 1100
+ priority: 1200
package: '*'
diff --git a/linux/system/repo_local/mcp/apt_mirantis/influxdb.yml b/linux/system/repo_local/mcp/apt_mirantis/influxdb.yml
index 6bd6509..06c646c 100644
--- a/linux/system/repo_local/mcp/apt_mirantis/influxdb.yml
+++ b/linux/system/repo_local/mcp/apt_mirantis/influxdb.yml
@@ -1,3 +1,5 @@
+# DEPRECATED since 2018.7+ release.
+# Please use system/repo/mcp/apt_mirantis
parameters:
_param:
apt_mk_version: stable
diff --git a/linux/system/single/init.yml b/linux/system/single/init.yml
index 970184c..edefd93 100644
--- a/linux/system/single/init.yml
+++ b/linux/system/single/init.yml
@@ -1,65 +1,5 @@
classes:
-- service.linux.system
+- system.linux.system.single.mcp
- service.salt.minion.master
-- system.linux.system.banner
- system.openssh.server.single
- system.ntp.client.single
-parameters:
- _param:
- local_package_repos: false
- linux:
- system:
- local_package_repos: ${_param:local_package_repos}
- user:
- root:
- enabled: true
- name: root
- home: /root
- kernel:
- modules:
- - nf_conntrack
- sysctl:
- net.ipv4.tcp_keepalive_intvl: 3
- net.ipv4.tcp_keepalive_time: 30
- net.ipv4.tcp_keepalive_probes: 8
- fs.file-max: 124165
- net.core.somaxconn: 4096
- vm.swappiness: 10
- net.nf_conntrack_max: 1048576
- net.ipv4.tcp_retries2: 5
- net.ipv4.tcp_max_syn_backlog: 8192
- net.ipv4.neigh.default.gc_thresh1: 4096
- net.ipv4.neigh.default.gc_thresh2: 8192
- net.ipv4.neigh.default.gc_thresh3: 16384
- net.core.netdev_max_backlog: 261144
- net.ipv4.tcp_tw_reuse: 1
- kernel.panic: 60
- cpu:
- governor: performance
- timezone: UTC
- locale:
- en_US.UTF-8:
- enabled: true
- default: true
- limit:
- default:
- enabled: true
- domain: "*"
- limits:
- - type: hard
- item: nofile
- value: 307200
- - type: soft
- item: nofile
- value: 307200
- - type: soft
- item: nproc
- value: 307200
- - type: hard
- item: nproc
- value: 307200
- systemd:
- system:
- Manager:
- DefaultLimitNOFILE: 307200
- DefaultLimitNPROC: 307200
diff --git a/linux/system/single/mcp.yml b/linux/system/single/mcp.yml
new file mode 100644
index 0000000..850a7ac
--- /dev/null
+++ b/linux/system/single/mcp.yml
@@ -0,0 +1,48 @@
+classes:
+- system.linux.system.single.simple
+parameters:
+ linux:
+ system:
+ kernel:
+ modules:
+ - nf_conntrack
+ sysctl:
+ net.ipv4.tcp_keepalive_intvl: 3
+ net.ipv4.tcp_keepalive_time: 30
+ net.ipv4.tcp_keepalive_probes: 8
+ fs.file-max: 124165
+ net.core.somaxconn: 4096
+ vm.swappiness: 10
+ net.nf_conntrack_max: 1048576
+ net.ipv4.tcp_retries2: 5
+ net.ipv4.tcp_max_syn_backlog: 8192
+ net.ipv4.neigh.default.gc_thresh1: 4096
+ net.ipv4.neigh.default.gc_thresh2: 8192
+ net.ipv4.neigh.default.gc_thresh3: 16384
+ net.core.netdev_max_backlog: 261144
+ net.ipv4.tcp_tw_reuse: 1
+ kernel.panic: 60
+ cpu:
+ governor: performance
+ limit:
+ default:
+ enabled: true
+ domain: "*"
+ limits:
+ - type: hard
+ item: nofile
+ value: 307200
+ - type: soft
+ item: nofile
+ value: 307200
+ - type: soft
+ item: nproc
+ value: 307200
+ - type: hard
+ item: nproc
+ value: 307200
+ systemd:
+ system:
+ Manager:
+ DefaultLimitNOFILE: 307200
+ DefaultLimitNPROC: 307200
diff --git a/linux/system/single/simple.yml b/linux/system/single/simple.yml
new file mode 100644
index 0000000..5f21537
--- /dev/null
+++ b/linux/system/single/simple.yml
@@ -0,0 +1,15 @@
+classes:
+- service.linux.system
+- system.linux.system.banner
+- service.logrotate.server
+parameters:
+ _param:
+ local_package_repos: false
+ linux:
+ system:
+ local_package_repos: ${_param:local_package_repos}
+ timezone: UTC
+ locale:
+ en_US.UTF-8:
+ enabled: true
+ default: true
diff --git a/maas/region/cluster.yml b/maas/region/cluster.yml
index 8df6ea8..ff6dac5 100644
--- a/maas/region/cluster.yml
+++ b/maas/region/cluster.yml
@@ -1,12 +1,18 @@
classes:
- system.maas.region.single
- system.keepalived.server.cluster_maas
+ - system.linux.system.repo.keystorage.saltstack
parameters:
_param:
cluster_vip_address: 10.0.175.80
+ linux_system_repo_mcp_saltstack_url: http://mirror.mirantis.com/${_param:apt_mk_version}/saltstack-2017.7/
maas:
cluster:
enabled: true
role: ${_param:maas_cluster_role}
region:
- host: ${_param:cluster_vip_address}
\ No newline at end of file
+ host: ${_param:cluster_vip_address}
+ saltstack_repo_key: ${linux:system:repo:mcp_saltstack:key}
+ saltstack_repo_trusty: "deb [arch=amd64] ${_param:linux_system_repo_mcp_saltstack_url}/trusty/ trusty main"
+ saltstack_repo_xenial: "deb [arch=amd64] ${_param:linux_system_repo_mcp_saltstack_url}/xenial/ xenial main"
+
diff --git a/openssh/server/team/mcp_qa.yml b/openssh/server/team/mcp_qa.yml
index b898218..b22272a 100644
--- a/openssh/server/team/mcp_qa.yml
+++ b/openssh/server/team/mcp_qa.yml
@@ -149,6 +149,13 @@
full_name: Sergey Novikov
home: /home/snovikov
email: snovikov@mirantis.com
+ aminasyan:
+ enabled: true
+ name: aminasyan
+ sudo: true
+ full_name: Artem Minasyan
+ home: /home/aminasyan
+ email: aminasyan@mirantis.com
group:
libvirtd:
enabled: true
@@ -272,6 +279,11 @@
public_keys:
- ${public_keys:snovikov}
user: ${linux:system:user:snovikov}
+ aminasyan:
+ enable: true
+ public_keys:
+ - ${public_keys:aminasyan}
+ user: ${linux:system:user:aminasyan}
public_keys:
ddmitriev:
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDuD4wJ8hzkchQ0pfgdwWukQyps1xYRfHOsjosmDu/mmgaXVud5mnpwb2q35E2YYTox2mx+ulJqyS+099gz6MPg4P8D5qdMuRbAsJqbceLaaIGQhdT8qgSo7ESrl5pwvYnfWzKLKF0z5s7nrW0nvArC40zhV9o9XpvzzzSFByepWfkwA8ReldGUYVvTKp8YXaCrqEdMZrU42adPM2nl+fYBbGF+h4/Ka247aVjPeER0blV3znFXbv2Kf38G+i/TEGaktgpBdtGGDi1tX2loMypmTJeqZRJnM0Eoly0BnynB7CSxn11eoIXBUe1mVYNqmQd1hw6uh59iymhK5j939v9J ddmitriev@dis_xcom
@@ -319,3 +331,6 @@
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDEaWwPVtsj39s0A2efRQ1ejL5B7ZetFPmXJDi/8W/gTWIIII3xP750H8QWZfvbjiJ+KBCxOndDL8aL3SHC/iRCvmzrVkgXBgf5J9vTu8uas7BNGf7oiDBuB75fryDtkg57Pam/A47IlgxJTCwYz+ofUGHb6WrWwQ+MUTEWAk9PB+RPyxjwNC4XxEwtULkKQMgFmg52kauESpx0R0ni8/LLKUJucdse7NCcUTvEcafppnXsxdZ640G0K82ADS1neg1CDwdtCPKLG57GZYs4iL3sPcOhQxnVUoONXsRpBD8kQTKOMl5R6hTDJHBd3oimUPEXlPqeb/XeGKatVraRA6nJ ekhomyakova@ekhomyakova
snovikov:
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDYj97WGfiL550eVPyQmFyrgpTw61tfins1CpgrZewWqAWJMgYklRdMYl4OReE5UO2po7ag0f/QsOtGU8aQbnxnWUYPZyS3Qk+Bg8OOSBmewPxmT7WH97KdGKBdC9b3xUNFOUXEUOMmOe3jq9YET+xebUnfsA5qwYU5dL9Cb5UAPzVxYI8z5RiaNTo8dtwZr7lbJJRy8YfSWCtiD59vewc6BE2NTUyDjsfmKd9K/IkyKboGU9AC5mLYDsjvWwiGcNdfigRyaYWKmoo7Xhe1W2Og4dpI5pozOwVg7hISW9NRgLXrZP/9me1rFBH7EQjpjO3+Pto1//R3Nx9QLsB59yuj snovikov@snovikov
+ aminasyan:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCo9BHw8WdIFOEuY10XvUqHPl1jCqtA8TYntt5Aee2rR8X8pLG9lWjHPFkNArD5upCRvv6f88Xs4QLoEGWMWcbfMkJE4gMNkOWL4As5iNgagw+DybQrA6nXyassHi8le+quwICfJ1v16IXxPgMBCcrRcSYvHKv+n8KsuBH1csRnJ8aHvIZJTL43Eq0F+aj2S0/9D+m2dyRwcmamn6EqX61NfL5UP3422i4JykTXY6I8iwEHs7Er+jPBD7rtJ/q4Kn/bIyT/Vz0tGHiWyVt7B8GBoPb3PgDuzXKvU7OtOxFb3uhANeecjzIz5G5rAsAQcizf+MGCOoBwFLFJTPAharWN artem@Artem
+
diff --git a/openssh/server/team/members/gzimin.yml b/openssh/server/team/members/gzimin.yml
new file mode 100644
index 0000000..2052f21
--- /dev/null
+++ b/openssh/server/team/members/gzimin.yml
@@ -0,0 +1,20 @@
+parameters:
+ linux:
+ system:
+ user:
+ gzimin:
+ enabled: true
+ name: gzimin
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: Gleb Zimin
+ home: /home/gzimin
+ email: gzimin@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ gzimin:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDitupT4OHwP9EsJTDu10Y3XslxjbvyTxC/EMjgxwDM1LxooJK7AO+WkgdCP0o5nkiPi3y50pw66yKGYDlzNu8JkTIWGRvzfBWK8aU55m0F2wmxNkoT7eiCCrhwThwKfNI44MV0ZZ7plf3eeIthAonsyc5rkC+7ZseF7xmErjKcwfApS3AWn44KXs3iSdp8uJbZ3GARGDtzjfcyEzYQK8c8J4AHeXtGStWQnk146UN7m9F8AztOEkmtzkQXLWR+DQgPkFsS+KfSacqCriYCHJPN3C9tcMSCfCdwN4/P1HoYoAGz8WE9YulRGnmb9JSCmo+Lu/f2liC63llhhcr5eJsj gzimin@Glebs-MacBook-Pro.local
+ user: ${linux:system:user:gzimin}
diff --git a/openssh/server/team/networking.yml b/openssh/server/team/networking.yml
index e4f5ea7..6541e34 100644
--- a/openssh/server/team/networking.yml
+++ b/openssh/server/team/networking.yml
@@ -6,6 +6,7 @@
- system.openssh.server.team.members.ivasilevskaya
- system.openssh.server.team.members.jcach
- system.openssh.server.team.members.psvimbersky
+- system.openssh.server.team.members.gzimin
parameters:
_param:
linux_system_user_sudo: true
diff --git a/panko/server/cluster.yml b/panko/server/cluster.yml
index e277c30..d641f36 100644
--- a/panko/server/cluster.yml
+++ b/panko/server/cluster.yml
@@ -9,9 +9,12 @@
panko_memcached_node01_address: ${_param:cluster_node01_address}
panko_memcached_node02_address: ${_param:cluster_node02_address}
panko_memcached_node03_address: ${_param:cluster_node03_address}
+ # Keep events in database for 30 days
+ panko_event_time_to_live: 2592000
panko:
server:
role: ${_param:openstack_node_role}
+ event_time_to_live: ${_param:panko_event_time_to_live}
identity:
host: ${_param:openstack_control_address}
database:
@@ -24,4 +27,9 @@
- host: ${_param:panko_memcached_node02_address}
port: 11211
- host: ${_param:panko_memcached_node03_address}
- port: 11211
\ No newline at end of file
+ port: 11211
+ # Check for expired events every day at 2 AM
+ expirer:
+ cron:
+ minute: 0
+ hour: 2
\ No newline at end of file
diff --git a/panko/server/single.yml b/panko/server/single.yml
new file mode 100644
index 0000000..497b21e
--- /dev/null
+++ b/panko/server/single.yml
@@ -0,0 +1,16 @@
+classes:
+- service.panko.server.single
+- system.apache.server.site.panko
+parameters:
+ _param:
+ # Keep events in database for 30 days
+ panko_event_time_to_live: 2592000
+ panko:
+ server:
+ role: ${_param:openstack_node_role}
+ event_time_to_live: ${_param:panko_event_time_to_live}
+ # Check for expired events every day at 2 AM
+ expirer:
+ cron:
+ minute: 0
+ hour: 2
\ No newline at end of file
diff --git a/prometheus/gainsight/query/openstack.yml b/prometheus/gainsight/query/openstack.yml
index 9215d2e..34c81c3 100644
--- a/prometheus/gainsight/query/openstack.yml
+++ b/prometheus/gainsight/query/openstack.yml
@@ -4,7 +4,7 @@
queries:
vcpu_used: "'vCPU Used','sum(avg_over_time(openstack_nova_used_vcpus[24h]))'"
vcpu_free: "'vCPU Free','sum(avg_over_time(openstack_nova_free_vcpus[24h]))'"
- vstorge_used: "'vStorage Used','sum(avg_over_time(openstack_nova_used_disk[24h]))'"
+ vstorage_used: "'vStorage Used','sum(avg_over_time(openstack_nova_used_disk[24h]))'"
vstorage_free: "'vStorage Free','sum(avg_over_time(openstack_nova_free_disk[24h]))'"
vram_used: "'vRAM Used','sum(avg_over_time(openstack_nova_used_ram[24h]))'"
vram_free: "'vRAM Free','sum(avg_over_time(openstack_nova_free_ram[24h]))'"
@@ -15,5 +15,4 @@
nova_api: "'Nova API','avg(avg_over_time(openstack_api_check_status{service=\"nova\"}[24h]))'"
keystone_api: "'Keystone API','avg(avg_over_time(openstack_api_check_status{service=\"keystone\"}[24h]))'"
glance_api: "'Glance API','avg(avg_over_time(openstack_api_check_status{service=\"glance\"}[24h]))'"
- keystone_api: "'Keystone API','avg(avg_over_time(openstack_api_check_status{service=\"keystone\"}[24h]))'"
neutron_api: "'Neutron API','avg(avg_over_time(openstack_api_check_status{service=\"neutron\"}[24h]))'"
diff --git a/reclass/storage/system/openstack_dashboard_single.yml b/reclass/storage/system/openstack_dashboard_single.yml
index 51e2d91..00bd6a8 100644
--- a/reclass/storage/system/openstack_dashboard_single.yml
+++ b/reclass/storage/system/openstack_dashboard_single.yml
@@ -2,6 +2,7 @@
_param:
openstack_proxy_hostname: prx01
openstack_proxy_system_codename: trusty
+ openstack_proxy_node01_address: 172.16.10.121
reclass:
storage:
node:
@@ -13,4 +14,4 @@
params:
salt_master_host: ${_param:reclass_config_master}
linux_system_codename: ${_param:openstack_proxy_system_codename}
- single_address: 172.16.10.121
+ single_address: ${_param:openstack_proxy_node01_address}