Merge pull request #249 from Mirantis/epcim-patch-1-sahara

Fix sahara service spec.
diff --git a/devops_portal/service/rundeck.yml b/devops_portal/service/rundeck.yml
index 1a15473..82fd764 100644
--- a/devops_portal/service/rundeck.yml
+++ b/devops_portal/service/rundeck.yml
@@ -5,8 +5,9 @@
         rundeck:
           configure_proxy: true
           credentials:
-            username: admin
+            username: ${_param:rundeck_admin_username}
             password: ${_param:rundeck_admin_password}
+            token: ${_param:rundeck_admin_token}
           endpoint:
             address: ${_param:haproxy_rundeck_bind_host}
             port: ${_param:haproxy_rundeck_bind_port}
diff --git a/docker/swarm/service/rundeck.yml b/docker/swarm/service/rundeck.yml
index baad94a..cc871dd 100644
--- a/docker/swarm/service/rundeck.yml
+++ b/docker/swarm/service/rundeck.yml
@@ -1,8 +1,7 @@
 parameters:
   _param:
     docker_rundeck_replicas: 1
-    docker_image_rundeck: docker-sandbox.sandbox.mirantis.net/ikharin/oss/rundeck:latest
-    rundeck_admin_password: password
+    docker_image_rundeck: docker-sandbox.sandbox.mirantis.net/ikharin/oss/rundeck:devel
   docker:
     client:
       service:
@@ -17,10 +16,14 @@
           ports:
             - 14440:4440
           volume:
-            etc:
+            framework.properties:
               type: bind
-              source: /srv/volumes/rundeck/etc
-              destination: /etc/rundeck
+              source: /srv/volumes/rundeck/config/framework.properties
+              destination: /etc/rundeck/framework.properties
+            tokens.properties:
+              type: bind
+              source: /srv/volumes/rundeck/config/tokens.properties
+              destination: /etc/rundeck/tokens.properties
             rundeck:
               type: bind
               source: /srv/volumes/rundeck/rundeck
diff --git a/docker/swarm/stack/rundeck.yml b/docker/swarm/stack/rundeck.yml
index b0951a4..f89619a 100644
--- a/docker/swarm/stack/rundeck.yml
+++ b/docker/swarm/stack/rundeck.yml
@@ -1,15 +1,11 @@
 parameters:
   _param:
     docker_rundeck_replicas: 1
-    docker_image_rundeck: docker-sandbox.sandbox.mirantis.net/ikharin/oss/rundeck:latest
-    rundeck_admin_password: password
+    docker_image_rundeck: docker-sandbox.sandbox.mirantis.net/ikharin/oss/rundeck:devel
   docker:
     client:
       stack:
         rundeck:
-          environment:
-            SERVER_URL: "http://${_param:haproxy_rundeck_bind_host}:${_param:haproxy_rundeck_bind_port}"
-            RUNDECK_ADMIN_PASSWORD: ${_param:rundeck_admin_password}
           service:
             rundeck:
               image: ${_param:docker_image_rundeck}
@@ -20,9 +16,11 @@
               ports:
                 - 14440:4440
               volumes:
-                - /srv/volumes/rundeck/etc:/etc/rundeck
+                - /srv/volumes/rundeck/etc/framework.properties:/etc/rundeck/framework.properties
+                - /srv/volumes/rundeck/etc/tokens.properties:/etc/rundeck/tokens.properties
+                - /srv/volumes/rundeck/etc/realm.properties:/etc/rundeck/realm.properties
+                - /srv/volumes/rundeck/etc/rundeck-config.properties:/etc/rundeck/rundeck-config.properties
                 - /srv/volumes/rundeck/rundeck:/var/rundeck
-                - /srv/volumes/rundeck/mysql:/var/lib/mysql
                 - /srv/volumes/rundeck/log:/var/log/rundeck
                 - /srv/volumes/rundeck/logs:/var/lib/rundeck/logs
                 - /srv/volumes/rundeck/plugins:/opt/rundeck-plugins
diff --git a/jenkins/client/job/debian/packages/extra.yml b/jenkins/client/job/debian/packages/extra.yml
index 9d6755e..7d20688 100644
--- a/jenkins/client/job/debian/packages/extra.yml
+++ b/jenkins/client/job/debian/packages/extra.yml
@@ -8,96 +8,135 @@
             - package: librdkafka
               dist: trusty
               build: pipeline
+              branch: debian/trusty
             - package: python-kafka
               dist: trusty
               build: pipeline
+              branch: debian/trusty
             - package: liburcu
               dist: trusty
               build: pipeline
+              branch: debian/trusty
             - package: python-kazoo
               dist: trusty
               build: pipeline
+              branch: debian/trusty
             - package: python-pathlib
               dist: trusty
               build: pipeline
+              branch: debian/trusty
             - package: kafka
               dist: trusty
               build: pipeline
+              branch: debian/trusty
             - package: python-geventhttpclient
               dist: trusty
               build: pipeline
+              branch: debian/trusty
             - package: python-consistent-hash
               dist: trusty
               build: pipeline
+              branch: debian/trusty
             - package: libipfix
               dist: trusty
               build: pipeline
+              branch: debian/trusty
             - package: python-ncclient
               dist: trusty
               build: pipeline
+              branch: debian/trusty
             - package: python-pycassa
               dist: trusty
               build: pipeline
+              branch: debian/trusty
             - package: python-xmltodict
               dist: trusty
               build: pipeline
+              branch: debian/trusty
             - package: python-backports.ssl-match-hostname
               dist: trusty
               build: pipeline
+              branch: debian/trusty
             - package: python-certifi
               dist: trusty
               build: pipeline
+              branch: debian/trusty
             - package: python-docker
               dist: trusty
               build: pipeline
+              branch: debian/trusty
             - package: python-cassandra-driver
               dist: trusty
               build: pipeline
+              branch: debian/trusty
             - package: python-redis
               dist: trusty
               build: pipeline
+              branch: debian/trusty
             - package: python-tabulate
               dist: trusty
               build: pipeline
+              branch: debian/trusty
             - package: cassandra-cpp-driver
               dist: trusty
               build: pipeline
+              branch: debian/trusty
             - package: libuv1
               dist: trusty
               build: pipeline
+              branch: debian/trusty
             - package: python-sseclient
               dist: trusty
               build: pipeline
+              branch: debian/trusty
+            - package: reclass
+              dist: trusty
+              build: pipeline
+              branch: debian/trusty
             - package: librdkafka
               dist: xenial
               build: pipeline
+              branch: debian/xenial
             - package: python-kafka
               dist: xenial
               build: pipeline
+              branch: debian/xenial
             - package: python-geventhttpclient
               dist: xenial
               build: pipeline
+              branch: debian/xenial
             - package: python-docker
               dist: xenial
               build: pipeline
+              branch: debian/xenial
             - package: python-consistent-hash
               dist: xenial
               build: pipeline
+              branch: debian/xenial
             - package: libipfix
               dist: xenial
               build: pipeline
+              branch: debian/xenial
             - package: cassandra-cpp-driver
               dist: xenial
               build: pipeline
+              branch: debian/xenial
             - package: python-sseclient
               dist: xenial
               build: pipeline
+              branch: debian/xenial
+            - package: reclass
+              dist: xenial
+              build: pipeline
+              branch: debian/xenial
             - package: telegraf
               dist: trusty
               build: telegraf
+              branch: master
             - package: telegraf
               dist: xenial
               build: telegraf
+              branch: master
           template:
             type: workflow-scm
             concurrent: false
@@ -125,7 +164,7 @@
                 default: "${_param:jenkins_gerrit_url}/debian/{{package}}.git"
               SOURCE_BRANCH:
                 type: string
-                default: "debian/{{dist}}"
+                default: "{{branch}}"
               SOURCE_CREDENTIALS:
                 type: string
                 default: "gerrit"
diff --git a/jenkins/client/job/debian/packages/salt.yml b/jenkins/client/job/debian/packages/salt.yml
index 3c73fa7..3111acc 100644
--- a/jenkins/client/job/debian/packages/salt.yml
+++ b/jenkins/client/job/debian/packages/salt.yml
@@ -97,6 +97,8 @@
               dist: trusty
             - name: linux
               dist: trusty
+            - name: lldp
+              dist: trusty
             - name: logrotate
               dist: trusty
             - name: maas
@@ -279,6 +281,8 @@
               dist: xenial
             - name: linux
               dist: xenial
+            - name: lldp
+              dist: xenial
             - name: logrotate
               dist: xenial
             - name: maas
diff --git a/jenkins/client/job/git-mirrors/downstream/debian-packages.yml b/jenkins/client/job/git-mirrors/downstream/debian-packages.yml
new file mode 100644
index 0000000..8ccd3bc
--- /dev/null
+++ b/jenkins/client/job/git-mirrors/downstream/debian-packages.yml
@@ -0,0 +1,9 @@
+classes:
+  - system.jenkins.client.job.git-mirrors.downstream
+parameters:
+  _param:
+    jenkins_git_mirror_downstream_jobs:
+      - name: debian-telegraf
+        downstream: debian/telegraf
+        upstream: "https://github.com/influxdata/telegraf.git"
+        branches: master
diff --git a/jenkins/client/job/git-mirrors/upstream/debian-packages.yml b/jenkins/client/job/git-mirrors/upstream/debian-packages.yml
new file mode 100644
index 0000000..82d48e4
--- /dev/null
+++ b/jenkins/client/job/git-mirrors/upstream/debian-packages.yml
@@ -0,0 +1,9 @@
+classes:
+  - system.jenkins.client.job.git-mirrors.upstream
+parameters:
+  _param:
+    jenkins_git_mirror_upstream_jobs:
+      - name: debian-telegraf
+        downstream: debian/telegraf
+        upstream: "git@github.com:Mirantis/telegraf.git"
+        branches: master
diff --git a/keystone/client/service/radosgw-s3.yml b/keystone/client/service/radosgw-s3.yml
index 00efe1b..06d8299 100644
--- a/keystone/client/service/radosgw-s3.yml
+++ b/keystone/client/service/radosgw-s3.yml
@@ -1,6 +1,7 @@
 parameters:
   _param:
     cluster_public_protocol: https
+    radosgw_s3_cluster_port: 8081
   keystone:
     client:
       server:
@@ -20,11 +21,11 @@
                 - region: ${_param:openstack_region}
                   public_address: ${_param:cluster_public_host}
                   public_protocol: ${_param:cluster_public_protocol}
-                  public_port: 8081
+                  public_port: ${_param:radosgw_s3_cluster_port}
                   public_path: '/' # /$(project_id)s
                   internal_address: ${_param:radosgw_service_host}
-                  internal_port: 8081
+                  internal_port: ${_param:radosgw_s3_cluster_port}
                   internal_path: '/'
                   admin_address: ${_param:radosgw_service_host}
-                  admin_port: 8081
+                  admin_port: ${_param:radosgw_s3_cluster_port}
                   admin_path: '/'
diff --git a/keystone/client/service/swift-s3.yml b/keystone/client/service/swift-s3.yml
index 7bc1373..5880487c9 100644
--- a/keystone/client/service/swift-s3.yml
+++ b/keystone/client/service/swift-s3.yml
@@ -16,7 +16,7 @@
             swift-s3:
               type: object-store
               description: S3 Service (swift)
-              region: ${_param:keystone_region}
+              region: ${_param:openstack_region}
               endpoints:
                 - region: ${_param:openstack_region}
                   public_address: ${_param:cluster_public_host}
diff --git a/linux/system/single.yml b/linux/system/single.yml
index fad25ae..89782ea 100644
--- a/linux/system/single.yml
+++ b/linux/system/single.yml
@@ -11,6 +11,8 @@
           version: latest
         cloud-init:
           version: purged
+        mcelog:
+          version: latest
       kernel:
         modules:
           - nf_conntrack
@@ -50,9 +52,9 @@
               item: nofile
               value: 307200
             - type: soft
-              item: noproc
+              item: nproc
               value: 307200
             - type: hard
-              item: noproc
+              item: nproc
               value: 307200
 
diff --git a/rundeck/client/init.yml b/rundeck/client/init.yml
new file mode 100644
index 0000000..31b7ee9
--- /dev/null
+++ b/rundeck/client/init.yml
@@ -0,0 +1,19 @@
+classes:
+  - service.rundeck.client
+parameters:
+  _param:
+    rundeck_client_host: ${_param:haproxy_rundeck_bind_host}
+    rundeck_client_port: ${_param:haproxy_rundeck_bind_port}
+    rundeck_client_https: ${_param:haproxy_rundeck_ssl:enabled}
+    rundeck_client_username: ${_param:rundeck_admin_username}
+    rundeck_client_password: ${_param:rundeck_admin_password}
+  rundeck:
+    client:
+      server:
+        endpoint:
+          host: ${_param:rundeck_client_host}
+          port: ${_param:rundeck_client_port}
+          https: ${_param:rundeck_client_https}
+        credentials:
+          username: ${_param:rundeck_client_username}
+          password: ${_param:rundeck_client_password}
diff --git a/rundeck/client/project/cicd.yml b/rundeck/client/project/cicd.yml
new file mode 100644
index 0000000..e33fcae
--- /dev/null
+++ b/rundeck/client/project/cicd.yml
@@ -0,0 +1,22 @@
+parameters:
+  rundeck:
+    client:
+      project:
+        cicd:
+          description: "CI/CD Runbooks"
+          node:
+            node01:
+              nodename: ${_param:cluster_node01_name}.${_param:cluster_domain}
+              hostname: ${_param:cluster_node01_address}
+              username: ${_param:rundeck_runbook_user}
+              tags: [cicd, docker]
+            node02:
+              nodename: ${_param:cluster_node02_name}.${_param:cluster_domain}
+              hostname: ${_param:cluster_node02_address}
+              username: ${_param:rundeck_runbook_user}
+              tags: [cicd, docker]
+            node03:
+              nodename: ${_param:cluster_node03_name}.${_param:cluster_domain}
+              hostname: ${_param:cluster_node03_address}
+              username: ${_param:rundeck_runbook_user}
+              tags: [cicd, docker]
diff --git a/rundeck/client/runbook.yml b/rundeck/client/runbook.yml
new file mode 100644
index 0000000..cb94025
--- /dev/null
+++ b/rundeck/client/runbook.yml
@@ -0,0 +1,22 @@
+classes:
+  - service.rundeck.common
+parameters:
+  linux:
+    system:
+      user:
+        runbook:
+          enabled: true
+          name: ${_param:rundeck_runbook_user}
+          system: true
+          sudo: true
+          full_name: Rundeck Remote
+          home: /var/lib/runbook
+  openssh:
+    server:
+      enabled: true
+      user:
+        runbook:
+          enabled: true
+          public_keys:
+            - key: ${_param:rundeck_runbook_public_key}
+          user: ${linux:system:user:runbook}
diff --git a/rundeck/server/docker.yml b/rundeck/server/docker.yml
new file mode 100644
index 0000000..3406b6a
--- /dev/null
+++ b/rundeck/server/docker.yml
@@ -0,0 +1,19 @@
+classes:
+  - service.rundeck.common
+  - service.rundeck.server.single
+parameters:
+  rundeck:
+    server:
+      user:
+        uid: 550
+        gid: 550
+      home_dir: /srv/volumes/rundeck
+      root_dir: /srv/volumes/rundeck
+      api:
+        host: ${_param:haproxy_rundeck_bind_host}
+        port: ${_param:haproxy_rundeck_bind_port}
+        https: ${_param:haproxy_rundeck_ssl:enabled}
+      ssh:
+        user: ${_param:rundeck_runbook_user}
+        private_key: ${_param:rundeck_runbook_private_key}
+        public_key: ${_param:rundeck_runbook_public_key}
diff --git a/salt/master/formula/git/oss.yml b/salt/master/formula/git/oss.yml
index 5c9577a..e927387 100644
--- a/salt/master/formula/git/oss.yml
+++ b/salt/master/formula/git/oss.yml
@@ -14,3 +14,13 @@
               source: git
               address: '${_param:salt_master_oss_repository}/devops-portal.git'
               revision: ${_param:salt_master_oss_revision}
+            rundeck:
+              module:
+                rundeck.py:
+                  enabled: true
+              state:
+                rundeck_project.py:
+                  enabled: true
+              source: git
+              address: '${_param:salt_master_oss_repository}/rundeck.git'
+              revision: ${_param:salt_master_oss_revision}
diff --git a/salt/master/formula/pkg/oss.yml b/salt/master/formula/pkg/oss.yml
index 1c0e90a..45739d2 100644
--- a/salt/master/formula/pkg/oss.yml
+++ b/salt/master/formula/pkg/oss.yml
@@ -7,3 +7,6 @@
             devops_portal:
               source: pkg
               name: salt-formula-devops-portal
+            rundeck:
+              source: pkg
+              name: salt-formula-rundeck