Merge "Add metadata to configure rabbitmq ssl"
diff --git a/jenkins/client/approved_scripts.yml b/jenkins/client/approved_scripts.yml
index 0dc20b0..498cc62 100644
--- a/jenkins/client/approved_scripts.yml
+++ b/jenkins/client/approved_scripts.yml
@@ -133,6 +133,7 @@
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods plus java.util.List java.util.Collection
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods println java.lang.Object java.lang.Object
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods putAt java.lang.Object java.lang.String java.lang.Object
+ - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods readLines java.lang.String
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods sort java.util.Collection
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods split java.lang.String
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods takeRight java.util.List int
diff --git a/jenkins/client/job/deploy/update/cloud_update.yml b/jenkins/client/job/deploy/update/cloud_update.yml
index d4a05ec..4482324 100644
--- a/jenkins/client/job/deploy/update/cloud_update.yml
+++ b/jenkins/client/job/deploy/update/cloud_update.yml
@@ -165,3 +165,7 @@
type: boolean
default: 'false'
description: "Run cloud validation pipelines before and after update"
+ MINIONS_TEST_TIMEOUT:
+ type: string
+ default: 10
+ description: "Time in seconds for a Salt result to receive a response when calling a minionsReachable method."
diff --git a/keystone/client/core.yml b/keystone/client/core.yml
index 899f4aa..8c73b16 100644
--- a/keystone/client/core.yml
+++ b/keystone/client/core.yml
@@ -3,12 +3,13 @@
parameters:
_param:
keystone_service_protocol: http
+###TODO: the section below should be removed in the future together with same related changes in cookiecutter-templates (control_init.yml)
linux:
system:
job:
keystone_job_rotate:
command: '/usr/bin/keystone-manage fernet_rotate --keystone-user keystone --keystone-group keystone >> /var/log/key_rotation_log 2>> /var/log/key_rotation_log'
- enabled: true
+ enabled: false
user: root
minute: 0
keystone:
diff --git a/keystone/client/single.yml b/keystone/client/single.yml
index ad2d55a..b8ab7f1 100644
--- a/keystone/client/single.yml
+++ b/keystone/client/single.yml
@@ -10,12 +10,13 @@
parameters:
_param:
keystone_service_protocol: http
+###TODO: the section below should be removed in the future together with same related changes in cookiecutter-templates (control_init.yml)
linux:
system:
job:
keystone_job_rotate:
command: '/usr/bin/keystone-manage fernet_rotate --keystone-user keystone --keystone-group keystone >> /var/log/key_rotation_log 2>> /var/log/key_rotation_log'
- enabled: true
+ enabled: false
user: root
minute: 0
keystone:
diff --git a/kubernetes/common.yml b/kubernetes/common.yml
index 9631f43..639154e 100644
--- a/kubernetes/common.yml
+++ b/kubernetes/common.yml
@@ -63,6 +63,13 @@
kubernetes_contrail_network_controller_enabled: false
kubernetes_metallb_enabled: false
kubernetes_sriov_enabled: false
+ kubernetes_fluentd_enabled: false
+
+ # the rest of fluentd related params, the non bools
+ kubernetes_fluentd_aggregator_bind_port: 24224
+ kubernetes_fluentd_aggregator_es_host: 127.0.0.1
+ kubernetes_fluentd_aggregator_es_port: 9200
+ kubernetes_fluentd_aggregator_es_scheme: http
docker:
host:
@@ -105,6 +112,15 @@
image: ${_param:kubernetes_contrail_network_controller_image}
flannel:
image: ${_param:kubernetes_flannel_image}
+ fluentd:
+ enabled: ${_param:kubernetes_fluentd_enabled}
+ aggregator:
+ bind:
+ port: ${_param:kubernetes_fluentd_aggregator_bind_port}
+ es:
+ host: ${_param:kubernetes_fluentd_aggregator_es_host}
+ port: ${_param:kubernetes_fluentd_aggregator_es_port}
+ scheme: ${_param:kubernetes_fluentd_aggregator_es_scheme}
virtlet:
enabled: ${_param:kubernetes_virtlet_enabled}
namespace: kube-system
diff --git a/nginx/server/stream/gerrit_ssh.yml b/nginx/server/stream/gerrit_ssh.yml
new file mode 100644
index 0000000..13b7ba2
--- /dev/null
+++ b/nginx/server/stream/gerrit_ssh.yml
@@ -0,0 +1,16 @@
+parameters:
+ _param:
+ nginx_proxy_gerrit_server_stream_host: ${_param:cicd_control_address}
+ nginx_proxy_gerrit_server_stream_port: 29418
+ nginx_proxy_gerrit_server_site_stream_port: 29418
+ nginx:
+ server:
+ stream:
+ gerrit_ssh:
+ backend:
+ cicd:
+ address: ${_param:nginx_proxy_gerrit_server_stream_host}
+ port: ${_param:nginx_proxy_gerrit_server_stream_port}
+ host:
+ port: ${_param:nginx_proxy_gerrit_server_site_stream_port}
+
diff --git a/nova/control/cluster.yml b/nova/control/cluster.yml
index d202987..2f411b5 100644
--- a/nova/control/cluster.yml
+++ b/nova/control/cluster.yml
@@ -14,6 +14,7 @@
metadata_password: metadataPass
cluster_internal_protocol: 'http'
openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
linux:
system:
package:
@@ -48,6 +49,11 @@
password: ${_param:mysql_nova_password}
x509:
enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_nova_ssl_ca_file}
+ key_file: ${_param:mysql_nova_client_ssl_key_file}
+ cert_file: ${_param:mysql_nova_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
identity:
engine: keystone
region: ${_param:openstack_region}
diff --git a/nova/control/single.yml b/nova/control/single.yml
index 4cc165d..e7d7671 100644
--- a/nova/control/single.yml
+++ b/nova/control/single.yml
@@ -5,6 +5,7 @@
_param:
cluster_internal_protocol: 'http'
openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
linux:
system:
package:
@@ -18,6 +19,11 @@
host: ${_param:single_address}
x509:
enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_nova_ssl_ca_file}
+ key_file: ${_param:mysql_nova_client_ssl_key_file}
+ cert_file: ${_param:mysql_nova_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
identity:
protocol: ${_param:cluster_internal_protocol}
region: ${_param:openstack_region}