Merge "Add STACK_RECLASS_BRANCH parameter to *mcp11* jobs"
diff --git a/.releasenotes/notes/remove-glusterfs-prometheus-4206900d4ccfb601.yaml b/.releasenotes/notes/remove-glusterfs-prometheus-4206900d4ccfb601.yaml
new file mode 100644
index 0000000..6d6a426
--- /dev/null
+++ b/.releasenotes/notes/remove-glusterfs-prometheus-4206900d4ccfb601.yaml
@@ -0,0 +1,9 @@
+---
+summary: >
+ Removed GlusterFS requirements for Prometheus
+
+deprecations:
+ - Removed GlusterFS from Prometheus requirements.
+ Prometheus/alertmanager do not require shared storage.
+ Now, the configurations for Prometheus and Alertmanager
+ will be generated on every Docker Swarm node.
diff --git a/docker/swarm/stack/gerrit.yml b/docker/swarm/stack/gerrit.yml
index b59172a..95bc233 100644
--- a/docker/swarm/stack/gerrit.yml
+++ b/docker/swarm/stack/gerrit.yml
@@ -7,7 +7,7 @@
gerrit_ldap_bind_password: ""
gerrit_ldap_account_base: ""
gerrit_ldap_group_base: ""
-
+ gerrit_http_listen_url: http://*:8080/
docker:
client:
stack:
@@ -40,6 +40,7 @@
LDAP_USERNAME: ${_param:gerrit_ldap_bind_user}
LDAP_PASSWORD: ${_param:gerrit_ldap_bind_password}
WEBURL: ${_param:gerrit_public_host}
+ HTTPD_LISTENURL: ${_param:gerrit_http_listen_url}
GERRIT_ADMIN_SSH_PUBLIC: ${_param:gerrit_admin_public_key}
GERRIT_ADMIN_PWD: ${_param:gerrit_admin_password}
GERRIT_ADMIN_EMAIL: ${_param:gerrit_admin_email}
diff --git a/docker/swarm/stack/janitor_monkey.yml b/docker/swarm/stack/janitor_monkey.yml
index d1f240c..08fdb5c 100644
--- a/docker/swarm/stack/janitor_monkey.yml
+++ b/docker/swarm/stack/janitor_monkey.yml
@@ -25,9 +25,12 @@
janitor_monkey_openstack:
project_domain_name: default
project_name: admin
- username: ""
- password: ""
- auth_url: ""
+ auth_url: http://yourcloud.com:5000/v3/auth/tokens
+ username: admin
+ password: password
+ ssl_verify: False
+ cacert_path: /srv/volumes/rundeck/storage/content/cis/openstack/cert.pem
+ cafile: /opt/certs/cert.pem
docker:
client:
stack:
@@ -53,6 +56,8 @@
simianarmy.client.cloudfire.secretKey: ${_param:janitor_monkey_openstack:password}
simianarmy.client.cloudfire.domain: ${_param:janitor_monkey_openstack:project_domain_name}
simianarmy.client.cloudfire.project: ${_param:janitor_monkey_openstack:project_name}
+ simianarmy.client.cloudfire.SSLVerify: ${_param:janitor_monkey_openstack:ssl_verify}
+ simianarmy.client.cloudfire.cafile: ${_param:janitor_monkey_openstack:cafile}
service:
cleanup-service-mongodb:
image: ${_param:docker_image_mongodb}
@@ -72,6 +77,8 @@
condition: any
ports:
- ${_param:haproxy_janitor_monkey_exposed_port}:${_param:janitor_monkey_bind_port}
+ volumes:
+ - ${_param:janitor_monkey_openstack:cacert_path}:${_param:janitor_monkey_openstack:cafile}:ro
network:
default:
external:
diff --git a/docker/swarm/stack/pushkin.yml b/docker/swarm/stack/pushkin.yml
index 593f532..71b5f5f 100644
--- a/docker/swarm/stack/pushkin.yml
+++ b/docker/swarm/stack/pushkin.yml
@@ -7,6 +7,8 @@
pushkin_ssl:
enabled: false
pushkin_db: pushkin
+ pushkin_smtp_host: smtp.gmail.com
+ pushkin_smtp_port: 587
docker:
client:
stack:
@@ -18,6 +20,9 @@
PUSHKINDBHOST: ${_param:postgresql_bind_host}
PUSHKINELASTICHOST: ${_param:elasticsearch_bind_host}
WEBHOOK_FROM: ${_param:webhook_from}
+ EMAIL_SENDER_PASSWORD: ${_param:pushkin_email_sender_password}
+ SMTP_HOST: ${_param:pushkin_smtp_host}
+ SMTP_PORT: ${_param:pushkin_smtp_port}
WEBHOOK_RECIPIENTS: ${_param:webhook_recipients}
WEBHOOK_LOGIN_ID: ${_param:webhook_login_id}
WEBHOOK_APPLICATION_ID: ${_param:webhook_application_id}
diff --git a/docker/swarm/stack/security_monkey.yml b/docker/swarm/stack/security_monkey.yml
index f7b5980..67233c2 100644
--- a/docker/swarm/stack/security_monkey.yml
+++ b/docker/swarm/stack/security_monkey.yml
@@ -22,12 +22,16 @@
security_monkey_openstack:
os_account_id: mcp_cloud
os_account_name: mcp_cloud
- username: ""
- password: ""
- auth_url: ""
+ auth_url: http://yourcloud.com:5000/v3/auth/tokens
+ username: admin
+ password: password
project_domain_name: Default
project_name: admin
user_domain_name: Default
+ cacert_path: /srv/volumes/rundeck/storage/content/cis/openstack/cert.pem
+ cafile: /opt/certs/cert.pem
+ endpoint_type: public
+ ssl_verify: False
docker:
client:
stack:
@@ -52,6 +56,9 @@
OS_AUTH_URL: ${_param:security_monkey_openstack:auth_url}
OS_PROJECT_DOMAIN_NAME: ${_param:security_monkey_openstack:project_domain_name}
OS_PROJECT_NAME: ${_param:security_monkey_openstack:project_name}
+ OS_SSL_VERIFY: ${_param:security_monkey_openstack:ssl_verify}
+ OS_ENDPOINT_TYPE: ${_param:security_monkey_openstack:endpoint_type}
+ CACERT_PATH: ${_param:security_monkey_openstack:cafile}
USER_DOMAIN_NAME: ${_param:security_monkey_openstack:user_domain_name}
SM_WTF_CSRF_ENABLED: ${_param:devops_portal_sm_wtf_csrf_enabled}
SECURITY_MONKEY_SYNC_INTERVAL: ${_param:security_monkey_sync_interval}
@@ -68,6 +75,7 @@
- ${_param:haproxy_security_monkey_exposed_port}:${_param:haproxy_security_monkey_bind_port}
volumes:
- /srv/volumes/security_monkey/logs:/var/log/security_monkey/logs
+ - ${_param:security_monkey_openstack:cacert_path}:${_param:security_monkey_openstack:cafile}:ro
security-audit-scheduler:
image: ${_param:docker_image_security_monkey_scheduler}
deploy:
@@ -76,6 +84,7 @@
condition: any
volumes:
- /srv/volumes/security_monkey/logs:/var/log/security_monkey/logs
+ - ${_param:security_monkey_openstack:cacert_path}:${_param:security_monkey_openstack:cafile}:ro
network:
default:
external:
diff --git a/glusterfs/client/volume/glance.yml b/glusterfs/client/volume/glance.yml
index ec593b9..e84ff06 100644
--- a/glusterfs/client/volume/glance.yml
+++ b/glusterfs/client/volume/glance.yml
@@ -13,3 +13,20 @@
user: glance
group: glance
opts: "defaults,backup-volfile-servers=${_param:glusterfs_node01_address}:${_param:glusterfs_node02_address}:${_param:glusterfs_node03_address}"
+ linux:
+ system:
+ user:
+ glance:
+ enabled: true
+ name: glance
+ uid: 302
+ gid: 302
+ home: /var/lib/glance
+ shell: /bin/false
+ system: True
+ group:
+ glance:
+ enabled: true
+ name: glance
+ gid: 302
+ system: True
diff --git a/glusterfs/client/volume/keystone.yml b/glusterfs/client/volume/keystone.yml
index 822b61f..39c5619 100644
--- a/glusterfs/client/volume/keystone.yml
+++ b/glusterfs/client/volume/keystone.yml
@@ -19,3 +19,20 @@
user: keystone
group: keystone
opts: "defaults,backup-volfile-servers=${_param:glusterfs_node01_address}:${_param:glusterfs_node02_address}:${_param:glusterfs_node03_address}"
+ linux:
+ system:
+ user:
+ keystone:
+ enabled: true
+ name: keystone
+ home: /var/lib/keystone
+ uid: 301
+ gid: 301
+ shell: /bin/false
+ system: True
+ group:
+ keystone:
+ enabled: true
+ name: keystone
+ gid: 301
+ system: True
diff --git a/glusterfs/client/volume/prometheus.yml b/glusterfs/client/volume/prometheus.yml
deleted file mode 100644
index 3fae59b..0000000
--- a/glusterfs/client/volume/prometheus.yml
+++ /dev/null
@@ -1,13 +0,0 @@
-parameters:
- _param:
- prometheus_glusterfs_service_host: ${_param:glusterfs_service_host}
- glusterfs_node01_address: ${_param:cluster_node01_address}
- glusterfs_node02_address: ${_param:cluster_node02_address}
- glusterfs_node03_address: ${_param:cluster_node03_address}
- glusterfs:
- client:
- volumes:
- prometheus:
- path: /srv/volumes/prometheus
- server: ${_param:prometheus_glusterfs_service_host}
- opts: "defaults,backup-volfile-servers=${_param:glusterfs_node01_address}:${_param:glusterfs_node02_address}:${_param:glusterfs_node03_address}"
diff --git a/glusterfs/server/volume/glance.yml b/glusterfs/server/volume/glance.yml
index 8276a44..0f54219 100644
--- a/glusterfs/server/volume/glance.yml
+++ b/glusterfs/server/volume/glance.yml
@@ -14,4 +14,4 @@
nfs.disable: On
network.remote-dio: On
diagnostics.client-log-level: WARNING
- diagnostics.brick-log-level: WARNING
\ No newline at end of file
+ diagnostics.brick-log-level: WARNING
diff --git a/glusterfs/server/volume/prometheus.yml b/glusterfs/server/volume/prometheus.yml
deleted file mode 100644
index 144847a..0000000
--- a/glusterfs/server/volume/prometheus.yml
+++ /dev/null
@@ -1,17 +0,0 @@
-parameters:
- glusterfs:
- server:
- volumes:
- prometheus:
- storage: /srv/glusterfs/prometheus
- replica: 3
- bricks:
- - ${_param:cluster_node01_address}:/srv/glusterfs/prometheus
- - ${_param:cluster_node02_address}:/srv/glusterfs/prometheus
- - ${_param:cluster_node03_address}:/srv/glusterfs/prometheus
- options:
- cluster.readdir-optimize: On
- nfs.disable: On
- network.remote-dio: On
- diagnostics.client-log-level: WARNING
- diagnostics.brick-log-level: WARNING
diff --git a/jenkins/client/job/debian/packages/extra.yml b/jenkins/client/job/debian/packages/extra.yml
index b344c63..13ee191 100644
--- a/jenkins/client/job/debian/packages/extra.yml
+++ b/jenkins/client/job/debian/packages/extra.yml
@@ -173,6 +173,22 @@
dist: xenial
build: influxdb-relay
branch: master
+ - package: prometheus-relay
+ dist: trusty
+ build: prometheus-relay
+ branch: master
+ - package: prometheus-relay
+ dist: xenial
+ build: prometheus-relay
+ branch: master
+ - package: python-datrie
+ dist: xenial
+ build: pipeline
+ branch: debian/xenial
+ - package: contrail-api-cli
+ dist: xenial
+ build: pipeline
+ branch: debian/xenial
template:
type: workflow-scm
concurrent: false
diff --git a/jenkins/client/job/deploy/lab/component/kubernetes.yml b/jenkins/client/job/deploy/lab/component/kubernetes.yml
index 5ef3bd9..e2598eb 100644
--- a/jenkins/client/job/deploy/lab/component/kubernetes.yml
+++ b/jenkins/client/job/deploy/lab/component/kubernetes.yml
@@ -33,3 +33,9 @@
stack_install: core,k8s,contrail
stack_test: ""
job_timer: "H H(0-6) * * *"
+ - stack_name: k8s_ha_calico_sm
+ stack_env: devcloud
+ stack_type: heat
+ stack_install: core,k8s,calico
+ stack_test: ""
+ job_timer: "H H(0-6) * * *"
diff --git a/jenkins/client/job/deploy/lab/component/openstack.yml b/jenkins/client/job/deploy/lab/component/openstack.yml
index 1e1d334..0e526c6 100644
--- a/jenkins/client/job/deploy/lab/component/openstack.yml
+++ b/jenkins/client/job/deploy/lab/component/openstack.yml
@@ -20,6 +20,12 @@
stack_install: core,openstack,contrail
stack_test: ""
job_timer: "H H(0-6) * * *"
+ - stack_name: os_ha_contrail_ironic
+ stack_env: devcloud
+ stack_type: heat
+ stack_install: core,openstack,contrail
+ stack_test: ""
+ job_timer: ""
- stack_name: os_ha_ovs
stack_env: devcloud
stack_type: heat
diff --git a/jenkins/client/job/oss/init.yml b/jenkins/client/job/oss/init.yml
index 0e23f01..f8b5bdc 100644
--- a/jenkins/client/job/oss/init.yml
+++ b/jenkins/client/job/oss/init.yml
@@ -1,3 +1,4 @@
classes:
- system.jenkins.client.job.oss.test_devops_portal
+ - system.jenkins.client.job.oss.test_devops_portal_nightly
- system.jenkins.client.job.oss.test_security_monkey_openstack
diff --git a/jenkins/client/job/oss/test_devops_portal.yml b/jenkins/client/job/oss/test_devops_portal.yml
index 4007010..7001200 100644
--- a/jenkins/client/job/oss/test_devops_portal.yml
+++ b/jenkins/client/job/oss/test_devops_portal.yml
@@ -41,3 +41,6 @@
DEFAULT_GIT_REF:
type: string
default: master
+ NIGHTLY_BUILD:
+ type: boolean
+ default: false
diff --git a/jenkins/client/job/oss/test_devops_portal_nightly.yml b/jenkins/client/job/oss/test_devops_portal_nightly.yml
new file mode 100644
index 0000000..34a8bec
--- /dev/null
+++ b/jenkins/client/job/oss/test_devops_portal_nightly.yml
@@ -0,0 +1,34 @@
+parameters:
+ jenkins:
+ client:
+ job:
+ test-oss-devops-portal-nightly:
+ name: test-oss-devops-portal-nightly
+ discard:
+ build:
+ keep_num: 15
+ artifact:
+ keep_num: 15
+ type: workflow-scm
+ concurrent: true
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/oss/jenkins/pipelines"
+ credentials: "gerrit"
+ script: test-devops-portal-pipeline.groovy
+ trigger:
+ timer:
+ spec: "0 23 * * *"
+ param:
+ CREDENTIALS_ID:
+ type: string
+ default: "gerrit"
+ DEFAULT_GIT_URL:
+ type: string
+ default: "${_param:jenkins_gerrit_url}/oss/devops-portal"
+ DEFAULT_GIT_REF:
+ type: string
+ default: master
+ NIGHTLY_BUILD:
+ type: boolean
+ default: true
diff --git a/jenkins/client/job/salt-models/tests.yml b/jenkins/client/job/salt-models/tests.yml
index 3233495..fc1fc5f 100644
--- a/jenkins/client/job/salt-models/tests.yml
+++ b/jenkins/client/job/salt-models/tests.yml
@@ -98,8 +98,8 @@
PARALLEL_NODE_GROUP_SIZE:
type: string
default: "5"
- test_salt_model_cookiecutter:
- name: test-salt-model-cookiecutter-{{cookiecutter_template}}
+ test_mk_cookiecutter_templates:
+ name: test-mk-{{cookiecutter_template}}
jobs:
- cookiecutter_template: cookiecutter-templates
template:
diff --git a/linux/system/single.yml b/linux/system/single.yml
index d7e03e8..ccde6ad 100644
--- a/linux/system/single.yml
+++ b/linux/system/single.yml
@@ -4,8 +4,11 @@
- system.openssh.server.single
- system.ntp.client.single
parameters:
+ _param:
+ local_package_repos: false
linux:
system:
+ local_package_repos: ${_param:local_package_repos}
user:
root:
enabled: true
@@ -16,6 +19,8 @@
version: latest
cloud-init:
version: purged
+ unattended-updates:
+ version: purged
mcelog:
version: latest
kernel:
diff --git a/nginx/server/proxy/cicd/gerrit.yml b/nginx/server/proxy/cicd/gerrit.yml
index 2593dd7..0baf26c 100644
--- a/nginx/server/proxy/cicd/gerrit.yml
+++ b/nginx/server/proxy/cicd/gerrit.yml
@@ -1,34 +1,23 @@
parameters:
_param:
- nginx_proxy_gerrit_server_ssl_authority: virt
- nginx_proxy_gerrit_server_proxy_host: ${_param:single_address}
- nginx_proxy_gerrit_server_proxy_port: 8082
- nginx_proxy_gerrit_server_site_host: ${linux:network:fqdn}
- nginx_proxy_gerrit_server_site_port: 8083
+ nginx_proxy_gerrit_server_proxy_host: ${_param:cicd_control_address}
+ nginx_proxy_gerrit_server_proxy_port: 8080
+ nginx_proxy_gerrit_server_site_host: ${_param:cluster_public_host}
+ nginx_proxy_gerrit_server_site_port: 8080
nginx:
server:
enabled: true
- user:
- admin:
- enabled: true
- password: password
site:
- nginx_proxy_gerrit_server:
+ nginx_proxy_gerrit:
enabled: true
type: nginx_proxy
- name: gerrit_server
- auth:
- engine: basic
+ name: gerrit
proxy:
host: ${_param:nginx_proxy_gerrit_server_proxy_host}
port: ${_param:nginx_proxy_gerrit_server_proxy_port}
protocol: http
- ssl:
- enabled: true
- engine: salt
- authority: ${_param:nginx_proxy_gerrit_server_ssl_authority}
- certificate: ${_param:nginx_proxy_gerrit_server_site_host}
- mode: secure
host:
name: ${_param:nginx_proxy_gerrit_server_site_host}
port: ${_param:nginx_proxy_gerrit_server_site_port}
+ protocol: https
+ ssl: ${_param:nginx_proxy_ssl}
diff --git a/nginx/server/proxy/cicd/jenkins.yml b/nginx/server/proxy/cicd/jenkins.yml
index 975cc4d..bd270f2 100644
--- a/nginx/server/proxy/cicd/jenkins.yml
+++ b/nginx/server/proxy/cicd/jenkins.yml
@@ -1,4 +1,9 @@
parameters:
+ _param:
+ nginx_proxy_jenkins_server_proxy_host: ${_param:cicd_control_address}
+ nginx_proxy_jenkins_server_proxy_port: 8081
+ nginx_proxy_jenkins_server_site_host: ${_param:cluster_public_host}
+ nginx_proxy_jenkins_server_site_port: 8081
nginx:
server:
enabled: true
@@ -8,11 +13,11 @@
type: nginx_proxy
name: jenkins
proxy:
- host: ${_param:foundation_intergration_address}
- port: 8080
+ host: ${_param:nginx_proxy_jenkins_server_proxy_host}
+ port: ${_param:nginx_proxy_jenkins_server_proxy_port}
protocol: http
host:
- name: ${_param:cluster_public_host}
- port: 8095
+ name: ${_param:nginx_proxy_jenkins_server_site_host}
+ port: ${_param:nginx_proxy_jenkins_server_site_port}
protocol: https
ssl: ${_param:nginx_proxy_ssl}
diff --git a/postgresql/client/alertmanager.yml b/postgresql/client/alertmanager.yml
new file mode 100644
index 0000000..8bd272a
--- /dev/null
+++ b/postgresql/client/alertmanager.yml
@@ -0,0 +1,30 @@
+classes:
+ - system.postgresql.client
+parameters:
+ _param:
+ alertmanager_db_host: ${_param:haproxy_postgresql_bind_host}
+ alertmanager_db_user: alertmanager
+ alertmanager_db_user_password: alertmanager
+ webhook_login_id: 13
+ webhook_application_id: 24
+ postgresql:
+ client:
+ server:
+ server01:
+ database:
+ alertmanager:
+ enabled: true
+ encoding: 'UTF8'
+ locale: 'en_US'
+ users:
+ - name: ${_param:alertmanager_db_user}
+ password: ${_param:alertmanager_db_user_password}
+ host: ${_param:alertmanager_db_host}
+ createdb: true
+ rights: all privileges
+ init:
+ maintenance_db: pushkin
+ force: true
+ queries:
+ - INSERT INTO login VALUES (${_param:webhook_login_id}, ${_param:webhook_application_id}) ON CONFLICT (id) DO UPDATE SET id = excluded.id;
+ - INSERT INTO device VALUES (${_param:webhook_application_id}, ${_param:webhook_login_id}, 42, 'stacklight_alertmanager', NULL, 1, NULL) ON CONFLICT (id) DO UPDATE SET id = excluded.id;
diff --git a/prometheus/alertmanager/init.yml b/prometheus/alertmanager/init.yml
index b00a4b9..bdcdafd 100644
--- a/prometheus/alertmanager/init.yml
+++ b/prometheus/alertmanager/init.yml
@@ -2,3 +2,8 @@
_param:
prometheus_alertmanager_config_directory: /srv/alertmanager
prometheus_alertmanager_data_directory: /data
+ prometheus:
+ alertmanager:
+ dir:
+ data: /srv/volumes/local/alertmanager/data
+ config: /srv/volumes/local/alertmanager/config
diff --git a/prometheus/alertmanager/notification/email.yml b/prometheus/alertmanager/notification/email.yml
new file mode 100644
index 0000000..02b44ff
--- /dev/null
+++ b/prometheus/alertmanager/notification/email.yml
@@ -0,0 +1,23 @@
+parameters:
+ prometheus:
+ alertmanager:
+ config:
+ route:
+ routes:
+ email:
+ receiver: SMTP
+ match_re:
+ - label: route
+ value: email
+ receiver:
+ SMTP:
+ enabled: true
+ email_configs:
+ smtp_server:
+ to: ${_param:alertmanager_notification_email_to}
+ from: ${_param:alertmanager_notification_email_from}
+ auth_username: ${_param:alertmanager_notification_email_username}
+ auth_password: ${_param:alertmanager_notification_email_password}
+ smarthost: ${_param:alertmanager_notification_email_host}
+ require_tls: ${_param:alertmanager_notification_email_require_tls}
+ send_resolved: true
diff --git a/prometheus/alertmanager/notification/slack.yml b/prometheus/alertmanager/notification/slack.yml
new file mode 100644
index 0000000..c33e013
--- /dev/null
+++ b/prometheus/alertmanager/notification/slack.yml
@@ -0,0 +1,18 @@
+parameters:
+ prometheus:
+ alertmanager:
+ config:
+ route:
+ routes:
+ slack:
+ receiver: HTTP-slack
+ match_re:
+ - label: route
+ value: slack
+ receiver:
+ HTTP-slack:
+ enabled: true
+ slack_configs:
+ slack-endpoint:
+ api_url: "${_param:alertmanager_notification_slack_api_url}"
+ send_resolved: true
diff --git a/prometheus/server/init.yml b/prometheus/server/init.yml
index 2c241bd..99fdceb 100644
--- a/prometheus/server/init.yml
+++ b/prometheus/server/init.yml
@@ -5,4 +5,6 @@
prometheus:
server:
dir:
+ data: /srv/volumes/local/prometheus/data
+ config: /srv/volumes/local/prometheus/config
config_in_container: ${_param:prometheus_server_config_directory}
diff --git a/rundeck/client/project/cicd.yml b/rundeck/client/project/cicd.yml
index cb427d8..ed8b256 100644
--- a/rundeck/client/project/cicd.yml
+++ b/rundeck/client/project/cicd.yml
@@ -1,14 +1,17 @@
parameters:
_param:
- rundeck_cis_os_auth_url: none
- rundeck_cis_os_username: admin
- rundeck_cis_os_password: password
- rundeck_cis_os_project_name: admin
- rundeck_cis_os_domain_id: default
rundeck_cis_jobs_repository: https://gerrit.mcp.mirantis.net/oss/rundeck-cis-jobs
rundeck_cis_jobs_revision: master
- rundeck_cis_elasticsearch_url: none
+ rundeck_cis_elasticsearch_url: yourelastic:9200
rundeck_cis_os_docker_image: docker-prod-local.artifactory.mirantis.com/mirantis/oss/cis-openstack:latest
+ rundeck_cis_openstack:
+ auth_url: http://yourcloud.com:5000/v3/auth/tokens
+ username: admin
+ password: password
+ cert: plain-certificate
+ ssl_cert_file: cert.pem
+ project_name: admin
+ domain_id: default
rundeck:
client:
project:
@@ -38,21 +41,27 @@
cis/elasticsearch/url:
type: password
content: ${_param:rundeck_cis_elasticsearch_url}
- cis/openstack/auth_url:
- type: password
- content: ${_param:rundeck_cis_os_auth_url}
- cis/openstack/username:
- type: password
- content: ${_param:rundeck_cis_os_username}
- cis/openstack/password:
- type: password
- content: ${_param:rundeck_cis_os_password}
- cis/openstack/project_name:
- type: password
- content: ${_param:rundeck_cis_os_project_name}
- cis/openstack/domain_id:
- type: password
- content: ${_param:rundeck_cis_os_domain_id}
cis/openstack/image:
type: password
content: ${_param:rundeck_cis_os_docker_image}
+ cis/openstack/auth_url:
+ type: password
+ content: ${_param:rundeck_cis_openstack:auth_url}
+ cis/openstack/username:
+ type: password
+ content: ${_param:rundeck_cis_openstack:username}
+ cis/openstack/password:
+ type: password
+ content: ${_param:rundeck_cis_openstack:password}
+ cis/openstack/project_name:
+ type: password
+ content: ${_param:rundeck_cis_openstack:project_name}
+ cis/openstack/domain_id:
+ type: password
+ content: ${_param:rundeck_cis_openstack:domain_id}
+ cis/openstack/cert.pem:
+ type: password
+ content: ${_param:rundeck_cis_openstack:cert}
+ cis/openstack/cert_file:
+ type: password
+ content: ${_param:rundeck_cis_openstack:ssl_cert_file}
diff --git a/rundeck/server/docker.yml b/rundeck/server/docker.yml
index 1c89f4f..492d135 100644
--- a/rundeck/server/docker.yml
+++ b/rundeck/server/docker.yml
@@ -8,6 +8,7 @@
rundeck_postgresql_database: rundeck
rundeck_postgresql_host: ${_param:control_vip_address}
rundeck_postgresql_port: 5432
+ rundeck_server_ssh_timeout: 300000
rundeck:
server:
user:
@@ -30,3 +31,4 @@
user: ${_param:rundeck_runbook_user}
private_key: ${_param:rundeck_runbook_private_key}
public_key: ${_param:rundeck_runbook_public_key}
+ timeout: ${_param:rundeck_server_ssh_timeout}