Merge pull request #230 from Mirantis/pr/extra_is_not_default_repo
Remove extra component repo to have default flag true
diff --git a/README.rst b/README.rst
index 539b6d2..1f1c8f4 100644
--- a/README.rst
+++ b/README.rst
@@ -78,3 +78,19 @@
# Enabling 7 VFs on eth4 PF
echo 7 > /sys/class/net/eth4/device/sriov_numvfs; sleep 2; ip link set eth4 up
exit 0
+
+
+Nagios Monitoring
+=================
+
+Configure Hosts dynamically
+---------------------------
+
+The nagios formula looks up grains.items throught Salt mines to discover hosts.
+There are two different parameters that tell the nagios formula how to determine
+the hosts' IP address:
+
+- nagios_monitoring_network: IP subnet(s) in CIDR notation (can be a list)
+- nagios_monitoring_interface: interface name(s). Default ['eth0', 'ens3'].
+
+'nagios_monitoring_network' parameter takes precedence over 'nagios_monitoring_interface' list.
diff --git a/devops_portal/service/pushkin.yml b/devops_portal/service/pushkin.yml
new file mode 100644
index 0000000..82a073c
--- /dev/null
+++ b/devops_portal/service/pushkin.yml
@@ -0,0 +1,10 @@
+parameters:
+ devops_portal:
+ config:
+ service:
+ pushkin:
+ configure_proxy: true
+ endpoint:
+ address: ${_param:haproxy_pushkin_bind_host}
+ port: ${_param:haproxy_pushkin_bind_port}
+ https: ${_param:haproxy_pushkin_ssl:enabled}
diff --git a/docker/swarm/network/monitoring.yml b/docker/swarm/network/monitoring.yml
deleted file mode 100644
index a049aac..0000000
--- a/docker/swarm/network/monitoring.yml
+++ /dev/null
@@ -1,8 +0,0 @@
-parameters:
- docker:
- client:
- network:
- monitoring:
- driver: overlay
- opt:
- encrypted: true
diff --git a/docker/swarm/service/elasticsearch.yml b/docker/swarm/service/elasticsearch.yml
index 02dea57..4d49494 100644
--- a/docker/swarm/service/elasticsearch.yml
+++ b/docker/swarm/service/elasticsearch.yml
@@ -16,4 +16,4 @@
elasticsearch:
type: bind
source: /srv/volumes/elasticsearch
- destination: /var/lib/elasticsearch/data
+ destination: /usr/share/elasticsearch/data
diff --git a/docker/swarm/service/pushkin.yml b/docker/swarm/service/pushkin.yml
index e4fe424..d01842d 100644
--- a/docker/swarm/service/pushkin.yml
+++ b/docker/swarm/service/pushkin.yml
@@ -25,4 +25,4 @@
pushkin:
type: bind
source: /srv/volumes/pushkin/logs
- destination: /var/log/pushkin/logs
\ No newline at end of file
+ destination: /var/log/pushkin
\ No newline at end of file
diff --git a/docker/swarm/stack/aptly.yml b/docker/swarm/stack/aptly.yml
new file mode 100644
index 0000000..5570c40
--- /dev/null
+++ b/docker/swarm/stack/aptly.yml
@@ -0,0 +1,31 @@
+parameters:
+ _param:
+ docker_image_aptly:
+ api: tcpcloud/aptly-api
+ public: tcpcloud/aptly-public
+ docker:
+ client:
+ stack:
+ aptly:
+ environment:
+ EMAIL_ADDRESS: ${_param:admin_email}
+ service:
+ api:
+ deploy:
+ restart_policy:
+ condition: any
+ image: ${_param:docker_image_aptly:api}
+ ports:
+ - 18084:8080
+ volumes:
+ - /srv/volumes/aptly:/var/lib/aptly
+ public:
+ deploy:
+ replicas: 3
+ restart_policy:
+ condition: any
+ image: ${_param:docker_image_aptly:public}
+ ports:
+ - 18085:80
+ volumes:
+ - /srv/volumes/aptly/public:/var/www/html
diff --git a/docker/swarm/stack/artifactory.yml b/docker/swarm/stack/artifactory.yml
new file mode 100644
index 0000000..cda48fe
--- /dev/null
+++ b/docker/swarm/stack/artifactory.yml
@@ -0,0 +1,23 @@
+parameters:
+ docker:
+ client:
+ stack:
+ artifactory:
+ environment:
+ MYSQL_HOST: ${_param:cluster_vip_address}
+ MYSQL_USERNAME: artifactory
+ MYSQL_PASSWORD: ${_param:mysql_artifactory_password}
+ MYSQL_DATABASE: artifactory
+ service:
+ artifactory:
+ deploy:
+ restart_policy:
+ condition: any
+ image: ${_param:docker_image_repository:cicd}/artifactory
+ ports:
+ - 18082:8081
+ volumes:
+ - /srv/volumes/artifactory/data:/var/opt/jfrog/artifactory/data
+ - /srv/volumes/artifactory/backup:/var/opt/jfrog/artifactory/backup
+ - /srv/volumes/artifactory/etc:/var/opt/jfrog/artifactory/etc
+ - /srv/volumes/artifactory/logs:/var/opt/jfrog/artifactory/logs
diff --git a/docker/swarm/stack/dashboard.yml b/docker/swarm/stack/dashboard.yml
new file mode 100644
index 0000000..5621d8a
--- /dev/null
+++ b/docker/swarm/stack/dashboard.yml
@@ -0,0 +1,16 @@
+parameters:
+ docker:
+ client:
+ stack:
+ dashboard:
+ service:
+ grafana:
+ deploy:
+ replicas: 1
+ restart_policy:
+ condition: any
+ image: ${_param:docker_image_grafana}
+ ports:
+ - 15013:3000
+ environment:
+ GF_SECURITY_ADMIN_PASSWORD: ${_param:grafana_admin_password}
diff --git a/docker/swarm/stack/devops_portal.yml b/docker/swarm/stack/devops_portal.yml
new file mode 100644
index 0000000..c894d33
--- /dev/null
+++ b/docker/swarm/stack/devops_portal.yml
@@ -0,0 +1,20 @@
+parameters:
+ _param:
+ docker_devops_portal_replicas: 1
+ docker_image_devops_portal: docker-sandbox.sandbox.mirantis.net/ikharin/oss/devops-portal:latest
+ docker:
+ client:
+ stack:
+ devops-portal:
+ service:
+ frontend:
+ image: ${_param:docker_image_devops_portal}
+ deploy:
+ replicas: ${_param:docker_devops_portal_replicas}
+ restart_policy:
+ condition: any
+ ports:
+ - 18800:8000
+ volumes:
+ - /srv/volumes/devops_portal/nginx:/etc/nginx/config
+ - /srv/volumes/devops_portal/config:/opt/devops-portal/config
diff --git a/docker/swarm/stack/docker.yml b/docker/swarm/stack/docker.yml
new file mode 100644
index 0000000..a680d4c
--- /dev/null
+++ b/docker/swarm/stack/docker.yml
@@ -0,0 +1,33 @@
+parameters:
+ _param:
+ docker_image_registry: registry:2
+ docker_image_visualizer: manomarks/visualizer
+ docker:
+ client:
+ stack:
+ docker:
+ service:
+ registry:
+ environment:
+ REGISTRY_HTTP_SECRET: ${_param:docker_registry_http_secret}
+ deploy:
+ replicas: 3
+ restart_policy:
+ condition: any
+ image: ${_param:docker_image_registry}
+ ports:
+ - 15000:5000
+ volumes:
+ - /srv/volumes/registry:/var/lib/registry
+ visualizer:
+ deploy:
+ restart_policy:
+ condition: any
+ placement:
+ constraints:
+ - "node.role == manager"
+ image: ${_param:docker_image_visualizer}
+ ports:
+ - 18090:8080
+ volumes:
+ - /var/run/docker.sock:/var/run/docker.sock
diff --git a/docker/swarm/stack/gerrit.yml b/docker/swarm/stack/gerrit.yml
new file mode 100644
index 0000000..26ffe7f
--- /dev/null
+++ b/docker/swarm/stack/gerrit.yml
@@ -0,0 +1,60 @@
+parameters:
+ _param:
+ docker_image_gerrit: tcpcloud/gerrit:2.13.6
+ docker_image_mysql: mysql:5.6
+ gerrit_ldap_server: ""
+ gerrit_ldap_bind_user: ""
+ gerrit_ldap_bind_password: ""
+ gerrit_ldap_account_base: ""
+ gerrit_ldap_group_base: ""
+
+ docker:
+ client:
+ stack:
+ gerrit:
+ service:
+ server:
+ deploy:
+ restart_policy:
+ condition: any
+ image: ${_param:docker_image_gerrit}
+ ports:
+ - 18083:8080
+ - 29417:29418
+ volumes:
+ - /srv/volumes/gerrit:/var/gerrit/review_site
+ depends_on:
+ - db
+ environment:
+ #GERRIT_INIT_ARGS: ""
+ DATABASE_TYPE: "mysql"
+ DB_PORT_3306_TCP_ADDR: ${_param:cluster_vip_address}
+ DB_ENV_MYSQL_USER: gerrit
+ DB_ENV_MYSQL_PASSWORD: ${_param:mysql_gerrit_password}
+ DB_ENV_MYSQL_DB: gerrit
+ AUTH_TYPE: ${_param:gerrit_auth_type}
+ LDAP_SERVER: ${_param:gerrit_ldap_server}
+ LDAP_ACCOUNTPATTERN: 'uid={username}'
+ LDAP_ACCOUNTBASE: ${_param:gerrit_ldap_account_base}
+ LDAP_GROUPBASE: ${_param:gerrit_ldap_group_base}
+ LDAP_USERNAME: ${_param:gerrit_ldap_bind_user}
+ LDAP_PASSWORD: ${_param:gerrit_ldap_bind_password}
+ WEBURL: ${_param:gerrit_public_host}
+ GERRIT_ADMIN_SSH_PUBLIC: ${_param:gerrit_admin_public_key}
+ GERRIT_ADMIN_PWD: ${_param:gerrit_admin_password}
+ GERRIT_ADMIN_EMAIL: ${_param:gerrit_admin_email}
+ CANLOADINIFRAME: "true"
+ db:
+ environment:
+ MYSQL_USER: gerrit
+ MYSQL_PASSWORD: ${_param:mysql_gerrit_password}
+ MYSQL_DATABASE: gerrit
+ MYSQL_ROOT_PASSWORD: ${_param:mysql_admin_password}
+ deploy:
+ restart_policy:
+ condition: any
+ image: "${_param:docker_image_mysql}"
+ ports:
+ - 13306:3306
+ volumes:
+ - /srv/volumes/mysql:/var/lib/mysql
diff --git a/docker/swarm/stack/jenkins.yml b/docker/swarm/stack/jenkins.yml
new file mode 100644
index 0000000..acea08b
--- /dev/null
+++ b/docker/swarm/stack/jenkins.yml
@@ -0,0 +1,22 @@
+parameters:
+ _param:
+ docker_image_jenkins: tcpcloud/jenkins:2.52
+ docker:
+ client:
+ stack:
+ jenkins:
+ environment:
+ JAVA_OPTS: "-Djenkins.install.runSetupWizard=false -Dhudson.DNSMultiCast.disabled=true -Dhudson.udp=-1 -Dhudson.footerURL=https://www.mirantis.com"
+ JENKINS_NUM_EXECUTORS: 4
+ service:
+ master:
+ deploy:
+ restart_policy:
+ condition: any
+ image: ${_param:docker_image_jenkins}
+ ports:
+ - 18081:8080
+ - 50001:50000
+ volumes:
+ - /srv/volumes/jenkins:/var/jenkins_home
+ - /etc/ssl/certs/java/cacerts:/etc/ssl/certs/java/cacerts:ro
diff --git a/docker/swarm/stack/ldap.yml b/docker/swarm/stack/ldap.yml
new file mode 100644
index 0000000..6e94695
--- /dev/null
+++ b/docker/swarm/stack/ldap.yml
@@ -0,0 +1,46 @@
+parameters:
+ _param:
+ docker_image_openldap: osixia/openldap:1.1.8
+ docker_image_phpldapadmin: tcpcloud/phpldapadmin:0.6.12
+ docker:
+ client:
+ stack:
+ ldap:
+ service:
+ server:
+ deploy:
+ restart_policy:
+ condition: any
+ image: ${_param:docker_image_openldap}
+ hostname: ldap01
+ domainname: ${_param:openldap_domain}
+ ports:
+ - 1389:389
+ - 1636:636
+ volumes:
+ - /srv/volumes/openldap/database:/var/lib/ldap
+ - /srv/volumes/openldap/config:/etc/ldap/slapd.d
+ environment:
+ HOSTNAME: ldap01.${_param:openldap_domain}
+ LDAP_ORGANISATION: "${_param:openldap_organisation}"
+ LDAP_DOMAIN: "${_param:openldap_domain}"
+ LDAP_ADMIN_PASSWORD: ${_param:openldap_admin_password}
+ LDAP_CONFIG_PASSWORD: ${_param:openldap_config_password}
+ LDAP_TLS: "false"
+ admin:
+ deploy:
+ restart_policy:
+ condition: any
+ image: ${_param:docker_image_phpldapadmin}
+ depends_on:
+ - server
+ hostname: ldap
+ domainname: ${_param:openldap_domain}
+ environment:
+ PHPLDAPADMIN_LDAP_HOSTS: "#PYTHON2BASH:[{'ldap.${_param:openldap_domain}': [{'server': [{'tls': False}]},{'login': [{'bind_id': 'cn=admin,${_param:openldap_dn}'},{'bind_pass': '${_param:openldap_admin_password}'}]}]}]"
+ PHPLDAPADMIN_HTTPS: "false"
+ PHPLDAPADMIN_TRUST_PROXY_SSL: "true"
+ PHPLDAPADMIN_SERVER_ADMIN: ${_param:admin_email}
+ PHPLDAPADMIN_THEME: mirantis
+ ports:
+ - 18089:80
diff --git a/docker/swarm/stack/monitoring.yml b/docker/swarm/stack/monitoring.yml
new file mode 100644
index 0000000..46a2845
--- /dev/null
+++ b/docker/swarm/stack/monitoring.yml
@@ -0,0 +1,65 @@
+classes:
+- service.prometheus.server.container
+- service.prometheus.alertmanager.container
+- service.prometheus.pushgateway.container
+parameters:
+ docker:
+ client:
+ stack:
+ monitoring:
+ network:
+ monitoring:
+ driver: overlay
+ driver_opts:
+ encrypted: 1
+ service:
+ alertmanager:
+ networks:
+ - monitoring
+ deploy:
+ replicas: 2
+ restart_policy:
+ condition: any
+ image: ${_param:docker_image_alertmanager}
+ ports:
+ - 15011:${prometheus:alertmanager:bind:port}
+ volumes:
+ - /srv/volumes/prometheus:/opt/alertmanager/config
+ environment:
+ config_dir: /opt/alertmanager/config
+ bind_port: ${prometheus:alertmanager:bind:port}
+ bind_address: ${prometheus:alertmanager:bind:address}
+ discovery_domain: 'monitoring_alertmanager'
+ pushgateway:
+ networks:
+ - monitoring
+ deploy:
+ replicas: 2
+ restart_policy:
+ condition: any
+ image: ${_param:docker_image_pushgateway}
+ ports:
+ - 15012:9091
+ server:
+ networks:
+ - monitoring
+ deploy:
+ replicas: 1
+ restart_policy:
+ condition: any
+ image: ${_param:docker_image_prometheus}
+ ports:
+ - 15010:${prometheus:server:bind:port}
+ volumes:
+ - /srv/volumes/prometheus:/opt/prometheus/config
+ environment:
+ config_dir: /opt/prometheus/config
+ bind_port: ${prometheus:server:bind:port}
+ bind_address: ${prometheus:server:bind:address}
+ alertmanager_port: ${prometheus:alertmanager:bind:port}
+ storage_local_engine: ${prometheus:server:storage:local:engine}
+ storage_local_retention: ${prometheus:server:storage:local:retention}
+ storage_local_memory_chunks: ${prometheus:server:storage:local:memory_chunks}
+ storage_local_max_chunks_to_persist: ${prometheus:server:storage:local:max_chunks_to_persist}
+ storage_local_num_fingerprint_mutexes: ${prometheus:server:storage:local:num_fingerprint_mutexes}
+ discovery_domain: 'monitoring_alertmanager'
diff --git a/docker/swarm/stack/pushkin.yml b/docker/swarm/stack/pushkin.yml
new file mode 100644
index 0000000..b28b1e9
--- /dev/null
+++ b/docker/swarm/stack/pushkin.yml
@@ -0,0 +1,52 @@
+parameters:
+ _param:
+ docker_pushkin_db_replicas: 1
+ docker_image_pushkin_db: docker-sandbox.sandbox.mirantis.net/vstoiko/oss/pushkindb:latest
+ pushkin_db_password: pushkin
+ pushkin_db_user: pushkin
+ pushkin_db: pushkin
+ docker_pushkin_replicas: 1
+ docker_image_pushkin: docker-sandbox.sandbox.mirantis.net/vstoiko/oss/pushkin:latest
+ elasticsearch_replicas: 1
+ docker_image_oss_elasticsearch: docker-sandbox.sandbox.mirantis.net/vstoiko/oss/elasticsearch:latest
+ docker:
+ client:
+ stack:
+ pushkin:
+ environment:
+ POSTGRES_USER: ${_param:pushkin_db_user}
+ POSTGRES_PASSWORD: ${_param:pushkin_db_password}
+ POSTGRES_DB: ${_param:pushkin_db}
+ PUSHKINDBHOST: ${_param:haproxy_pushkin_db_bind_host}
+ PUSHKINELASTICHOST: ${_param:haproxy_elasticsearch_bind_host}
+ service:
+ db:
+ image: ${_param:docker_image_pushkin_db}
+ deploy:
+ replicas: ${_param:docker_pushkin_db_replicas}
+ restart_policy:
+ condition: any
+ ports:
+ - ${_param:haproxy_pushkin_db_exposed_port}:${_param:haproxy_pushkin_db_bind_port}
+ volumes:
+ - /srv/volumes/pushkin/data:/var/lib/postgresql/data
+ backend:
+ image: ${_param:docker_image_pushkin}
+ deploy:
+ replicas: ${_param:docker_pushkin_replicas}
+ restart_policy:
+ condition: any
+ ports:
+ - ${_param:haproxy_pushkin_exposed_port}:${_param:haproxy_pushkin_bind_port}
+ volumes:
+ - /srv/volumes/pushkin/logs:/var/log/pushkin
+ elasticsearch:
+ image: ${_param:docker_image_oss_elasticsearch}
+ deploy:
+ replicas: ${_param:elasticsearch_replicas}
+ restart_policy:
+ condition: any
+ ports:
+ - ${_param:haproxy_elasticsearch_exposed_port}:${_param:haproxy_elasticsearch_bind_port}
+ volumes:
+ - /srv/volumes/elasticsearch:/usr/share/elasticsearch/data
diff --git a/docker/swarm/stack/rundeck.yml b/docker/swarm/stack/rundeck.yml
new file mode 100644
index 0000000..b0951a4
--- /dev/null
+++ b/docker/swarm/stack/rundeck.yml
@@ -0,0 +1,29 @@
+parameters:
+ _param:
+ docker_rundeck_replicas: 1
+ docker_image_rundeck: docker-sandbox.sandbox.mirantis.net/ikharin/oss/rundeck:latest
+ rundeck_admin_password: password
+ docker:
+ client:
+ stack:
+ rundeck:
+ environment:
+ SERVER_URL: "http://${_param:haproxy_rundeck_bind_host}:${_param:haproxy_rundeck_bind_port}"
+ RUNDECK_ADMIN_PASSWORD: ${_param:rundeck_admin_password}
+ service:
+ rundeck:
+ image: ${_param:docker_image_rundeck}
+ deploy:
+ replicas: ${_param:docker_rundeck_replicas}
+ restart_policy:
+ condition: any
+ ports:
+ - 14440:4440
+ volumes:
+ - /srv/volumes/rundeck/etc:/etc/rundeck
+ - /srv/volumes/rundeck/rundeck:/var/rundeck
+ - /srv/volumes/rundeck/mysql:/var/lib/mysql
+ - /srv/volumes/rundeck/log:/var/log/rundeck
+ - /srv/volumes/rundeck/logs:/var/lib/rundeck/logs
+ - /srv/volumes/rundeck/plugins:/opt/rundeck-plugins
+ - /srv/volumes/rundeck/storage:/var/lib/rundeck/var/storage
diff --git a/galera/server/database/nova.yml b/galera/server/database/nova.yml
index 619c5df..86d4821 100644
--- a/galera/server/database/nova.yml
+++ b/galera/server/database/nova.yml
@@ -24,3 +24,14 @@
password: ${_param:mysql_nova_password}
host: ${_param:cluster_local_address}
rights: all
+ nova_cell0:
+ encoding: utf8
+ users:
+ - name: nova
+ password: ${_param:mysql_nova_password}
+ host: '%'
+ rights: all
+ - name: nova
+ password: ${_param:mysql_nova_password}
+ host: ${_param:cluster_local_address}
+ rights: all
diff --git a/glance/control/storage/glusterfs.yml b/glance/control/storage/glusterfs.yml
deleted file mode 100644
index ae0e84d..0000000
--- a/glance/control/storage/glusterfs.yml
+++ /dev/null
@@ -1,36 +0,0 @@
-classes:
-- service.glusterfs.server
-- service.glusterfs.client
-parameters:
- glusterfs:
- server:
- peers:
- - ${_param:cluster_node01_address}
- - ${_param:cluster_node02_address}
- - ${_param:cluster_node03_address}
- volumes:
- glance:
- storage: /srv/glusterfs/glance
- replica: 3
- bricks:
- - ${_param:cluster_node01_address}:/srv/glusterfs/glance
- - ${_param:cluster_node02_address}:/srv/glusterfs/glance
- - ${_param:cluster_node03_address}:/srv/glusterfs/glance
- options:
- cluster.readdir-optimize: On
- nfs.disable: On
- network.remote-dio: On
- diagnostics.client-log-level: WARNING
- diagnostics.brick-log-level: WARNING
- client:
- volumes:
- glance:
- path: /var/lib/glance/images
- server: ${_param:glusterfs_service_host}
- user: glance
- group: glance
- glance:
- server:
- storage:
- engine: file
- images: []
diff --git a/glusterfs/client/volume/devops_portal.yml b/glusterfs/client/volume/devops_portal.yml
index 9a3c291..5a0c07a 100644
--- a/glusterfs/client/volume/devops_portal.yml
+++ b/glusterfs/client/volume/devops_portal.yml
@@ -7,4 +7,4 @@
devops_portal:
path: /srv/volumes/devops_portal
server: ${_param:devops_portal_glusterfs_service_host}
- opts: 'defaults'
+ opts: "defaults,backup-volfile-servers=${_param:cluster_node01_address}:${_param:cluster_node02_address}:${_param:cluster_node03_address}"
diff --git a/glusterfs/client/volume/elasticsearch.yml b/glusterfs/client/volume/elasticsearch.yml
index f5ad7ae..2fad4ba 100644
--- a/glusterfs/client/volume/elasticsearch.yml
+++ b/glusterfs/client/volume/elasticsearch.yml
@@ -7,4 +7,4 @@
elasticsearch:
path: /srv/volumes/elasticsearch
server: ${_param:elasticsearch_glusterfs_service_host}
- opts: 'defaults'
+ opts: "defaults,backup-volfile-servers=${_param:cluster_node01_address}:${_param:cluster_node02_address}:${_param:cluster_node03_address}"
diff --git a/glusterfs/client/volume/prometheus.yml b/glusterfs/client/volume/prometheus.yml
index 2b2b7db..49145d3 100644
--- a/glusterfs/client/volume/prometheus.yml
+++ b/glusterfs/client/volume/prometheus.yml
@@ -7,4 +7,4 @@
prometheus:
path: /srv/volumes/prometheus
server: ${_param:prometheus_glusterfs_service_host}
- opts: 'defaults'
+ opts: "defaults,backup-volfile-servers=${_param:cluster_node01_address}:${_param:cluster_node02_address}:${_param:cluster_node03_address}"
diff --git a/glusterfs/client/volume/pushkin.yml b/glusterfs/client/volume/pushkin.yml
index 1853863..af3ee44 100644
--- a/glusterfs/client/volume/pushkin.yml
+++ b/glusterfs/client/volume/pushkin.yml
@@ -7,4 +7,4 @@
pushkin:
path: /srv/volumes/pushkin
server: ${_param:pushkin_glusterfs_service_host}
- opts: 'defaults'
+ opts: "defaults,backup-volfile-servers=${_param:cluster_node01_address}:${_param:cluster_node02_address}:${_param:cluster_node03_address}"
diff --git a/glusterfs/client/volume/rundeck.yml b/glusterfs/client/volume/rundeck.yml
index b226aeb..05709ea 100644
--- a/glusterfs/client/volume/rundeck.yml
+++ b/glusterfs/client/volume/rundeck.yml
@@ -7,4 +7,4 @@
rundeck:
path: /srv/volumes/rundeck
server: ${_param:rundeck_glusterfs_service_host}
- opts: 'defaults'
+ opts: "defaults,backup-volfile-servers=${_param:cluster_node01_address}:${_param:cluster_node02_address}:${_param:cluster_node03_address}"
diff --git a/haproxy/proxy/listen/openstack/nova-placement.yml b/haproxy/proxy/listen/openstack/nova-placement.yml
new file mode 100644
index 0000000..e3b72b7
--- /dev/null
+++ b/haproxy/proxy/listen/openstack/nova-placement.yml
@@ -0,0 +1,29 @@
+parameters:
+ haproxy:
+ proxy:
+ listen:
+ nova_placement_api:
+ mode: http
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 8778
+ options:
+ - httpclose
+ - httplog
+ health-check:
+ http:
+ options:
+ - expect status 401
+ servers:
+ - name: ctl01
+ host: ${_param:cluster_node01_address}
+ port: 8778
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ctl02
+ host: ${_param:cluster_node02_address}
+ port: 8778
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ctl03
+ host: ${_param:cluster_node03_address}
+ port: 8778
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
diff --git a/haproxy/proxy/listen/oss/pushkin.yml b/haproxy/proxy/listen/oss/pushkin.yml
index 458a226..db33352 100644
--- a/haproxy/proxy/listen/oss/pushkin.yml
+++ b/haproxy/proxy/listen/oss/pushkin.yml
@@ -11,13 +11,13 @@
pushkin:
mode: http
options:
- - httpchk get /apps
+ - httpchk GET /apps
balance: source
http_request:
- action: "add-header X-Forwarded-Proto https"
condition: "if { ssl_fc }"
sticks:
- - http-check expect ! rstatus ^5
+ - http-check expect status 200
binds:
- address: ${_param:haproxy_pushkin_bind_host}
port: ${_param:haproxy_pushkin_bind_port}
diff --git a/haproxy/proxy/listen/oss/pushkin_db.yml b/haproxy/proxy/listen/oss/pushkin_db.yml
index 74b15a2..c67c591 100644
--- a/haproxy/proxy/listen/oss/pushkin_db.yml
+++ b/haproxy/proxy/listen/oss/pushkin_db.yml
@@ -12,7 +12,7 @@
mode: tcp
balance: source
options:
- - pgsql-check user ${_param:pushkin_db_user}
+ - tcp-check
binds:
- address: ${_param:haproxy_pushkin_db_bind_host}
port: ${_param:haproxy_pushkin_db_bind_port}
@@ -21,12 +21,12 @@
- name: ${_param:cluster_node01_name}
host: ${_param:cluster_node01_address}
port: ${_param:haproxy_pushkin_db_exposed_port}
- params: check
+ params: check port ${_param:haproxy_pushkin_db_exposed_port}
- name: ${_param:cluster_node02_name}
host: ${_param:cluster_node02_address}
port: ${_param:haproxy_pushkin_db_exposed_port}
- params: backup check
+ params: backup check port ${_param:haproxy_pushkin_db_exposed_port}
- name: ${_param:cluster_node03_name}
host: ${_param:cluster_node03_address}
port: ${_param:haproxy_pushkin_db_exposed_port}
- params: backup check
+ params: backup check port ${_param:haproxy_pushkin_db_exposed_port}
diff --git a/jenkins/client/init.yml b/jenkins/client/init.yml
index 191527f..ab057df 100644
--- a/jenkins/client/init.yml
+++ b/jenkins/client/init.yml
@@ -25,6 +25,7 @@
discard-old-build: {}
docker-workflow: {}
extended-choice-parameter: {}
+ extensible-choice-parameter: {}
gerrit-trigger: {}
git: {}
heavy-job: {}
diff --git a/jenkins/client/job/debian/packages/salt.yml b/jenkins/client/job/debian/packages/salt.yml
index 094ae79..5e6665c 100644
--- a/jenkins/client/job/debian/packages/salt.yml
+++ b/jenkins/client/job/debian/packages/salt.yml
@@ -159,6 +159,8 @@
dist: trusty
- name: rsyslog
dist: trusty
+ - name: rundeck
+ dist: trusty
- name: sahara
dist: trusty
- name: salt
@@ -335,6 +337,8 @@
dist: xenial
- name: rsync
dist: xenial
+ - name: rundeck
+ dist: xenial
- name: rsyslog
dist: xenial
- name: sahara
diff --git a/jenkins/client/job/deploy/lab/mk/init.yml b/jenkins/client/job/deploy/lab/mk/init.yml
index 0fc26f7..17dca28 100644
--- a/jenkins/client/job/deploy/lab/mk/init.yml
+++ b/jenkins/client/job/deploy/lab/mk/init.yml
@@ -19,6 +19,9 @@
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
credentials: "gerrit"
script: lab-pipeline.groovy
+ trigger:
+ timer:
+ spec: "{{timer}}"
param:
# deployments and test settings
STACK_TYPE:
diff --git a/jenkins/client/job/deploy/lab/mk/virtual.yml b/jenkins/client/job/deploy/lab/mk/virtual.yml
index 7e05368..8e82f76 100644
--- a/jenkins/client/job/deploy/lab/mk/virtual.yml
+++ b/jenkins/client/job/deploy/lab/mk/virtual.yml
@@ -35,14 +35,17 @@
install: core,openstack,contrail
stack_type: heat
test: openstack
+ timer: "H H(0-6) * * *"
- lab: virtual_mcp10_dvr
install: core,openstack,dvr
stack_type: heat
test: openstack
+ timer: "H H(0-6) * * *"
- lab: virtual_mcp10_ovs
install: core,openstack,ovs
stack_type: heat
test: openstack
+ timer: "H H(0-6) * * *"
# mcp11
- lab: virtual_mcp11_contrail
install: core,openstack,contrail
diff --git a/jenkins/client/job/docker/aptly.yml b/jenkins/client/job/docker/aptly.yml
index 4e77d2a..98ef8af 100644
--- a/jenkins/client/job/docker/aptly.yml
+++ b/jenkins/client/job/docker/aptly.yml
@@ -43,3 +43,6 @@
REGISTRY_CREDENTIALS_ID:
type: string
default: "dockerhub"
+ DOCKER_GIT_TAG:
+ type: boolean
+ default: "true"
diff --git a/jenkins/client/job/docker/init.yml b/jenkins/client/job/docker/init.yml
index f4a6a87..2f1f49a 100644
--- a/jenkins/client/job/docker/init.yml
+++ b/jenkins/client/job/docker/init.yml
@@ -1,6 +1,11 @@
parameters:
jenkins:
client:
+ view:
+ Docker:
+ enabled: true
+ type: ListView
+ include_regex: ".*-docker-.*"
job_template:
docker-build-image:
name: docker-build-image-{{name}}-{{branch}}
@@ -23,7 +28,11 @@
dockerfile: "Dockerfile"
- name: phpldapadmin
branch: "master"
- tags: "0.16.2 latest"
+ tags: "latest"
+ dockerfile: "image/Dockerfile"
+ - name: openldap
+ branch: "master"
+ tags: "latest"
dockerfile: "image/Dockerfile"
template:
discard:
@@ -71,4 +80,7 @@
default: ""
REGISTRY_CREDENTIALS_ID:
type: string
- default: "dockerhub"
\ No newline at end of file
+ default: "dockerhub"
+ DOCKER_GIT_TAG:
+ type: boolean
+ default: "true"
\ No newline at end of file
diff --git a/jenkins/client/job/gating.yml b/jenkins/client/job/gating.yml
index e825739..6b6d620 100644
--- a/jenkins/client/job/gating.yml
+++ b/jenkins/client/job/gating.yml
@@ -11,10 +11,17 @@
name: gate-gerrit-{{name}}
jobs:
- name: mk
+ regex: 'mk\/.*'
- name: debian
+ regex: 'debian\/.*'
- name: contrail
+ regex: 'contrail\/.*'
- name: salt-models
+ regex: 'salt-models\/.*'
- name: salt-formulas
+ regex: 'salt-formulas\/.*'
+ - name: oss
+ regex: 'oss\/devops-portal'
template:
discard:
build:
@@ -32,7 +39,7 @@
trigger:
gerrit:
project:
- '{{name}}\/.*':
+ '{{regex}}':
compare_type: REG_EXP
branches:
- master
@@ -56,4 +63,4 @@
default: false
CREDENTIALS_ID:
type: string
- default: "gerrit"
\ No newline at end of file
+ default: "gerrit"
diff --git a/jenkins/client/job/git-mirrors/downstream/templates.yml b/jenkins/client/job/git-mirrors/downstream/templates.yml
index 50e9152..ef504af 100644
--- a/jenkins/client/job/git-mirrors/downstream/templates.yml
+++ b/jenkins/client/job/git-mirrors/downstream/templates.yml
@@ -5,9 +5,9 @@
jenkins_git_mirror_downstream_jobs:
- name: cookiecutter-templates
downstream: mk/cookiecutter-templates
- upstream: "https://github.com/Mirantis/mk2x-cookiecutter-reclass-model"
+ upstream: "git@github.com:Mirantis/mk2x-cookiecutter-reclass-model"
branches: master
- name: heat-templates
downstream: mk/heat-templates
- upstream: "https://github.com/Mirantis/mk-lab-heat-templates"
- branches: master
\ No newline at end of file
+ upstream: "git@github.com:Mirantis/mk-lab-heat-templates"
+ branches: master
diff --git a/jenkins/client/job/git-mirrors/upstream/docker_images.yml b/jenkins/client/job/git-mirrors/upstream/docker_images.yml
index b4de3e2..2dc60b3 100644
--- a/jenkins/client/job/git-mirrors/upstream/docker_images.yml
+++ b/jenkins/client/job/git-mirrors/upstream/docker_images.yml
@@ -18,4 +18,8 @@
- name: docker-phpldapadmin
downstream: mk/docker-phpldapadmin
upstream: "git@github.com:Mirantis/docker-phpldapadmin"
+ branches: stable,master
+ - name: docker-openldap
+ downstream: mk/docker-openldap
+ upstream: "git@github.com:Mirantis/docker-openldap"
branches: stable,master
\ No newline at end of file
diff --git a/jenkins/client/job/opencontrail/build/generic.yml b/jenkins/client/job/opencontrail/build/generic.yml
index 7cd226e..a26472b 100644
--- a/jenkins/client/job/opencontrail/build/generic.yml
+++ b/jenkins/client/job/opencontrail/build/generic.yml
@@ -49,6 +49,18 @@
branch: R3.2
ppa: mirantis-opencontrail/opencontrail-3.2
upload_source_package: true
+ - buildname: oc666
+ os: ubuntu
+ dist: trusty
+ branch: master
+ ppa: mirantis-opencontrail/opencontrail-master
+ upload_source_package: false
+ - buildname: oc666
+ os: ubuntu
+ dist: xenial
+ branch: master
+ ppa: mirantis-opencontrail/opencontrail-master
+ upload_source_package: false
template:
discard:
build:
@@ -106,27 +118,57 @@
trigger:
gerrit:
project:
- contrail/contrail-controller:
- branches:
- - "{{branch}}"
- contrail/contrail-vrouter:
- branches:
- - "{{branch}}"
- contrail/contrail-packages:
- branches:
- - "{{branch}}"
- contrail/contrail-vrouter:
- branches:
- - "{{branch}}"
- contrail/contrail-web-core:
- branches:
- - "{{branch}}"
- contrail/contrail-web-controller:
- branches:
- - "{{branch}}"
- contrail/contrail-third-party:
- branches:
- - "{{branch}}"
+ contrail/contrail-pipeline:
+ branches:
+ - "{{branch}}"
+ contrail/contrail-build:
+ branches:
+ - "{{branch}}"
+ contrail/contrail-controller:
+ branches:
+ - "{{branch}}"
+ contrail/contrail-vrouter:
+ branches:
+ - "{{branch}}"
+ contrail/contrail-third-party:
+ branches:
+ - "{{branch}}"
+ contrail/contrail-generateDS:
+ branches:
+ - "{{branch}}"
+ contrail/contrail-sandesh:
+ branches:
+ - "{{branch}}"
+ contrail/contrail-packages:
+ branches:
+ - "{{branch}}"
+ contrail/contrail-nova-vif-driver:
+ branches:
+ - "{{branch}}"
+ contrail/contrail-neutron-plugin:
+ branches:
+ - "{{branch}}"
+ contrail/contrail-nova-extensions:
+ branches:
+ - "{{branch}}"
+ contrail/contrail-heat:
+ branches:
+ - "{{branch}}"
+ contrail/contrail-web-storage:
+ branches:
+ - "{{branch}}"
+ contrail/contrail-web-server-manager:
+ branches:
+ - "{{branch}}"
+ contrail/contrail-web-controller:
+ branches:
+ - "{{branch}}"
+ contrail/contrail-web-core:
+ branches:
+ - "{{branch}}"
+ contrail/contrail-webui-third-party:
+ branches:
+ - "{{branch}}"
event:
comment:
- addedContains:
diff --git a/jenkins/client/job/opencontrail/git-mirrors/downstream.yml b/jenkins/client/job/opencontrail/git-mirrors/downstream.yml
index 0cf3a33..b49a1a0 100644
--- a/jenkins/client/job/opencontrail/git-mirrors/downstream.yml
+++ b/jenkins/client/job/opencontrail/git-mirrors/downstream.yml
@@ -8,24 +8,43 @@
name: git-mirror-{{name}}
jobs:
- name: contrail-build
+ branches: ${_param:contrail_branches}
- name: contrail-controller
+ branches: ${_param:contrail_branches}
- name: contrail-vrouter
+ branches: ${_param:contrail_branches}
- name: contrail-third-party
+ branches: ${_param:contrail_branches}
- name: contrail-generateDS
+ branches: ${_param:contrail_branches}
- name: contrail-sandesh
+ branches: ${_param:contrail_branches}
- name: contrail-packages
+ branches: ${_param:contrail_branches}
- name: contrail-nova-vif-driver
+ branches: ${_param:contrail_branches}
- name: contrail-neutron-plugin
+ branches: ${_param:contrail_branches}
- name: contrail-nova-extensions
+ branches: ${_param:contrail_branches}
- name: contrail-ceilometer-plugin
+ branches: ${_param:contrail_ceilometer_plugin_branches}
- name: contrail-heat
+ branches: ${_param:contrail_branches}
- name: contrail-web-storage
+ branches: ${_param:contrail_branches}
- name: contrail-web-server-manager
+ branches: ${_param:contrail_branches}
- name: contrail-web-controller
+ branches: ${_param:contrail_branches}
- name: contrail-web-core
+ branches: ${_param:contrail_branches}
- name: contrail-webui-third-party
+ branches: ${_param:contrail_branches}
- name: contrail-dpdk-extra-packages
+ branches: ${_param:contrail_dpdk_extra_branches}
- name: contrail-kubernetes
+ branches: ${_param:contrail_kubernetes_branches}
template:
discard:
build:
@@ -57,7 +76,7 @@
default: "gerrit"
BRANCHES:
type: string
- default: ${_param:contrail_branches}
+ default: "{{branches}}"
job:
git-mirror-ifmap-python-client:
discard:
diff --git a/jenkins/client/job/opencontrail/init.yml b/jenkins/client/job/opencontrail/init.yml
index b41a357..63e4215 100644
--- a/jenkins/client/job/opencontrail/init.yml
+++ b/jenkins/client/job/opencontrail/init.yml
@@ -7,6 +7,7 @@
contrail_kubernetes_branches: "master,release-1.2"
contrail_dpdk_extra_branches: "mitaka,kilo,liberty-multiqueue"
contrail_ceilometer_plugin_branches: "master"
+ contrail_kubernetes_branches: "master,origin-1.1,origin-1.1.3,release-1.1,release-1.2"
jenkins:
client:
view:
diff --git a/jenkins/client/job/salt-models/generate.yml b/jenkins/client/job/salt-models/generate.yml
index 6f2c85c..967de8c 100644
--- a/jenkins/client/job/salt-models/generate.yml
+++ b/jenkins/client/job/salt-models/generate.yml
@@ -45,10 +45,9 @@
type: boolean
default: false
COOKIECUTTER_TEMPLATE_CONTEXT:
- type: string
+ type: text
RECLASS_MODEL_URL:
type: string
- default: "${_param:jenkins_gerrit_url}/salt-models/training.git"
RECLASS_MODEL_CREDENTIALS:
type: string
default: gerrit
diff --git a/jenkins/client/job/salt-models/tests.yml b/jenkins/client/job/salt-models/tests.yml
index c980d1d..1545eff 100644
--- a/jenkins/client/job/salt-models/tests.yml
+++ b/jenkins/client/job/salt-models/tests.yml
@@ -70,11 +70,6 @@
branches:
- master
event:
- patchset:
- - created:
- excludeDrafts: false
- excludeTrivialRebase: false
- excludeNoCodeChange: false
comment:
- addedContains:
commentAddedCommentContains: '(recheck|reverify)'
diff --git a/jenkins/client/job/test_devops_portal.yml b/jenkins/client/job/test_devops_portal.yml
index 0d9f2df..711f42a 100644
--- a/jenkins/client/job/test_devops_portal.yml
+++ b/jenkins/client/job/test_devops_portal.yml
@@ -2,8 +2,8 @@
jenkins:
client:
job:
- test-devops-portal-unittests:
- name: test-devops-portal-unittests
+ test-oss-devops-portal:
+ name: test-oss-devops-portal
discard:
build:
keep_num: 10
@@ -44,3 +44,9 @@
npm run lint
npm run test:unit
npm run test:functional
+ DEFAULT_GIT_URL:
+ type: string
+ default: "${_param:jenkins_gerrit_url}/oss/devops-portal"
+ DEFAULT_GIT_REF:
+ type: string
+ default: master
diff --git a/keepalived/cluster/instance/prometheus_server_vip.yml b/keepalived/cluster/instance/prometheus_server_vip.yml
new file mode 100644
index 0000000..7bde702
--- /dev/null
+++ b/keepalived/cluster/instance/prometheus_server_vip.yml
@@ -0,0 +1,18 @@
+applications:
+- keepalived
+classes:
+- service.keepalived.support
+parameters:
+ _param:
+ keepalived_vip_priority: 101
+ keepalived:
+ cluster:
+ enabled: true
+ instance:
+ prometheus_server_vip:
+ address: ${_param:keepalived_prometheus_vip_address}
+ password: ${_param:keepalived_prometheus_vip_password}
+ interface: ${_param:keepalived_prometheus_vip_interface}
+ virtual_router_id: 105
+ priority: ${_param:keepalived_vip_priority}
+
diff --git a/keystone/client/service/nova-placement.yml b/keystone/client/service/nova-placement.yml
new file mode 100644
index 0000000..61b5455
--- /dev/null
+++ b/keystone/client/service/nova-placement.yml
@@ -0,0 +1,23 @@
+parameters:
+ _param:
+ cluster_public_protocol: https
+ keystone:
+ client:
+ server:
+ identity:
+ service:
+ placement:
+ type: placement
+ description: OpenStack Placement API
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:cluster_public_host}
+ public_protocol: ${_param:cluster_public_protocol}
+ public_port: '8778'
+ public_path: ''
+ internal_address: ${_param:nova_service_host}
+ internal_port: '8778'
+ internal_path: ''
+ admin_address: ${_param:nova_service_host}
+ admin_port: '8778'
+ admin_path: ''
diff --git a/keystone/server/storage/glusterfs.yml b/keystone/server/storage/glusterfs.yml
deleted file mode 100644
index 54a4197..0000000
--- a/keystone/server/storage/glusterfs.yml
+++ /dev/null
@@ -1,35 +0,0 @@
-classes:
-- service.glusterfs.server
-- service.glusterfs.client
-parameters:
- glusterfs:
- server:
- peers:
- - ${_param:cluster_node01_address}
- - ${_param:cluster_node02_address}
- - ${_param:cluster_node03_address}
- volumes:
- keystone-keys:
- storage: /srv/glusterfs/keystone-keys
- replica: 3
- bricks:
- - ${_param:cluster_node01_address}:/srv/glusterfs/keystone-keys
- - ${_param:cluster_node02_address}:/srv/glusterfs/keystone-keys
- - ${_param:cluster_node03_address}:/srv/glusterfs/keystone-keys
- options:
- cluster.readdir-optimize: On
- nfs.disable: On
- network.remote-dio: On
- diagnostics.client-log-level: WARNING
- diagnostics.brick-log-level: WARNING
- client:
- volumes:
- keystone-keys:
- path: /var/lib/keystone/fernet-keys
- server: ${_param:glusterfs_service_host}
- user: keystone
- group: keystone
- keystone:
- server:
- tokens:
- location: /var/lib/keystone/fernet-keys
diff --git a/linux/system/repo_local/mcp/contrail.yml b/linux/system/repo_local/mcp/contrail.yml
index 158fda5..89a7236 100644
--- a/linux/system/repo_local/mcp/contrail.yml
+++ b/linux/system/repo_local/mcp/contrail.yml
@@ -6,7 +6,7 @@
linux:
system:
repo:
- mcp_opencontrail_${_param:linux_repo_contrail_component}:
+ mcp_opencontrail:
refresh_db: ${_param:linux_repo_refresh_db}
source: "deb [arch=amd64] http://${_param:local_repo_url}/ubuntu-${_param:linux_system_codename}/ ${_param:apt_mk_version} ${_param:linux_repo_contrail_component}"
architectures: amd64
diff --git a/mysql/client/database/nova_api.yml b/mysql/client/database/nova_api.yml
index 9380445..a8fbd59 100644
--- a/mysql/client/database/nova_api.yml
+++ b/mysql/client/database/nova_api.yml
@@ -15,3 +15,14 @@
password: ${_param:mysql_nova_password}
host: ${_param:single_address}
rights: all
+ nova_cell0:
+ encoding: utf8
+ users:
+ - name: nova
+ password: ${_param:mysql_nova_password}
+ host: '%'
+ rights: all
+ - name: nova
+ password: ${_param:mysql_nova_password}
+ host: ${_param:single_address}
+ rights: all
diff --git a/nagios/server/init.yml b/nagios/server/init.yml
index e495915..3a027a2 100644
--- a/nagios/server/init.yml
+++ b/nagios/server/init.yml
@@ -3,6 +3,10 @@
nagios_notification_email: root@localhost
nagios_host_dimension_key: nagios_host
nagios_default_host_alarm_clusters: 00-clusters
+ nagios_monitoring_network: []
+ nagios_monitoring_interface:
+ - eth0
+ - ens3
nagios :
server:
enabled: true
@@ -45,9 +49,9 @@
grain_hostname: 'host'
hostname_suffix: ${_param:stacklight_environment}
hostgroups:
- - target: '*'
+ - target: 'G@services:openssh'
name: All
- expr_from: glob
+ expr_from: compound
- target: 'G@roles:nova.controller'
expr_from: compound # the default
name: Nova Controller
@@ -63,10 +67,8 @@
- target: 'G@services:openssh'
contact_groups: Operator
use: generic_host_tpl
- interface:
- - eth0
- - ens3
- - p4p1.602
+ interface: ${_param:nagios_monitoring_interface}
+ network: ${_param:nagios_monitoring_network}
services:
- target: 'G@roles:openssh.server'
name: SSH
diff --git a/neutron/control/opencontrail/cluster.yml b/neutron/control/opencontrail/cluster.yml
index 5baa97e..caaaf6d 100644
--- a/neutron/control/opencontrail/cluster.yml
+++ b/neutron/control/opencontrail/cluster.yml
@@ -20,33 +20,13 @@
rights: all
neutron:
server:
- enabled: true
dns_domain: ${_param:cluster_domain}
- version: ${_param:neutron_version}
- bind:
- address: ${_param:cluster_local_address}
- port: 9696
database:
- engine: mysql
host: ${_param:openstack_database_address}
- port: 3306
- name: neutron
- user: neutron
- password: ${_param:mysql_neutron_password}
identity:
- engine: keystone
region: ${_param:openstack_region}
host: ${_param:openstack_control_address}
- port: 35357
- user: neutron
- password: ${_param:keystone_neutron_password}
- tenant: service
message_queue:
- engine: rabbitmq
- port: 5672
- user: openstack
- password: ${_param:rabbitmq_openstack_password}
- virtual_host: '/openstack'
members:
- host: ${_param:openstack_message_queue_node01_address}
- host: ${_param:openstack_message_queue_node02_address}
@@ -54,13 +34,11 @@
compute:
host: ${_param:openstack_control_address}
region: ${_param:openstack_region}
- user: nova
- password: ${_param:keystone_nova_password}
- tenant: service
- plugin: contrail
- tunnel_type: vxlan
- public_networks: []
- contrail:
- version: ${_param:opencontrail_version}
-
-
+ backend:
+ engine: contrail
+ host: ${_param:opencontrail_control_address}
+ port: 8082
+ user: admin
+ password: ${_param:keystone_admin_password}
+ tenant: admin
+ token: ${_param:keystone_service_token}
\ No newline at end of file
diff --git a/nginx/server/proxy/monitoring/prometheus_alertmanager.yml b/nginx/server/proxy/monitoring/prometheus_alertmanager.yml
new file mode 100644
index 0000000..2430104
--- /dev/null
+++ b/nginx/server/proxy/monitoring/prometheus_alertmanager.yml
@@ -0,0 +1,16 @@
+parameters:
+ nginx:
+ server:
+ enabled: true
+ site:
+ nginx_proxy_prometheus_alertmanager:
+ enabled: true
+ type: nginx_proxy
+ name: prometheus_alertmanager
+ proxy:
+ host: ${_param:prometheus_control_address}
+ port: 15011
+ protocol: http
+ host:
+ name: ${_param:cluster_public_host}
+ port: 15011
diff --git a/nginx/server/proxy/monitoring/prometheus_server.yml b/nginx/server/proxy/monitoring/prometheus_server.yml
new file mode 100644
index 0000000..76ff56a
--- /dev/null
+++ b/nginx/server/proxy/monitoring/prometheus_server.yml
@@ -0,0 +1,16 @@
+parameters:
+ nginx:
+ server:
+ enabled: true
+ site:
+ nginx_proxy_prometheus_server:
+ enabled: true
+ type: nginx_proxy
+ name: prometheus_server
+ proxy:
+ host: ${_param:prometheus_control_address}
+ port: 15010
+ protocol: http
+ host:
+ name: ${_param:cluster_public_host}
+ port: 15010
diff --git a/opencontrail/control/analytics.yml b/opencontrail/control/analytics.yml
index 9e3d78d..8cbd166 100644
--- a/opencontrail/control/analytics.yml
+++ b/opencontrail/control/analytics.yml
@@ -16,42 +16,13 @@
hold: true
opencontrail:
common:
- version: ${_param:opencontrail_version}
identity:
- engine: keystone
host: ${_param:openstack_control_address}
- port: 35357
- token: '${_param:keystone_service_token}'
- password: '${_param:keystone_admin_password}'
network:
- engine: neutron
host: ${_param:opencontrail_control_address}
- port: 9696
collector:
- version: ${_param:opencontrail_version}
- enabled: true
- bind:
- address: ${_param:cluster_local_address}
- port: 9081
- master:
- host: ${_param:cluster_local_address}
discovery:
host: ${_param:opencontrail_control_address}
- data_ttl: 1
database:
- version: ${_param:opencontrail_version}
- cassandra:
- version: 2
- enabled: true
- name: 'Contrail'
- minimum_disk: 10
- original_token: 0
- data_dirs:
- - /var/lib/cassandra
- id: ${_param:opencontrail_database_id}
discovery:
host: ${_param:opencontrail_control_address}
- bind:
- host: ${_param:cluster_local_address}
- port: 9042
- rpc_port: 9160
\ No newline at end of file
diff --git a/opencontrail/control/control.yml b/opencontrail/control/control.yml
index a3fefc3..794682d 100644
--- a/opencontrail/control/control.yml
+++ b/opencontrail/control/control.yml
@@ -7,98 +7,31 @@
multi_tenancy: false
opencontrail:
common:
- version: ${_param:opencontrail_version}
identity:
- engine: keystone
host: ${_param:openstack_control_address}
- port: 35357
- token: '${_param:keystone_service_token}'
- password: '${_param:keystone_admin_password}'
network:
- engine: neutron
host: ${_param:cluster_vip_address}
- port: 9696
config:
- version: ${_param:opencontrail_version}
- enabled: true
multi_tenancy: ${_param:multi_tenancy}
network:
- engine: neutron
- host: ${_param:cluster_vip_address}
- port: 9696
- discovery:
host: ${_param:cluster_vip_address}
analytics:
host: ${_param:opencontrail_analytics_address}
bind:
address: ${_param:cluster_local_address}
- api_port: 9100
- discovery_port: 9110
message_queue:
- engine: rabbitmq
host: ${_param:openstack_message_queue_address}
- port: 5672
identity:
- engine: keystone
- version: '2.0'
region: ${_param:openstack_region}
host: ${_param:openstack_control_address}
- port: 35357
- user: admin
- password: '${_param:keystone_admin_password}'
- token: '${_param:keystone_service_token}'
- tenant: admin
- control:
- version: ${_param:opencontrail_version}
- enabled: true
- id: ${_param:opencontrail_database_id}
- bind:
- address: ${_param:cluster_local_address}
- discovery:
- host: ${_param:cluster_vip_address}
- master:
- host: ${_param:cluster_local_address}
- database:
- version: ${_param:opencontrail_version}
- cassandra:
- version: 2
- enabled: true
- name: 'Contrail'
- minimum_disk: 10
- original_token: 0
- data_dirs:
- - /var/lib/cassandra
- id: ${_param:opencontrail_database_id}
- discovery:
- host: ${_param:cluster_vip_address}
- bind:
- host: ${_param:cluster_local_address}
- port: 9042
- rpc_port: 9160
web:
- version: ${_param:opencontrail_version}
- enabled: True
- bind:
- address: ${_param:cluster_local_address}
analytics:
host: ${_param:opencontrail_analytics_address}
- master:
- host: ${_param:cluster_vip_address}
cache:
- engine: redis
host: 127.0.0.1
- port: 6379
identity:
- engine: keystone
- version: '2.0'
host: ${_param:openstack_control_address}
- port: 35357
- user: admin
- password: '${_param:keystone_admin_password}'
- token: '${_param:keystone_service_token}'
- tenant: admin
database:
port: 9042
network:
- engine: neutron
host: ${_param:cluster_vip_address}
diff --git a/openssh/server/team/mcp_qa.yml b/openssh/server/team/mcp_qa.yml
index 582882f..5fc30d4 100644
--- a/openssh/server/team/mcp_qa.yml
+++ b/openssh/server/team/mcp_qa.yml
@@ -133,6 +133,13 @@
full_name: Vlad Naumov
home: /home/vnaumov
email: vnaumov@mirantis.com
+ ekhomyakova:
+ enabled: true
+ name: ekhomyakova
+ sudo: true
+ full_name: Ekaterina Khomyakova
+ home: /home/ekhomyakova
+ email: ekhomyakova@mirantis.com
group:
libvirtd:
enabled: true
@@ -246,6 +253,11 @@
public_keys:
- ${public_keys:vnaumov}
user: ${linux:system:user:vnaumov}
+ ekhomyakova:
+ enable: true
+ public_keys:
+ - ${public_keys:ekhomyakova}
+ user: ${linux:system:user:ekhomyakova}
public_keys:
ddmitriev:
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDuD4wJ8hzkchQ0pfgdwWukQyps1xYRfHOsjosmDu/mmgaXVud5mnpwb2q35E2YYTox2mx+ulJqyS+099gz6MPg4P8D5qdMuRbAsJqbceLaaIGQhdT8qgSo7ESrl5pwvYnfWzKLKF0z5s7nrW0nvArC40zhV9o9XpvzzzSFByepWfkwA8ReldGUYVvTKp8YXaCrqEdMZrU42adPM2nl+fYBbGF+h4/Ka247aVjPeER0blV3znFXbv2Kf38G+i/TEGaktgpBdtGGDi1tX2loMypmTJeqZRJnM0Eoly0BnynB7CSxn11eoIXBUe1mVYNqmQd1hw6uh59iymhK5j939v9J ddmitriev@dis_xcom
@@ -289,3 +301,5 @@
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCti9e5kyNEtX3MEns+eehUCzaxZmI8FWkWrLeRQY3jLUGzI3+N12tA7gKffczGIDP/ttnDg1hl98Yw28mkrIfYYMwRMqsBkGmYZyu6EXccyde6/5U/dgKVFGYLjWmbAAcaIaO2YoxqUJKvIanfLNHTRI29KwgxpaMCtjB7+jHiw/V0MF2xKi8yJgajZgh8iXPiv50BGjICx1BuqgqZb5jjxouV0FpU28mBOobqtaphOHeFPHk1Uool9MBt+2ocAjLbFhozmx0xryBVG4FGreovK60Zz4PuGCUL98rSTt8fbebfVokqkCG+sjykTcEQ8h5/0BUR4sPXw5mxATHD/AOv rkhozinov@rkhw
vnaumov:
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDno7VX9jiveRCF7d1C/FK24WLZwCArdrBBOQ1uHqpkUfUYtG6vrYgt/K2n2FXoX55lbeoJAwuNC9HviaY+vQAekCI4W2s02iD+j/GRUwitpv+lJZXSmt/q2PgLz3OFUIsJV0EwyNl+bexM4+2jYTmHeDMrXAsHL4I2GUv5sFycA11UhxZ/Qm2QMKlRZhje/IJieX9u2BhgYuPYffASVl4AhwtDagYdqquwUXrfu/dQRt/U9w0Di9alApcyPqiW9LbXUgwha1G9+ScQnxmp8WvmaV8YR+nf2OFxQHvOZPYjCzniRnYpaQUMeUAkJKxDwqR1dAKYnaQY5TfXtFwfzsjN vnaumov@vnaumov
+ ekhomyakova:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDEaWwPVtsj39s0A2efRQ1ejL5B7ZetFPmXJDi/8W/gTWIIII3xP750H8QWZfvbjiJ+KBCxOndDL8aL3SHC/iRCvmzrVkgXBgf5J9vTu8uas7BNGf7oiDBuB75fryDtkg57Pam/A47IlgxJTCwYz+ofUGHb6WrWwQ+MUTEWAk9PB+RPyxjwNC4XxEwtULkKQMgFmg52kauESpx0R0ni8/LLKUJucdse7NCcUTvEcafppnXsxdZ640G0K82ADS1neg1CDwdtCPKLG57GZYs4iL3sPcOhQxnVUoONXsRpBD8kQTKOMl5R6hTDJHBd3oimUPEXlPqeb/XeGKatVraRA6nJ ekhomyakova@ekhomyakova
diff --git a/prometheus/server/target/dns.yml b/prometheus/server/target/dns.yml
index b51f732..5919a91 100644
--- a/prometheus/server/target/dns.yml
+++ b/prometheus/server/target/dns.yml
@@ -5,11 +5,11 @@
dns:
- name: 'pushgateway'
domain:
- - 'tasks.prometheus_pushgateway'
+ - 'tasks.monitoring_pushgateway'
type: A
port: 9091
- name: 'prometheus'
domain:
- - 'tasks.prometheus_server'
+ - 'tasks.monitoring_server'
type: A
port: 9090
diff --git a/prometheus/server/target/etcd.yml b/prometheus/server/target/etcd.yml
index ae75c64..3db134e 100644
--- a/prometheus/server/target/etcd.yml
+++ b/prometheus/server/target/etcd.yml
@@ -2,15 +2,11 @@
prometheus:
server:
target:
- etcd:
- scheme: https
- ssl_dir: /opt/prometheus/config
- cert_name: prometheus-server.crt
- key_name: prometheus-server.key
- member:
- - host: ${_param:cluster_node01_address}
- port: ${_param:cluster_node01_port}
- - host: ${_param:cluster_node02_address}
- port: ${_param:cluster_node02_port}
- - host: ${_param:cluster_node03_address}
- port: ${_param:cluster_node03_port}
+ static:
+ etcd:
+ scheme: https
+ tls_config:
+ skip_verify: true
+ ssl_dir: /opt/prometheus/config
+ cert_name: prometheus-server.crt
+ key_name: prometheus-server.key
diff --git a/reclass/storage/system/rsyslog_single.yml b/reclass/storage/system/rsyslog_single.yml
new file mode 100644
index 0000000..a3eefac
--- /dev/null
+++ b/reclass/storage/system/rsyslog_single.yml
@@ -0,0 +1,15 @@
+parameters:
+ _param:
+ rsyslog_node01_hostname: rsl01
+ reclass:
+ storage:
+ node:
+ rsyslog_node01:
+ name: ${_param:rsyslog_node01_hostname}
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.infra.rsyslog
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: xenial
+ single_address: ${_param:rsyslog_node01_address}
diff --git a/salt/control/cluster/rsyslog_single.yml b/salt/control/cluster/rsyslog_single.yml
new file mode 100644
index 0000000..4e53747
--- /dev/null
+++ b/salt/control/cluster/rsyslog_single.yml
@@ -0,0 +1,18 @@
+parameters:
+ salt:
+ control:
+ size:
+ infra.rsyslog:
+ cpu: 8
+ ram: 8192
+ disk_profile: xxlarge
+ net_profile: default
+ cluster:
+ internal:
+ domain: ${_param:cluster_domain}
+ engine: virt
+ node:
+ rsl01:
+ provider: kvm02.${_param:cluster_domain}
+ image: ${_param:salt_control_xenial_image}
+ size: infra.rsyslog
diff --git a/salt/master/formula/git/oss.yml b/salt/master/formula/git/oss.yml
index 3c555ee..5c9577a 100644
--- a/salt/master/formula/git/oss.yml
+++ b/salt/master/formula/git/oss.yml
@@ -1,6 +1,6 @@
parameters:
_param:
- salt_master_oss_repository: https://gerrit.mcp.mirantis.net/oss
+ salt_master_oss_repository: https://gerrit.mcp.mirantis.net/salt-formulas
salt_master_oss_revision: master
salt:
master:
@@ -12,5 +12,5 @@
devops_utils.py:
enabled: true
source: git
- address: '${_param:salt_master_oss_repository}/salt-formula-devops-portal.git'
+ address: '${_param:salt_master_oss_repository}/devops-portal.git'
revision: ${_param:salt_master_oss_revision}
diff --git a/salt/minion/cert/k8s_server.yml b/salt/minion/cert/k8s_server.yml
index e340b52..603d369 100644
--- a/salt/minion/cert/k8s_server.yml
+++ b/salt/minion/cert/k8s_server.yml
@@ -10,4 +10,4 @@
cert_file: /srv/salt/env/${_param:salt_master_base_environment}/_certs/kubernetes/kubernetes-server.crt
all_file: /srv/salt/env/${_param:salt_master_base_environment}/_certs/kubernetes/kubernetes-server.pem
signing_policy: cert_server
- alternative_names: IP:${_param:cluster_vip_address},IP:${_param:cluster_node01_address},IP:${_param:cluster_node02_address},IP:${_param:cluster_node03_address},IP:${_param:kubernetes_internal_api_address},DNS:kubernetes.default
+ alternative_names: IP:${_param:cluster_vip_address},IP:${_param:cluster_node01_address},IP:${_param:cluster_node02_address},IP:${_param:cluster_node03_address},IP:${_param:kubernetes_internal_api_address},DNS:kubernetes.default,DNS:kubernetes.default.svc
diff --git a/telegraf/agent/init.yml b/telegraf/agent/init.yml
index 57a1f61..1faea32 100644
--- a/telegraf/agent/init.yml
+++ b/telegraf/agent/init.yml
@@ -1,8 +1,6 @@
paramaters:
telegraf:
agent:
- input:
- diskio:
output:
prometheus_client:
bind: