Merge "Add integration between Security Monkey, Pushkin and OpenStack"
diff --git a/aptly/server/mirror/ubuntu/trusty/glusterfs.yml b/aptly/server/mirror/ubuntu/trusty/glusterfs.yml
index b83c49f..4d27bf6 100644
--- a/aptly/server/mirror/ubuntu/trusty/glusterfs.yml
+++ b/aptly/server/mirror/ubuntu/trusty/glusterfs.yml
@@ -1,9 +1,11 @@
parameters:
+ _param:
+ glusterfs_version: 3.8
aptly:
server:
mirror:
glusterfs_upstream_trusty:
- source: http://ppa.launchpad.net/gluster/glusterfs-3.7/ubuntu
+ source: http://ppa.launchpad.net/gluster/glusterfs-${_param:glusterfs_version}/ubuntu
distribution: trusty
components: main
architectures: amd64
diff --git a/aptly/server/mirror/ubuntu/xenial/glusterfs.yml b/aptly/server/mirror/ubuntu/xenial/glusterfs.yml
index da48431..f8177a0 100644
--- a/aptly/server/mirror/ubuntu/xenial/glusterfs.yml
+++ b/aptly/server/mirror/ubuntu/xenial/glusterfs.yml
@@ -1,9 +1,11 @@
parameters:
+ _param:
+ glusterfs_version: 3.8
aptly:
server:
mirror:
glusterfs_upstream_xenial:
- source: http://ppa.launchpad.net/gluster/glusterfs-3.7/ubuntu
+ source: http://ppa.launchpad.net/gluster/glusterfs-${_param:glusterfs_version}/ubuntu
distribution: xenial
components: main
architectures: amd64
diff --git a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk.yml b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/init.yml
similarity index 100%
rename from aptly/server/mirror/ubuntu/xenial/mcp/apt_mk.yml
rename to aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/init.yml
diff --git a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/stable.yml b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/stable.yml
new file mode 100644
index 0000000..56f8b08
--- /dev/null
+++ b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/stable.yml
@@ -0,0 +1,5 @@
+classes:
+- system.aptly.server.mirror.ubuntu.xenial.mcp.apt_mk
+parameters:
+ _param:
+ apt_mk_version: stable
diff --git a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/testing.yml b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/testing.yml
new file mode 100644
index 0000000..e5b0bd2
--- /dev/null
+++ b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/testing.yml
@@ -0,0 +1,5 @@
+classes:
+- system.aptly.server.mirror.ubuntu.xenial.mcp.apt_mk
+parameters:
+ _param:
+ apt_mk_version: testing
diff --git a/cinder/volume/local.yml b/cinder/volume/local.yml
new file mode 100644
index 0000000..794a33e
--- /dev/null
+++ b/cinder/volume/local.yml
@@ -0,0 +1,14 @@
+classes:
+- service.cinder.volume.local
+parameters:
+ cinder:
+ volume:
+ enabled: True
+ database:
+ host: ${_param:single_address}
+ glance:
+ host: ${_param:single_address}
+ message_queue:
+ host: ${_param:single_address}
+ identity:
+ host: ${_param:single_address}
diff --git a/docker/swarm/service/monitoring/prometheus_alertmanager.yml b/docker/swarm/service/monitoring/prometheus_alertmanager.yml
deleted file mode 100644
index 5d5f237..0000000
--- a/docker/swarm/service/monitoring/prometheus_alertmanager.yml
+++ /dev/null
@@ -1,24 +0,0 @@
-include:
-- service.prometheus.alertmanager.container
-parameters:
- docker:
- client:
- service:
- prometheus_alertmanager:
- network: monitoring
- replicas: 2
- environment:
- config_dir: /opt/alertmanager/config
- bind_port: ${prometheus:alertmanager:bind:port}
- bind_address: ${prometheus:alertmanager:bind:address}
- discovery_domain: 'prometheus_alertmanager'
- restart:
- condition: any
- image: ${_param:docker_image_alertmanager}
- ports:
- - 15011:${prometheus:alertmanager:bind:port}
- volume:
- site:
- type: bind
- source: /srv/volumes/prometheus
- destination: /opt/alertmanager/config
diff --git a/docker/swarm/service/monitoring/prometheus_pushgateway.yml b/docker/swarm/service/monitoring/prometheus_pushgateway.yml
deleted file mode 100644
index ad159b6..0000000
--- a/docker/swarm/service/monitoring/prometheus_pushgateway.yml
+++ /dev/null
@@ -1,12 +0,0 @@
-parameters:
- docker:
- client:
- service:
- prometheus_pushgateway:
- network: monitoring
- replicas: 2
- restart:
- condition: any
- image: ${_param:docker_image_pushgateway}
- ports:
- - 15012:9091
diff --git a/docker/swarm/service/monitoring/prometheus_server.yml b/docker/swarm/service/monitoring/prometheus_server.yml
deleted file mode 100644
index 37bb6d3..0000000
--- a/docker/swarm/service/monitoring/prometheus_server.yml
+++ /dev/null
@@ -1,30 +0,0 @@
-include:
-- service.prometheus.server.container
-parameters:
- docker:
- client:
- service:
- prometheus_server:
- network: monitoring
- replicas: 1
- environment:
- config_dir: /opt/prometheus/config
- bind_port: ${prometheus:server:bind:port}
- bind_address: ${prometheus:server:bind:address}
- alertmanager_port: ${prometheus:alertmanager:bind:port}
- storage_local_engine: ${prometheus:server:storage:local:engine}
- storage_local_retention: ${prometheus:server:storage:local:retention}
- storage_local_memory_chunks: ${prometheus:server:storage:local:memory_chunks}
- storage_local_max_chunks_to_persist: ${prometheus:server:storage:local:max_chunks_to_persist}
- storage_local_num_fingerprint_mutexes: ${prometheus:server:storage:local:num_fingerprint_mutexes}
- discovery_domain: 'prometheus_alertmanager'
- restart:
- condition: any
- image: ${_param:docker_image_prometheus}
- ports:
- - 15010:${prometheus:server:bind:port}
- volume:
- site:
- type: bind
- source: /srv/volumes/prometheus
- destination: /opt/prometheus/config
diff --git a/docker/swarm/service/phpldapadmin.yml b/docker/swarm/service/phpldapadmin.yml
index 25332c7..72b109f 100644
--- a/docker/swarm/service/phpldapadmin.yml
+++ b/docker/swarm/service/phpldapadmin.yml
@@ -13,7 +13,7 @@
name: ldap.${_param:openldap_domain}
address: ${_param:cluster_vip_address}
environment:
- PHPLDAPADMIN_LDAP_HOSTS: "#PYTHON2BASH:[{'ldap.${_param:openldap_domain}': [{'server': [{'tls': False}]},{'login': [{'bind_id': 'cn=admin,${_param:openldap_dn}'},{'bind_pass': '${_param:openldap_admin_password}'}]}]}]"
+ PHPLDAPADMIN_LDAP_HOSTS: "#PYTHON2BASH:[{'${_param:cluster_public_host}': [{'server': [{'tls': False}]},{'login': [{'bind_id': 'cn=admin,${_param:openldap_dn}'},{'bind_pass': '${_param:openldap_admin_password}'}]}]}]"
PHPLDAPADMIN_HTTPS: false
PHPLDAPADMIN_TRUST_PROXY_SSL: true
PHPLDAPADMIN_SERVER_ADMIN: ${_param:admin_email}
diff --git a/docker/swarm/stack/gerrit.yml b/docker/swarm/stack/gerrit.yml
index 48466ef..b59172a 100644
--- a/docker/swarm/stack/gerrit.yml
+++ b/docker/swarm/stack/gerrit.yml
@@ -39,7 +39,7 @@
LDAP_GROUPBASE: ${_param:gerrit_ldap_group_base}
LDAP_USERNAME: ${_param:gerrit_ldap_bind_user}
LDAP_PASSWORD: ${_param:gerrit_ldap_bind_password}
- WEBURL: http://${_param:gerrit_public_host}:8080
+ WEBURL: ${_param:gerrit_public_host}
GERRIT_ADMIN_SSH_PUBLIC: ${_param:gerrit_admin_public_key}
GERRIT_ADMIN_PWD: ${_param:gerrit_admin_password}
GERRIT_ADMIN_EMAIL: ${_param:gerrit_admin_email}
diff --git a/docker/swarm/stack/monitoring.yml b/docker/swarm/stack/monitoring.yml
index 46a2845..4371367 100644
--- a/docker/swarm/stack/monitoring.yml
+++ b/docker/swarm/stack/monitoring.yml
@@ -2,6 +2,8 @@
- service.prometheus.server.container
- service.prometheus.alertmanager.container
- service.prometheus.pushgateway.container
+- system.prometheus.server
+- system.prometheus.alertmanager
parameters:
docker:
client:
@@ -18,15 +20,21 @@
- monitoring
deploy:
replicas: 2
+ labels:
+ com.mirantis.monitoring: "alertmanager"
restart_policy:
condition: any
+ labels:
+ com.mirantis.monitoring: "alertmanager"
image: ${_param:docker_image_alertmanager}
ports:
- 15011:${prometheus:alertmanager:bind:port}
volumes:
- - /srv/volumes/prometheus:/opt/alertmanager/config
+ - ${prometheus:alertmanager:dir:config}:${_param:prometheus_alertmanager_config_directory}
+ - ${prometheus:alertmanager:dir:data}:${_param:prometheus_alertmanager_data_directory}
environment:
- config_dir: /opt/alertmanager/config
+ config_dir: ${_param:prometheus_alertmanager_config_directory}
+ data_dir: ${_param:prometheus_alertmanager_data_directory}
bind_port: ${prometheus:alertmanager:bind:port}
bind_address: ${prometheus:alertmanager:bind:address}
discovery_domain: 'monitoring_alertmanager'
@@ -35,31 +43,41 @@
- monitoring
deploy:
replicas: 2
+ labels:
+ com.mirantis.monitoring: "pushgateway"
restart_policy:
condition: any
+ environment:
+ bind_port: ${prometheus:pushgateway:bind:port}
+ bind_address: ${prometheus:pushgateway:bind:address}
+ labels:
+ com.mirantis.monitoring: "pushgateway"
image: ${_param:docker_image_pushgateway}
ports:
- - 15012:9091
+ - 15012:${prometheus:pushgateway:bind:port}
server:
networks:
- monitoring
deploy:
replicas: 1
+ labels:
+ com.mirantis.monitoring: "prometheus"
restart_policy:
condition: any
+ labels:
+ com.mirantis.monitoring: "prometheus"
image: ${_param:docker_image_prometheus}
ports:
- 15010:${prometheus:server:bind:port}
volumes:
- - /srv/volumes/prometheus:/opt/prometheus/config
+ - ${prometheus:server:dir:config}:${_param:prometheus_server_config_directory}
+ - ${prometheus:server:dir:data}:${_param:prometheus_server_data_directory}
environment:
- config_dir: /opt/prometheus/config
+ config_dir: ${_param:prometheus_server_config_directory}
+ data_dir: ${_param:prometheus_server_data_directory}
bind_port: ${prometheus:server:bind:port}
bind_address: ${prometheus:server:bind:address}
- alertmanager_port: ${prometheus:alertmanager:bind:port}
storage_local_engine: ${prometheus:server:storage:local:engine}
storage_local_retention: ${prometheus:server:storage:local:retention}
- storage_local_memory_chunks: ${prometheus:server:storage:local:memory_chunks}
- storage_local_max_chunks_to_persist: ${prometheus:server:storage:local:max_chunks_to_persist}
+ storage_local_target_heap_size: ${prometheus:server:storage:local:target_heap_size}
storage_local_num_fingerprint_mutexes: ${prometheus:server:storage:local:num_fingerprint_mutexes}
- discovery_domain: 'monitoring_alertmanager'
diff --git a/docker/swarm/stack/postgresql.yml b/docker/swarm/stack/postgresql.yml
index bdad6fb..7ae4052 100644
--- a/docker/swarm/stack/postgresql.yml
+++ b/docker/swarm/stack/postgresql.yml
@@ -1,7 +1,7 @@
parameters:
_param:
docker_postgresql_replicas: 1
- docker_image_postgresql: docker-sandbox.sandbox.mirantis.net/vstoiko/oss/postgresql:latest
+ docker_image_postgresql: library/postgres:9.6
postgresql_admin_user: postgres
postgresql_admin_user_password: postgrespassword
docker:
diff --git a/docker/swarm/stack/rundeck.yml b/docker/swarm/stack/rundeck.yml
index f89619a..a4ec24b 100644
--- a/docker/swarm/stack/rundeck.yml
+++ b/docker/swarm/stack/rundeck.yml
@@ -1,7 +1,7 @@
parameters:
_param:
docker_rundeck_replicas: 1
- docker_image_rundeck: docker-sandbox.sandbox.mirantis.net/ikharin/oss/rundeck:devel
+ docker_image_rundeck: docker-sandbox.sandbox.mirantis.net/ikharin/oss/rundeck:2.7.3-1
docker:
client:
stack:
diff --git a/freeipa/client/cluster.yml b/freeipa/client/cluster.yml
new file mode 100644
index 0000000..2276530
--- /dev/null
+++ b/freeipa/client/cluster.yml
@@ -0,0 +1,14 @@
+classes:
+- service.freeipa.client
+parameters:
+ freeipa:
+ client:
+ enabled: true
+ hostname: ${linux:system:name}
+ servers:
+ - ${_param:freeipa_node01_hostname}
+ - ${_param:freeipa_node02_hostname}
+ - ${_param:freeipa_node03_hostname}
+ domain: ${_param:cluster_domain}
+ realm: ${_param:freeipa_realm}
+ otp: ${_param:freeipa_otp}
\ No newline at end of file
diff --git a/freeipa/client/single.yml b/freeipa/client/single.yml
new file mode 100644
index 0000000..7804bd1
--- /dev/null
+++ b/freeipa/client/single.yml
@@ -0,0 +1,12 @@
+classes:
+- service.freeipa.client
+parameters:
+ freeipa:
+ client:
+ enabled: true
+ hostname: ${linux:system:name}
+ servers:
+ - ${_param:freeipa_node01_hostname}
+ domain: ${_param:cluster_domain}
+ realm: ${_param:freeipa_realm}
+ otp: ${_param:freeipa_otp}
\ No newline at end of file
diff --git a/gerrit/client/project/ci.yml b/gerrit/client/project/ci.yml
index f1fdcd1..86ff699 100644
--- a/gerrit/client/project/ci.yml
+++ b/gerrit/client/project/ci.yml
@@ -18,3 +18,11 @@
require_change_id: true
require_agreement: false
merge_content: true
+ mk/decapod-pipelines:
+ enabled: true
+ description: Decapod jenkins pipelines
+ upstream: https://github.com/mateuszlos/decapod-pipelines
+ access: ${gerrit:client:default_access}
+ require_change_id: true
+ require_agreement: false
+ merge_content: true
diff --git a/haproxy/proxy/listen/radosgw.yml b/haproxy/proxy/listen/radosgw.yml
new file mode 100644
index 0000000..369306b
--- /dev/null
+++ b/haproxy/proxy/listen/radosgw.yml
@@ -0,0 +1,26 @@
+parameters:
+ _param:
+ haproxy_radosgw_bind_port: 8080
+ haproxy_radosgw_source_port: 8080
+ haproxy:
+ proxy:
+ listen:
+ radosgw:
+ mode: tcp
+ balance: source
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: ${_param:haproxy_radosgw_bind_port}
+ servers:
+ - name: ${_param:cluster_node01_hostname}
+ host: ${_param:cluster_node01_address}
+ port: ${_param:haproxy_radosgw_source_port}
+ params: check
+ - name: ${_param:cluster_node02_hostname}
+ host: ${_param:cluster_node02_address}
+ port: ${_param:haproxy_radosgw_source_port}
+ params: backup check
+ - name: ${_param:cluster_node03_hostname}
+ host: ${_param:cluster_node03_address}
+ port: ${_param:haproxy_radosgw_source_port}
+ params: backup check
diff --git a/heka/remote_collector/init.yml b/heka/remote_collector/init.yml
new file mode 100644
index 0000000..8446af5
--- /dev/null
+++ b/heka/remote_collector/init.yml
@@ -0,0 +1,15 @@
+classes:
+- service.heka.remote_collector.cluster
+- system.heka.server
+parameters:
+ keepalived:
+ cluster:
+ instance:
+ prometheus_server_vip:
+ notify_action:
+ master:
+ - service remote_collector start
+ backup:
+ - service remote_collector stop
+ fault:
+ - service remote_collector stop
diff --git a/heka/remote_collector/output/aggregator.yml b/heka/remote_collector/output/aggregator.yml
new file mode 100644
index 0000000..2a7444f
--- /dev/null
+++ b/heka/remote_collector/output/aggregator.yml
@@ -0,0 +1,7 @@
+parameters:
+ _param:
+ aggregator_port: 5565
+ heka:
+ remote_collector:
+ aggregator_host: ${_param:heka_aggregator_host}
+ aggregator_port: ${_param:aggregator_port}
diff --git a/heka/remote_collector/output/elasticsearch.yml b/heka/remote_collector/output/elasticsearch.yml
new file mode 100644
index 0000000..25f87cb
--- /dev/null
+++ b/heka/remote_collector/output/elasticsearch.yml
@@ -0,0 +1,7 @@
+parameters:
+ _param:
+ elasticsearch_port: 9200
+ heka:
+ remote_collector:
+ elasticsearch_host: ${_param:heka_elasticsearch_host}
+ elasticsearch_port: ${_param:elasticsearch_port}
diff --git a/heka/remote_collector/output/influxdb.yml b/heka/remote_collector/output/influxdb.yml
new file mode 100644
index 0000000..5383b66
--- /dev/null
+++ b/heka/remote_collector/output/influxdb.yml
@@ -0,0 +1,10 @@
+parameters:
+ _param:
+ influxdb_port: 8086
+ heka:
+ remote_collector:
+ influxdb_host: ${_param:heka_influxdb_host}
+ influxdb_port: ${_param:influxdb_port}
+ influxdb_database: lma
+ influxdb_username: lma
+ influxdb_password: ${_param:influxdb_stacklight_password}
diff --git a/heka/remote_collector/output/sensu.yml b/heka/remote_collector/output/sensu.yml
index c7c66e9..087a7c2 100644
--- a/heka/remote_collector/output/sensu.yml
+++ b/heka/remote_collector/output/sensu.yml
@@ -1,3 +1,2 @@
classes:
- service.heka.remote_collector.output.sensu
-
diff --git a/jenkins/client/approved_scripts.yml b/jenkins/client/approved_scripts.yml
index d65fecd..f9e01b8 100644
--- a/jenkins/client/approved_scripts.yml
+++ b/jenkins/client/approved_scripts.yml
@@ -95,3 +95,16 @@
- method hudson.model.Run getId
- method java.util.regex.MatchResult groupCount
- method java.lang.Throwable printStackTrace
+ - method hudson.model.Run getNumber
+ - staticMethod java.lang.String valueOf int
+ - method jenkins.model.Jenkins getItemByFullName java.lang.String
+ - new java.util.ArrayList
+ - new java.util.HashMap
+ - staticMethod java.lang.Math min int int
+ - method hudson.model.Job getBuildByNumber int
+ - new java.io.IOException java.lang.String
+ - method org.jenkinsci.plugins.workflow.job.WorkflowRun finish hudson.model.Result java.lang.Throwable
+ - new groovy.json.JsonBuilder
+ - new java.lang.RuntimeException java.lang.String
+ - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods takeRight java.util.List int
+ - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods getAt java.util.List groovy.lang.Range
diff --git a/jenkins/client/job/debian/packages/extra.yml b/jenkins/client/job/debian/packages/extra.yml
index 298452e..c902f32 100644
--- a/jenkins/client/job/debian/packages/extra.yml
+++ b/jenkins/client/job/debian/packages/extra.yml
@@ -105,6 +105,10 @@
dist: xenial
build: pipeline
branch: debian/xenial
+ - package: python-pydbus
+ dist: xenial
+ build: pipeline
+ branch: debian/xenial
- package: python-docker
dist: xenial
build: pipeline
@@ -137,6 +141,10 @@
dist: xenial
build: telegraf
branch: release-1.2
+ - package: libvirt-exporter
+ dist: xenial
+ build: libvirt-exporter
+ branch: master
template:
type: workflow-scm
concurrent: false
@@ -150,7 +158,7 @@
project:
debian/{{package}}:
branches:
- - debian/{{dist}}
+ - "{{branch}}"
message:
build_successful: "Build successful"
build_unstable: "Build unstable"
diff --git a/jenkins/client/job/debian/packages/heat/resources.yml b/jenkins/client/job/debian/packages/heat/resources.yml
index 01033ad..73cceb5 100644
--- a/jenkins/client/job/debian/packages/heat/resources.yml
+++ b/jenkins/client/job/debian/packages/heat/resources.yml
@@ -83,3 +83,8 @@
default: 'true'
PRE_BUILD_SCRIPT:
type: text
+ default: |
+ echo "deb http://mirror.fuel-infra.org/mos-repos/ubuntu/9.0/ mos9.0 main restricted" >> /etc/apt/sources.list.d/extra.list
+ curl --insecure -ss -f "http://mirror.fuel-infra.org/mos-repos/ubuntu/9.0/archive-mos9.0.key" | apt-key add -
+ apt-get update
+
diff --git a/jenkins/client/job/debian/packages/horizon/modules.yml b/jenkins/client/job/debian/packages/horizon/modules.yml
index 235c84c..0df27ad 100644
--- a/jenkins/client/job/debian/packages/horizon/modules.yml
+++ b/jenkins/client/job/debian/packages/horizon/modules.yml
@@ -6,6 +6,18 @@
name: build-debian-horizon-module-{{name}}-{{os_version}}-{{os}}-{{dist}}
jobs:
# Trusty
+ - name: horizon-neutron-lbaasv2-panel
+ os: ubuntu
+ dist: trusty
+ os_version: ocata
+ branch: stable/ocata
+ # Xenial
+ - name: horizon-neutron-lbaasv2-panel
+ os: ubuntu
+ dist: xenial
+ os_version: ocata
+ branch: stable/ocata
+ # Trusty
- name: horizon-overrides-plugin
os: ubuntu
dist: trusty
@@ -18,6 +30,30 @@
os_version: mitaka
branch: master
# Trusty
+ - name: horizon-overrides-plugin
+ os: ubuntu
+ dist: trusty
+ os_version: ocata
+ branch: master
+ # Xenial
+ - name: horizon-overrides-plugin
+ os: ubuntu
+ dist: xenial
+ os_version: ocata
+ branch: master
+ # Trusty
+ - name: horizon-contrib
+ os: ubuntu
+ dist: trusty
+ os_version: ocata
+ branch: master
+ # Xenial
+ - name: horizon-contrib
+ os: ubuntu
+ dist: xenial
+ os_version: ocata
+ branch: master
+ # Trusty
- name: horizon-contrail-panels
os: ubuntu
dist: trusty
diff --git a/jenkins/client/job/debian/packages/horizon/themes.yml b/jenkins/client/job/debian/packages/horizon/themes.yml
index a5ad56a..a26977f 100644
--- a/jenkins/client/job/debian/packages/horizon/themes.yml
+++ b/jenkins/client/job/debian/packages/horizon/themes.yml
@@ -10,13 +10,25 @@
os: ubuntu
dist: trusty
os_version: mitaka
- branch: master
+ branch: stable/mitaka
# Xenial
- name: horizon-mirantis-theme
os: ubuntu
dist: xenial
os_version: mitaka
- branch: master
+ branch: stable/mitaka
+ # Trusty
+ - name: horizon-mirantis-theme
+ os: ubuntu
+ dist: trusty
+ os_version: ocata
+ branch: stable/ocata
+ # Xenial
+ - name: horizon-mirantis-theme
+ os: ubuntu
+ dist: xenial
+ os_version: ocata
+ branch: stable/ocata
template:
discard:
build:
diff --git a/jenkins/client/job/decapod/cluster.yml b/jenkins/client/job/decapod/cluster.yml
new file mode 100644
index 0000000..cb353a6
--- /dev/null
+++ b/jenkins/client/job/decapod/cluster.yml
@@ -0,0 +1,30 @@
+parameters:
+ jenkins:
+ client:
+ job:
+ deploy_decapod:
+ type: workflow-scm
+ name: deploy-decapod
+ display_name: "Deploy - Decapod"
+ discard:
+ build:
+ keep_num: 20
+ concurrent: true
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/mk/decapod-pipelines"
+ credentials: "gerrit"
+ script: decapod-pipeline.groovy
+ param:
+ SALT_MASTER_CREDENTIALS:
+ type: string
+ default: "salt"
+ SALT_MASTER_IP:
+ type: string
+ default: "${_param:infra_config_address}"
+ SALT_MASTER_PORT:
+ type: string
+ default: "${_param:salt_master_api_port}"
+ ASK_ON_ERROR:
+ type: boolean
+ default: 'false'
diff --git a/jenkins/client/job/deploy/lab/cicd.yml b/jenkins/client/job/deploy/lab/cicd.yml
index 0aa442e..7f53d29 100644
--- a/jenkins/client/job/deploy/lab/cicd.yml
+++ b/jenkins/client/job/deploy/lab/cicd.yml
@@ -75,3 +75,9 @@
OPENSTACK_API_VERSION:
type: string
default: "2"
+ OPENSTACK_API_PROJECT_DOMAIN_ID:
+ type: string
+ default: "default"
+ OPENSTACK_API_USER_DOMAIN_ID:
+ type: string
+ default: "default"
diff --git a/jenkins/client/job/deploy/lab/init.yml b/jenkins/client/job/deploy/lab/init.yml
index 5fc4401..e700325 100644
--- a/jenkins/client/job/deploy/lab/init.yml
+++ b/jenkins/client/job/deploy/lab/init.yml
@@ -2,6 +2,7 @@
- system.jenkins.client.job.deploy.lab.mk.physical
- system.jenkins.client.job.deploy.lab.mk.virtual
- system.jenkins.client.job.deploy.lab.mk.cleanup
+ - system.jenkins.client.job.deploy.lab.mk.cloud
- system.jenkins.client.job.deploy.lab.cicd
- system.jenkins.client.job.deploy.lab.demo
diff --git a/jenkins/client/job/deploy/lab/mk/cleanup.yml b/jenkins/client/job/deploy/lab/mk/cleanup.yml
index c2b32cc..8658eec 100644
--- a/jenkins/client/job/deploy/lab/mk/cleanup.yml
+++ b/jenkins/client/job/deploy/lab/mk/cleanup.yml
@@ -31,6 +31,12 @@
OPENSTACK_API_VERSION:
type: string
default: "2"
+ OPENSTACK_API_PROJECT_DOMAIN_ID:
+ type: string
+ default: "default"
+ OPENSTACK_API_USER_DOMAIN_ID:
+ type: string
+ default: "default"
# heat
HEAT_STACK_NAME:
type: string
@@ -66,4 +72,10 @@
default: "liberty"
OPENSTACK_API_VERSION:
type: string
- default: "2"
\ No newline at end of file
+ default: "2"
+ OPENSTACK_API_PROJECT_DOMAIN_ID:
+ type: string
+ default: "default"
+ OPENSTACK_API_USER_DOMAIN_ID:
+ type: string
+ default: "default"
diff --git a/jenkins/client/job/deploy/lab/mk/cloud.yml b/jenkins/client/job/deploy/lab/mk/cloud.yml
new file mode 100644
index 0000000..6bffea0
--- /dev/null
+++ b/jenkins/client/job/deploy/lab/mk/cloud.yml
@@ -0,0 +1,141 @@
+parameters:
+ _param:
+ jenkins_cloud_deploy_pipelines:
+ - stack_name: k8s_calico
+ stack_type: heat
+ stack_install: core,k8s
+ job_timer: ""
+ - stack_name: k8s_calico
+ stack_type: aws
+ stack_install: core,k8s
+ job_timer: ""
+ jenkins:
+ client:
+ job_template:
+ cloud_deploy_heat_template:
+ name: deploy-{{stack_type}}-{{stack_name}}
+ jobs: ${_param:jenkins_cloud_deploy_pipelines}
+ template:
+ type: workflow-scm
+ discard:
+ build:
+ keep_num: 20
+ concurrent: true
+ display_name: "Deploy {{stack_type}} {{stack_name}} stack"
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
+ credentials: "gerrit"
+ script: cloud-deploy-pipeline.groovy
+ trigger:
+ timer:
+ spec: "{{job_timer}}"
+ param:
+ # deployments and test settings
+ STACK_NAME:
+ type: string
+ description: Heat stack name. Will be generated if missing.
+ STACK_TEMPLATE:
+ type: string
+ default: "{{stack_name}}"
+ STACK_TYPE:
+ type: string
+ default: "{{stack_type}}"
+ STACK_INSTALL:
+ type: string
+ default: "{{stack_install}}"
+ STACK_TEST:
+ type: string
+ default: ""
+ STACK_DELETE:
+ type: boolean
+ default: 'true'
+ description: "Don't enable it if you need to use the lab after"
+ STACK_REUSE:
+ type: boolean
+ default: 'false'
+
+ STACK_TEMPLATE_URL:
+ type: string
+ default: "${_param:jenkins_gerrit_url}/mk/heat-templates"
+ STACK_TEMPLATE_CREDENTIALS:
+ type: string
+ default: "gerrit"
+ STACK_TEMPLATE_BRANCH:
+ type: string
+ default: "master"
+ STACK_CLEANUP_JOB:
+ type: string
+ default: ''
+
+ # salt master
+ SALT_MASTER_CREDENTIALS:
+ type: string
+ default: "salt-qa-credentials"
+ SALT_MASTER_URL:
+ type: string
+ default: ""
+
+ # aws api
+ AWS_STACK_REGION:
+ type: string
+ default: "us-west-2"
+ AWS_API_CREDENTIALS:
+ type: string
+ default: "aws-credentials"
+ AWS_SSH_KEY:
+ type: string
+ default: "jenkins-mk"
+
+
+ # openstack api
+ OPENSTACK_API_URL:
+ type: string
+ default: "https://vpc.tcpisek.cz:5000/v2.0"
+ OPENSTACK_API_CREDENTIALS:
+ type: string
+ default: "openstack-qa-credentials"
+ OPENSTACK_API_PROJECT:
+ type: string
+ default: "mirantis_mk20_qa"
+ OPENSTACK_API_CLIENT:
+ type: string
+ default: "liberty"
+ OPENSTACK_API_VERSION:
+ type: string
+ default: "2"
+ OPENSTACK_API_PROJECT_DOMAIN_ID:
+ type: string
+ default: "default"
+ OPENSTACK_API_USER_DOMAIN_ID:
+ type: string
+ default: "default"
+
+ # heat
+ HEAT_STACK_ENVIRONMENT:
+ type: string
+ default: "tcpisek"
+ HEAT_STACK_ZONE:
+ type: string
+ default: "workshop-sunnyvale"
+ HEAT_STACK_PUBLIC_NET:
+ type: string
+ default: "mirantis-private"
+
+ # k8s setttings
+ K8S_API_SERVER:
+ type: string
+ default: "http://127.0.0.1:8080"
+ K8S_CONFORMANCE_IMAGE:
+ type: string
+ default: "docker-dev-virtual.docker.mirantis.net/mirantis/kubernetes/k8s-conformance:v1.5.1-3_1482332392819"
+
+ # Tempest settings
+ TEMPEST_IMAGE_LINK:
+ type: string
+ default: "sandbox-docker-prod-local.docker.mirantis.net/mirantis/rally_tempest:0.1"
+
+ ASK_ON_ERROR:
+ type: boolean
+ default: 'false'
+
diff --git a/jenkins/client/job/deploy/lab/mk/init.yml b/jenkins/client/job/deploy/lab/mk/init.yml
index 2a32dc6..9e988ba 100644
--- a/jenkins/client/job/deploy/lab/mk/init.yml
+++ b/jenkins/client/job/deploy/lab/mk/init.yml
@@ -27,29 +27,39 @@
STACK_TYPE:
type: string
default: "{{stack_type}}"
- INSTALL:
+ STACK_INSTALL:
type: string
default: "{{install}}"
- TEST:
+ STACK_TEST:
type: string
default: "{{test}}"
- # heat
- HEAT_TEMPLATE_URL:
+ STACK_TEMPLATE_URL:
type: string
default: "${_param:jenkins_gerrit_url}/mk/heat-templates"
- HEAT_TEMPLATE_CREDENTIALS:
+ STACK_TEMPLATE_CREDENTIALS:
type: string
default: "gerrit"
- HEAT_TEMPLATE_BRANCH:
+ STACK_TEMPLATE_BRANCH:
type: string
default: "master"
- HEAT_STACK_NAME:
+ STACK_NAME:
type: string
description: Heat stack name. Will be generated if missing.
- HEAT_STACK_TEMPLATE:
+ STACK_TEMPLATE:
type: string
default: "{{lab}}"
+ STACK_DELETE:
+ type: boolean
+ default: 'true'
+ description: "Don't enable it if you need to use the lab after"
+ STACK_REUSE:
+ type: boolean
+ default: 'false'
+ STACK_CLEANUP_JOB:
+ type: string
+ default: 'deploy-heat-cleanup'
+ # heat
HEAT_STACK_ENVIRONMENT:
type: string
default: "tcpisek"
@@ -59,13 +69,6 @@
HEAT_STACK_PUBLIC_NET:
type: string
default: "mirantis-private"
- HEAT_STACK_DELETE:
- type: boolean
- default: 'true'
- description: "Don't enable it if you need to use the lab after"
- HEAT_STACK_REUSE:
- type: boolean
- default: 'false'
# salt master
SALT_MASTER_CREDENTIALS:
@@ -91,6 +94,12 @@
OPENSTACK_API_VERSION:
type: string
default: "2"
+ OPENSTACK_API_PROJECT_DOMAIN_ID:
+ type: string
+ default: "default"
+ OPENSTACK_API_USER_DOMAIN_ID:
+ type: string
+ default: "default"
# k8s setttings
K8S_API_SERVER:
diff --git a/jenkins/client/job/deploy/lab/mk/virtual.yml b/jenkins/client/job/deploy/lab/mk/virtual.yml
index 35b8de6..e615408 100644
--- a/jenkins/client/job/deploy/lab/mk/virtual.yml
+++ b/jenkins/client/job/deploy/lab/mk/virtual.yml
@@ -9,70 +9,86 @@
stack_type: heat
test: openstack
timer: ""
+ extra_formulas: ""
- lab: virtual_mk20_basic
install: core,openstack
stack_type: heat
test: openstack
timer: ""
+ extra_formulas: ""
# mk22
- lab: virtual_mk22_advanced
install: core,openstack
stack_type: heat
test: openstack
+ timer: ""
+ extra_formulas: ""
- lab: virtual_mk22_basic
install: core,openstack
stack_type: heat
test: openstack
timer: ""
+ extra_formulas: ""
# mcp05
- lab: virtual_mcp05_dvr
install: core,openstack,dvr
stack_type: heat
test: openstack
+ timer: ""
+ extra_formulas: ""
- lab: virtual_mcp05_ovs
install: core,openstack,ovs
stack_type: heat
test: openstack
timer: ""
+ extra_formulas: ""
# mcp10
- lab: virtual_mcp10_contrail
install: core,openstack,contrail
stack_type: heat
test: openstack
timer: "H H(0-6) * * *"
+ extra_formulas: ""
- lab: virtual_mcp10_dvr
install: core,openstack,dvr
stack_type: heat
test: openstack
timer: "H H(0-6) * * *"
+ extra_formulas: ""
- lab: virtual_mcp10_ovs
install: core,openstack,ovs
stack_type: heat
test: openstack
timer: "H H(0-6) * * *"
+ extra_formulas: ""
# mcp11
- lab: virtual_mcp11_contrail
install: core,openstack,contrail
stack_type: heat
test: openstack
+ extra_formulas: ""
timer: ""
- lab: virtual_mcp11_dvr
install: core,openstack,dvr
stack_type: heat
test: openstack
timer: ""
+ extra_formulas: ""
- lab: virtual_mcp11_ovs
install: core,openstack,ovs
stack_type: heat
test: openstack
timer: ""
+ extra_formulas: ""
- lab: virtual_mcp11_k8s_calico
install: core,k8s,calico
stack_type: heat
test: k8s
timer: "H H(0-6) * * *"
+ extra_formulas: ""
- lab: virtual_mcp11_k8s_contrail
install: core,k8s,contrail
stack_type: heat
test: k8s
timer: "H H(0-6) * * *"
+ extra_formulas: ""
diff --git a/jenkins/client/job/deploy/openstack.yml b/jenkins/client/job/deploy/openstack.yml
index 644b16b..cad1182 100644
--- a/jenkins/client/job/deploy/openstack.yml
+++ b/jenkins/client/job/deploy/openstack.yml
@@ -20,7 +20,7 @@
STACK_TYPE:
type: string
default: "physical"
- INSTALL:
+ STACK_INSTALL:
type: string
default: "core,kvm,openstack,stacklight"
diff --git a/jenkins/client/job/deploy/update/saltenv.yml b/jenkins/client/job/deploy/update/saltenv.yml
index 0303aea..397e3f3 100644
--- a/jenkins/client/job/deploy/update/saltenv.yml
+++ b/jenkins/client/job/deploy/update/saltenv.yml
@@ -30,3 +30,6 @@
SALT_MASTER_CREDENTIALS:
type: string
default: "{{salt_credentials}}"
+ UPDATE_FORMULAS:
+ type: boolean
+ default: "true"
diff --git a/jenkins/client/job/deploy/update/upgrade.yml b/jenkins/client/job/deploy/update/upgrade.yml
index 81a7b16..efbd153 100644
--- a/jenkins/client/job/deploy/update/upgrade.yml
+++ b/jenkins/client/job/deploy/update/upgrade.yml
@@ -23,3 +23,15 @@
SALT_MASTER_CREDENTIALS:
type: string
default: "salt"
+ STAGE_TEST_UPGRADE:
+ type: boolean
+ default: 'true'
+ description: "Test if syncdb and APIs succeed"
+ STAGE_REAL_UPGRADE:
+ type: boolean
+ default: 'true'
+ description: "Run real control upgrade"
+ STAGE_ROLLBACK_UPGRADE:
+ type: boolean
+ default: 'true'
+ description: "Rollback if control upgrade fails"
diff --git a/jenkins/client/job/docker/aptly.yml b/jenkins/client/job/docker/aptly.yml
deleted file mode 100644
index 98ef8af..0000000
--- a/jenkins/client/job/docker/aptly.yml
+++ /dev/null
@@ -1,48 +0,0 @@
-parameters:
- jenkins:
- client:
- job:
- docker-build-images-aptly:
- name: docker-build-images-aptly
- discard:
- build:
- keep_num: 25
- artifact:
- keep_num: 25
- type: workflow-scm
- concurrent: true
- scm:
- type: git
- url: "${_param:jenkins_gerrit_url}/mk/docker-aptly"
- credentials: "gerrit"
- trigger:
- gerrit:
- project:
- "mk/docker-aptly":
- branches:
- - master
- event:
- ref:
- - updated: {}
- param:
- IMAGE_GIT_URL:
- type: string
- default: "${_param:jenkins_gerrit_url}/mk/docker-aptly"
- IMAGE_BRANCH:
- type: string
- default: "master"
- IMAGE_CREDENTIALS_ID:
- type: string
- default: "gerrit"
- IMAGE_TAGS:
- type: string
- default: "latest"
- REGISTRY_URL:
- type: string
- default: ""
- REGISTRY_CREDENTIALS_ID:
- type: string
- default: "dockerhub"
- DOCKER_GIT_TAG:
- type: boolean
- default: "true"
diff --git a/jenkins/client/job/docker/build-images.yml b/jenkins/client/job/docker/build-images.yml
new file mode 100644
index 0000000..e9e7447
--- /dev/null
+++ b/jenkins/client/job/docker/build-images.yml
@@ -0,0 +1,52 @@
+parameters:
+ jenkins:
+ client:
+ job_template:
+ docker-build-images:
+ name: "docker-build-images-{{name}}"
+ jobs:
+ - name: aptly
+ - name: ci
+ template:
+ discard:
+ build:
+ keep_num: 25
+ artifact:
+ keep_num: 25
+ type: workflow-scm
+ concurrent: true
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/mk/docker-{{name}}"
+ credentials: "gerrit"
+ trigger:
+ gerrit:
+ project:
+ "mk/docker-{{name}}":
+ branches:
+ - master
+ event:
+ ref:
+ - updated: {}
+ param:
+ IMAGE_GIT_URL:
+ type: string
+ default: "${_param:jenkins_gerrit_url}/mk/docker-{{name}}"
+ IMAGE_BRANCH:
+ type: string
+ default: "master"
+ IMAGE_CREDENTIALS_ID:
+ type: string
+ default: "gerrit"
+ IMAGE_TAGS:
+ type: string
+ default: "latest"
+ REGISTRY_URL:
+ type: string
+ default: ""
+ REGISTRY_CREDENTIALS_ID:
+ type: string
+ default: "dockerhub"
+ DOCKER_GIT_TAG:
+ type: boolean
+ default: "true"
diff --git a/jenkins/client/job/docker/devops-portal.yml b/jenkins/client/job/docker/devops-portal.yml
index 14735b6..7af37eb 100644
--- a/jenkins/client/job/docker/devops-portal.yml
+++ b/jenkins/client/job/docker/devops-portal.yml
@@ -32,16 +32,18 @@
- created:
excludeDrafts: false
excludeNoCodeChange: false
+ change:
+ - merged
comment:
- addedContains:
commentAddedCommentContains: 'rebuild'
param:
IMAGE_NAME:
type: string
- default: "devops-portal"
+ default: "devops_portal"
IMAGE_TAGS:
type: string
- default: "latest"
+ default: ""
CREDENTIALS_ID:
type: string
default: "gerrit"
diff --git a/jenkins/client/job/git-mirrors/downstream/debian-packages.yml b/jenkins/client/job/git-mirrors/downstream/debian-packages.yml
index 9708d9f..dde7d9a 100644
--- a/jenkins/client/job/git-mirrors/downstream/debian-packages.yml
+++ b/jenkins/client/job/git-mirrors/downstream/debian-packages.yml
@@ -7,6 +7,10 @@
downstream: debian/telegraf
upstream: "https://github.com/influxdata/telegraf.git"
branches: master
+ - name: libvirt-exporter
+ downstream: debian/libvirt-exporter
+ upstream: "https://github.com/kumina/libvirt_exporter.git"
+ branches: master
- name: debian-gophercloud
downstream: debian/gophercloud
upstream: "https://github.com/gophercloud/gophercloud.git"
diff --git a/jenkins/client/job/git-mirrors/downstream/salt_formulas_utils.yml b/jenkins/client/job/git-mirrors/downstream/salt_formulas_utils.yml
new file mode 100644
index 0000000..dfbdb60
--- /dev/null
+++ b/jenkins/client/job/git-mirrors/downstream/salt_formulas_utils.yml
@@ -0,0 +1,9 @@
+classes:
+ - system.jenkins.client.job.git-mirrors.downstream
+parameters:
+ _param:
+ jenkins_git_mirror_downstream_jobs:
+ - name: salt-formulas
+ downstream: salt-formulas/salt-formulas
+ upstream: "https://github.com/salt-formulas/salt-formulas"
+ branches: master
\ No newline at end of file
diff --git a/jenkins/client/job/git-mirrors/downstream/templates.yml b/jenkins/client/job/git-mirrors/downstream/templates.yml
index ef504af..1c34f37 100644
--- a/jenkins/client/job/git-mirrors/downstream/templates.yml
+++ b/jenkins/client/job/git-mirrors/downstream/templates.yml
@@ -6,7 +6,7 @@
- name: cookiecutter-templates
downstream: mk/cookiecutter-templates
upstream: "git@github.com:Mirantis/mk2x-cookiecutter-reclass-model"
- branches: master
+ branches: master,mcp10
- name: heat-templates
downstream: mk/heat-templates
upstream: "git@github.com:Mirantis/mk-lab-heat-templates"
diff --git a/jenkins/client/job/git-mirrors/upstream/salt_formulas_utils.yml b/jenkins/client/job/git-mirrors/upstream/salt_formulas_utils.yml
new file mode 100644
index 0000000..c86cda5
--- /dev/null
+++ b/jenkins/client/job/git-mirrors/upstream/salt_formulas_utils.yml
@@ -0,0 +1,9 @@
+classes:
+ - system.jenkins.client.job.git-mirrors.upstream
+parameters:
+ _param:
+ jenkins_git_mirror_upstream_jobs:
+ - name: salt-formulas
+ downstream: salt-formulas/salt-formulas
+ upstream: "git@github.com:salt-formulas/salt-formulas.git"
+ branches: master
diff --git a/jenkins/client/job/git-mirrors/upstream/templates.yml b/jenkins/client/job/git-mirrors/upstream/templates.yml
index 12e4a9a..5ffaa43 100644
--- a/jenkins/client/job/git-mirrors/upstream/templates.yml
+++ b/jenkins/client/job/git-mirrors/upstream/templates.yml
@@ -6,7 +6,7 @@
- name: cookiecutter-templates
downstream: mk/cookiecutter-templates
upstream: "git@github.com:Mirantis/mk2x-cookiecutter-reclass-model"
- branches: master
+ branches: master,mcp10
- name: heat-templates
downstream: mk/heat-templates
upstream: "git@github.com:Mirantis/mk-lab-heat-templates"
diff --git a/jenkins/client/job/opencontrail/build/dpdk-extra.yml b/jenkins/client/job/opencontrail/build/dpdk-extra.yml
index f250a8c..5b128a2 100644
--- a/jenkins/client/job/opencontrail/build/dpdk-extra.yml
+++ b/jenkins/client/job/opencontrail/build/dpdk-extra.yml
@@ -21,6 +21,10 @@
dist: xenial
branch_name: mitaka
branch_real_name: mitaka
+ - os: ubuntu
+ dist: xenial
+ branch_name: newton
+ branch_real_name: newton
template:
discard:
build:
diff --git a/jenkins/client/job/opencontrail/git-mirrors/2way.yml b/jenkins/client/job/opencontrail/git-mirrors/2way.yml
index 0ecb83f..349dad5 100644
--- a/jenkins/client/job/opencontrail/git-mirrors/2way.yml
+++ b/jenkins/client/job/opencontrail/git-mirrors/2way.yml
@@ -3,31 +3,79 @@
jenkins_pollscm_spec: "H/60 * * * *"
jenkins:
client:
- job:
- git-mirror-2way-contrail-kubernetes:
- type: workflow-scm
- concurrent: false
- scm:
- type: git
- url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
- credentials: "gerrit"
- script: git-mirror-2way-pipeline.groovy
- github:
- url: "https://github.com/Mirantis/contrail-kubernetes"
- trigger:
- github:
- pollscm:
- spec: ${_param:jenkins_pollscm_spec}
- param:
- SOURCE_URL:
- type: string
- default: "${_param:jenkins_gerrit_url}/contrail/contrail-kubernetes.git"
- TARGET_URL:
- type: string
- default: "https://github.com/Mirantis/contrail-kubernetes.git"
- CREDENTIALS_ID:
- type: string
- default: "gerrit"
- BRANCHES:
- type: string
- default: ${_param:contrail_kubernetes_branches}
+ job_template:
+ git-mirror-2way:
+ name: git-mirror-2way-{{name}}
+ jobs:
+ - name: contrail-build
+ branches: ${_param:contrail_branches}
+ - name: contrail-pipeline
+ branches: ${_param:contrail_branches}
+ - name: contrail-controller
+ branches: ${_param:contrail_branches}
+ - name: contrail-vrouter
+ branches: ${_param:contrail_branches}
+ - name: contrail-third-party
+ branches: ${_param:contrail_branches}
+ - name: contrail-generateDS
+ branches: ${_param:contrail_branches}
+ - name: contrail-sandesh
+ branches: ${_param:contrail_branches}
+ - name: contrail-packages
+ branches: ${_param:contrail_branches}
+ - name: contrail-nova-vif-driver
+ branches: ${_param:contrail_branches}
+ - name: contrail-neutron-plugin
+ branches: ${_param:contrail_branches}
+ - name: contrail-nova-extensions
+ branches: ${_param:contrail_branches}
+ - name: contrail-ceilometer-plugin
+ branches: ${_param:contrail_ceilometer_plugin_branches}
+ - name: contrail-heat
+ branches: ${_param:contrail_branches}
+ - name: contrail-web-storage
+ branches: ${_param:contrail_branches}
+ - name: contrail-web-server-manager
+ branches: ${_param:contrail_branches}
+ - name: contrail-web-controller
+ branches: ${_param:contrail_branches}
+ - name: contrail-web-core
+ branches: ${_param:contrail_branches}
+ - name: contrail-webui-third-party
+ branches: ${_param:contrail_branches}
+ - name: contrail-dpdk-extra-packages
+ branches: ${_param:contrail_dpdk_extra_branches}
+ - name: contrail-dpdk
+ branches: ${_param:contrail_dpdk_branches}
+ template:
+ discard:
+ build:
+ keep_num: 10
+ artifact:
+ keep_num: 10
+ type: workflow-scm
+ concurrent: false
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
+ credentials: "gerrit"
+ script: git-mirror-2way-pipeline.groovy
+ github:
+ url: "https://github.com/Mirantis/{{name}}"
+ trigger:
+ github:
+ pollscm:
+ spec: ${_param:jenkins_pollscm_spec}
+ param:
+ SOURCE_URL:
+ type: string
+ default: "${_param:jenkins_gerrit_url}/contrail/{{name}}.git"
+ TARGET_URL:
+ type: string
+ default: "https://github.com/Mirantis/{{name}}.git"
+ CREDENTIALS_ID:
+ type: string
+ default: "gerrit"
+ BRANCHES:
+ type: string
+ default: "{{branches}}"
diff --git a/jenkins/client/job/opencontrail/init.yml b/jenkins/client/job/opencontrail/init.yml
index 2d38d5a..e76b322 100644
--- a/jenkins/client/job/opencontrail/init.yml
+++ b/jenkins/client/job/opencontrail/init.yml
@@ -5,7 +5,7 @@
_param:
contrail_branches: "R3.0.2.x,R3.0.3.x,R3.1,R3.1.1.x,R3.2,R4.0,master"
contrail_kubernetes_branches: "master,release-1.2"
- contrail_dpdk_extra_branches: "mitaka,kilo,liberty-multiqueue"
+ contrail_dpdk_extra_branches: "mitaka,kilo,liberty-multiqueue,newton"
contrail_ceilometer_plugin_branches: "master,R4.0"
contrail_kubernetes_branches: "master,origin-1.1,origin-1.1.3,release-1.1,release-1.2"
contrail_dpdk_branches: "master,R3.0.2.x,R3.0.3.x,R3.1,R3.1.1.x,R3.2,R4.0,contrail_dpdk_17_02,contrail_dpdk_1_7,contrail_dpdk_2_0,contrail_dpdk_2_1"
diff --git a/jenkins/client/job/salt-formulas/tests.yml b/jenkins/client/job/salt-formulas/tests.yml
index 111cc6a..0f3b405 100644
--- a/jenkins/client/job/salt-formulas/tests.yml
+++ b/jenkins/client/job/salt-formulas/tests.yml
@@ -93,6 +93,7 @@
- name: roundcube
- name: rsync
- name: rsyslog
+ - name: rundeck
- name: sahara
- name: salt
- name: sensu
@@ -152,3 +153,6 @@
DEFAULT_GIT_REF:
type: string
default: master
+ KITCHEN_TESTS_PARALLEL:
+ type: boolean
+ default: 'false'
diff --git a/jenkins/client/job/salt-models/generate.yml b/jenkins/client/job/salt-models/generate.yml
index 697ab51..f88c54d 100644
--- a/jenkins/client/job/salt-models/generate.yml
+++ b/jenkins/client/job/salt-models/generate.yml
@@ -44,3 +44,6 @@
default: false
EMAIL_ADDRESS:
type: string
+ TEST_MODEL:
+ type: boolean
+ default: true
diff --git a/jenkins/client/job/salt-models/tests.yml b/jenkins/client/job/salt-models/tests.yml
index 1545eff..e4b573d 100644
--- a/jenkins/client/job/salt-models/tests.yml
+++ b/jenkins/client/job/salt-models/tests.yml
@@ -5,14 +5,19 @@
job_template:
test_salt_model:
name: test-salt-model-{{name}}
- param:
- name:
- - mcp-baremetal-lab
- - mcp-virtual-lab
- - mk-ci
- - qa
- - stacklight
- - training
+ jobs:
+ - name: mcp-baremetal-lab
+ extra_formulas: ""
+ - name: mcp-virtual-lab
+ extra_formulas: "prometheus"
+ - name: mk-ci
+ extra_formulas: ""
+ - name: qa
+ extra_formulas: ""
+ - name: stacklight
+ extra_formulas: ""
+ - name: training
+ extra_formulas: ""
template:
type: workflow-scm
scm:
@@ -50,6 +55,13 @@
CREDENTIALS_ID:
type: string
default: "gerrit"
+ PARALLEL_NODE_GROUP_SIZE:
+ type: string
+ default: "3"
+ # Salt master setup extra formulas
+ EXTRA_FORMULAS:
+ type: string
+ default: "{{extra_formulas}}"
test_system_reclass:
name: test-salt-model-{{name}}
jobs:
diff --git a/jenkins/client/job/test_devops_portal.yml b/jenkins/client/job/test_devops_portal.yml
index 711f42a..5cf4c79 100644
--- a/jenkins/client/job/test_devops_portal.yml
+++ b/jenkins/client/job/test_devops_portal.yml
@@ -32,18 +32,20 @@
- addedContains:
commentAddedCommentContains: '(recheck|reverify)'
param:
+ COMPOSE_PATH:
+ type: string
+ default: "docker/stack/docker-compose.yml"
CREDENTIALS_ID:
type: string
default: "gerrit"
- NODE_IMAGE:
+ JSON_CONFIG:
type: string
- default: "docker-sandbox.sandbox.mirantis.net/ikharin/ci/node-firefox:6.10"
+ default: '{"services": {"elasticsearch": {"endpoint": "http://elasticsearch:9200"}}}'
COMMANDS:
type: text
default: |
npm run lint
npm run test:unit
- npm run test:functional
DEFAULT_GIT_URL:
type: string
default: "${_param:jenkins_gerrit_url}/oss/devops-portal"
diff --git a/jenkins/master/config.yml b/jenkins/master/config.yml
index 795b748..41e3ffb 100644
--- a/jenkins/master/config.yml
+++ b/jenkins/master/config.yml
@@ -8,11 +8,4 @@
pillar:
jenkins:
master:
- home: /srv/volumes/jenkins
- sudo:
- users:
- jenkins:
- hosts:
- - ALL
- commands:
- - docker
\ No newline at end of file
+ home: /srv/volumes/jenkins
\ No newline at end of file
diff --git a/jenkins/slave/docker.yml b/jenkins/slave/docker.yml
index b134225..ddf997b 100644
--- a/jenkins/slave/docker.yml
+++ b/jenkins/slave/docker.yml
@@ -7,3 +7,21 @@
jenkins:
groups:
- docker
+ sudo:
+ enabled: true
+ users:
+ jenkins:
+ setenv: true
+ hosts:
+ - ALL
+ commands:
+ - /usr/bin/docker
+ docker:
+ client:
+ network:
+ docker_gwbridge:
+ subnet: 10.20.0.0/16
+ opt:
+ com.docker.network.bridge.name: docker_gwbridge
+ com.docker.network.bridge.enable_icc: false
+ com.docker.network.bridge.enable_ip_masquerade: true
\ No newline at end of file
diff --git a/keystone/server/cluster.yml b/keystone/server/cluster.yml
index 6db4f7a..f077faf 100644
--- a/keystone/server/cluster.yml
+++ b/keystone/server/cluster.yml
@@ -41,3 +41,6 @@
password: ${_param:rabbitmq_openstack_password}
virtual_host: '/openstack'
ha_queues: true
+ auth_methods:
+ - password
+ - token
diff --git a/keystone/server/single.yml b/keystone/server/single.yml
index 26c7d2b..aae179f 100644
--- a/keystone/server/single.yml
+++ b/keystone/server/single.yml
@@ -41,4 +41,13 @@
user: openstack
password: ${_param:rabbitmq_openstack_password}
virtual_host: '/openstack'
- ha_queues: true
\ No newline at end of file
+ ha_queues: true
+ roles:
+ - admin
+ - Member
+ - image_manager
+ auth_methods:
+ - password
+ - token
+ database:
+ host: 127.0.0.1
diff --git a/keystone/server/websso.yml b/keystone/server/websso.yml
new file mode 100644
index 0000000..0960ccb
--- /dev/null
+++ b/keystone/server/websso.yml
@@ -0,0 +1,15 @@
+classes:
+- service.shibboleth.server.cluster
+parameters:
+ keystone:
+ server:
+ websso:
+ protocol: saml2
+ remote_id_attribute: Shib-Identity-Provider
+ federation_driver: keystone.contrib.federation.backends.sql.Federation
+ trusted_dashboard:
+ - https://${_param:cluster_public_host}/auth/websso/
+ - https://${_param:proxy_vip_host}/auth/websso/
+ auth_methods:
+ - saml2
+ - external
diff --git a/linux/system/repo/glusterfs.yml b/linux/system/repo/glusterfs.yml
index 3dfa9f9..fb331f0 100644
--- a/linux/system/repo/glusterfs.yml
+++ b/linux/system/repo/glusterfs.yml
@@ -1,9 +1,11 @@
parameters:
+ _param:
+ glusterfs_version: 3.8
linux:
system:
repo:
glusterfs-ppa:
- source: "deb http://ppa.launchpad.net/gluster/glusterfs-3.7/ubuntu ${_param:linux_system_codename} main"
+ source: "deb http://ppa.launchpad.net/gluster/glusterfs-${_param:glusterfs_version}/ubuntu ${_param:linux_system_codename} main"
architectures: amd64
key_id: 3FE869A9
- key_server: keyserver.ubuntu.com
\ No newline at end of file
+ key_server: keyserver.ubuntu.com
diff --git a/linux/system/repo/mcp/contrail.yml b/linux/system/repo/mcp/contrail.yml
index c0ecc92..0d9d68e 100644
--- a/linux/system/repo/mcp/contrail.yml
+++ b/linux/system/repo/mcp/contrail.yml
@@ -1,15 +1,16 @@
parameters:
_param:
- linux_repo_contrail_component: oc311
apt_mk_version: stable
+ linux_repo_contrail_component: oc311
+ linux_system_repo_mcp_contrail_version: ${_param:apt_mk_version}
linux:
system:
repo:
mcp_opencontrail:
- source: "deb [arch=amd64] http://apt-mk.mirantis.com/${_param:linux_system_codename}/ ${_param:apt_mk_version} ${_param:openstack_version} ${_param:linux_repo_contrail_component} extra"
+ source: "deb [arch=amd64] http://apt-mk.mirantis.com/${_param:linux_system_codename}/ ${_param:linux_system_repo_mcp_contrail_version} ${_param:openstack_version} ${_param:linux_repo_contrail_component} extra"
architectures: amd64
key_url: "http://apt-mk.mirantis.com/public.gpg"
pin:
- - pin: 'release a=${_param:apt_mk_version}'
+ - pin: 'release a=${_param:linux_system_repo_mcp_contrail_version}'
priority: 1100
package: '*'
diff --git a/linux/system/repo/mcp/extra.yml b/linux/system/repo/mcp/extra.yml
index 00de9ea..826969b 100644
--- a/linux/system/repo/mcp/extra.yml
+++ b/linux/system/repo/mcp/extra.yml
@@ -1,15 +1,16 @@
parameters:
_param:
apt_mk_version: stable
+ linux_system_repo_mcp_extra_version: ${_param:apt_mk_version}
linux:
system:
repo:
mcp_extra:
- source: "deb [arch=amd64] http://apt-mk.mirantis.com/${_param:linux_system_codename}/ ${_param:apt_mk_version} extra"
+ source: "deb [arch=amd64] http://apt-mk.mirantis.com/${_param:linux_system_codename}/ ${_param:linux_system_repo_mcp_extra_version} extra"
architectures: amd64
key_url: "http://apt-mk.mirantis.com/public.gpg"
clean_file: true
pin:
- - pin: 'release a=${_param:apt_mk_version}'
+ - pin: 'release a=${_param:linux_system_repo_mcp_extra_version}'
priority: 1100
package: '*'
diff --git a/linux/system/repo/mcp/openstack.yml b/linux/system/repo/mcp/openstack.yml
index 9f26821..249f5b2 100644
--- a/linux/system/repo/mcp/openstack.yml
+++ b/linux/system/repo/mcp/openstack.yml
@@ -1,6 +1,7 @@
parameters:
_param:
apt_mk_version: stable
+ linux_system_repo_mk_openstack_version: ${_param:apt_mk_version}
linux:
system:
repo:
@@ -45,10 +46,10 @@
priority: 1100
package: '*'
mk_openstack:
- source: "deb [arch=amd64] http://apt-mk.mirantis.com/${_param:linux_system_codename}/ ${_param:apt_mk_version} ${_param:openstack_version}"
+ source: "deb [arch=amd64] http://apt-mk.mirantis.com/${_param:linux_system_codename}/ ${_param:linux_system_repo_mk_openstack_version} ${_param:openstack_version}"
architectures: amd64
key_url: "http://apt-mk.mirantis.com/public.gpg"
pin:
- - pin: 'release a=${_param:apt_mk_version}'
+ - pin: 'release a=${_param:linux_system_repo_mk_openstack_version}'
priority: 1100
package: '*'
diff --git a/linux/system/repo/mcp/salt.yml b/linux/system/repo/mcp/salt.yml
index d40cc5f..6d79919 100644
--- a/linux/system/repo/mcp/salt.yml
+++ b/linux/system/repo/mcp/salt.yml
@@ -1,15 +1,16 @@
parameters:
_param:
apt_mk_version: stable
+ linux_system_repo_mcp_salt_version: ${_param:apt_mk_version}
linux:
system:
repo:
mcp_salt:
- source: "deb [arch=amd64] http://apt-mk.mirantis.com/${_param:linux_system_codename}/ ${_param:apt_mk_version} salt"
+ source: "deb [arch=amd64] http://apt-mk.mirantis.com/${_param:linux_system_codename}/ ${_param:linux_system_repo_mcp_salt_version} salt"
architectures: amd64
key_url: "http://apt-mk.mirantis.com/public.gpg"
clean_file: true
pin:
- - pin: 'release a=${_param:apt_mk_version}'
+ - pin: 'release a=${_param:linux_system_repo_mcp_salt_version}'
priority: 1100
package: '*'
diff --git a/linux/system/repo_local/mcp/contrail.yml b/linux/system/repo_local/mcp/contrail.yml
index 89a7236..3d02acf 100644
--- a/linux/system/repo_local/mcp/contrail.yml
+++ b/linux/system/repo_local/mcp/contrail.yml
@@ -1,13 +1,14 @@
parameters:
_param:
+ apt_mk_version: stable
linux_repo_contrail_component: oc311
contrail_repo_pin_priority: 200
- apt_mk_version: stable
+ linux_system_repo_mcp_contrail_version: ${_param:apt_mk_version}
linux:
system:
repo:
mcp_opencontrail:
refresh_db: ${_param:linux_repo_refresh_db}
- source: "deb [arch=amd64] http://${_param:local_repo_url}/ubuntu-${_param:linux_system_codename}/ ${_param:apt_mk_version} ${_param:linux_repo_contrail_component}"
+ source: "deb [arch=amd64] http://${_param:local_repo_url}/ubuntu-${_param:linux_system_codename}/ ${_param:linux_system_repo_mcp_contrail_version} ${_param:linux_repo_contrail_component}"
architectures: amd64
key_url: "http://${_param:local_repo_url}/public.gpg"
diff --git a/linux/system/repo_local/mcp/extra.yml b/linux/system/repo_local/mcp/extra.yml
index a0c54d6..b7ae91a 100644
--- a/linux/system/repo_local/mcp/extra.yml
+++ b/linux/system/repo_local/mcp/extra.yml
@@ -1,11 +1,12 @@
parameters:
_param:
apt_mk_version: stable
+ linux_system_repo_mcp_extra_version: ${_param:apt_mk_version}
linux:
system:
repo:
mcp_extra:
refresh_db: ${_param:linux_repo_refresh_db}
- source: "deb [arch=amd64] http://${_param:local_repo_url}/ubuntu-${_param:linux_system_codename}/ ${_param:apt_mk_version} extra"
+ source: "deb [arch=amd64] http://${_param:local_repo_url}/ubuntu-${_param:linux_system_codename}/ ${_param:linux_system_repo_mcp_extra_version} extra"
architectures: amd64
key_url: "http://${_param:local_repo_url}/public.gpg"
diff --git a/linux/system/repo_local/mcp/salt.yml b/linux/system/repo_local/mcp/salt.yml
index 3abbf92..dafa8e7 100644
--- a/linux/system/repo_local/mcp/salt.yml
+++ b/linux/system/repo_local/mcp/salt.yml
@@ -1,11 +1,12 @@
parameters:
_param:
apt_mk_version: stable
+ linux_system_repo_mcp_salt_version: ${_param:apt_mk_version}
linux:
system:
repo:
mcp_salt:
refresh_db: ${_param:linux_repo_refresh_db}
- source: "deb [arch=amd64] http://${_param:local_repo_url}/ubuntu-${_param:linux_system_codename}/ ${_param:apt_mk_version} salt"
+ source: "deb [arch=amd64] http://${_param:local_repo_url}/ubuntu-${_param:linux_system_codename}/ ${_param:linux_system_repo_mcp_salt_version} salt"
architectures: amd64
- key_url: "http://${_param:local_repo_url}/public.gpg"
\ No newline at end of file
+ key_url: "http://${_param:local_repo_url}/public.gpg"
diff --git a/linux/system/single.yml b/linux/system/single.yml
index 2c538f5..ef23a39 100644
--- a/linux/system/single.yml
+++ b/linux/system/single.yml
@@ -57,3 +57,8 @@
- type: hard
item: nproc
value: 307200
+ systemd:
+ system:
+ Manager:
+ DefaultLimitNOFILE: 307200
+ DefaultLimitNPROC: 307200
diff --git a/linux/system/sudo.yml b/linux/system/sudo.yml
index 1668c12..8f03f7d 100644
--- a/linux/system/sudo.yml
+++ b/linux/system/sudo.yml
@@ -23,7 +23,21 @@
- /usr/sbin/visudo
sudo_coreutils_safe:
- /usr/bin/less
+ - /usr/bin/grep
+ - /usr/bin/fgrep
+ - /usr/bin/egrep
+ - /usr/bin/zgrep
+ - /usr/bin/tail
+ - /usr/bin/socat
+ - /usr/bin/top
+ - /usr/bin/tail
+ - /usr/bin/lsof
+ - /usr/bin/virsh
+ - /bin/ls
+ - /bin/cp
+ - /bin/netstat
sudo_rabbitmq_safe:
+ - /usr/sbin/rabbitmqctl
- /usr/sbin/rabbitmqctl status
- /usr/sbin/rabbitmqctl cluster_status
- /usr/sbin/rabbitmqctl list_queues*
@@ -41,3 +55,42 @@
- /usr/bin/salt-call saltutil*
sudo_salt_trusted:
- /usr/bin/salt*
+ sudo_networking:
+ - /sbin/ip
+ - /sbin/ss
+ - /sbin/ifconfig
+ - /sbin/route
+ - /sbin/ethtool
+ - /sbin/tcpdump
+ sudo_contrail_utilities:
+ - /usr/bin/contrail*
+ - /bin/contrail*
+ - /usr/bin/vif
+ - /usr/bin/flow
+ - /usr/bin/vrfstats
+ - /usr/bin/rt
+ - /usr/bin/dropstats
+ - /usr/bin/mpls
+ - /usr/bin/mirror
+ - /usr/bin/vxlan
+ - /usr/bin/nh
+ sudo_storage_utilities:
+ - /usr/bin/ceph*
+ - /usr/bin/rados*
+ - /usr/bin/rbd
+ - /usr/sbin/gluster
+ sudo_openstack_clients:
+ - /usr/bin/openstack
+ - /usr/bin/heat*
+ - /usr/bin/nova*
+ - /usr/bin/neutron*
+ - /usr/bin/keystone*
+ - /usr/bin/glance*
+ - /usr/bin/cinder*
+ - /usr/bin/swift*
+ - /usr/bin/ironic*
+ - /usr/bin/manila*
+ - /usr/bin/barbican*
+ - /usr/bin/ceilometer*
+ - /usr/bin/trove*
+
diff --git a/nginx/server/proxy/stacklight/grafana.yml b/nginx/server/proxy/stacklight/grafana.yml
index a1c7c49..24219ee 100644
--- a/nginx/server/proxy/stacklight/grafana.yml
+++ b/nginx/server/proxy/stacklight/grafana.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ nginx_proxy_grafana_port: 3000
nginx:
server:
enabled: true
@@ -9,7 +11,7 @@
name: grafana
proxy:
host: ${_param:stacklight_monitor_address}
- port: 3000
+ port: ${_param:nginx_proxy_grafana_port}
protocol: http
host:
name: ${_param:cluster_public_host}
diff --git a/opencontrail/control/analytics.yml b/opencontrail/control/analytics.yml
index 8cbd166..8065742 100644
--- a/opencontrail/control/analytics.yml
+++ b/opencontrail/control/analytics.yml
@@ -14,6 +14,9 @@
python-kafka:
version: 1.0.1-0contrail1
hold: true
+ kernel:
+ modules:
+ - nf_conntrack_ipv4
opencontrail:
common:
identity:
diff --git a/opencontrail/control/cluster.yml b/opencontrail/control/cluster.yml
index 4ffe081..a4126d6 100644
--- a/opencontrail/control/cluster.yml
+++ b/opencontrail/control/cluster.yml
@@ -13,8 +13,9 @@
version: 0.9.0-0contrail0
python-kafka:
version: 1.0.1-0contrail1
- contrail-api-cli:
- version: latest
+ kernel:
+ modules:
+ - nf_conntrack_ipv4
opencontrail:
web:
database:
diff --git a/opencontrail/control/control.yml b/opencontrail/control/control.yml
index 9c1d905..fdc4f7d 100644
--- a/opencontrail/control/control.yml
+++ b/opencontrail/control/control.yml
@@ -38,3 +38,8 @@
port: 9042
network:
host: ${_param:cluster_vip_address}
+ linux:
+ system:
+ kernel:
+ modules:
+ - nf_conntrack_ipv4
diff --git a/opencontrail/control/single.yml b/opencontrail/control/single.yml
index efdc267..064418e 100644
--- a/opencontrail/control/single.yml
+++ b/opencontrail/control/single.yml
@@ -12,6 +12,9 @@
version: 1.0.1-0contrail1
contrail-api-cli:
version: latest
+ kernel:
+ modules:
+ - nf_conntrack_ipv4
haproxy:
proxy:
listen:
diff --git a/openssh/server/team/k8s_team.yml b/openssh/server/team/k8s_team.yml
index ed85ae0..36f3252 100644
--- a/openssh/server/team/k8s_team.yml
+++ b/openssh/server/team/k8s_team.yml
@@ -9,6 +9,76 @@
full_name: Dmitry Shulyak
home: /home/dshulyak
email: dshulyak@mirantis.com
+ pskamruk:
+ enabled: true
+ sudo: true
+ name: pskamruk
+ full_name: Piotr Skamruk
+ home: /home/pskamruk
+ email: pskamruk@mirantis.com
+ ishvedunov:
+ enabled: true
+ sudo: true
+ name: ishvedunov
+ full_name: Ivan Shvedunov
+ home: /home/ishvedunov
+ email: ishvedunov@mirantis.com
+ jnowak:
+ enabled: true
+ sudo: true
+ name: jnowak
+ full_name: Jedrzej Nowak
+ home: /home/jnowak
+ email: jnowak@mirantis.com
+ vefimova:
+ enabled: true
+ sudo: true
+ name: vefimova
+ full_name: Victoria Efimova
+ home: /home/vefimova
+ email: vefimova@mirantis.com
+ sgolovatiuk:
+ enabled: true
+ sudo: true
+ name: sgolovatiuk
+ full_name: Sergii Golovatiuk
+ home: /home/sgolovatiuk
+ email: sgolovatiuk@mirantis.com
+ loles:
+ enabled: true
+ sudo: true
+ name: loles
+ full_name: Lukasz Oles
+ home: /home/loles
+ email: loles@mirantis.com
+ mkwiek:
+ enabled: true
+ sudo: true
+ name: mkwiek
+ full_name: Maciej Kwiek
+ home: /home/mkwiek
+ email: mkwiek@mirantis.com
+ mattymo:
+ enabled: true
+ sudo: true
+ name: mattymo
+ full_name: Matthew Mosesohn
+ home: /home/mattymo
+ email: mattymo@mirantis.com
+ slagun:
+ enabled: true
+ sudo: true
+ name: slagun
+ full_name: Stan Lagun
+ home: /home/slagun
+ email: slagun@mirantis.com
+ psiwczak:
+ enabled: true
+ sudo: true
+ name: psiwczak
+ full_name: Piotr Siwczak
+ home: /home/psiwczak
+ email: psiwczak@mirantis.com
openssh:
server:
enabled: true
@@ -18,6 +88,71 @@
public_keys:
- ${public_keys:dshulyak}
user: ${linux:system:user:dshulyak}
+ pskamruk:
+ enabled: true
+ public_keys:
+ - ${public_keys:pskamruk}
+ user: ${linux:system:user:pskamruk}
+ ishvedunov:
+ enabled: true
+ public_keys:
+ - ${public_keys:ishvedunov}
+ user: ${linux:system:user:ishvedunov}
+ jnowak:
+ enabled: true
+ public_keys:
+ - ${public_keys:jnowak}
+ user: ${linux:system:user:jnowak}
+ vefimova:
+ enabled: true
+ public_keys:
+ - ${public_keys:vefimova}
+ user: ${linux:system:user:vefimova}
+ sgolovatiuk:
+ enabled: true
+ public_keys:
+ - ${public_keys:sgolovatiuk}
+ user: ${linux:system:user:sgolovatiuk}
+ loles:
+ enabled: true
+ public_keys:
+ - ${public_keys:loles}
+ user: ${linux:system:user:loles}
+ mkwiek:
+ enabled: true
+ public_keys:
+ - ${public_keys:mkwiek}
+ user: ${linux:system:user:mkwiek}
+ slagun:
+ enabled: true
+ public_keys:
+ - ${public_keys:slagun}
+ user: ${linux:system:user:slagun}
+ mattymo:
+ enabled: true
+ public_keys:
+ - ${public_keys:mattymo}
+ user: ${linux:system:user:mattymo}
public_keys:
- kproskurin:
+ dshulyak:
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCvkecSoZQDlJ3rfnxzYYkKVOwZG/oGVNYykey07pJXzcc4RDnP+OSPSD57Ovc3f9DgGpDqi5EaSTK9wPT3Z4Xlq/0IN9mJjSqkMKahlQutozNeathqghM3mkiBrqV8Y9H+L+5V743ttWMxp+oEpYMVz6QlP152mDwhRESEoU6dm1UjPDOPmiqIBrjkc0glqrBGkvj6Rd7cyVrbVG//mOoemT0S+l9KHjVzIDF3sd9m1MWCtslO0ixCrIXh90wRYTUVJLe4g95Bo3f3k2/DIeqyLns2zjYaYBc54+VMwPllbc4KTNQnW+oZLGmh7fJRouJvNRmL9JrmVFBZ79tMKpLKq55U9RxAbtkO4wPUQxVXQRairYT6XVOis7eOQzojSyT8+jW1HK1ftexITn1nZnAgivzJYg9YugE5brS1pchJeptGQJDQSNeoAGR5rRc0A4uJIc9EzUjURVpa13ZWWKeenhQ3sfRUrP4+rCe4c0yeZS03jk54bNf3hqD7EEGH96L1ojAXyoVV/TgGgFJC3a3T7qciOMIJpWJVyKBVEgU9mSgWUL0lzEp/IrtEObNQQKwTb7LBM6wrSJd/57ePlTzXzSAZEed+7QV0LW+SBD7rwQyKM93i1P+do+4dmGO0fGr9AhMp2J4gsaFuAtCYZXV/b2zmuGnYGhbq3vacLIJYqQ== ds@ds-X10SAE
+ pskamruk:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDTsdLa6F59A7ggGr1kXT5Hsg0sKXRA2zw2DApFU/DinDZ95d82hY5r26HRoPvEebslXUtpYei1T1w6XKSV6x9U0y/4+Wmdxnl+SADWqFWH8k7CJv3kONK7GhTT4fMpwt88ZHiVUwoTf5CdzhzNL1vd6NWpjt9qIq0G/4n0Ds/5paUFLJ5OIm7ealekMCmiOCQac/FgZYcQAdXr0nalhZkQzV4OOf9cxxftGTTq4ppLEF0I7aswWadN60qdmM2muRMpiaFZweyIH8f8wlqcYYFgd8N1RQmBqKcP6i6ukJLuvzqGb0aeCcv0h9i6ijZzC8s7DTYATn6TpD2XN4E4Adup jell@Piotrs-MacBook-Pro.local
+ ishvedunov:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCpw4sk2sO6RxkgAa3yTLWrLhke7mRccOHQ9LQFnhCuYxF8q8W0/FOw9imEMC/GQjLMUn0a3qDDflGq/Ze76/wygZQr04fupyD94XIMw1QC80FS/LbdSDq2RYIpS46Gw9tTiWzUegHZuD1YCb7nqqpmAELm1DKZybA85+oOaZidFrIgWNf07bvu2LdH6zVM5EQHyXvuUlBL4WA4aW2kB6dyklln1SH+J+UyMDeU9m4ygHzeZ1tf9c+8d9uBzWxEZ9//e0pDYnuvViDK/rgyNvDqpdrAtikmk2tlKAJLsZYhkQc60PR58yH0e4UAH0P6Ga/JrvUR72sY/H7HsUzUnWRD
+ jnowak:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC2W27dcnqDu+wHpxy0c69czDihhDirm3FgQm4CuNKuuYwS0iJtITj5C7TWD1oP3Ym9yKvLqI71kpREH9BNB3qPw1ypfs/BY8Rv7CJTPk4N+lwUGlfIWPJ+PhS3bQMdDjOfpy7lBaVpVl6WpfBXN9RkNvqX0MYU7173Nm2EsBZVZ3Lcz/sYnpZxuRhbe+XMmnnOXmPJIO579Gawfx/yGMemjv/M4KxUpEIfCEdVhsUc5NRhIaWbk80VFxPJ/k8i6WJVootN0wtHgS1pk5Li0G66Y4A+epdmsyCaMJ5REJRzp9IyV70Dev7eBAYLSo0PGG2cG3AnLUnkMvyp6/vaWXBj pigmej@lap
+ vefimova:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDr7JWFM1GAEtsTKF3UfYnZRJJzCGM/Bp0QUdTa0ZPvcG1Vn01utIJvd8/STYHhG4Ifvreo7J76lF3gZ63nndr5kcB+StrSx604Rx12aD1yjLRNuJqiWa9JOgGq7zJaDECN0PIdRDiRH9tepdmrCeq+hrqZzeJLPYo8xIaTXukcI5g5IueciWEU37lerV86X4qycJp7weLYocT7IttNTq8Gln3K8fLfjYDO4JqVX32SOT4d/Y/BpxEMVwEMgFp7lVc75SfwdVFiTvYLrEqexvcL89Cefg12O/kEMAvGQ+s5UZp+4uwKE6meLkkYXTdN91yYq2gZ3Qvf2l9z9UY+jefH vyatta@vyatta
+ sgolovatiuk:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDRO3Q3yFST6biBh9aMbDROK8dDsknJCRSD9at3Bpac0dDHRuaM+Bq+bTmf/BtgTn3oKnL/cCDEmQYWIUY8aja8FcEE28rte6E0bBBQHXXLW0GyaD23wGOE5L20Qp+l9p0mcO9LtdZ0KVNGX28lx0z+qhE71l/PzMWHN+YxxwoOTBsI+3ByOefKKJYQsDvhvW4tGyKNATinA1ZSJBPPrnrTjac6zeYZZFE1evgBjxWawFm5Pebe95irLKuMr4tBWHqf7frP4VqfXlIWuRvhMi1OQDLMJeodhtZPKvX2FRfRST8XXwX4c8tfl1w3TD5nkGapTxPdUI/0BdTfyxPlf0sW3MQQTycCILxHSWQCTvP/O7hcckCYXpY5THTXRjkSat0nYNcERiiIbM0uubUdH+Pe7KTQ73OOrE92yWc8bDpnNTSgcMI41/YdKvX+dZtPVMFu8yT7Q/9aBvmQY4BzBt5zjI7ZQyGaOY/SmalYj50tCMFMbk+7Ey1WEDbNSsTMq/YH7l7ywxpcN6un9WVpUYvVSFdNjuS96LSeMYZA4126HwxQwLGDJ7xFUoSjwlkxgWBta6hajJEsXg43azinpGfcQLrlsTD3s9IlRhTeiWysmmM/OllqHCwMTE6xJi7HIoHu2WIvZNW58XRKNHY4AN8frvAsN7L+17UZ+huNweaLzQ==
+ loles:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDdbj2Li0TXK+U4jnLlfuQO8eyPdPjuqCHbHSWRokEmXwcjZVdRC/yLvI9W0tGFwNtPrf2Cyc14YJmnnPDUxvHklWX7vaOdLuTVvDRrnMrXK0INTVvFmytgLVzONvbAnFnMsh1HlpbkGwIfc12N+ZxUVtFEiwtVtT1Uf/drzZXENhTM2q7+l2/u9SlKrFWQkX5udw3L+Gi84D2RWqXhFG/0O0x/edZ5DDvKvLvolhyk+yXoo4wv5DJM+fRKI7tZC1whyL3jpDA9pe5TOxbKDsa/sHXx+2XIRQgQ1Z0vcUkde4j1LFZd032ZPMY4s8O1N0nKWOqGi/in1sOCxE6ofM1xtD/HJUYe8tp5qlWD1U2eofBxwtvw/qLUPjh00rUjW3S+Bla40M6rOmOoQdVID8qLsSXH/s/eAMNxoOL+go07EtfxL5uOOZp+3c+1kxFvyMfeu25Pb/xa8CHkTUgIri8eG4D0aGrBf6S24lb0/lRmhg0yZ6Zdk8pdlhIHXIOTvgPCkEY2O1Y8rHoWy4UtJAxxRvw8ssWsPexsvtDlFae1l3k7lh3ls9osebpo7xnfUevk5Lar4vCsoWkz0X2uNXxoiDHsINn1gUI17u2wH2nG7fvf6P/NvISIUKGN3vD0fLgjeQWYsXPX6x3bgO7DhJmibvVzhcAnq5Eb8qb5H3W5gQ== salmon@lmo
+ mkwiek:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDDd/y9KPuy12K3hY+JE51rRm9Tbyl3FM2FK6+mi6Nbop/G03mDVSR8pbmsk+PiQwGRySMQtjVaLk3LoIkgn8MTNw9+Z1AqOdlBN7XJgaZ3PWvix3M4fV56uGzgjFtOTcWH9UfXPmGGKkqpwAfBEK1YK3lrW8dYWcnJcTH1juKCRsvbkWaxt1bzdTdkzH6LT3Bjr9S1imF4GpzXDecPve7eGmqxKjtq3jOupOrTb80BLo4AYBjrn1zdIWpEm0sBSz0acWlfhDd7+6eCaq5rSLAbWRHmBu+4shefh9oSyh/tLfGW68ILCNtpJWYKiKAWfFP5u1UqJyOLqzF0L9J9+fo5 mkwiek@mirantis.com
+ mattymo:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA0IKYIbf05K67En++os8mfi2XYTCHp5ex+KBy4Y7NqAXC3J+hnqgcMry9sHtqVJ+O6do7bCRY7sjgnWosm6TxEupxMCs+euViT3VFvQlszAvj4v/xrAu0IwUUiqA0Pn9TKCJrHtYKYixkGfNw8IdxShH2FRTh52ufBqlLP5qRhdMP/nOohbNwtk0FAX49UB4AXzcLLkHu+P3gjTkR345CH+iciBGL88rp8qpEEA6QdtEjcgk1tGY3uktJ1tTWBv4ozth6EF9A+kG4yd1Fhwv2JVPRNkcL/xKR7f4i67A9KyyNoFLv4rHfXXPOjyproNpz5CZ06V7lJ4jgU/AbyHhLgw== mmosesohn@mattymo1
+ slagun:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCfQtpitSDDfwP1TruBs7Nlim1B2PC8NKu1lOifZGOgGaL4G6CTXJunSoU48ovg0AOks6OPb7DSU9ocLTj6q0qNuPvy4yrsKWS+ZsrywLW5qp3OGfE7wmAWj5AGxNUiUaLAFKhriVV541v57OVw322dDuxQ3YE0P5dkKKBc9Xy3Su7PoDkR029fbQFvSlIsUtrICNGKvMtrTIm8V0EQHZnV7Y44+MMJMRxCMrulHJFmtaKE5uPaRz+eVVsbEOl1jfUA/BQ1WyU52Ol3gvm34kwBStQcnqhKC2CP/5ILVhf+Omylw+mcs58vKbc0Tw6dwFEDaTQlkYHLFZij+Y24HGyr slagun@MacLagun2.local
+ psiwczak:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDFSHwjVOBC3nVVytH3DAaWEcfrca/cnurIn9K2elf8wn2PSet7q1OddfVTAtYdiG8pai9BX3uHswEu+TinAfgPoEnvKR4wSgk4hVf/W9eCf7xOn1X0fdSnfogQEjdP54Qk+mOmrh1vChcOL/NdBNNxJC6LGHRslVfcGu5ULaasT7EGzItMjUl8hKbbsM8tFX1IW7uRm3fZu4/HiMMaMnm+cPwH9LUB+cOaLEain5WNo0j0OKtpF6Kp53fpqCS6v4z/+wMgx0V2BMMrSla6cq4mL7iLvtufkO467j2ksa9sG8/ADD6Wh89hxkKGqF3yDm+olywNEo+WwTRfZf6Py5Uv
diff --git a/openssh/server/team/l1_support.yml b/openssh/server/team/l1_support.yml
index f25149a..266bd15 100644
--- a/openssh/server/team/l1_support.yml
+++ b/openssh/server/team/l1_support.yml
@@ -38,11 +38,19 @@
L1_SUPPORT_SALT_TRUSTED: ${_param:sudo_salt_trusted}
L1_SUPPORT_RESTRICTED_SHELLS: ${_param:sudo_shells}
L1_SUPPORT_RESTRICTED: ${_param:sudo_restricted_su}
+ L1_SUPPORT_NETWORKING: ${_param:sudo_networking}
+ L1_SUPPORT_CONTRAIL: ${_param:sudo_contrail_utilities}
+ L1_SUPPORT_STORAGE: ${_param:sudo_storage_utilities}
+ L1_SUPPORT_OPENSTACK_CLIENTS: ${_param:sudo_openstack_clients}
groups:
support:
commands:
- L1_SUPPORT_SALT
- L1_SUPPORT_COREUTILS
- L1_SUPPORT_RABBITMQ
+ - L1_SUPPORT_NETWORKING
+ - L1_SUPPORT_CONTRAIL
+ - L1_SUPPORT_STORAGE
+ - L1_SUPPORT_OPENSTACK_CLIENTS
- '!L1_SUPPORT_RESTRICTED_SHELLS'
- '!L1_SUPPORT_RESTRICTED'
diff --git a/openssh/server/team/stacklight.yml b/openssh/server/team/stacklight.yml
index 118a16e..6d55bee 100644
--- a/openssh/server/team/stacklight.yml
+++ b/openssh/server/team/stacklight.yml
@@ -65,6 +65,34 @@
full_name: Martin Polreich
home: /home/mpolreich
email: mpolreich@mirantis.com
+ ityaptin:
+ enabled: true
+ name: ityaptin
+ sudo: true
+ full_name: Ilya Tyaptin
+ home: /home/ityaptin
+ email: ityaptin@mirantis.com
+ isvetlov:
+ enabled: true
+ name: isvetlov
+ sudo: true
+ full_name: Ildar Svetlov
+ home: /home/isvetlov
+ email: isvetlov@mirantis.com
+ akholkin:
+ enabled: true
+ name: akholkin
+ sudo: true
+ full_name: Aleksandr Kholkin
+ home: /home/akholkin
+ email: akholkin@mirantis.com
+ kszukielojc:
+ enabled: true
+ name: kszukielojc
+ sudo: true
+ full_name: Krzysztof Szukiełojć
+ home: /home/kszukielojc
+ email: kszukielojc@mirantis.com
openssh:
client:
enabled: true
@@ -116,6 +144,26 @@
public_keys:
- ${public_keys:mpolreich}
user: ${linux:system:user:mpolreich}
+ ityaptin:
+ enable: true
+ public_keys:
+ - ${public_keys:ityaptin}
+ user: ${linux:system:user:ityaptin}
+ isvetlov:
+ enable: true
+ public_keys:
+ - ${public_keys:isvetlov}
+ user: ${linux:system:user:isvetlov}
+ akholkin:
+ enable: true
+ public_keys:
+ - ${public_keys:akholkin}
+ user: ${linux:system:user:akholkin}
+ kszukielojc:
+ enable: true
+ public_keys:
+ - ${public_keys:kszukielojc}
+ user: ${linux:system:user:kszukielojc}
public_keys:
newt:
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC3odU+3V2uDA2ptAFL9hrJRPNEEdAyztWOZFQ5Oyd9oerTGOU3p4xmrgWWjfKFKbYGhiiIUcYAol5PkTfKukGEkkjCHYA1t023soCaaAj85wCZCnw2zQNAziwxTYmAzTqgxiSvtZNMMrtJvFHRIRDzJ3M1lV0prWNWkMM1/3FAd4W49y6VT3fkMCo8uqG7CfGdgR2DgBCxf9KaNPfW5eDEPOgmE5lK8tVSEI6T+Cg7hbcTf4lFYnlFBnlQgp/0JstsM4Vbwb4B34LOpOsf2S8rrWk2xQMjwaMHXkc2s/E8iW3F5nVFuyEXYISFQIiAHw8dzC6CHgLcyHUVWwznKawZ newt@newt-dev1
@@ -135,3 +183,11 @@
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCrCyaZjs8hiwx38LfpeQ2z9n9ptwQ7gFrhq2z5sK9q/LQMCubbnp5xhyF0SMY1jmQUewBOKXhnq3QSX+DmtNsnhitnZBw2BE5PBXllCBWMMiWULfAYvB0of728Q3EEjrtyfHkt7o2E+CvreVJcVI4kBwjKh5WpVBZ8mmkW/sexLGMuYu0bUWjCddu6ZlhUa+y14VZKOKp44auemza1VL/UzqOVZkBAfR2gPV2pBG3Im+SlnOlDRxKPEXQbsn3u/sNeZq0wSY++khY86AU7jAKfL2NiNsoA7CyB0jTEKwYO3vOWOhECifZuHwY/TNWyRFWM2ImW3mT9aO7nE4w4jXXJ vgusev@vgusev
mpolreich:
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC0N+ds8BGTR+ZQo9NSRGRbjv3T8AbPmtSw2nClXxetRdmHpM/mU7/5iD7qfkCXtNptKeCG/Qk44wlijnAtjztJK1qfvyphHe3etZxLnqhYMm73Yy++yKPE/ywFPFb+7kd0BDy2iZqohZpX3gUi5iDnvXUInHNqqtTv3xFe2kmn3lq5bSRuUMtr61nZ7z/fkX8kNfoGxKrm7bhSo5zq4sjTrj3lk1LKZc1HYji3RwrzBM0z4eyed1BaJyDNtG+eFN4nOnvVn59452AR8SmKJXRErk37rEoQn80xszypzybooFPN5dpdB6u9b4xquFCOD83usb8kEjKY9VIYGuXxEEts1KIF20J+xd8UnZU8d4JL50G8JY8zdNgurR3ZyMD2okuord4cpHF8SVecsAyRV6nuhDxVtF2Xn/RriY02jrLoRPsS+3nIrKt9H8vpQZMYJ+jgEpekZhhVfz4AP3pATzOrWENzNXj5G1bLJs1C9aTtwE27EnKW73XekX/GLsehCwsQ21JvDX8PMxJwLVfqvkRlrc5GILEIVgjZ82Cj6Eens1QobymRAEWuEpZxkPx6u0kGO62ri8zFx8+NYwYDz3mwhHDRT34T/Rvzy/9V9xVjkUQOj9cZ3eYBnC1MffJjx8heHDmSQmUd+99zKa9Hzr74z3AvR3AIgFqmu7kx5fIMew== ubuntu@thinkpad-x1
+ ityaptin:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDDLTkl8X9HIJxruAHkmGNQTovy7DCr256pH68xh2DHWinPKUW4ccsCBbqJeF56aEA41OKJlEVOYzD3gQJkDAAbDdy9BlI14oEtzmk3yAtgBwwUzUNMq7oCPrbt4xNg5U26JSb26j69r5vQ4vXA2hf0bCQ68vb3VDqMMaMbneI3rP3qSaq7dauR8sEjx1XAtNen5SygLE46k0pCObJmahGkg39HisoJ/gkjoi/xvQn1JzrYSxWObrBfUbtQN3JbCRozSp/0Env0hMbXj7cS3J/uY68zAWc7GAEFKSmPAol4d/93sRknFUSQKqZjsDaLfiGLte/7oFwLquaz6AJw+mwP ityaptin@ityaptin.local
+ isvetlov:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDflz5rJEC6+yKOteNG2uzObQCtV/c/Rnu9Aku1AJWLMMlouID7RaCUrP642xH2z11kZE+sZk/4c3515M5SPQFVKhjGceftbnI9I7DI1KF4OJwMCSfmACDHM3bJcld8eiKTRBxtk32i6YPdNi6m9unHvPultTIBJCxRP/KVyxOOnQparsSSBhBj2t3Kis+3dnDZNBUJJDWyo69FD0RvAOaWZdogwes0nCl+3JJSNWsATqyS+bi4ojqJimHFKiW2sz8qMX3cMzu9uTx1OWvJWJRgOV5/tPsuuNVt75zPAOsfJnIqQJtpkdZAb4SYK+0jLFcLvB6GBgXY3aHk9nHu9MHr isvetlov@ubuntu
+ akholkin:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDjpy9RI6iEDH/04eOOwreDa+R32USZiWxyFiKHa8zoDAlOfwaZVg6mZWepOxzwxCJPYusPGXCwQ6Zw9tHxVWOCgtzzPpsCCfhUU4v+99Wh08//W8d/s/WFka+5vqyskAO5Z8Ekk+kQU+jpUBG8/gMxAPBjj0fFc5BNeqDY9r9nmMNK6N2RVjvA6wZ8G5hLGxL9bn5Prhf/+avui1NAfy6gsT/mRt1W+eHWTvpijyNGm+m83jU34dQO6gE48n6WdSylLh/fY/p31rzAURaq1V/AZhdbSuZ8aJYDnfHevpK5+hMjoOop3v3hb7WHEmybGujQfW5HVaaWmG7SFlHeKGE/gZ2P9T+bQ+SgO+PmEAw4LayiBkzTPAHdZ2UGZe+3BI5gdM/ayovK2WVO1jS5FNlNGIvEQW+ws9V+ph+S1jL4jobDJEjs358iXrAYpf4JL+LvxFHiuj6EL51tbo8EU22z5mmgRQQ5eFrDzBuVLhcim651A3a5iSlmCeAQ5rTmHX/Op/PbK+3vAtI8vnlK4AhycLvWQ3kK2DRx+Uhzrlk5v6E14SopAhvpGOHqrLgmoHwHp1xt/9M1JgxkOUK5gccFKTQduxLHoTNBaNcP60IOG/MjqUPcOXSBcAN4Y1RDBg+pwXe4PFgOzwKdFoYeuhvtm8y185S0IvvfCHLCD8pNfQ== akholkin@mirantis.com
+ kszukielojc:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCiUm3Z3W3t4v7oe143rCNM/hbg9NU2bYUmQXek8DJPA4c3Xm6u0q+RL9kEXME+3zcj2HKqMxKsCBLXXdFIsgdUbOBV8AYiuySE220FTnEKRmdxsEnfSaBhXxFyIBNoew4gI7URSqAOclt5WuPJTqRM7K4VhbtzwEgeWVd/NUhxMCCtgkdJCYTSmycxmxs7R6V8vMr9Mb8DOqKkSpOu6f3JkR0lwnFN9zGGC4V/60FlJSDzvvI5Tn40ANPHITivs8xME0znsx7t0bF4vQUimvhYn1mumQCY1NwIaxJ/QqasD6Ag9Sn5dxSg9b3SeLn0JM6qKoIqZtfPYVuCp9gmlH0fyzJUdqu4lKKb2wBw/H5lK6icH4+owMawkav55rbvinHQOqmVCr/Bg/rTfc35ycVqjTXH/5J7OhzioKjU0yFkXFS2X/s8gpyxp3beJ+Ea4faoX+kcs0gyhMYzqC7/DOamrau7aVyEAjKYJNy60xRfjCQzjqiurbxVFh+3Fi64UUn7Bl1QV8VEiU3ztJ118psEI7zA+x2VROLZ1jrtaBYZTYB118JZicaFDycEVgg3+BHX3pFH/QSOjLsA4SK+HJjSz8CFKvWwaO6QJv1/3KHpcGEacMvmqKxwpQK0E4WpjWhglZRMPObQ0dBaGClOujgoOIHXtFGILEpWy2SdzDQkHw== kszukielojc@w541
diff --git a/postgresql/client/init.yml b/postgresql/client/init.yml
new file mode 100644
index 0000000..95fdcdb
--- /dev/null
+++ b/postgresql/client/init.yml
@@ -0,0 +1,15 @@
+parameters:
+ _param:
+ postgresql_client_user: none
+ postgresql_client_password: none
+ postgresql_client_host: ${_param:control_vip_address}
+ postgresql_client_port: 5432
+ postgresql:
+ client:
+ server:
+ server01:
+ admin:
+ host: ${_param:postgresql_client_host}
+ port: ${_param:postgresql_client_port}
+ user: ${_param:postgresql_client_user}
+ password: ${_param:postgresql_client_password}
diff --git a/postgresql/client/pushkin.yml b/postgresql/client/pushkin.yml
index 12b5906..c6ec567 100644
--- a/postgresql/client/pushkin.yml
+++ b/postgresql/client/pushkin.yml
@@ -1,27 +1,26 @@
+classes:
+ - system.postgresql.client
parameters:
_param:
pushkin_db_host: ${_param:haproxy_postgresql_bind_host}
- pushkin_db_port: ${_param:haproxy_postgresql_bind_port}
pushkin_db_user: pushkin
pushkin_db_user_password: pushkin
postgresql:
client:
server:
server01:
- admin:
- host: ${_param:pushkin_db_host}
- port: ${_param:pushkin_db_port}
- user: ${_param:postgresql_admin_user}
- password: ${_param:postgresql_admin_user_password}
database:
pushkin:
enabled: true
encoding: 'UTF8'
locale: 'en_US'
- template: 'hstore_enabled'
users:
- name: ${_param:pushkin_db_user}
password: ${_param:pushkin_db_user_password}
host: ${_param:pushkin_db_host}
createdb: true
rights: all privileges
+ extension:
+ hstore:
+ enabled: true
+
diff --git a/postgresql/client/rundeck.yml b/postgresql/client/rundeck.yml
new file mode 100644
index 0000000..0c1102d
--- /dev/null
+++ b/postgresql/client/rundeck.yml
@@ -0,0 +1,22 @@
+classes:
+ - system.postgresql.client
+parameters:
+ _param:
+ rundeck_db_host: ${_param:haproxy_postgresql_bind_host}
+ rundeck_db_user: rundeck
+ rundeck_db_user_password: password
+ postgresql:
+ client:
+ server:
+ server01:
+ database:
+ rundeck:
+ enabled: true
+ encoding: 'UTF8'
+ locale: 'en_US'
+ users:
+ - name: ${_param:rundeck_db_user}
+ password: ${_param:rundeck_db_user_password}
+ host: ${_param:rundeck_db_host}
+ createdb: true
+ rights: all privileges
diff --git a/postgresql/client/security_monkey.yml b/postgresql/client/security_monkey.yml
index 428753d..43e48d2 100644
--- a/postgresql/client/security_monkey.yml
+++ b/postgresql/client/security_monkey.yml
@@ -1,18 +1,14 @@
+classes:
+ - system.postgresql.client
parameters:
_param:
secmonkey_db_host: ${_param:haproxy_postgresql_bind_host}
- secmonkey_db_port: ${_param:haproxy_postgresql_bind_port}
secmonkey_db_user: secmonkey
secmonkey_db_user_password: secmonkey
postgresql:
client:
server:
server01:
- admin:
- host: ${_param:secmonkey_db_host}
- port: ${_param:secmonkey_db_port}
- user: ${_param:postgresql_admin_user}
- password: ${_param:postgresql_admin_user_password}
database:
secmonkey:
enabled: true
diff --git a/prometheus/alertmanager/init.yml b/prometheus/alertmanager/init.yml
new file mode 100644
index 0000000..b00a4b9
--- /dev/null
+++ b/prometheus/alertmanager/init.yml
@@ -0,0 +1,4 @@
+parameters:
+ _param:
+ prometheus_alertmanager_config_directory: /srv/alertmanager
+ prometheus_alertmanager_data_directory: /data
diff --git a/prometheus/server/alertmanager/dns.yml b/prometheus/server/alertmanager/dns.yml
new file mode 100644
index 0000000..99fd4db
--- /dev/null
+++ b/prometheus/server/alertmanager/dns.yml
@@ -0,0 +1,12 @@
+parameters:
+ prometheus:
+ server:
+ config:
+ alertmanager:
+ docker_swarm_alertmanager:
+ enabled: true
+ dns_sd_configs:
+ domain:
+ - tasks.monitoring_alertmanager
+ type: A
+ port: ${prometheus:alertmanager:bind:port}
diff --git a/prometheus/server/init.yml b/prometheus/server/init.yml
new file mode 100644
index 0000000..0ecea17
--- /dev/null
+++ b/prometheus/server/init.yml
@@ -0,0 +1,4 @@
+parameters:
+ _param:
+ prometheus_server_config_directory: /srv/prometheus
+ prometheus_server_data_directory: /data
diff --git a/prometheus/server/target/dns.yml b/prometheus/server/target/dns.yml
index fd56d1d..7bbf92e 100644
--- a/prometheus/server/target/dns.yml
+++ b/prometheus/server/target/dns.yml
@@ -9,9 +9,14 @@
domain:
- 'tasks.monitoring_pushgateway'
type: A
- port: 9091
+ port: ${prometheus:pushgateway:bind:port}
- name: 'prometheus'
domain:
- 'tasks.monitoring_server'
type: A
- port: 9090
+ port: ${prometheus:server:bind:port}
+ - name: 'alertmanager'
+ domain:
+ - 'tasks.monitoring_alertmanager'
+ type: A
+ port: ${prometheus:alertmanager:bind:port}
diff --git a/prometheus/server/target/etcd.yml b/prometheus/server/target/etcd.yml
index 4cd04bf..0ac3310 100644
--- a/prometheus/server/target/etcd.yml
+++ b/prometheus/server/target/etcd.yml
@@ -8,6 +8,6 @@
scheme: https
tls_config:
skip_verify: true
- ssl_dir: /opt/prometheus/config
+ ssl_dir: ${_param:prometheus_server_config_directory}
cert_name: prometheus-server.crt
key_name: prometheus-server.key
diff --git a/prometheus/server/target/kubernetes.yml b/prometheus/server/target/kubernetes.yml
index d7ba3d6..60ca1e0 100644
--- a/prometheus/server/target/kubernetes.yml
+++ b/prometheus/server/target/kubernetes.yml
@@ -5,6 +5,6 @@
kubernetes:
enabled: true
api_ip: ${_param:kubernetes_control_address}
- ssl_dir: /opt/prometheus/config
+ ssl_dir: ${_param:prometheus_server_config_directory}
cert_name: prometheus-server.crt
key_name: prometheus-server.key
diff --git a/reclass/storage/system/stacklightv2_server_cluster.yml b/reclass/storage/system/stacklightv2_server_cluster.yml
new file mode 100644
index 0000000..c72ac2c
--- /dev/null
+++ b/reclass/storage/system/stacklightv2_server_cluster.yml
@@ -0,0 +1,42 @@
+parameters:
+ _param:
+ stacklight_monitor_node01_hostname: mon01
+ stacklight_monitor_node02_hostname: mon02
+ stacklight_monitor_node03_hostname: mon03
+ reclass:
+ storage:
+ node:
+ stacklight_server_node01:
+ name: ${_param:stacklight_monitor_node01_hostname}
+ domain: ${_param:cluster_domain}
+ classes:
+ - system.docker.swarm.master
+ - cluster.${_param:cluster_name}.stacklight.server
+ - cluster.${_param:cluster_name}.stacklight.client
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: xenial
+ single_address: ${_param:stacklight_monitor_node01_address}
+ keepalived_vip_priority: 103
+ stacklight_server_node02:
+ name: ${_param:stacklight_monitor_node02_hostname}
+ domain: ${_param:cluster_domain}
+ classes:
+ - system.docker.swarm.manager
+ - cluster.${_param:cluster_name}.stacklight.server
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: xenial
+ single_address: ${_param:stacklight_monitor_node02_address}
+ keepalived_vip_priority: 102
+ stacklight_server_node03:
+ name: ${_param:stacklight_monitor_node03_hostname}
+ domain: ${_param:cluster_domain}
+ classes:
+ - system.docker.swarm.manager
+ - cluster.${_param:cluster_name}.stacklight.server
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: xenial
+ single_address: ${_param:stacklight_monitor_node03_address}
+ keepalived_vip_priority: 101
diff --git a/salt/control/cluster/cicd_control_cluster.yml b/salt/control/cluster/cicd_control_cluster.yml
index eb6a8b1..82366a8 100644
--- a/salt/control/cluster/cicd_control_cluster.yml
+++ b/salt/control/cluster/cicd_control_cluster.yml
@@ -13,14 +13,17 @@
engine: virt
node:
cid01:
- provider: kvm01.${_param:cluster_domain}
+ name: ${_param:cicd_control_node01_hostname}
+ provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
size: cicd.control
cid02:
- provider: kvm02.${_param:cluster_domain}
+ name: ${_param:cicd_control_node02_hostname}
+ provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
size: cicd.control
cid03:
- provider: kvm03.${_param:cluster_domain}
+ name: ${_param:cicd_control_node03_hostname}
+ provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
size: cicd.control
diff --git a/salt/control/cluster/infra_idm_cluster.yml b/salt/control/cluster/infra_idm_cluster.yml
index 98d580b..3db87a2 100644
--- a/salt/control/cluster/infra_idm_cluster.yml
+++ b/salt/control/cluster/infra_idm_cluster.yml
@@ -13,14 +13,14 @@
engine: virt
node:
idm01:
- provider: kvm01.${_param:cluster_domain}
+ provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_centos7_image}
size: infra.idm
idm02:
- provider: kvm02.${_param:cluster_domain}
+ provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_centos7_image}
size: infra.idm
idm03:
- provider: kvm03.${_param:cluster_domain}
+ provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_centos7_image}
size: infra.idm
diff --git a/salt/control/cluster/infra_integration_single.yml b/salt/control/cluster/infra_integration_single.yml
index d1ef4e0..66de895 100644
--- a/salt/control/cluster/infra_integration_single.yml
+++ b/salt/control/cluster/infra_integration_single.yml
@@ -13,6 +13,7 @@
engine: virt
node:
cid01:
- provider: kvm02.${_param:cluster_domain}
+ name: ${_param:cicd_control_node01_hostname}
+ provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
- size: infra.integration
\ No newline at end of file
+ size: infra.integration
diff --git a/salt/control/cluster/infra_proxy_cluster.yml b/salt/control/cluster/infra_proxy_cluster.yml
index c82a947..f3453ff 100644
--- a/salt/control/cluster/infra_proxy_cluster.yml
+++ b/salt/control/cluster/infra_proxy_cluster.yml
@@ -13,10 +13,12 @@
engine: virt
node:
prx01:
- provider: kvm01.${_param:cluster_domain}
+ name: ${_param:openstack_proxy_node01_hostname}
+ provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
size: infra.proxy
prx02:
- provider: kvm02.${_param:cluster_domain}
+ name: ${_param:openstack_proxy_node01_hostname}
+ provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
size: infra.proxy
diff --git a/salt/control/cluster/infra_proxy_single.yml b/salt/control/cluster/infra_proxy_single.yml
index 0cfb741..7d092fa 100644
--- a/salt/control/cluster/infra_proxy_single.yml
+++ b/salt/control/cluster/infra_proxy_single.yml
@@ -13,6 +13,7 @@
engine: virt
node:
prx01:
- provider: kvm01.${_param:cluster_domain}
+ name: ${_param:openstack_proxy_node01_hostname}
+ provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
size: infra.proxy
diff --git a/salt/control/cluster/infra_storage_single.yml b/salt/control/cluster/infra_storage_single.yml
index 5d21054..ca8ce26 100644
--- a/salt/control/cluster/infra_storage_single.yml
+++ b/salt/control/cluster/infra_storage_single.yml
@@ -13,6 +13,6 @@
engine: virt
node:
sto01:
- provider: kvm02.${_param:cluster_domain}
+ provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
- size: infra.storage
\ No newline at end of file
+ size: infra.storage
diff --git a/salt/control/cluster/infra_version_control_single.yml b/salt/control/cluster/infra_version_control_single.yml
index dd40496..10e01ab 100644
--- a/salt/control/cluster/infra_version_control_single.yml
+++ b/salt/control/cluster/infra_version_control_single.yml
@@ -13,6 +13,6 @@
engine: virt
node:
git01:
- provider: kvm02.${_param:cluster_domain}
+ provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
- size: infra.version_control
\ No newline at end of file
+ size: infra.version_control
diff --git a/salt/control/cluster/opencontrail_analytics_cluster.yml b/salt/control/cluster/opencontrail_analytics_cluster.yml
index 8fbe3ee..37fb60a 100644
--- a/salt/control/cluster/opencontrail_analytics_cluster.yml
+++ b/salt/control/cluster/opencontrail_analytics_cluster.yml
@@ -13,14 +13,17 @@
engine: virt
node:
nal01:
- provider: kvm01.${_param:cluster_domain}
+ name: ${_param:opencontrail_analytics_node01_hostname}
+ provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
size: opencontrail.analytics
nal02:
- provider: kvm02.${_param:cluster_domain}
+ name: ${_param:opencontrail_analytics_node02_hostname}
+ provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
size: opencontrail.analytics
nal03:
- provider: kvm03.${_param:cluster_domain}
+ name: ${_param:opencontrail_analytics_node03_hostname}
+ provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
size: opencontrail.analytics
diff --git a/salt/control/cluster/opencontrail_control_cluster.yml b/salt/control/cluster/opencontrail_control_cluster.yml
index 2548fbd..10ddf5e 100644
--- a/salt/control/cluster/opencontrail_control_cluster.yml
+++ b/salt/control/cluster/opencontrail_control_cluster.yml
@@ -13,14 +13,17 @@
engine: virt
node:
ntw01:
- provider: kvm01.${_param:cluster_domain}
+ name: ${_param:opencontrail_control_node01_hostname}
+ provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
size: opencontrail.control
ntw02:
- provider: kvm02.${_param:cluster_domain}
+ name: ${_param:opencontrail_control_node02_hostname}
+ provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
size: opencontrail.control
ntw03:
- provider: kvm03.${_param:cluster_domain}
+ name: ${_param:opencontrail_control_node03_hostname}
+ provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
size: opencontrail.control
diff --git a/salt/control/cluster/openstack_benchmark_single.yml b/salt/control/cluster/openstack_benchmark_single.yml
index 48971ef..0677320 100644
--- a/salt/control/cluster/openstack_benchmark_single.yml
+++ b/salt/control/cluster/openstack_benchmark_single.yml
@@ -13,6 +13,6 @@
engine: virt
node:
bmk01:
- provider: kvm03.${_param:cluster_domain}
+ provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
- size: openstack.benchmark
\ No newline at end of file
+ size: openstack.benchmark
diff --git a/salt/control/cluster/openstack_billing_single.yml b/salt/control/cluster/openstack_billing_single.yml
index 1fb7a9b..f8dacf7 100644
--- a/salt/control/cluster/openstack_billing_single.yml
+++ b/salt/control/cluster/openstack_billing_single.yml
@@ -13,6 +13,6 @@
engine: virt
node:
bil01:
- provider: kvm03.${_param:cluster_domain}
+ provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
- size: openstack.control
\ No newline at end of file
+ size: openstack.control
diff --git a/salt/control/cluster/openstack_control_cluster.yml b/salt/control/cluster/openstack_control_cluster.yml
index 6ee34a2..f28a7d0 100644
--- a/salt/control/cluster/openstack_control_cluster.yml
+++ b/salt/control/cluster/openstack_control_cluster.yml
@@ -13,14 +13,17 @@
engine: virt
node:
ctl01:
- provider: kvm01.${_param:cluster_domain}
+ name: ${_param:openstack_control_node01_hostname}
+ provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
size: openstack.control
ctl02:
- provider: kvm02.${_param:cluster_domain}
+ name: ${_param:openstack_control_node02_hostname}
+ provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
size: openstack.control
ctl03:
- provider: kvm03.${_param:cluster_domain}
+ name: ${_param:openstack_control_node03_hostname}
+ provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
size: openstack.control
diff --git a/salt/control/cluster/openstack_database_cluster.yml b/salt/control/cluster/openstack_database_cluster.yml
index 2513eb4..2a00308 100644
--- a/salt/control/cluster/openstack_database_cluster.yml
+++ b/salt/control/cluster/openstack_database_cluster.yml
@@ -13,14 +13,17 @@
engine: virt
node:
dbs01:
- provider: kvm01.${_param:cluster_domain}
+ name: ${_param:openstack_database_node01_hostname}
+ provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
size: openstack.database
dbs02:
- provider: kvm02.${_param:cluster_domain}
+ name: ${_param:openstack_database_node02_hostname}
+ provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
size: openstack.database
dbs03:
- provider: kvm03.${_param:cluster_domain}
+ name: ${_param:openstack_database_node03_hostname}
+ provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
size: openstack.database
diff --git a/salt/control/cluster/openstack_dns_cluster.yml b/salt/control/cluster/openstack_dns_cluster.yml
index 4ca0e00..71af5c1 100644
--- a/salt/control/cluster/openstack_dns_cluster.yml
+++ b/salt/control/cluster/openstack_dns_cluster.yml
@@ -13,10 +13,10 @@
engine: virt
node:
dns01:
- provider: kvm01.${_param:cluster_domain}
+ provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
size: openstack.dns
dns02:
- provider: kvm02.${_param:cluster_domain}
+ provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
size: openstack.dns
diff --git a/salt/control/cluster/openstack_gateway_single.yml b/salt/control/cluster/openstack_gateway_single.yml
index 1b30b6c..e10d1b2 100644
--- a/salt/control/cluster/openstack_gateway_single.yml
+++ b/salt/control/cluster/openstack_gateway_single.yml
@@ -13,6 +13,6 @@
engine: virt
node:
gtw01:
- provider: kvm01.${_param:cluster_domain}
+ provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
size: openstack.gateway
diff --git a/salt/control/cluster/openstack_message_queue_cluster.yml b/salt/control/cluster/openstack_message_queue_cluster.yml
index 06252ac..cab5adb 100644
--- a/salt/control/cluster/openstack_message_queue_cluster.yml
+++ b/salt/control/cluster/openstack_message_queue_cluster.yml
@@ -13,14 +13,17 @@
engine: virt
node:
msg01:
- provider: kvm01.${_param:cluster_domain}
+ name: ${_param:openstack_message_queue_node01_hostname}
+ provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
size: openstack.message_queue
msg02:
- provider: kvm02.${_param:cluster_domain}
+ name: ${_param:openstack_message_queue_node02_hostname}
+ provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
size: openstack.message_queue
msg03:
- provider: kvm03.${_param:cluster_domain}
+ name: ${_param:openstack_message_queue_node03_hostname}
+ provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
size: openstack.message_queue
diff --git a/salt/control/cluster/openstack_proxy_cluster.yml b/salt/control/cluster/openstack_proxy_cluster.yml
index 0f461c7..628dcd8 100644
--- a/salt/control/cluster/openstack_proxy_cluster.yml
+++ b/salt/control/cluster/openstack_proxy_cluster.yml
@@ -13,11 +13,13 @@
engine: virt
node:
prx01:
- provider: kvm01.${_param:cluster_domain}
+ name: ${_param:openstack_proxy_node01_hostname}
+ provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
size: openstack.proxy
prx02:
- provider: kvm02.${_param:cluster_domain}
+ name: ${_param:openstack_proxy_node02_hostname}
+ provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
size: openstack.proxy
diff --git a/salt/control/cluster/openstack_proxy_single.yml b/salt/control/cluster/openstack_proxy_single.yml
index a3650be..8ad0baf 100644
--- a/salt/control/cluster/openstack_proxy_single.yml
+++ b/salt/control/cluster/openstack_proxy_single.yml
@@ -13,6 +13,7 @@
engine: virt
node:
prx01:
- provider: kvm01.${_param:cluster_domain}
+ name: ${_param:openstack_proxy_node01_hostname}
+ provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
size: openstack.proxy
diff --git a/salt/control/cluster/openstack_telemetry_cluster.yml b/salt/control/cluster/openstack_telemetry_cluster.yml
index 463a2ca..633b984 100644
--- a/salt/control/cluster/openstack_telemetry_cluster.yml
+++ b/salt/control/cluster/openstack_telemetry_cluster.yml
@@ -13,14 +13,17 @@
engine: virt
node:
mdb01:
- provider: kvm01.${_param:cluster_domain}
+ name: ${_param:openstack_telemetry_node01_hostname}
+ provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
size: openstack.telemetry
mdb02:
- provider: kvm02.${_param:cluster_domain}
+ name: ${_param:openstack_telemetry_node02_hostname}
+ provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
size: openstack.telemetry
mdb03:
- provider: kvm03.${_param:cluster_domain}
+ name: ${_param:openstack_telemetry_node03_hostname}
+ provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
size: openstack.telemetry
diff --git a/salt/control/cluster/openstack_upgrade_single.yml b/salt/control/cluster/openstack_upgrade_single.yml
index fd6e4f0..3189f3e 100644
--- a/salt/control/cluster/openstack_upgrade_single.yml
+++ b/salt/control/cluster/openstack_upgrade_single.yml
@@ -13,6 +13,6 @@
engine: virt
node:
upg01:
- provider: kvm02.${_param:cluster_domain}
+ provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
- size: openstack.upgrade
\ No newline at end of file
+ size: openstack.upgrade
diff --git a/salt/control/cluster/rsyslog_single.yml b/salt/control/cluster/rsyslog_single.yml
index 4e53747..76cc77f 100644
--- a/salt/control/cluster/rsyslog_single.yml
+++ b/salt/control/cluster/rsyslog_single.yml
@@ -13,6 +13,6 @@
engine: virt
node:
rsl01:
- provider: kvm02.${_param:cluster_domain}
+ provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
size: infra.rsyslog
diff --git a/salt/control/cluster/stacklight_log_cluster.yml b/salt/control/cluster/stacklight_log_cluster.yml
index acac87f..330e301 100644
--- a/salt/control/cluster/stacklight_log_cluster.yml
+++ b/salt/control/cluster/stacklight_log_cluster.yml
@@ -13,14 +13,17 @@
engine: virt
node:
log01:
- provider: kvm01.${_param:cluster_domain}
+ name: ${_param:stacklight_log_node01_hostname}
+ provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
size: stacklight.log
log02:
- provider: kvm02.${_param:cluster_domain}
+ name: ${_param:stacklight_log_node02_hostname}
+ provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
size: stacklight.log
log03:
- provider: kvm03.${_param:cluster_domain}
+ name: ${_param:stacklight_log_node03_hostname}
+ provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
size: stacklight.log
diff --git a/salt/control/cluster/stacklight_server_cluster.yml b/salt/control/cluster/stacklight_server_cluster.yml
index 3cf8b08..0055d20 100644
--- a/salt/control/cluster/stacklight_server_cluster.yml
+++ b/salt/control/cluster/stacklight_server_cluster.yml
@@ -13,14 +13,17 @@
engine: virt
node:
mon01:
- provider: kvm01.${_param:cluster_domain}
+ name: ${_param:stacklight_monitor_node01_hostname}
+ provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
size: stacklight.server
mon02:
- provider: kvm02.${_param:cluster_domain}
+ name: ${_param:stacklight_monitor_node02_hostname}
+ provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
size: stacklight.server
mon03:
- provider: kvm03.${_param:cluster_domain}
+ name: ${_param:stacklight_monitor_node03_hostname}
+ provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
size: stacklight.server
diff --git a/salt/control/cluster/stacklight_telemetry_cluster.yml b/salt/control/cluster/stacklight_telemetry_cluster.yml
index 63c6029..bfd14b0 100644
--- a/salt/control/cluster/stacklight_telemetry_cluster.yml
+++ b/salt/control/cluster/stacklight_telemetry_cluster.yml
@@ -13,14 +13,17 @@
engine: virt
node:
mtr01:
- provider: kvm01.${_param:cluster_domain}
+ name: ${_param:stacklight_telemetry_node01_hostname}
+ provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
size: stacklight.telemetry
mtr02:
- provider: kvm02.${_param:cluster_domain}
+ name: ${_param:stacklight_telemetry_node02_hostname}
+ provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
size: stacklight.telemetry
mtr03:
- provider: kvm03.${_param:cluster_domain}
+ name: ${_param:stacklight_telemetry_node03_hostname}
+ provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
size: stacklight.telemetry
diff --git a/salt/control/cluster/stacklight_telemetry_single.yml b/salt/control/cluster/stacklight_telemetry_single.yml
index 4ab5ead..81fd6fb 100644
--- a/salt/control/cluster/stacklight_telemetry_single.yml
+++ b/salt/control/cluster/stacklight_telemetry_single.yml
@@ -13,6 +13,7 @@
engine: virt
node:
mtr01:
- provider: kvm01.${_param:cluster_domain}
+ name: ${_param:stacklight_telemetry_node01_hostname}
+ provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
- size: stacklight.telemetry
\ No newline at end of file
+ size: stacklight.telemetry
diff --git a/salt/master/formula/pkg/foundation.yml b/salt/master/formula/pkg/foundation.yml
index ebb2b00..3eed5e9 100644
--- a/salt/master/formula/pkg/foundation.yml
+++ b/salt/master/formula/pkg/foundation.yml
@@ -28,3 +28,6 @@
openldap:
source: pkg
name: salt-formula-openldap
+ lldp:
+ source: pkg
+ name: salt-formula-lldp
diff --git a/salt/minion/cert/prometheus_server.yml b/salt/minion/cert/prometheus_server.yml
index 23c4abf..30a0711 100644
--- a/salt/minion/cert/prometheus_server.yml
+++ b/salt/minion/cert/prometheus_server.yml
@@ -5,8 +5,8 @@
prometheus_server:
host: ${_param:salt_minion_ca_host}
authority: ${_param:salt_minion_ca_authority}
- key_file: /srv/volumes/prometheus/prometheus-server.key
- cert_file: /srv/volumes/prometheus/prometheus-server.crt
+ key_file: ${prometheus:server:dir:config}/prometheus-server.key
+ cert_file: ${prometheus:server:dir:config}/prometheus-server.crt
common_name: prometheus-server
signing_policy: cert_client
alternative_names: IP:${_param:cluster_vip_address},IP:${_param:cluster_node01_address},IP:${_param:cluster_node02_address},IP:${_param:cluster_node03_address},IP:${_param:kubernetes_internal_api_address}
diff --git a/swift/proxy/cluster.yml b/swift/proxy/cluster.yml
new file mode 100644
index 0000000..994eb1e
--- /dev/null
+++ b/swift/proxy/cluster.yml
@@ -0,0 +1,52 @@
+classes:
+- service.memcached.server.single
+- service.keepalived.cluster.single
+- service.haproxy.proxy.single
+- service.swift.proxy.cluster
+parameters:
+ _param:
+ cluster_node01_address: ${_param:swift_proxy_node01_address}
+ cluster_node02_address: ${_param:swift_proxy_node02_address}
+ keepalived:
+ cluster:
+ instance:
+ VIP:
+ virtual_router_id: ${_param:keepalived_vip_virtual_router_id}
+ haproxy:
+ proxy:
+ listen:
+ swift_admin:
+ type: stats
+ check: false
+ binds:
+ - address: ${_param:swift_proxy_vip_address}
+ port: 8080
+ swift_proxy_cluster:
+ type: general-service
+ check: false
+ binds:
+ - address: ${_param:swift_proxy_vip_address}
+ port: 8080
+ servers:
+ - name: ${_param:swift_proxy_node01_hostname}
+ host: ${_param:swift_proxy_node01_address}
+ port: 8080
+ params: check
+ - name: ${_param:swift_proxy_node02_hostname}
+ host: ${_param:swift_proxy_node02_address}
+ port: 8080
+ params: check
+ swift:
+ proxy:
+ bind:
+ address: ${_param:single_address}
+ identity:
+ host: ${_param:control_vip_address}
+ common:
+ cache:
+ engine: memcached
+ members:
+ - host: ${_param:swift_proxy_node01_address}
+ port: 11211
+ - host: ${_param:swift_proxy_node02_address}
+ port: 11211
diff --git a/swift/rings/default.yml b/swift/rings/default.yml
new file mode 100644
index 0000000..c0e06d6
--- /dev/null
+++ b/swift/rings/default.yml
@@ -0,0 +1,16 @@
+parameters:
+ swift:
+ ring_builder:
+ enabled: true
+ rings:
+ - partition_power: 9
+ replicas: 3
+ hours: 1
+ region: 1
+ devices:
+ - address: ${_param:swift_storage_node01_address}
+ device: ${_param:swift_device0}
+ - address: ${_param:swift_storage_node02_address}
+ device: ${_param:swift_device0}
+ - address: ${_param:swift_storage_node03_address}
+ device: ${_param:swift_device0}
\ No newline at end of file
diff --git a/swift/rings/init.yml b/swift/rings/init.yml
new file mode 100644
index 0000000..f157aff
--- /dev/null
+++ b/swift/rings/init.yml
@@ -0,0 +1,5 @@
+parameters:
+ swift:
+ ring_builder:
+ enabled: true
+ rings: []
diff --git a/swift/storage/cluster.yml b/swift/storage/cluster.yml
new file mode 100644
index 0000000..9f0fa8f
--- /dev/null
+++ b/swift/storage/cluster.yml
@@ -0,0 +1,38 @@
+classes:
+- service.swift.storage.cluster
+- service.rsync.server.single
+parameters:
+ rsync:
+ server:
+ module:
+ account:
+ max_connections: 100
+ path: /srv/node/
+ read_only: False
+ uid: swift
+ gid: swift
+ #write_only: False
+ #list: yes
+ #incoming_chmod = 0644
+ #outgoing_chmod = 0644
+ container:
+ max_connections: 100
+ path: /srv/node/
+ read_only: False
+ uid: swift
+ gid: swift
+ object:
+ max_connections: 100
+ path: /srv/node/
+ read_only: False
+ uid: swift
+ gid: swift
+ swift:
+ common:
+ cache:
+ engine: memcached
+ members:
+ - host: ${_param:swift_proxy_node01_address}
+ port: 11211
+ - host: ${_param:swift_proxy_node02_address}
+ port: 11211