Merge "Trigger Jenkins test jobs for '2018.8.1' branch of formulas as well"
diff --git a/aodh/server/cluster.yml b/aodh/server/cluster.yml
index db6b39b..444050a 100644
--- a/aodh/server/cluster.yml
+++ b/aodh/server/cluster.yml
@@ -4,6 +4,7 @@
- service.haproxy.proxy.single
- system.haproxy.proxy.listen.openstack.aodh
- system.keepalived.cluster.instance.openstack_telemetry_vip
+- system.salt.minion.cert.rabbitmq.clients.openstack.aodh
parameters:
_param:
openstack_event_alarm_topic: alarm.all
@@ -11,6 +12,9 @@
aodh_alarm_history_ttl: 2592000
openstack_mysql_x509_enabled: False
galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
cron:
@@ -53,9 +57,10 @@
user: aodh
password: ${_param:keystone_aodh_password}
region: ${_param:openstack_region}
+ protocol: ${_param:cluster_internal_protocol}
message_queue:
engine: rabbitmq
- port: 5672
+ port: ${_param:openstack_rabbitmq_port}
user: openstack
password: ${_param:rabbitmq_openstack_password}
virtual_host: '/openstack'
@@ -63,6 +68,13 @@
- host: ${_param:openstack_message_queue_node01_address}
- host: ${_param:openstack_message_queue_node02_address}
- host: ${_param:openstack_message_queue_node03_address}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_aodh_ssl_ca_file}
+ key_file: ${_param:rabbitmq_aodh_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_aodh_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
# Check for expired alarm history every day at 2 AM
expirer:
cron:
diff --git a/aodh/server/single.yml b/aodh/server/single.yml
index f20195f..2dfdea9 100644
--- a/aodh/server/single.yml
+++ b/aodh/server/single.yml
@@ -1,6 +1,7 @@
classes:
- service.aodh.server.single
- system.salt.minion.cert.mysql.clients.openstack.aodh
+- system.salt.minion.cert.rabbitmq.clients.openstack.aodh
parameters:
_param:
openstack_event_alarm_topic: alarm.all
@@ -8,6 +9,9 @@
aodh_alarm_history_ttl: 2592000
openstack_mysql_x509_enabled: False
galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
cron:
@@ -24,12 +28,22 @@
cert_file: ${_param:mysql_aodh_client_ssl_cert_file}
ssl:
enabled: ${_param:galera_ssl_enabled}
+ message_queue:
+ port: ${_param:openstack_rabbitmq_port}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_aodh_ssl_ca_file}
+ key_file: ${_param:rabbitmq_aodh_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_aodh_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
ttl: ${_param:aodh_alarm_history_ttl}
role: ${_param:openstack_node_role}
region: ${_param:openstack_region}
event_alarm_topic: ${_param:openstack_event_alarm_topic}
identity:
region: ${_param:openstack_region}
+ protocol: ${_param:internal_protocol}
# Check for expired alarm history every day at 2 AM
expirer:
cron:
diff --git a/apache/server/proxy/init.yml b/apache/server/proxy/init.yml
new file mode 100644
index 0000000..06921f8
--- /dev/null
+++ b/apache/server/proxy/init.yml
@@ -0,0 +1,7 @@
+parameters:
+ apache:
+ server:
+ modules:
+ - proxy
+ - proxy_http
+ - headers
diff --git a/apache/server/site/manila.yml b/apache/server/site/manila.yml
index cecf1d4..3080d1d 100644
--- a/apache/server/site/manila.yml
+++ b/apache/server/site/manila.yml
@@ -12,6 +12,8 @@
server:
enabled: true
default_mpm: event
+ modules:
+ - wsgi
site:
manila:
enabled: false
diff --git a/barbican/server/cluster.yml b/barbican/server/cluster.yml
index 972c05d..7e4c0e4 100644
--- a/barbican/server/cluster.yml
+++ b/barbican/server/cluster.yml
@@ -1,9 +1,16 @@
classes:
- service.barbican.server.cluster
- system.haproxy.proxy.listen.openstack.barbican
+- system.salt.minion.cert.mysql.clients.openstack.barbican
+- system.salt.minion.cert.rabbitmq.clients.openstack.barbican
parameters:
_param:
cluster_internal_protocol: 'http'
+ openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
barbican:
server:
role: ${_param:openstack_node_role}
@@ -11,6 +18,22 @@
protocol: ${_param:cluster_internal_protocol}
database:
host: ${_param:openstack_database_address}
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_barbican_ssl_ca_file}
+ key_file: ${_param:mysql_barbican_client_ssl_key_file}
+ cert_file: ${_param:mysql_barbican_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
+ message_queue:
+ port: ${_param:openstack_rabbitmq_port}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_barbican_ssl_ca_file}
+ key_file: ${_param:rabbitmq_barbican_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_barbican_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
linux:
system:
package:
diff --git a/barbican/server/single.yml b/barbican/server/single.yml
index 207957f..befad42 100644
--- a/barbican/server/single.yml
+++ b/barbican/server/single.yml
@@ -1,13 +1,37 @@
classes:
- service.barbican.server.single
+- system.salt.minion.cert.mysql.clients.openstack.barbican
+- system.salt.minion.cert.rabbitmq.clients.openstack.barbican
parameters:
_param:
internal_protocol: 'http'
+ openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
barbican:
server:
+ database:
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_barbican_ssl_ca_file}
+ key_file: ${_param:mysql_barbican_client_ssl_key_file}
+ cert_file: ${_param:mysql_barbican_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
role: ${_param:openstack_node_role}
identity:
protocol: ${_param:internal_protocol}
+ message_queue:
+ port: ${_param:openstack_rabbitmq_port}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_barbican_ssl_ca_file}
+ key_file: ${_param:rabbitmq_barbican_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_barbican_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
linux:
system:
package:
diff --git a/ceilometer/agent/cluster.yml b/ceilometer/agent/cluster.yml
index a598ee5..cadbaa9 100644
--- a/ceilometer/agent/cluster.yml
+++ b/ceilometer/agent/cluster.yml
@@ -1,6 +1,11 @@
classes:
- service.ceilometer.agent.cluster
+- system.salt.minion.cert.rabbitmq.clients.openstack.ceilometer
parameters:
+ _param:
+ openstack_rabbitmq_port: 5672
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
ceilometer:
agent:
region: ${_param:openstack_region}
@@ -15,7 +20,9 @@
user: ceilometer
password: ${_param:keystone_ceilometer_password}
region: ${_param:openstack_region}
+ protocol: ${_param:cluster_internal_protocol}
message_queue:
+ port: ${_param:openstack_rabbitmq_port}
engine: rabbitmq
members:
- host: ${_param:openstack_message_queue_node01_address}
@@ -25,6 +32,13 @@
password: ${_param:rabbitmq_openstack_password}
virtual_host: '/openstack'
ha_queues: true
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_ceilometer_ssl_ca_file}
+ key_file: ${_param:rabbitmq_ceilometer_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_ceilometer_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
nova:
compute:
notification:
diff --git a/ceilometer/agent/single.yml b/ceilometer/agent/single.yml
index ebb1d60..3803d12 100644
--- a/ceilometer/agent/single.yml
+++ b/ceilometer/agent/single.yml
@@ -1,2 +1,21 @@
classes:
- service.ceilometer.agent.single
+- system.salt.minion.cert.rabbitmq.clients.openstack.ceilometer
+parameters:
+ _param:
+ openstack_rabbitmq_port: 5672
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ ceilometer:
+ agent:
+ identity:
+ protocol: ${_param:internal_protocol}
+ message_queue:
+ port: ${_param:openstack_rabbitmq_port}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_ceilometer_ssl_ca_file}
+ key_file: ${_param:rabbitmq_ceilometer_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_ceilometer_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
diff --git a/ceilometer/agent/telemetry/cluster.yml b/ceilometer/agent/telemetry/cluster.yml
index bc67493..56ca6cc 100644
--- a/ceilometer/agent/telemetry/cluster.yml
+++ b/ceilometer/agent/telemetry/cluster.yml
@@ -1,6 +1,11 @@
classes:
- service.ceilometer.agent.cluster.common
+- system.salt.minion.cert.rabbitmq.clients.openstack.ceilometer
parameters:
+ _param:
+ openstack_rabbitmq_port: 5672
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
ceilometer:
agent:
region: ${_param:openstack_region}
@@ -15,7 +20,9 @@
user: ceilometer
password: ${_param:keystone_ceilometer_password}
region: ${_param:openstack_region}
+ protocol: ${_param:cluster_internal_protocol}
message_queue:
+ port: ${_param:openstack_rabbitmq_port}
engine: rabbitmq
members:
- host: ${_param:openstack_message_queue_node01_address}
@@ -25,6 +32,13 @@
password: ${_param:rabbitmq_openstack_password}
virtual_host: '/openstack'
ha_queues: true
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_ceilometer_ssl_ca_file}
+ key_file: ${_param:rabbitmq_ceilometer_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_ceilometer_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
nova:
compute:
notification:
diff --git a/ceilometer/agent/telemetry/single.yml b/ceilometer/agent/telemetry/single.yml
index 6b42537..a5fcd51 100644
--- a/ceilometer/agent/telemetry/single.yml
+++ b/ceilometer/agent/telemetry/single.yml
@@ -1,2 +1,21 @@
classes:
- service.ceilometer.agent.single.common
+- system.salt.minion.cert.rabbitmq.clients.openstack.ceilometer
+parameters:
+ _param:
+ openstack_rabbitmq_port: 5672
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ ceilometer:
+ agent:
+ message_queue:
+ port: ${_param:openstack_rabbitmq_port}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_ceilometer_ssl_ca_file}
+ key_file: ${_param:rabbitmq_ceilometer_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_ceilometer_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
+ identity:
+ protocol: ${_param:internal_protocol}
diff --git a/ceilometer/server/cluster.yml b/ceilometer/server/cluster.yml
index ad804f8..31a0abe 100644
--- a/ceilometer/server/cluster.yml
+++ b/ceilometer/server/cluster.yml
@@ -4,7 +4,12 @@
- service.haproxy.proxy.single
- system.haproxy.proxy.listen.openstack.ceilometer
- system.keepalived.cluster.instance.openstack_telemetry_vip
+- system.salt.minion.cert.rabbitmq.clients.openstack.ceilometer
parameters:
+ _param:
+ openstack_rabbitmq_port: 5672
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
ceilometer:
server:
enabled: true
@@ -30,12 +35,21 @@
user: ceilometer
password: ${_param:keystone_ceilometer_password}
region: ${_param:openstack_region}
+ protocol: ${_param:cluster_internal_protocol}
message_queue:
+ port: ${_param:openstack_rabbitmq_port}
engine: rabbitmq
members:
- host: ${_param:openstack_message_queue_node01_address}
- host: ${_param:openstack_message_queue_node02_address}
- host: ${_param:openstack_message_queue_node03_address}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_ceilometer_ssl_ca_file}
+ key_file: ${_param:rabbitmq_ceilometer_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_ceilometer_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
user: openstack
password: ${_param:rabbitmq_openstack_password}
virtual_host: '/openstack'
diff --git a/ceilometer/server/single.yml b/ceilometer/server/single.yml
index ae642f1..37feddc 100644
--- a/ceilometer/server/single.yml
+++ b/ceilometer/server/single.yml
@@ -1,6 +1,11 @@
classes:
- service.ceilometer.server.single
+- system.salt.minion.cert.rabbitmq.clients.openstack.ceilometer
parameters:
+ _param:
+ openstack_rabbitmq_port: 5672
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
ceilometer:
server:
role: ${_param:openstack_node_role}
@@ -15,3 +20,14 @@
enabled: true
host: ${_param:stacklight_monitor_address}
port: 9200
+ message_queue:
+ port: ${_param:openstack_rabbitmq_port}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_ceilometer_ssl_ca_file}
+ key_file: ${_param:rabbitmq_ceilometer_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_ceilometer_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
+ identity:
+ protocol: ${_param:cluster_internal_protocol}
diff --git a/ceilometer/server/telemetry/cluster.yml b/ceilometer/server/telemetry/cluster.yml
index fdf3e03..a887536 100644
--- a/ceilometer/server/telemetry/cluster.yml
+++ b/ceilometer/server/telemetry/cluster.yml
@@ -2,7 +2,12 @@
classes:
- service.ceilometer.server.cluster.common
- system.keepalived.cluster.instance.openstack_telemetry_vip
+- system.salt.minion.cert.rabbitmq.clients.openstack.ceilometer
parameters:
+ _param:
+ openstack_rabbitmq_port: 5672
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
ceilometer:
server:
enabled: true
@@ -26,7 +31,9 @@
user: ceilometer
password: ${_param:keystone_ceilometer_password}
region: ${_param:openstack_region}
+ protocol: ${_param:cluster_internal_protocol}
message_queue:
+ port: ${_param:openstack_rabbitmq_port}
engine: rabbitmq
members:
- host: ${_param:openstack_message_queue_node01_address}
@@ -35,3 +42,10 @@
user: openstack
password: ${_param:rabbitmq_openstack_password}
virtual_host: '/openstack'
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_ceilometer_ssl_ca_file}
+ key_file: ${_param:rabbitmq_ceilometer_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_ceilometer_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
diff --git a/ceilometer/server/telemetry/single.yml b/ceilometer/server/telemetry/single.yml
index 2d8828c..9ff35d1 100644
--- a/ceilometer/server/telemetry/single.yml
+++ b/ceilometer/server/telemetry/single.yml
@@ -1,6 +1,22 @@
classes:
- service.ceilometer.server.single.common
+- system.salt.minion.cert.rabbitmq.clients.openstack.ceilometer
parameters:
+ _param:
+ openstack_rabbitmq_port: 5672
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
ceilometer:
server:
role: ${_param:openstack_node_role}
+ message_queue:
+ port: ${_param:openstack_rabbitmq_port}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_ceilometer_ssl_ca_file}
+ key_file: ${_param:rabbitmq_ceilometer_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_ceilometer_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
+ identity:
+ protocol: ${_param:internal_protocol}
diff --git a/cinder/control/cluster.yml b/cinder/control/cluster.yml
index 5bc5c75..e4a0718 100644
--- a/cinder/control/cluster.yml
+++ b/cinder/control/cluster.yml
@@ -4,11 +4,15 @@
- service.keepalived.cluster.single
- system.haproxy.proxy.listen.openstack.cinder
- system.salt.minion.cert.mysql.clients.openstack.cinder
+- system.salt.minion.cert.rabbitmq.clients.openstack.cinder
parameters:
_param:
cluster_internal_protocol: 'http'
openstack_mysql_x509_enabled: False
galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
package:
@@ -59,6 +63,7 @@
port: 9292
protocol: ${_param:cluster_internal_protocol}
message_queue:
+ port: ${_param:openstack_rabbitmq_port}
engine: rabbitmq
members:
- host: ${_param:openstack_message_queue_node01_address}
@@ -67,6 +72,13 @@
user: openstack
password: ${_param:rabbitmq_openstack_password}
virtual_host: '/openstack'
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_cinder_ssl_ca_file}
+ key_file: ${_param:rabbitmq_cinder_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_cinder_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
cache:
engine: memcached
members:
diff --git a/cinder/control/single.yml b/cinder/control/single.yml
index f38cfb4..0d29e31 100644
--- a/cinder/control/single.yml
+++ b/cinder/control/single.yml
@@ -1,11 +1,15 @@
classes:
- service.cinder.control.single
- system.salt.minion.cert.mysql.clients.openstack.cinder
+- system.salt.minion.cert.rabbitmq.clients.openstack.cinder
parameters:
_param:
internal_protocol: 'http'
openstack_mysql_x509_enabled: False
galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
package:
@@ -31,4 +35,13 @@
identity:
protocol: ${_param:internal_protocol}
region: ${_param:openstack_region}
+ message_queue:
+ port: ${_param:openstack_rabbitmq_port}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_cinder_ssl_ca_file}
+ key_file: ${_param:rabbitmq_cinder_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_cinder_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
diff --git a/cinder/volume/local.yml b/cinder/volume/local.yml
index 51c3ba8..b0e179a 100644
--- a/cinder/volume/local.yml
+++ b/cinder/volume/local.yml
@@ -1,10 +1,14 @@
classes:
- service.cinder.volume.local
- system.salt.minion.cert.mysql.clients.openstack.cinder
+- system.salt.minion.cert.rabbitmq.clients.openstack.cinder
parameters:
_param:
openstack_mysql_x509_enabled: False
galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
cinder:
volume:
enabled: True
@@ -20,7 +24,15 @@
glance:
host: ${_param:single_address}
message_queue:
+ port: ${_param:openstack_rabbitmq_port}
host: ${_param:single_address}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_cinder_ssl_ca_file}
+ key_file: ${_param:rabbitmq_cinder_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_cinder_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
identity:
host: ${_param:single_address}
region: ${_param:openstack_region}
diff --git a/cinder/volume/single.yml b/cinder/volume/single.yml
index f6d4503..03c4b3c 100644
--- a/cinder/volume/single.yml
+++ b/cinder/volume/single.yml
@@ -1,11 +1,15 @@
classes:
- service.cinder.volume.single
- system.salt.minion.cert.mysql.clients.openstack.cinder
+- system.salt.minion.cert.rabbitmq.clients.openstack.cinder
parameters:
_param:
cluster_internal_protocol: 'http'
openstack_mysql_x509_enabled: False
galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
package:
@@ -28,10 +32,18 @@
host: ${_param:openstack_control_address}
protocol: ${_param:cluster_internal_protocol}
message_queue:
+ port: ${_param:openstack_rabbitmq_port}
members:
- host: ${_param:openstack_message_queue_node01_address}
- host: ${_param:openstack_message_queue_node02_address}
- host: ${_param:openstack_message_queue_node03_address}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_cinder_ssl_ca_file}
+ key_file: ${_param:rabbitmq_cinder_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_cinder_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
identity:
host: ${_param:openstack_control_address}
protocol: ${_param:cluster_internal_protocol}
diff --git a/designate/server/cluster/default.yml b/designate/server/cluster/default.yml
index de2eb43..1e8076e 100644
--- a/designate/server/cluster/default.yml
+++ b/designate/server/cluster/default.yml
@@ -3,10 +3,17 @@
- service.haproxy.proxy.single
- system.haproxy.proxy.listen.openstack.designate
- service.designate.server.cluster
+- system.salt.minion.cert.mysql.clients.openstack.designate
+- system.salt.minion.cert.rabbitmq.clients.openstack.designate
parameters:
_param:
designate_admin_api_enabled: false
cluster_internal_protocol: 'http'
+ openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
package:
@@ -36,6 +43,13 @@
pool_manager: designate_pool_manager
user: designate
password: ${_param:mysql_designate_password}
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_designate_ssl_ca_file}
+ key_file: ${_param:mysql_designate_client_ssl_key_file}
+ cert_file: ${_param:mysql_designate_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
identity:
engine: keystone
host: ${_param:openstack_control_address}
@@ -49,11 +63,18 @@
address: ${_param:single_address}
message_queue:
engine: rabbitmq
- port: 5672
+ port: ${_param:openstack_rabbitmq_port}
members:
- host: ${_param:openstack_message_queue_node01_address}
- host: ${_param:openstack_message_queue_node02_address}
- host: ${_param:openstack_message_queue_node03_address}
user: openstack
password: ${_param:rabbitmq_openstack_password}
- virtual_host: '/openstack'
\ No newline at end of file
+ virtual_host: '/openstack'
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_designate_ssl_ca_file}
+ key_file: ${_param:rabbitmq_designate_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_designate_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
diff --git a/designate/server/cluster/simple.yml b/designate/server/cluster/simple.yml
index 06c6a33..459ab96 100644
--- a/designate/server/cluster/simple.yml
+++ b/designate/server/cluster/simple.yml
@@ -1,12 +1,16 @@
classes:
- service.designate.server.cluster
- system.salt.minion.cert.mysql.clients.openstack.designate
+- system.salt.minion.cert.rabbitmq.clients.openstack.designate
parameters:
_param:
designate_admin_api_enabled: false
cluster_internal_protocol: 'http'
openstack_mysql_x509_enabled: False
galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
package:
@@ -56,7 +60,7 @@
address: ${_param:single_address}
message_queue:
engine: rabbitmq
- port: 5672
+ port: ${_param:openstack_rabbitmq_port}
members:
- host: ${_param:openstack_message_queue_node01_address}
- host: ${_param:openstack_message_queue_node02_address}
@@ -64,6 +68,13 @@
user: openstack
password: ${_param:rabbitmq_openstack_password}
virtual_host: '/openstack'
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_designate_ssl_ca_file}
+ key_file: ${_param:rabbitmq_designate_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_designate_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
pools:
default:
description: 'default pool'
diff --git a/designate/server/single.yml b/designate/server/single.yml
index 1bb51cb..e89afe1 100644
--- a/designate/server/single.yml
+++ b/designate/server/single.yml
@@ -1,12 +1,16 @@
classes:
- service.designate.server.single
- system.salt.minion.cert.mysql.clients.openstack.designate
+- system.salt.minion.cert.rabbitmq.clients.openstack.designate
parameters:
_param:
designate_admin_api_enabled: false
internal_protocol: 'http'
openstack_mysql_x509_enabled: False
galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
package:
@@ -54,10 +58,17 @@
message_queue:
engine: rabbitmq
host: ${_param:cluster_vip_address}
- port: 5672
+ port: ${_param:openstack_rabbitmq_port}
user: openstack
password: ${_param:rabbitmq_openstack_password}
virtual_host: '/openstack'
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_designate_ssl_ca_file}
+ key_file: ${_param:rabbitmq_designate_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_designate_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
pools:
default:
description: 'default pool'
diff --git a/docker/host.yml b/docker/host.yml
index aef7a32..bb3dffa 100644
--- a/docker/host.yml
+++ b/docker/host.yml
@@ -1,6 +1,8 @@
classes:
- service.docker.host
parameters:
+ _param:
+ docker_garbage_collection_enabled: false
docker:
host:
pkgs:
@@ -14,3 +16,16 @@
ipv6: true
fixed-cidr-v6: fc00::/7
storage-driver: overlay2
+ linux:
+ system:
+ cron:
+ user:
+ root:
+ enabled: true
+ job:
+ docker_garbage_collection:
+ command: docker system prune -f --filter until=$(date +%s -d "1 week ago")
+ enabled: ${_param:docker_garbage_collection_enabled}
+ user: root
+ hour: 6
+ minute: 0
diff --git a/galera/server/database/manila.yml b/galera/server/database/manila.yml
index 3339b83..d233ce9 100644
--- a/galera/server/database/manila.yml
+++ b/galera/server/database/manila.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ mysql_manila_ssl_option: []
mysql:
server:
database:
@@ -9,7 +11,9 @@
password: ${_param:mysql_manila_password}
host: '%'
rights: all
+ ssl_option: ${_param:mysql_manila_ssl_option}
- name: manila
password: ${_param:mysql_manila_password}
host: ${_param:cluster_local_address}
rights: all
+ ssl_option: ${_param:mysql_manila_ssl_option}
diff --git a/galera/server/database/ssl/barbican.yml b/galera/server/database/ssl/barbican.yml
new file mode 100644
index 0000000..1b1c7c1
--- /dev/null
+++ b/galera/server/database/ssl/barbican.yml
@@ -0,0 +1,4 @@
+parameters:
+ _param:
+ mysql_barbican_ssl_option:
+ - SSL: True
\ No newline at end of file
diff --git a/galera/server/database/ssl/gnocchi.yml b/galera/server/database/ssl/gnocchi.yml
new file mode 100644
index 0000000..c1bb459
--- /dev/null
+++ b/galera/server/database/ssl/gnocchi.yml
@@ -0,0 +1,4 @@
+parameters:
+ _param:
+ mysql_gnocchi_ssl_option:
+ - SSL: True
\ No newline at end of file
diff --git a/galera/server/database/ssl/ironic.yaml b/galera/server/database/ssl/ironic.yaml
new file mode 100644
index 0000000..eeb9dbb
--- /dev/null
+++ b/galera/server/database/ssl/ironic.yaml
@@ -0,0 +1,4 @@
+parameters:
+ _param:
+ mysql_ironic_ssl_option:
+ - SSL: True
\ No newline at end of file
diff --git a/galera/server/database/ssl/manila.yml b/galera/server/database/ssl/manila.yml
new file mode 100644
index 0000000..c3b30dd
--- /dev/null
+++ b/galera/server/database/ssl/manila.yml
@@ -0,0 +1,4 @@
+parameters:
+ _param:
+ mysql_manila_ssl_option:
+ - SSL: True
\ No newline at end of file
diff --git a/galera/server/database/ssl/panko.yml b/galera/server/database/ssl/panko.yml
new file mode 100644
index 0000000..ce1c504
--- /dev/null
+++ b/galera/server/database/ssl/panko.yml
@@ -0,0 +1,4 @@
+parameters:
+ _param:
+ mysql_panko_ssl_option:
+ - SSL: True
\ No newline at end of file
diff --git a/galera/server/database/x509/barbican.yml b/galera/server/database/x509/barbican.yml
new file mode 100644
index 0000000..ae1865f
--- /dev/null
+++ b/galera/server/database/x509/barbican.yml
@@ -0,0 +1,7 @@
+parameters:
+ _param:
+ mysql_barbican_client_ssl_x509_subject: '/C=cz/CN=mysql-barbican-client/L=Prague/O=Mirantis'
+ mysql_barbican_client_ssl_x509_issuer: '/C=cz/CN=Salt Master CA/L=Prague/O=Mirantis'
+ mysql_barbican_ssl_option:
+ - SUBJECT: ${_param:mysql_barbican_client_ssl_x509_subject}
+ - ISSUER: ${_param:mysql_barbican_client_ssl_x509_issuer}
\ No newline at end of file
diff --git a/galera/server/database/x509/gnocchi.yml b/galera/server/database/x509/gnocchi.yml
new file mode 100644
index 0000000..5cb3c58
--- /dev/null
+++ b/galera/server/database/x509/gnocchi.yml
@@ -0,0 +1,7 @@
+parameters:
+ _param:
+ mysql_gnocchi_client_ssl_x509_subject: '/C=cz/CN=mysql-gnocchi-client/L=Prague/O=Mirantis'
+ mysql_gnocchi_client_ssl_x509_issuer: '/C=cz/CN=Salt Master CA/L=Prague/O=Mirantis'
+ mysql_gnocchi_ssl_option:
+ - SUBJECT: ${_param:mysql_gnocchi_client_ssl_x509_subject}
+ - ISSUER: ${_param:mysql_gnocchi_client_ssl_x509_issuer}
\ No newline at end of file
diff --git a/galera/server/database/x509/ironic.yml b/galera/server/database/x509/ironic.yml
new file mode 100644
index 0000000..85082f5
--- /dev/null
+++ b/galera/server/database/x509/ironic.yml
@@ -0,0 +1,7 @@
+parameters:
+ _param:
+ mysql_ironic_client_ssl_x509_subject: '/C=cz/CN=mysql-ironic-client/L=Prague/O=Mirantis'
+ mysql_ironic_client_ssl_x509_issuer: '/C=cz/CN=Salt Master CA/L=Prague/O=Mirantis'
+ mysql_ironic_ssl_option:
+ - SUBJECT: ${_param:mysql_ironic_client_ssl_x509_subject}
+ - ISSUER: ${_param:mysql_ironic_client_ssl_x509_issuer}
\ No newline at end of file
diff --git a/galera/server/database/x509/manila.yml b/galera/server/database/x509/manila.yml
new file mode 100644
index 0000000..15e6c88
--- /dev/null
+++ b/galera/server/database/x509/manila.yml
@@ -0,0 +1,7 @@
+parameters:
+ _param:
+ mysql_manila_client_ssl_x509_subject: '/C=cz/CN=mysql-manila-client/L=Prague/O=Mirantis'
+ mysql_manila_client_ssl_x509_issuer: '/C=cz/CN=Salt Master CA/L=Prague/O=Mirantis'
+ mysql_manila_ssl_option:
+ - SUBJECT: ${_param:mysql_manila_client_ssl_x509_subject}
+ - ISSUER: ${_param:mysql_manila_client_ssl_x509_issuer}
\ No newline at end of file
diff --git a/galera/server/database/x509/panko.yml b/galera/server/database/x509/panko.yml
new file mode 100644
index 0000000..15c37bf
--- /dev/null
+++ b/galera/server/database/x509/panko.yml
@@ -0,0 +1,7 @@
+parameters:
+ _param:
+ mysql_panko_client_ssl_x509_subject: '/C=cz/CN=mysql-panko-client/L=Prague/O=Mirantis'
+ mysql_panko_client_ssl_x509_issuer: '/C=cz/CN=Salt Master CA/L=Prague/O=Mirantis'
+ mysql_panko_ssl_option:
+ - SUBJECT: ${_param:mysql_panko_client_ssl_x509_subject}
+ - ISSUER: ${_param:mysql_panko_client_ssl_x509_issuer}
\ No newline at end of file
diff --git a/glance/control/cluster.yml b/glance/control/cluster.yml
index a9181de..c69cf55 100644
--- a/glance/control/cluster.yml
+++ b/glance/control/cluster.yml
@@ -4,10 +4,14 @@
- service.haproxy.proxy.single
- system.haproxy.proxy.listen.openstack.glance
- system.salt.minion.cert.mysql.clients.openstack.glance
+- system.salt.minion.cert.rabbitmq.clients.openstack.glance
parameters:
_param:
openstack_mysql_x509_enabled: False
galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
cron:
@@ -41,6 +45,7 @@
registry:
host: ${_param:cluster_vip_address}
port: 9191
+ protocol: ${_param:cluster_internal_protocol}
bind:
address: ${_param:cluster_local_address}
port: 9292
@@ -52,9 +57,10 @@
password: ${_param:keystone_glance_password}
region: ${_param:openstack_region}
tenant: service
+ protocol: ${_param:cluster_internal_protocol}
message_queue:
engine: rabbitmq
- port: 5672
+ port: ${_param:openstack_rabbitmq_port}
user: openstack
password: ${_param:rabbitmq_openstack_password}
virtual_host: '/openstack'
@@ -62,6 +68,13 @@
- host: ${_param:openstack_message_queue_node01_address}
- host: ${_param:openstack_message_queue_node02_address}
- host: ${_param:openstack_message_queue_node03_address}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_glance_ssl_ca_file}
+ key_file: ${_param:rabbitmq_glance_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_glance_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
storage:
engine: file
images: []
diff --git a/glance/control/single.yml b/glance/control/single.yml
index a036077..a789a56 100644
--- a/glance/control/single.yml
+++ b/glance/control/single.yml
@@ -1,10 +1,14 @@
classes:
- service.glance.control.single
- system.salt.minion.cert.mysql.clients.openstack.glance
+- system.salt.minion.cert.rabbitmq.clients.openstack.glance
parameters:
_param:
openstack_mysql_x509_enabled: False
galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
cron:
@@ -29,4 +33,16 @@
enabled: ${_param:galera_ssl_enabled}
identity:
region: ${_param:openstack_region}
+ protocol: ${_param:internal_protocol}
+ registry:
+ protocol: ${_param:internal_protocol}
show_multiple_locations: True
+ message_queue:
+ port: ${_param:openstack_rabbitmq_port}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_glance_ssl_ca_file}
+ key_file: ${_param:rabbitmq_glance_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_glance_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
diff --git a/glusterfs/server/cluster.yml b/glusterfs/server/cluster.yml
index 16453c9..f7c520e 100644
--- a/glusterfs/server/cluster.yml
+++ b/glusterfs/server/cluster.yml
@@ -8,6 +8,7 @@
iptables:
enabled: false
server:
+ role: ${_param:glusterfs_node_role}
peers:
- ${_param:cluster_node01_address}
- ${_param:cluster_node02_address}
diff --git a/gnocchi/common/cluster.yml b/gnocchi/common/cluster.yml
new file mode 100644
index 0000000..8d7ae5e
--- /dev/null
+++ b/gnocchi/common/cluster.yml
@@ -0,0 +1,17 @@
+classes:
+- service.gnocchi.common.cluster
+- system.salt.minion.cert.mysql.clients.openstack.gnocchi
+parameters:
+ _param:
+ openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
+ gnocchi:
+ common:
+ database:
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_gnocchi_ssl_ca_file}
+ key_file: ${_param:mysql_gnocchi_client_ssl_key_file}
+ cert_file: ${_param:mysql_gnocchi_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
diff --git a/gnocchi/common/single.yml b/gnocchi/common/single.yml
new file mode 100644
index 0000000..1f68f5c
--- /dev/null
+++ b/gnocchi/common/single.yml
@@ -0,0 +1,17 @@
+classes:
+- service.gnocchi.common.single
+- system.salt.minion.cert.mysql.clients.openstack.gnocchi
+parameters:
+ _param:
+ openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
+ gnocchi:
+ common:
+ database:
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_gnocchi_ssl_ca_file}
+ key_file: ${_param:mysql_gnocchi_client_ssl_key_file}
+ cert_file: ${_param:mysql_gnocchi_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
diff --git a/gnocchi/server/cluster.yml b/gnocchi/server/cluster.yml
index ede63c5..7de3ede 100644
--- a/gnocchi/server/cluster.yml
+++ b/gnocchi/server/cluster.yml
@@ -19,6 +19,7 @@
identity:
host: ${_param:openstack_control_address}
region: ${_param:openstack_region}
+ protocol: ${_param:cluster_internal_protocol}
cache:
engine: memcached
members:
diff --git a/gnocchi/server/single.yml b/gnocchi/server/single.yml
index 11ddf39..c4e1547 100644
--- a/gnocchi/server/single.yml
+++ b/gnocchi/server/single.yml
@@ -6,6 +6,7 @@
role: ${_param:openstack_node_role}
identity:
region: ${_param:openstack_region}
+ protocol: ${_param:internal_protocol}
metricd:
metric_processing_delay: 15
metric_reporting_delay: 30
diff --git a/grafana/client/datasource/gnocchi.yml b/grafana/client/datasource/gnocchi.yml
new file mode 100644
index 0000000..4266fe7
--- /dev/null
+++ b/grafana/client/datasource/gnocchi.yml
@@ -0,0 +1,23 @@
+parameters:
+ _param:
+ grafana_gnocchi_is_default: false
+ grafana_gnocchi_ds_name: gnocchi
+ grafana_gnocchi_address: ${_param:gnocchi_public_host}
+ keystone_public_url_path: /identity
+ keystone_gnocchi_user: gnocchi
+ grafana_gnocchi_domain: default
+ grafana_gnocchi_project: service
+ grafana:
+ client:
+ datasource:
+ gnocchi:
+ type: gnocchixyz-gnocchi-datasource
+ name: ${_param:grafana_gnocchi_ds_name}
+ host: ${_param:grafana_gnocchi_address}
+ url_path: ${_param:keystone_public_url_path}
+ mode: keystone
+ domain: ${_param:grafana_gnocchi_domain}
+ project: ${_param:grafana_gnocchi_project}
+ user: ${_param:keystone_gnocchi_user}
+ password: ${_param:keystone_gnocchi_password}
+ is_default: ${_param:grafana_gnocchi_is_default}
diff --git a/grafana/client/datasource/influxdb.yml b/grafana/client/datasource/influxdb.yml
index 7abe22f..7e2a459 100644
--- a/grafana/client/datasource/influxdb.yml
+++ b/grafana/client/datasource/influxdb.yml
@@ -14,4 +14,3 @@
password: ${_param:grafana_influxdb_password}
database: ${_param:grafana_influxdb_database}
is_default: ${_param:grafana_influxdb_is_default}
-
diff --git a/haproxy/proxy/listen/opencontrail/control.yml b/haproxy/proxy/listen/opencontrail/control.yml
index 490d100..db407be 100644
--- a/haproxy/proxy/listen/opencontrail/control.yml
+++ b/haproxy/proxy/listen/opencontrail/control.yml
@@ -1,6 +1,8 @@
parameters:
_param:
opencontrail_stats_password: password
+ opencontrail_api_start_offset: 0
+ opencontrail_api_workers_count: 1
haproxy:
proxy:
listen:
@@ -15,14 +17,20 @@
host: ${_param:cluster_node01_address}
port: 9100
params: check inter 2000 rise 2 fall 3
+ port_range_length: ${_param:opencontrail_api_workers_count}
+ port_range_start_offset: ${_param:opencontrail_api_start_offset}
- name: ntw02
host: ${_param:cluster_node02_address}
port: 9100
params: check inter 2000 rise 2 fall 3
+ port_range_length: ${_param:opencontrail_api_workers_count}
+ port_range_start_offset: ${_param:opencontrail_api_start_offset}
- name: ntw03
host: ${_param:cluster_node03_address}
port: 9100
params: check inter 2000 rise 2 fall 3
+ port_range_length: ${_param:opencontrail_api_workers_count}
+ port_range_start_offset: ${_param:opencontrail_api_start_offset}
contrail_discovery:
type: contrail-api
service_name: contrail
diff --git a/haproxy/proxy/listen/openstack/aodh.yml b/haproxy/proxy/listen/openstack/aodh.yml
index acd6340..bf30f93 100644
--- a/haproxy/proxy/listen/openstack/aodh.yml
+++ b/haproxy/proxy/listen/openstack/aodh.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ haproxy_aodh-api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
haproxy:
proxy:
listen:
@@ -12,12 +14,12 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8042
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_aodh-api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8042
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_aodh-api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8042
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
\ No newline at end of file
+ params: ${_param:haproxy_aodh-api_check_params}
diff --git a/haproxy/proxy/listen/openstack/aodh_large.yml b/haproxy/proxy/listen/openstack/aodh_large.yml
new file mode 100644
index 0000000..b70e1fb
--- /dev/null
+++ b/haproxy/proxy/listen/openstack/aodh_large.yml
@@ -0,0 +1,31 @@
+parameters:
+ haproxy:
+ proxy:
+ listen:
+ aodh-api:
+ type: openstack-service
+ service_name: aodh
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 8042
+ servers:
+ - name: ${_param:cluster_node01_hostname}
+ host: ${_param:cluster_node01_address}
+ port: 8042
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node02_hostname}
+ host: ${_param:cluster_node02_address}
+ port: 8042
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node03_hostname}
+ host: ${_param:cluster_node03_address}
+ port: 8042
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node04_hostname}
+ host: ${_param:cluster_node04_address}
+ port: 8042
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node05_hostname}
+ host: ${_param:cluster_node05_address}
+ port: 8042
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
diff --git a/haproxy/proxy/listen/openstack/barbican.yml b/haproxy/proxy/listen/openstack/barbican.yml
index c1f9877..d4a35d9 100644
--- a/haproxy/proxy/listen/openstack/barbican.yml
+++ b/haproxy/proxy/listen/openstack/barbican.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ haproxy_barbican-api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ haproxy_barbican-admin-api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
haproxy:
proxy:
listen:
@@ -12,15 +15,15 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 9311
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_barbican-api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 9311
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_barbican-api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 9311
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_barbican-api_check_params}
barbican-admin-api:
type: openstack-service
service_name: barbican
@@ -31,12 +34,12 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 9312
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_barbican-admin-api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 9312
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_barbican-admin-api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 9312
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
\ No newline at end of file
+ params: ${_param:haproxy_barbican-admin-api_check_params}
diff --git a/haproxy/proxy/listen/openstack/ceilometer.yml b/haproxy/proxy/listen/openstack/ceilometer.yml
index 68eef43..563aa21 100644
--- a/haproxy/proxy/listen/openstack/ceilometer.yml
+++ b/haproxy/proxy/listen/openstack/ceilometer.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ haproxy_ceilometer_api_check_params: check
haproxy:
proxy:
listen:
@@ -12,12 +14,12 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8777
- params: check
+ params: ${_param:haproxy_ceilometer_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8777
- params: check
+ params: ${_param:haproxy_ceilometer_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8777
- params: check
\ No newline at end of file
+ params: ${_param:haproxy_ceilometer_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/ceilometer_large.yml b/haproxy/proxy/listen/openstack/ceilometer_large.yml
index 8b9fa7e..4ca55d9 100644
--- a/haproxy/proxy/listen/openstack/ceilometer_large.yml
+++ b/haproxy/proxy/listen/openstack/ceilometer_large.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ haproxy_ceilometer_api_check_params: check
haproxy:
proxy:
listen:
@@ -12,20 +14,20 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8777
- params: check
+ params: ${_param:haproxy_ceilometer_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8777
- params: check
+ params: ${_param:haproxy_ceilometer_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8777
- params: check
+ params: ${_param:haproxy_ceilometer_api_check_params}
- name: ${_param:cluster_node04_hostname}
host: ${_param:cluster_node04_address}
port: 8777
- params: check
+ params: ${_param:haproxy_ceilometer_api_check_params}
- name: ${_param:cluster_node05_hostname}
host: ${_param:cluster_node05_address}
port: 8777
- params: check
+ params: ${_param:haproxy_ceilometer_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/cinder.yml b/haproxy/proxy/listen/openstack/cinder.yml
index c0bb7be..85f2c46 100644
--- a/haproxy/proxy/listen/openstack/cinder.yml
+++ b/haproxy/proxy/listen/openstack/cinder.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ haproxy_cinder_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
haproxy:
proxy:
listen:
@@ -12,12 +14,12 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8776
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_cinder_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8776
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_cinder_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8776
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
\ No newline at end of file
+ params: ${_param:haproxy_cinder_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/cinder_large.yml b/haproxy/proxy/listen/openstack/cinder_large.yml
index 7721f94..e13f54b 100644
--- a/haproxy/proxy/listen/openstack/cinder_large.yml
+++ b/haproxy/proxy/listen/openstack/cinder_large.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ haproxy_cinder_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
haproxy:
proxy:
listen:
@@ -12,20 +14,20 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8776
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_cinder_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8776
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_cinder_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8776
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_cinder_api_check_params}
- name: ${_param:cluster_node04_hostname}
host: ${_param:cluster_node04_address}
port: 8776
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_cinder_api_check_params}
- name: ${_param:cluster_node05_hostname}
host: ${_param:cluster_node05_address}
port: 8776
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
\ No newline at end of file
+ params: ${_param:haproxy_cinder_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/glance.yml b/haproxy/proxy/listen/openstack/glance.yml
index 144fd4e..aa1d923 100644
--- a/haproxy/proxy/listen/openstack/glance.yml
+++ b/haproxy/proxy/listen/openstack/glance.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ haproxy_glance_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ haproxy_glance_registry_api_check_params: check
haproxy:
proxy:
listen:
@@ -12,15 +15,15 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 9292
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_glance_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 9292
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_glance_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 9292
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_glance_api_check_params}
glance_registry_api:
type: general-service
service_name: glance
@@ -31,12 +34,12 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 9191
- params: check
+ params: ${_param:haproxy_glance_registry_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 9191
- params: check
+ params: ${_param:haproxy_glance_registry_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 9191
- params: check
+ params: ${_param:haproxy_glance_registry_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/glance_large.yml b/haproxy/proxy/listen/openstack/glance_large.yml
index 6d88933..c6be106 100644
--- a/haproxy/proxy/listen/openstack/glance_large.yml
+++ b/haproxy/proxy/listen/openstack/glance_large.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ haproxy_glance_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ haproxy_glance_registry_api_check_params: check
haproxy:
proxy:
listen:
@@ -12,23 +15,23 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 9292
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_glance_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 9292
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_glance_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 9292
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_glance_api_check_params}
- name: ${_param:cluster_node04_hostname}
host: ${_param:cluster_node04_address}
port: 9292
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_glance_api_check_params}
- name: ${_param:cluster_node05_hostname}
host: ${_param:cluster_node05_address}
port: 9292
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_glance_api_check_params}
glance_registry_api:
type: general-service
service_name: glance
@@ -39,20 +42,20 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 9191
- params: check
+ params: ${_param:haproxy_glance_registry_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 9191
- params: check
+ params: ${_param:haproxy_glance_registry_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 9191
- params: check
+ params: ${_param:haproxy_glance_registry_api_check_params}
- name: ${_param:cluster_node04_hostname}
host: ${_param:cluster_node04_address}
port: 9191
- params: check
+ params: ${_param:haproxy_glance_registry_api_check_params}
- name: ${_param:cluster_node05_hostname}
host: ${_param:cluster_node05_address}
port: 9191
- params: check
\ No newline at end of file
+ params: ${_param:haproxy_glance_registry_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/glare.yml b/haproxy/proxy/listen/openstack/glare.yml
index 36a6337..afdf436 100644
--- a/haproxy/proxy/listen/openstack/glare.yml
+++ b/haproxy/proxy/listen/openstack/glare.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ haproxy_glare_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
haproxy:
proxy:
listen:
@@ -12,12 +14,12 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 9494
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_glare_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 9494
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_glare_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 9494
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_glare_check_params}
diff --git a/haproxy/proxy/listen/openstack/glare_large.yml b/haproxy/proxy/listen/openstack/glare_large.yml
index 4e3bd08..0e8c8d7 100644
--- a/haproxy/proxy/listen/openstack/glare_large.yml
+++ b/haproxy/proxy/listen/openstack/glare_large.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ haproxy_glare_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
haproxy:
proxy:
listen:
@@ -12,20 +14,20 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 9494
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_glare_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 9494
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_glare_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 9494
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_glare_check_params}
- name: ${_param:cluster_node04_hostname}
host: ${_param:cluster_node04_address}
port: 9494
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_glare_check_params}
- name: ${_param:cluster_node05_hostname}
host: ${_param:cluster_node05_address}
port: 9494
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
\ No newline at end of file
+ params: ${_param:haproxy_glare_check_params}
diff --git a/haproxy/proxy/listen/openstack/gnocchi.yml b/haproxy/proxy/listen/openstack/gnocchi.yml
index ec2bb20..8971d6d 100644
--- a/haproxy/proxy/listen/openstack/gnocchi.yml
+++ b/haproxy/proxy/listen/openstack/gnocchi.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ haproxy_gnocchi_api_check_params: check
haproxy:
proxy:
listen:
@@ -12,12 +14,12 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8041
- params: check
+ params: ${_param:haproxy_gnocchi_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8041
- params: check
+ params: ${_param:haproxy_gnocchi_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8041
- params: check
\ No newline at end of file
+ params: ${_param:haproxy_gnocchi_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/heat.yml b/haproxy/proxy/listen/openstack/heat.yml
index 50595ea..cb24614 100644
--- a/haproxy/proxy/listen/openstack/heat.yml
+++ b/haproxy/proxy/listen/openstack/heat.yml
@@ -1,4 +1,8 @@
parameters:
+ _param:
+ haproxy_heat_cloudwatch_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ haproxy_heat_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ haproxy_heat_cfn_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
haproxy:
proxy:
listen:
@@ -12,15 +16,15 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8003
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_cloudwatch_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8003
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_cloudwatch_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8003
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_cloudwatch_api_check_params}
heat_api:
type: openstack-service
service_name: heat
@@ -31,15 +35,15 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8004
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8004
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8004
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_api_check_params}
heat_cfn_api:
type: openstack-service
service_name: heat
@@ -50,12 +54,12 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8000
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_cfn_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8000
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_cfn_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8000
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_cfn_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/heat_large.yml b/haproxy/proxy/listen/openstack/heat_large.yml
index 50ba69f..2272c3e 100644
--- a/haproxy/proxy/listen/openstack/heat_large.yml
+++ b/haproxy/proxy/listen/openstack/heat_large.yml
@@ -1,4 +1,8 @@
parameters:
+ _param:
+ haproxy_heat_cloudwatch_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ haproxy_heat_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ haproxy_heat_cfn_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
haproxy:
proxy:
listen:
@@ -12,23 +16,23 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8003
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_cloudwatch_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8003
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_cloudwatch_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8003
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_cloudwatch_api_check_params}
- name: ${_param:cluster_node04_hostname}
host: ${_param:cluster_node04_address}
port: 8003
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_cloudwatch_api_check_params}
- name: ${_param:cluster_node05_hostname}
host: ${_param:cluster_node05_address}
port: 8003
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_cloudwatch_api_check_params}
heat_api:
type: openstack-service
service_name: heat
@@ -39,23 +43,23 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8004
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8004
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8004
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_api_check_params}
- name: ${_param:cluster_node04_hostname}
host: ${_param:cluster_node04_address}
port: 8004
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_api_check_params}
- name: ${_param:cluster_node05_hostname}
host: ${_param:cluster_node05_address}
port: 8004
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_api_check_params}
heat_cfn_api:
type: openstack-service
service_name: heat
@@ -66,20 +70,20 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8000
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_cfn_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8000
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_cfn_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8000
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_cfn_api_check_params}
- name: ${_param:cluster_node04_hostname}
host: ${_param:cluster_node04_address}
port: 8000
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_cfn_api_check_params}
- name: ${_param:cluster_node05_hostname}
host: ${_param:cluster_node05_address}
port: 8000
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
\ No newline at end of file
+ params: ${_param:haproxy_heat_cfn_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/horizon.yml b/haproxy/proxy/listen/openstack/horizon.yml
index d507b96..dfa826b 100644
--- a/haproxy/proxy/listen/openstack/horizon.yml
+++ b/haproxy/proxy/listen/openstack/horizon.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ haproxy_horizon_web_check_params: check
haproxy:
proxy:
listen:
@@ -12,12 +14,12 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8078
- params: check
+ params: ${_param:haproxy_horizon_web_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8078
- params: check
+ params: ${_param:haproxy_horizon_web_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8078
- params: check
+ params: ${_param:haproxy_horizon_web_check_params}
diff --git a/haproxy/proxy/listen/openstack/ironic.yml b/haproxy/proxy/listen/openstack/ironic.yml
index 1713085..9565ba6 100644
--- a/haproxy/proxy/listen/openstack/ironic.yml
+++ b/haproxy/proxy/listen/openstack/ironic.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ haproxy_ironic_check_params: check
haproxy:
proxy:
listen:
@@ -13,13 +15,13 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 6385
- params: check
+ params: ${_param:haproxy_ironic_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 6385
- params: check
+ params: ${_param:haproxy_ironic_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 6385
- params: check
+ params: ${_param:haproxy_ironic_check_params}
diff --git a/haproxy/proxy/listen/openstack/ironic_deploy.yml b/haproxy/proxy/listen/openstack/ironic_deploy.yml
index f5e7a4f..fadc4c5 100644
--- a/haproxy/proxy/listen/openstack/ironic_deploy.yml
+++ b/haproxy/proxy/listen/openstack/ironic_deploy.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ haproxy_ironic_deploy_check_params: check
haproxy:
proxy:
listen:
@@ -13,12 +15,12 @@
- name: bmt01
host: ${_param:openstack_baremetal_node01_baremetal_address}
port: 6385
- params: check
+ params: ${_param:haproxy_ironic_deploy_check_params}
- name: bmt02
host: ${_param:openstack_baremetal_node02_baremetal_address}
port: 6385
- params: check
+ params: ${_param:haproxy_ironic_deploy_check_params}
- name: bmt03
host: ${_param:openstack_baremetal_node03_baremetal_address}
port: 6385
- params: check
+ params: ${_param:haproxy_ironic_deploy_check_params}
diff --git a/haproxy/proxy/listen/openstack/keystone/init.yml b/haproxy/proxy/listen/openstack/keystone/init.yml
index 32f776e..8fe4dad 100644
--- a/haproxy/proxy/listen/openstack/keystone/init.yml
+++ b/haproxy/proxy/listen/openstack/keystone/init.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ haproxy_keystone_public_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ haproxy_keystone_admin_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
haproxy:
proxy:
listen:
@@ -10,15 +13,15 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 5000
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_keystone_public_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 5000
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_keystone_public_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 5000
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_keystone_public_api_check_params}
keystone_admin_api:
binds:
- address: ${_param:cluster_vip_address}
@@ -27,12 +30,12 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 35357
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_keystone_admin_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 35357
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_keystone_admin_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 35357
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_keystone_admin_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/keystone/large.yml b/haproxy/proxy/listen/openstack/keystone/large.yml
index 17510ac..e40803b 100644
--- a/haproxy/proxy/listen/openstack/keystone/large.yml
+++ b/haproxy/proxy/listen/openstack/keystone/large.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ haproxy_keystone_public_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ haproxy_keystone_admin_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
haproxy:
proxy:
listen:
@@ -10,23 +13,23 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 5000
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_keystone_public_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 5000
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_keystone_public_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 5000
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_keystone_public_api_check_params}
- name: ${_param:cluster_node04_hostname}
host: ${_param:cluster_node04_address}
port: 5000
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_keystone_public_api_check_params}
- name: ${_param:cluster_node05_hostname}
host: ${_param:cluster_node05_address}
port: 5000
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_keystone_public_api_check_params}
keystone_admin_api:
binds:
- address: ${_param:cluster_vip_address}
@@ -35,20 +38,20 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 35357
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_keystone_admin_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 35357
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_keystone_admin_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 35357
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_keystone_admin_api_check_params}
- name: ${_param:cluster_node04_hostname}
host: ${_param:cluster_node04_address}
port: 35357
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_keystone_admin_api_check_params}
- name: ${_param:cluster_node05_hostname}
host: ${_param:cluster_node05_address}
port: 35357
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_keystone_admin_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/manila.yml b/haproxy/proxy/listen/openstack/manila.yml
index a28f365..fcc09de 100644
--- a/haproxy/proxy/listen/openstack/manila.yml
+++ b/haproxy/proxy/listen/openstack/manila.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ haproxy_manila_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
haproxy:
proxy:
listen:
@@ -12,12 +14,12 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8786
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_manila_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8786
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_manila_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8786
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_manila_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/murano.yml b/haproxy/proxy/listen/openstack/murano.yml
index 0427820..1c9714e 100644
--- a/haproxy/proxy/listen/openstack/murano.yml
+++ b/haproxy/proxy/listen/openstack/murano.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ haproxy_murano_api_check_params: check
haproxy:
proxy:
listen:
@@ -12,7 +14,8 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8082
- params: check
+ params: ${_param:haproxy_murano_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
- port: 8082
\ No newline at end of file
+ port: 8082
+ params: ${_param:haproxy_murano_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/nova-placement.yml b/haproxy/proxy/listen/openstack/nova-placement.yml
index 58c9dd2..41bedc8 100644
--- a/haproxy/proxy/listen/openstack/nova-placement.yml
+++ b/haproxy/proxy/listen/openstack/nova-placement.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ haproxy_nova_placement_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
haproxy:
proxy:
listen:
@@ -21,12 +23,12 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8778
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_placement_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8778
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_placement_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8778
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_placement_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/nova-placement_large.yml b/haproxy/proxy/listen/openstack/nova-placement_large.yml
index 0139959..9d8dfb8 100644
--- a/haproxy/proxy/listen/openstack/nova-placement_large.yml
+++ b/haproxy/proxy/listen/openstack/nova-placement_large.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ haproxy_nova_placement_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
haproxy:
proxy:
listen:
@@ -21,20 +23,20 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8778
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_placement_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8778
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_placement_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8778
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_placement_api_check_params}
- name: ${_param:cluster_node04_hostname}
host: ${_param:cluster_node04_address}
port: 8778
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_placement_api_check_params}
- name: ${_param:cluster_node05_hostname}
host: ${_param:cluster_node05_address}
port: 8778
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_placement_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/nova.yml b/haproxy/proxy/listen/openstack/nova.yml
index 1e090ef..2abea3d 100644
--- a/haproxy/proxy/listen/openstack/nova.yml
+++ b/haproxy/proxy/listen/openstack/nova.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ haproxy_nova_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ haproxy_nova_metadata_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
haproxy:
proxy:
listen:
@@ -12,15 +15,15 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8774
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8774
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8774
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_api_check_params}
nova_metadata_api:
type: openstack-service
binds:
@@ -30,12 +33,12 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8775
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_metadata_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8775
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_metadata_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8775
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_metadata_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/nova_large.yml b/haproxy/proxy/listen/openstack/nova_large.yml
index 645e904..b09a3b6 100644
--- a/haproxy/proxy/listen/openstack/nova_large.yml
+++ b/haproxy/proxy/listen/openstack/nova_large.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ haproxy_nova_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ haproxy_nova_metadata_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
haproxy:
proxy:
listen:
@@ -12,23 +15,23 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8774
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8774
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8774
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_api_check_params}
- name: ${_param:cluster_node04_hostname}
host: ${_param:cluster_node04_address}
port: 8774
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_api_check_params}
- name: ${_param:cluster_node05_hostname}
host: ${_param:cluster_node05_address}
port: 8774
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_api_check_params}
nova_metadata_api:
type: openstack-service
binds:
@@ -38,20 +41,20 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8775
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_metadata_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8775
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_metadata_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8775
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_metadata_api_check_params}
- name: ${_param:cluster_node04_hostname}
host: ${_param:cluster_node04_address}
port: 8775
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_metadata_api_check_params}
- name: ${_param:cluster_node05_hostname}
host: ${_param:cluster_node05_address}
port: 8775
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_metadata_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/novnc.yml b/haproxy/proxy/listen/openstack/novnc.yml
index 40b9d9c..37934c0 100644
--- a/haproxy/proxy/listen/openstack/novnc.yml
+++ b/haproxy/proxy/listen/openstack/novnc.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ haproxy_nova_novnc_check_params: check
haproxy:
proxy:
listen:
@@ -13,13 +15,13 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 6080
- params: check
+ params: ${_param:haproxy_nova_novnc_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 6080
- params: check
+ params: ${_param:haproxy_nova_novnc_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 6080
- params: check
+ params: ${_param:haproxy_nova_novnc_check_params}
diff --git a/haproxy/proxy/listen/openstack/novnc_large.yml b/haproxy/proxy/listen/openstack/novnc_large.yml
index 0951777..2c2cbd6 100644
--- a/haproxy/proxy/listen/openstack/novnc_large.yml
+++ b/haproxy/proxy/listen/openstack/novnc_large.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ haproxy_nova_novnc_check_params: check
haproxy:
proxy:
listen:
@@ -13,20 +15,20 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 6080
- params: check
+ params: ${_param:haproxy_nova_novnc_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 6080
- params: check
+ params: ${_param:haproxy_nova_novnc_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 6080
- params: check
+ params: ${_param:haproxy_nova_novnc_check_params}
- name: ${_param:cluster_node04_hostname}
host: ${_param:cluster_node04_address}
port: 6080
- params: check
+ params: ${_param:haproxy_nova_novnc_check_params}
- name: ${_param:cluster_node05_hostname}
host: ${_param:cluster_node05_address}
port: 6080
- params: check
+ params: ${_param:haproxy_nova_novnc_check_params}
diff --git a/haproxy/proxy/listen/openstack/octavia.yml b/haproxy/proxy/listen/openstack/octavia.yml
index c2b8e6d..89f0569 100644
--- a/haproxy/proxy/listen/openstack/octavia.yml
+++ b/haproxy/proxy/listen/openstack/octavia.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ haproxy_octavia_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
haproxy:
proxy:
listen:
@@ -12,12 +14,12 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 9876
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_octavia_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 9876
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_octavia_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 9876
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_octavia_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/panko.yml b/haproxy/proxy/listen/openstack/panko.yml
index 51eb030..bf638ef 100644
--- a/haproxy/proxy/listen/openstack/panko.yml
+++ b/haproxy/proxy/listen/openstack/panko.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ haproxy_panko_api_check_params: check
haproxy:
proxy:
listen:
@@ -12,12 +14,12 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8977
- params: check
+ params: ${_param:haproxy_panko_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8977
- params: check
+ params: ${_param:haproxy_panko_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8977
- params: check
\ No newline at end of file
+ params: ${_param:haproxy_panko_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/placement.yml b/haproxy/proxy/listen/openstack/placement.yml
index f3b2b99..b2e37bb 100644
--- a/haproxy/proxy/listen/openstack/placement.yml
+++ b/haproxy/proxy/listen/openstack/placement.yml
@@ -2,6 +2,8 @@
# returns 200 with version data instead of 401 as it was before.
# This file should be included for nova/placement higher than Queens.
parameters:
+ _param:
+ haproxy_placement_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
haproxy:
proxy:
listen:
@@ -15,12 +17,12 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8778
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_placement_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8778
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_placement_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8778
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_placement_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/placement_large.yml b/haproxy/proxy/listen/openstack/placement_large.yml
index c871fd7..d559572 100644
--- a/haproxy/proxy/listen/openstack/placement_large.yml
+++ b/haproxy/proxy/listen/openstack/placement_large.yml
@@ -2,6 +2,8 @@
# returns 200 with version data instead of 401 as it was before.
# This file should be included for nova/placement higher than Queens.
parameters:
+ _param:
+ haproxy_placement_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
haproxy:
proxy:
listen:
@@ -15,20 +17,20 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8778
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_placement_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8778
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_placement_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8778
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_placement_api_check_params}
- name: ${_param:cluster_node04_hostname}
host: ${_param:cluster_node04_address}
port: 8778
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_placement_api_check_params}
- name: ${_param:cluster_node05_hostname}
host: ${_param:cluster_node05_address}
port: 8778
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_placement_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/sahara.yml b/haproxy/proxy/listen/openstack/sahara.yml
index 335c4f6..7ece261 100644
--- a/haproxy/proxy/listen/openstack/sahara.yml
+++ b/haproxy/proxy/listen/openstack/sahara.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ haproxy_sahara_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
haproxy:
proxy:
listen:
@@ -13,12 +15,12 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8386
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_sahara_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8386
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_sahara_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8386
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_sahara_api_check_params}
diff --git a/heat/server/cluster.yml b/heat/server/cluster.yml
index 7bbc2ac..e11feae 100644
--- a/heat/server/cluster.yml
+++ b/heat/server/cluster.yml
@@ -4,12 +4,16 @@
- service.keepalived.cluster.single
- system.haproxy.proxy.listen.openstack.heat
- system.salt.minion.cert.mysql.clients.openstack.heat
+- system.salt.minion.cert.rabbitmq.clients.openstack.heat
parameters:
_param:
cluster_public_protocol: 'https'
cluster_internal_protocol: 'http'
openstack_mysql_x509_enabled: False
+ openstack_rabbitmq_x509_enabled: False
galera_ssl_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
package:
@@ -69,7 +73,7 @@
protocol: ${_param:cluster_internal_protocol}
message_queue:
engine: rabbitmq
- port: 5672
+ port: ${_param:openstack_rabbitmq_port}
user: openstack
password: ${_param:rabbitmq_openstack_password}
virtual_host: '/openstack'
@@ -77,3 +81,10 @@
- host: ${_param:openstack_message_queue_node01_address}
- host: ${_param:openstack_message_queue_node02_address}
- host: ${_param:openstack_message_queue_node03_address}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_heat_ssl_ca_file}
+ key_file: ${_param:rabbitmq_heat_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_heat_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
diff --git a/heat/server/single.yml b/heat/server/single.yml
index 208bdf0..1ecb122 100644
--- a/heat/server/single.yml
+++ b/heat/server/single.yml
@@ -1,10 +1,14 @@
classes:
- service.heat.server.single
- system.salt.minion.cert.mysql.clients.openstack.heat
+- system.salt.minion.cert.rabbitmq.clients.openstack.heat
parameters:
_param:
openstack_mysql_x509_enabled: False
+ openstack_rabbitmq_x509_enabled: False
galera_ssl_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
package:
@@ -32,4 +36,14 @@
key_file: ${_param:mysql_heat_client_ssl_key_file}
cert_file: ${_param:mysql_heat_client_ssl_cert_file}
ssl:
- enabled: ${_param:galera_ssl_enabled}
\ No newline at end of file
+ enabled: ${_param:galera_ssl_enabled}
+ message_queue:
+ port: ${_param:openstack_rabbitmq_port}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_heat_ssl_ca_file}
+ key_file: ${_param:rabbitmq_heat_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_heat_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
+
diff --git a/horizon/server/plugin/lbaasv2.yml b/horizon/server/plugin/lbaasv2.yml
index 69e2682..37bf013 100644
--- a/horizon/server/plugin/lbaasv2.yml
+++ b/horizon/server/plugin/lbaasv2.yml
@@ -5,5 +5,5 @@
lbaasv2:
source:
engine: pkg
- name: python-horizon-neutron-lbaasv2-panel
+ name: python-neutron-lbaas-dashboard
diff --git a/ironic/api/cluster.yml b/ironic/api/cluster.yml
index b0bb69f..849b923 100644
--- a/ironic/api/cluster.yml
+++ b/ironic/api/cluster.yml
@@ -1,6 +1,14 @@
classes:
+- system.salt.minion.cert.mysql.clients.openstack.ironic
+- system.salt.minion.cert.rabbitmq.clients.openstack.ironic
- service.ironic.api.cluster
parameters:
+ _param:
+ openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
package:
@@ -14,3 +22,20 @@
role: ${_param:openstack_node_role}
bind:
address: ${_param:cluster_baremetal_local_address}
+ database:
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_ironic_ssl_ca_file}
+ key_file: ${_param:mysql_ironic_client_ssl_key_file}
+ cert_file: ${_param:mysql_ironic_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
+ message_queue:
+ port: ${_param:openstack_rabbitmq_port}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_ironic_ssl_ca_file}
+ key_file: ${_param:rabbitmq_ironic_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_ironic_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
\ No newline at end of file
diff --git a/ironic/api/single.yml b/ironic/api/single.yml
index 51c3f9c..3313eb2 100644
--- a/ironic/api/single.yml
+++ b/ironic/api/single.yml
@@ -1,6 +1,14 @@
classes:
+- system.salt.minion.cert.mysql.clients.openstack.ironic
+- system.salt.minion.cert.rabbitmq.clients.openstack.ironic
- service.ironic.api.single
parameters:
+ _param:
+ openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
package:
@@ -12,3 +20,20 @@
role: ${_param:openstack_node_role}
bind:
address: ${_param:single_address}
+ database:
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_ironic_ssl_ca_file}
+ key_file: ${_param:mysql_ironic_client_ssl_key_file}
+ cert_file: ${_param:mysql_ironic_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
+ message_queue:
+ port: ${_param:openstack_rabbitmq_port}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_ironic_ssl_ca_file}
+ key_file: ${_param:rabbitmq_ironic_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_ironic_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
diff --git a/ironic/conductor/cluster.yml b/ironic/conductor/cluster.yml
index 063719c..81fa2b5 100644
--- a/ironic/conductor/cluster.yml
+++ b/ironic/conductor/cluster.yml
@@ -1,6 +1,14 @@
classes:
+- system.salt.minion.cert.mysql.clients.openstack.ironic
+- system.salt.minion.cert.rabbitmq.clients.openstack.ironic
- service.ironic.conductor.cluster
parameters:
+ _param:
+ openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
package:
@@ -10,3 +18,20 @@
ironic:
conductor:
api_url: 'http://${_param:cluster_baremetal_vip_address}:6385'
+ database:
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_ironic_ssl_ca_file}
+ key_file: ${_param:mysql_ironic_client_ssl_key_file}
+ cert_file: ${_param:mysql_ironic_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
+ message_queue:
+ port: ${_param:openstack_rabbitmq_port}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_ironic_ssl_ca_file}
+ key_file: ${_param:rabbitmq_ironic_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_ironic_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
diff --git a/ironic/conductor/single.yml b/ironic/conductor/single.yml
index d827129..7a24028 100644
--- a/ironic/conductor/single.yml
+++ b/ironic/conductor/single.yml
@@ -1,6 +1,14 @@
classes:
+- system.salt.minion.cert.mysql.clients.openstack.ironic
+- system.salt.minion.cert.rabbitmq.clients.openstack.ironic
- service.ironic.conductor.single
parameters:
+ _param:
+ openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
package:
@@ -11,3 +19,20 @@
conductor:
enabled: true
version: ${_param:ironic_version}
+ database:
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_ironic_ssl_ca_file}
+ key_file: ${_param:mysql_ironic_client_ssl_key_file}
+ cert_file: ${_param:mysql_ironic_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
+ message_queue:
+ port: ${_param:openstack_rabbitmq_port}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_ironic_ssl_ca_file}
+ key_file: ${_param:rabbitmq_ironic_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_ironic_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
diff --git a/jenkins/client/approved_scripts.yml b/jenkins/client/approved_scripts.yml
index 498cc62..ed6292e 100644
--- a/jenkins/client/approved_scripts.yml
+++ b/jenkins/client/approved_scripts.yml
@@ -1,6 +1,7 @@
parameters:
jenkins:
client:
+ # Please keep those list sorted
approved_scripts:
- field java.lang.String value
- field java.util.ArrayList size
@@ -12,13 +13,14 @@
- method groovy.json.JsonSlurperClassic parseText java.lang.String
- method groovy.lang.GString getBytes
- method groovy.lang.GroovyObject getProperty java.lang.String
- - method groovy.util.Node get java.lang.String
- method groovy.util.Node attributes
+ - method groovy.util.Node get java.lang.String
- method groovy.util.XmlParser parse java.io.File
- method groovy.util.XmlParser parseText java.lang.String
- method hudson.EnvVars get java.lang.String java.lang.String
- method hudson.PluginManager getPlugins
- method hudson.PluginWrapper getShortName
+ - method hudson.model.Actionable getAction java.lang.Class
- method hudson.model.Hudson getSlaves
- method hudson.model.Item getName
- method hudson.model.ItemGroup getItem java.lang.String
@@ -26,21 +28,27 @@
- method hudson.model.Job getBuildByNumber int
- method hudson.model.Job getBuilds
- method hudson.model.Job getLastBuild
+ - method hudson.model.Job getProperty java.lang.Class
- method hudson.model.Node getLabelString
- method hudson.model.Node getNodeName
+ - method hudson.model.ParameterDefinition getName
+ - method hudson.model.ParametersDefinitionProperty getParameterDefinitions
- method hudson.model.Run getEnvironment
- method hudson.model.Run getId
- method hudson.model.Run getNumber
- method hudson.model.Run getResult
- method hudson.model.Run getTimeInMillis
- method hudson.model.Run isBuilding
+ - method hudson.model.StringParameterDefinition getDefaultValue
- method java.io.File getAbsolutePath
- method java.io.File getName
- method java.io.File getParent
+ - method java.io.File listFiles
- method java.io.Writer write java.lang.String
- method java.lang.AutoCloseable close
- method java.lang.Class isInstance java.lang.Object
- method java.lang.Iterable iterator
+ - method java.lang.String concat java.lang.String
- method java.lang.Throwable printStackTrace
- method java.net.HttpURLConnection getResponseCode
- method java.net.HttpURLConnection setRequestMethod java.lang.String
@@ -52,17 +60,22 @@
- method java.net.URLConnection getOutputStream
- method java.net.URLConnection setDoOutput boolean
- method java.net.URLConnection setRequestProperty java.lang.String java.lang.String
+ - method java.text.DateFormat parse java.lang.String
+ - method java.util.Calendar add int int
+ - method java.util.Calendar getTime
- method java.util.Collection remove java.lang.Object
- method java.util.Collection stream
+ - method java.util.Collection toArray
+ - method java.util.Date before java.util.Date
- method java.util.Date getTime
- method java.util.LinkedHashMap$LinkedHashIterator hasNext
- method java.util.List add int java.lang.Object
- method java.util.List subList int int
- method java.util.Map containsValue java.lang.Object
- method java.util.Map get java.lang.Object
+ - method java.util.Map isEmpty
- method java.util.Map remove java.lang.Object
- method java.util.Map size
- - method java.util.Map isEmpty
- method java.util.regex.MatchResult group int
- method java.util.regex.MatchResult groupCount
- method java.util.regex.Matcher find
@@ -70,16 +83,14 @@
- method java.util.regex.Matcher matches
- method java.util.regex.Pattern matcher java.lang.CharSequence
- method java.util.stream.Stream collect java.util.stream.Collector
- - method java.util.Calendar add int int
- - method java.util.Calendar getTime
- - method java.util.Date before java.util.Date
- - method java.text.DateFormat parse java.lang.String
- method jenkins.model.Jenkins getItemByFullName java.lang.String
- method jenkins.model.Jenkins getPluginManager
- method org.jenkinsci.plugins.workflow.job.WorkflowRun doStop
- method org.jenkinsci.plugins.workflow.job.WorkflowRun finish hudson.model.Result java.lang.Throwable
+ - method org.jenkinsci.plugins.workflow.steps.FlowInterruptedException getCauses
- method org.jenkinsci.plugins.workflow.support.actions.EnvironmentAction getEnvironment
- method org.jenkinsci.plugins.workflow.support.steps.build.RunWrapper build
+ - method org.jenkinsci.plugins.workflow.support.steps.build.RunWrapper getRawBuild
- new groovy.json.JsonBuilder
- new groovy.json.JsonBuilder java.lang.Object
- new groovy.json.JsonSlurperClassic
@@ -94,12 +105,13 @@
- new java.lang.StringBuilder
- new java.lang.StringBuilder int
- new java.net.URI java.lang.String
+ - new java.text.SimpleDateFormat java.lang.String java.util.Locale
- new java.util.ArrayList
- new java.util.Date
- new java.util.HashMap
- - new java.text.SimpleDateFormat java.lang.String java.util.Locale
- staticField groovy.io.FileType FILES
- staticMethod com.cloudbees.plugins.credentials.CredentialsProvider lookupCredentials java.lang.Class hudson.model.ItemGroup
+ - staticMethod hudson.model.Hudson getInstance
- staticMethod java.lang.Double parseDouble java.lang.String
- staticMethod java.lang.Integer valueOf int
- staticMethod java.lang.Integer valueOf java.lang.String
@@ -113,6 +125,7 @@
- staticMethod java.util.regex.Pattern quote java.lang.String
- staticMethod java.util.stream.Collectors joining java.lang.CharSequence
- staticMethod jenkins.model.Jenkins getInstance
+ - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods asBoolean java.lang.CharSequence
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods asBoolean java.util.regex.Matcher
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods collect java.util.Map groovy.lang.Closure
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods eachFile java.io.File groovy.io.FileType groovy.lang.Closure
@@ -120,43 +133,31 @@
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods findAll java.util.List groovy.lang.Closure
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods get java.util.Map java.lang.Object java.lang.Object
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods getAt java.lang.Iterable int
+ - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods getAt java.lang.Object java.lang.String
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods getAt java.lang.String int
+ - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods getAt java.util.Collection java.lang.String
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods getAt java.util.List groovy.lang.Range
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods getBytes java.io.File
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods getText java.io.InputStream
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods hasProperty java.lang.Object java.lang.String
+ - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods init java.util.List
+ - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods intersect java.util.List java.lang.Iterable
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods iterator java.lang.Object
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods iterator java.lang.Object[]
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods leftShift java.lang.StringBuffer java.lang.Object
+ - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods minus java.lang.String java.lang.Object
+ - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods multiply java.lang.String java.lang.Number
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods plus java.util.List java.lang.Iterable
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods plus java.util.List java.lang.Object
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods plus java.util.List java.util.Collection
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods println java.lang.Object java.lang.Object
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods putAt java.lang.Object java.lang.String java.lang.Object
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods readLines java.lang.String
+ - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods reverse java.util.List
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods sort java.util.Collection
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods split java.lang.String
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods takeRight java.util.List int
+ - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods toBoolean java.lang.Boolean
+ - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods toSorted java.lang.Iterable
- staticMethod org.codehaus.groovy.runtime.EncodingGroovyMethods encodeBase64 byte[]
- staticMethod org.codehaus.groovy.runtime.ScriptBytecodeAdapter bitwiseNegate java.lang.Object
- - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods toBoolean java.lang.Boolean
- - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods getAt java.lang.Object java.lang.String
- - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods multiply java.lang.String java.lang.Number
- - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods minus java.lang.String java.lang.Object
- - method java.io.File listFiles
- - method java.lang.String concat java.lang.String
- - method org.jenkinsci.plugins.workflow.steps.FlowInterruptedException getCauses
- - method org.jenkinsci.plugins.workflow.support.steps.build.RunWrapper getRawBuild
- - method hudson.model.Actionable getAction java.lang.Class
- - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods toSorted java.lang.Iterable
- - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods intersect java.util.List java.lang.Iterable
- - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods reverse java.util.List
- - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods getAt java.util.Collection java.lang.String
- - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods init java.util.List
- - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods asBoolean java.lang.CharSequence
- - staticMethod hudson.model.Hudson getInstance
- - method hudson.model.Job getProperty java.lang.Class
- - method hudson.model.ParametersDefinitionProperty getParameterDefinitions
- - method hudson.model.ParameterDefinition getName
- - method hudson.model.StringParameterDefinition getDefaultValue
- - method java.util.Collection toArray
diff --git a/jenkins/client/job/deploy/lab/deploy.yml b/jenkins/client/job/deploy/lab/deploy.yml
index b1deafa..f5d34f6 100644
--- a/jenkins/client/job/deploy/lab/deploy.yml
+++ b/jenkins/client/job/deploy/lab/deploy.yml
@@ -117,9 +117,6 @@
type: string
default: ""
description: "Formulas revision to install on Salt Master bootstrap stage"
- EXTRA_FORMULAS:
- type: string
- default: ""
STATIC_MGMT_NETWORK:
type: boolean
default: 'false'
diff --git a/jenkins/client/job/deploy/update/upgrade.yml b/jenkins/client/job/deploy/update/upgrade.yml
index 01fdf2a..f4f5630 100644
--- a/jenkins/client/job/deploy/update/upgrade.yml
+++ b/jenkins/client/job/deploy/update/upgrade.yml
@@ -29,27 +29,19 @@
SALT_MASTER_CREDENTIALS:
type: string
default: "salt"
- STAGE_TEST_UPGRADE:
- type: boolean
- default: 'true'
- description: "Test if syncdb and APIs succeed"
- STAGE_REAL_UPGRADE:
- type: boolean
- default: 'true'
- description: "Run real control upgrade"
- STAGE_ROLLBACK_UPGRADE:
- type: boolean
- default: 'true'
- description: "Rollback if control upgrade fails"
- OPERATING_SYSTEM_RELEASE_UPGRADE:
+ OS_DIST_UPGRADE:
type: boolean
default: 'false'
- description: "Set to true if operating system release upgrade is desired. For ex. from Ubuntu 14.04 currently running on ctl and prx nodes to Ubuntu 16.04"
- SKIP_VM_RELAUNCH:
+ description: "Upgrade system packages including kernel (apt-get dist-upgrade)"
+ OS_UPGRADE:
type: boolean
default: 'false'
- description: "Set to true if vms should not be recreated"
+ description: "Upgrade all installed applications (apt-get upgrade)"
INTERACTIVE:
type: boolean
default: 'true'
description: "Ask interactive questions during pipeline run (bool)"
+ TARGET_SERVERS:
+ type: string
+ default: 'ctl*'
+ description: "Salt compound expression to get control servers to upgrade."
diff --git a/jenkins/client/job/deploy/update/upgrade_compute.yml b/jenkins/client/job/deploy/update/upgrade_compute.yml
index 706863d..b4628fa 100644
--- a/jenkins/client/job/deploy/update/upgrade_compute.yml
+++ b/jenkins/client/job/deploy/update/upgrade_compute.yml
@@ -21,7 +21,7 @@
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
credentials: "gerrit"
- script: openstack-compute-upgrade.groovy
+ script: openstack-data-upgrade.groovy
param:
SALT_MASTER_URL:
type: string
@@ -29,18 +29,19 @@
SALT_MASTER_CREDENTIALS:
type: string
default: "salt"
- TARGET_SERVERS:
- type: string
- default: "cmp*"
- description: Salt compound target to match nodes to be updated [*, G@osfamily:debian].
- TARGET_SUBSET_TEST:
- type: string
- description: Number of nodes to list package updates, empty string means all targetted nodes.
- TARGET_SUBSET_LIVE:
- type: string
- default: '1'
- description: Number of selected nodes to live apply upgrade.
+ OS_DIST_UPGRADE:
+ type: boolean
+ default: 'false'
+ description: "Upgrade system packages including kernel (apt-get dist-upgrade)"
+ OS_UPGRADE:
+ type: boolean
+ default: 'false'
+ description: "Upgrade all installed applications (apt-get upgrade)"
INTERACTIVE:
type: boolean
default: 'true'
description: "Ask interactive questions during pipeline run (bool)"
+ TARGET_SERVERS:
+ type: string
+ default: 'cmp*'
+ description: "Salt compound expression to get control servers to upgrade."
diff --git a/jenkins/client/job/deploy/update/upgrade_ovs_gateway.yml b/jenkins/client/job/deploy/update/upgrade_ovs_gateway.yml
index b0c92b7..76bf436 100644
--- a/jenkins/client/job/deploy/update/upgrade_ovs_gateway.yml
+++ b/jenkins/client/job/deploy/update/upgrade_ovs_gateway.yml
@@ -21,7 +21,7 @@
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
credentials: "gerrit"
- script: ovs-gateway-upgrade.groovy
+ script: openstack-data-upgrade.groovy
param:
SALT_MASTER_URL:
type: string
@@ -29,18 +29,19 @@
SALT_MASTER_CREDENTIALS:
type: string
default: "salt"
- TARGET_SERVERS:
- type: string
- default: "gtw*"
- description: Salt compound target to match nodes to be updated [*, G@osfamily:debian].
- TARGET_SUBSET_TEST:
- type: string
- description: Number of nodes to list package updates, empty string means all targetted nodes.
- TARGET_SUBSET_LIVE:
- type: string
- default: '1'
- description: Number of selected nodes to live apply upgrade.
+ OS_DIST_UPGRADE:
+ type: boolean
+ default: 'false'
+ description: "Upgrade system packages including kernel (apt-get dist-upgrade)"
+ OS_UPGRADE:
+ type: boolean
+ default: 'false'
+ description: "Upgrade all installed applications (apt-get upgrade)"
INTERACTIVE:
type: boolean
default: 'true'
description: "Ask interactive questions during pipeline run (bool)"
+ TARGET_SERVERS:
+ type: string
+ default: 'gtw*'
+ description: "Salt compound expression to get control servers to upgrade."
diff --git a/jenkins/client/job/git-mirrors/2way.yml b/jenkins/client/job/git-mirrors/2way.yml
index 36e07d4..71d8f9a 100644
--- a/jenkins/client/job/git-mirrors/2way.yml
+++ b/jenkins/client/job/git-mirrors/2way.yml
@@ -24,6 +24,10 @@
source: mcp/mcp-drivetrain-model
target: Mirantis/mcp-drivetrain-model
branches: "master"
+ - name: model-manager
+ source: python-apps/model-manager
+ target: salt-formulas/django-model-manager
+ branches: "master"
template:
description: ${_param:job_description_2way}
discard:
diff --git a/jenkins/client/job/git-mirrors/upstream/pipelines.yml b/jenkins/client/job/git-mirrors/upstream/pipelines.yml
index 20f7eb6..9e82f80 100644
--- a/jenkins/client/job/git-mirrors/upstream/pipelines.yml
+++ b/jenkins/client/job/git-mirrors/upstream/pipelines.yml
@@ -6,8 +6,8 @@
- name: pipeline-library
downstream: mcp-ci/pipeline-library
upstream: "git@github.com:Mirantis/pipeline-library.git"
- branches: master
+ branches: master,release/2018.8.1
- name: mk-pipelines
downstream: mk/mk-pipelines
upstream: "git@github.com:Mirantis/mk-pipelines.git"
- branches: master
+ branches: master,release/2018.8.1
diff --git a/jenkins/client/job/k8s-test/init.yml b/jenkins/client/job/k8s-test/init.yml
index c26bfce..7a391af 100644
--- a/jenkins/client/job/k8s-test/init.yml
+++ b/jenkins/client/job/k8s-test/init.yml
@@ -1,8 +1,6 @@
classes:
- system.jenkins.client.job.k8s-test.mcp-k8s-test-pipeline
- system.jenkins.client.job.k8s-test.mcp-k8s-merge-pipeline
-- system.jenkins.client.job.k8s-test.mcp-k8s-dashboard-test-pipeline
-- system.jenkins.client.job.k8s-test.mcp-k8s-dashboard-merge-pipeline
-- system.jenkins.client.job.k8s-test.mcp-k8s-metallb-test-pipeline
-- system.jenkins.client.job.k8s-test.mcp-k8s-metallb-merge-pipeline
+- system.jenkins.client.job.k8s-test.mcp-k8s-generic-test-pipeline
+- system.jenkins.client.job.k8s-test.mcp-k8s-generic-merge-pipeline
- system.jenkins.client.job.k8s-test.mcp-k8s-formula-test-pipeline
diff --git a/jenkins/client/job/k8s-test/mcp-k8s-dashboard-merge-pipeline.yml b/jenkins/client/job/k8s-test/mcp-k8s-dashboard-merge-pipeline.yml
deleted file mode 100644
index 8424f6a..0000000
--- a/jenkins/client/job/k8s-test/mcp-k8s-dashboard-merge-pipeline.yml
+++ /dev/null
@@ -1,43 +0,0 @@
-parameters:
- _param:
- mcp_docker_registry: 'docker-dev-local.docker.mirantis.net'
- mcp_prod_docker_registry: 'docker-prod-local.docker.mirantis.net'
- jenkins:
- client:
- job:
- mcp_k8s_dashboard_merge_pipeline:
- type: workflow-scm
- name: mcp-k8s-dashboard-merge-pipeline
- display_name: "Kubernetes dashboard merge pipeline"
- discard:
- build:
- keep_num: 20
- concurrent: false
- scm:
- type: git
- url: "${_param:jenkins_gerrit_url}/kubernetes-ci/kubernetes-pipelines"
- credentials: "gerrit"
- script: pipelines/mcp-k8s-dashboard-pipeline.groovy
- trigger:
- gerrit:
- project:
- kubernetes/dashboard:
- branches:
- - compare_type: "ANT"
- name: "**mcp**"
- message:
- build_successful: "Build successful"
- build_unstable: "Build unstable"
- build_failure: "Build failed"
- event:
- change:
- - merged
- param:
- KUBE_DOCKER_REGISTRY:
- type: string
- default: ${_param:mcp_docker_registry}
- description: 'Docker registry for binaries and images'
- KUBE_PROD_DOCKER_REGISTRY:
- type: string
- default: ${_param:mcp_prod_docker_registry}
- description: 'Prod docker registry for binaries and images'
diff --git a/jenkins/client/job/k8s-test/mcp-k8s-dashboard-test-pipeline.yml b/jenkins/client/job/k8s-test/mcp-k8s-dashboard-test-pipeline.yml
deleted file mode 100644
index ebb4692..0000000
--- a/jenkins/client/job/k8s-test/mcp-k8s-dashboard-test-pipeline.yml
+++ /dev/null
@@ -1,48 +0,0 @@
-parameters:
- _param:
- mcp_docker_registry: 'docker-dev-local.docker.mirantis.net'
- jenkins:
- client:
- job:
- mcp_k8s_dashboard_test_pipeline:
- type: workflow-scm
- name: mcp-k8s-dashboard-test-pipeline
- display_name: "Kubernetes dashboard tests pipeline"
- discard:
- build:
- keep_num: 50
- concurrent: true
- scm:
- type: git
- url: "${_param:jenkins_gerrit_url}/kubernetes-ci/kubernetes-pipelines"
- credentials: "gerrit"
- script: pipelines/mcp-k8s-dashboard-pipeline.groovy
- trigger:
- gerrit:
- project:
- kubernetes/dashboard:
- branches:
- - compare_type: "ANT"
- name: "**"
- message:
- build_successful: "Build successful"
- build_unstable: "Build unstable"
- build_failure: "Build failed"
- event:
- patchset:
- - created:
- excludeDrafts: false
- excludeTrivialRebase: false
- excludeNoCodeChange: false
- comment:
- - addedContains:
- commentAddedCommentContains: '(recheck|reverify)'
- override-votes:
- gerritBuildUnstableVerifiedValue: 1
- gerritBuildUnstableCodeReviewValue: 1
- param:
- KUBE_DOCKER_REGISTRY:
- type: string
- default: ${_param:mcp_docker_registry}
- description: 'Docker registry for binaries and images'
-
diff --git a/jenkins/client/job/k8s-test/mcp-k8s-generic-merge-pipeline.yml b/jenkins/client/job/k8s-test/mcp-k8s-generic-merge-pipeline.yml
new file mode 100644
index 0000000..0c01626
--- /dev/null
+++ b/jenkins/client/job/k8s-test/mcp-k8s-generic-merge-pipeline.yml
@@ -0,0 +1,65 @@
+parameters:
+ _param:
+ mcp_docker_registry: 'docker-dev-local.docker.mirantis.net'
+ mcp_prod_docker_registry: 'docker-prod-local.docker.mirantis.net'
+ jenkins:
+ client:
+ job_template:
+ mcp-k8s-generic-merge-pipeline:
+ name: mcp-k8s-{{name}}-merge-pipeline
+ jobs:
+ - name: coredns
+ display_name: "CoreDNS merge pipeline"
+ pipeline: mcp-k8s-coredns-pipeline.groovy
+ repo: kubernetes/coredns
+ - name: dashboard
+ display_name: "Kubernetes dashboard merge pipeline"
+ pipeline: mcp-k8s-dashboard-pipeline.groovy
+ repo: kubernetes/dashboard
+ - name: external-dns
+ display_name: "External DNS merge pipeline"
+ pipeline: mcp-k8s-ext-dns-pipeline.groovy
+ repo: kubernetes/external-dns
+ - name: metallb
+ display_name: "Metal LB merge pipeline"
+ pipeline: mcp-k8s-metallb-pipeline.groovy
+ repo: kubernetes/metallb
+ - name: nginx-ingress
+ display_name: "NGINX ingress merge pipeline"
+ pipeline: mcp-k8s-ingress-nginx-pipeline.groovy
+ repo: kubernetes/ingress-nginx
+ template:
+ type: workflow-scm
+ display_name: "{{display_name}}"
+ discard:
+ build:
+ keep_num: 20
+ concurrent: false
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/kubernetes-ci/kubernetes-pipelines"
+ credentials: "gerrit"
+ script: "pipelines/{{pipeline}}"
+ trigger:
+ gerrit:
+ project:
+ "{{repo}}":
+ branches:
+ - compare_type: "ANT"
+ name: "**mcp**"
+ message:
+ build_successful: "Build successful"
+ build_unstable: "Build unstable"
+ build_failure: "Build failed"
+ event:
+ change:
+ - merged
+ param:
+ KUBE_DOCKER_REGISTRY:
+ type: string
+ default: ${_param:mcp_docker_registry}
+ description: 'Docker registry for binaries and images'
+ KUBE_PROD_DOCKER_REGISTRY:
+ type: string
+ default: ${_param:mcp_prod_docker_registry}
+ description: 'Prod docker registry for binaries and images'
diff --git a/jenkins/client/job/k8s-test/mcp-k8s-generic-test-pipeline.yml b/jenkins/client/job/k8s-test/mcp-k8s-generic-test-pipeline.yml
new file mode 100644
index 0000000..de5e5a6
--- /dev/null
+++ b/jenkins/client/job/k8s-test/mcp-k8s-generic-test-pipeline.yml
@@ -0,0 +1,69 @@
+parameters:
+ _param:
+ mcp_docker_registry: 'docker-dev-local.docker.mirantis.net'
+ jenkins:
+ client:
+ job_template:
+ mcp-k8s-generic-test-pipeline:
+ name: mcp-k8s-{{name}}-test-pipeline
+ jobs:
+ - name: coredns
+ display_name: "CoreDNS test pipeline"
+ pipeline: mcp-k8s-coredns-pipeline.groovy
+ repo: kubernetes/coredns
+ - name: dashboard
+ display_name: "Kubernetes dashboard test pipeline"
+ pipeline: mcp-k8s-dashboard-pipeline.groovy
+ repo: kubernetes/dashboard
+ - name: external-dns
+ display_name: "External DNS test pipeline"
+ pipeline: mcp-k8s-ext-dns-pipeline.groovy
+ repo: kubernetes/external-dns
+ - name: metallb
+ display_name: "Metal LB test pipeline"
+ pipeline: mcp-k8s-metallb-pipeline.groovy
+ repo: kubernetes/metallb
+ - name: nginx-ingress
+ display_name: "NGINX ingress test pipeline"
+ pipeline: mcp-k8s-ingress-nginx-pipeline.groovy
+ repo: kubernetes/ingress-nginx
+ template:
+ type: workflow-scm
+ display_name: "{{display_name}}"
+ discard:
+ build:
+ keep_num: 50
+ concurrent: true
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/kubernetes-ci/kubernetes-pipelines"
+ credentials: "gerrit"
+ script: "pipelines/{{pipeline}}"
+ trigger:
+ gerrit:
+ project:
+ "{{repo}}":
+ branches:
+ - compare_type: "ANT"
+ name: "**"
+ message:
+ build_successful: "Build successful"
+ build_unstable: "Build unstable"
+ build_failure: "Build failed"
+ event:
+ patchset:
+ - created:
+ excludeDrafts: false
+ excludeTrivialRebase: false
+ excludeNoCodeChange: false
+ comment:
+ - addedContains:
+ commentAddedCommentContains: '(recheck|reverify)'
+ override-votes:
+ gerritBuildUnstableVerifiedValue: 1
+ gerritBuildUnstableCodeReviewValue: 1
+ param:
+ KUBE_DOCKER_REGISTRY:
+ type: string
+ default: ${_param:mcp_docker_registry}
+ description: 'Docker registry for binaries and images'
diff --git a/jenkins/client/job/oscore/cookiecutter.yml b/jenkins/client/job/oscore/cookiecutter.yml
index 5ffe289..84c96d8 100644
--- a/jenkins/client/job/oscore/cookiecutter.yml
+++ b/jenkins/client/job/oscore/cookiecutter.yml
@@ -35,6 +35,7 @@
- openstack-ovs-core-manila-pike
- openstack-ovs-core-telemetry-pike
- openstack-ovs-core-queens
+ - openstack-ovs-core-ssl-queens
STACK_INSTALL:
type: string
default: 'core,openstack,ovs'
@@ -42,6 +43,16 @@
type: boolean
description: "Delete Heat stack when finished (bool)"
default: 'false'
+ OPENSTACK_ENVIRONMENT:
+ type: choice
+ description: "Target openstack environment."
+ choices:
+ - devcloud
+ - presales
+ - oscore_devcloud
+ OPENSTACK_API_CREDENTIALS:
+ type: string
+ description: "Credentials to the OpenStack API"
OPENSTACK_API_PROJECT:
type: string
default: "mcp-oscore"
@@ -61,7 +72,7 @@
default: |-
#Extra context that will be merged with content of COOKIECUTTER_TEMPLATE_CONTEXT_FILE
default_context:
- openssh_groups: "qa_scale,oscore_devops,networking,tcpcloud,stacklight,k8s_team"
+ openssh_groups: "qa_scale,oscore_devops,networking,tcpcloud,stacklight,k8s_team,mcp_qa"
cookiecutter_template_url: https://gerrit.mcp.mirantis.net/mk/cookiecutter-templates.git
cookiecutter_template_branch: 'master'
shared_reclass_url: https://gerrit.mcp.mirantis.net/salt-models/reclass-system.git
@@ -113,6 +124,16 @@
type: string
default: "gerrit"
description: "ID of jenkins credentials to be used when connecting to gerrit."
+ OPENSTACK_ENVIRONMENT:
+ type: choice
+ description: "Target openstack environment."
+ choices:
+ - devcloud
+ - presales
+ - oscore_devcloud
+ OPENSTACK_API_CREDENTIALS:
+ type: string
+ description: "Credentials to the OpenStack API"
OPENSTACK_API_PROJECT:
type: string
default: "mcp-oscore-ci"
diff --git a/jenkins/client/job/oscore/release.yml b/jenkins/client/job/oscore/release.yml
index f73bd22..e471e9d 100644
--- a/jenkins/client/job/oscore/release.yml
+++ b/jenkins/client/job/oscore/release.yml
@@ -59,6 +59,10 @@
type: string
default: "{{test_scheme}}"
description: "Structure which defines parameters of deployment jobs"
+ TEST_MILESTONE:
+ type: string
+ description: Product milestone
+ default: "{{test_milestone}}"
MIRROR_HOST:
type: string
default: "mirror.mirantis.com"
diff --git a/jenkins/client/job/oscore/test_upgrades.yml b/jenkins/client/job/oscore/test_upgrades.yml
index 26a9960..e193d58 100644
--- a/jenkins/client/job/oscore/test_upgrades.yml
+++ b/jenkins/client/job/oscore/test_upgrades.yml
@@ -19,17 +19,30 @@
credentials: "gerrit"
branch: 'master'
script: test-openstack-upgrade-pipeline.groovy
+ trigger:
+ timer:
+ spec: "H 22 * * *"
param:
CREDENTIALS_ID:
type: string
description: "ID of jenkins credentials to be used when connecting to gerrit."
default: "gerrit"
+ OPENSTACK_ENVIRONMENT:
+ type: choice
+ description: "Target openstack environment."
+ choices:
+ - devcloud
+ - presales
+ - oscore_devcloud
+ OPENSTACK_API_CREDENTIALS:
+ type: string
+ description: "Credentials to the OpenStack API"
OPENSTACK_API_PROJECT:
type: string
- default: "mcp-oscore"
+ default: "mcp-oscore-ci"
HEAT_STACK_ZONE:
type: string
- default: "mcp-oscore"
+ default: "mcp-oscore-ci"
FLAVOR_PREFIX:
type: string
default: 'dev'
@@ -40,8 +53,57 @@
TEST_SCHEME:
type: string
description: "Yaml based scheme to be applied in testing"
- default: '{"old": {"context_file_name": "openstack-ovs-core-{{openstack_version_old}}","extra_context": {"default_context": {"openstack_version": "{{openstack_version_old}}"}}}, "new": {"extra_context": {"default_context": {"openstack_version": "{{openstack_version_new}}"}}}}'
+ default: '{"old": {"run_smoke": True, "context_file_name": "openstack-ovs-core-{{openstack_version_old}}","extra_context": {"default_context": {"openstack_version": "{{openstack_version_old}}"}}}, "new": {"run_smoke": True, "extra_context": {"default_context": {"openstack_version": "{{openstack_version_new}}"}}}}'
job:
+ oscore-test-openstack-upgrade-mitaka-newton:
+ display_name: oscore-test-openstack-upgrade-mitaka-newton
+ name: oscore-test-openstack-upgrade-mitaka-newton
+ concurrent: true
+ description: Test upgrade flow for opentack cluster
+ discard:
+ build:
+ keep_num: 60
+ artifact:
+ keep_num: 60
+ type: workflow-scm
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/openstack-ci/openstack-pipelines"
+ credentials: "gerrit"
+ branch: 'master'
+ script: test-openstack-upgrade-pipeline.groovy
+ param:
+ CREDENTIALS_ID:
+ type: string
+ description: "ID of jenkins credentials to be used when connecting to gerrit."
+ default: "gerrit"
+ OPENSTACK_ENVIRONMENT:
+ type: choice
+ description: "Target openstack environment."
+ choices:
+ - devcloud
+ - presales
+ - oscore_devcloud
+ OPENSTACK_API_CREDENTIALS:
+ type: string
+ description: "Credentials to the OpenStack API"
+ OPENSTACK_API_PROJECT:
+ type: string
+ default: "mcp-oscore"
+ HEAT_STACK_ZONE:
+ type: string
+ default: "mcp-oscore"
+ FLAVOR_PREFIX:
+ type: string
+ default: 'dev'
+ STACK_DELETE:
+ type: boolean
+ default: 'true'
+ description: Don't enable it if you need to use the lab after
+ TEST_SCHEME:
+ type: string
+ description: "Yaml based scheme to be applied in testing"
+ default: '{"old": {"run_smoke": True, "context_file_name": "openstack-ovs-core-mitaka","extra_context": {"default_context": {"openstack_version": "mitaka"}}}, "new": {"run_smoke": True, "extra_context": {"default_context": {"openstack_version": "newton"}}}}'
oscore-test-adjust-cluster-model:
display_name: oscore-test-adjust-cluster-model
name: oscore-test-adjust-cluster-model
diff --git a/jenkins/client/job/oscore/tests.yml b/jenkins/client/job/oscore/tests.yml
index f4fb7e0..bccb9b7 100644
--- a/jenkins/client/job/oscore/tests.yml
+++ b/jenkins/client/job/oscore/tests.yml
@@ -682,7 +682,7 @@
trigger:
gerrit:
project:
- "^salt-formulas/(nova|cinder|glance|keystone|horizon|neutron|designate|heat|ironic|barbican|aodh|ceilometer|gnocchi|panko|manila|salt|linux|reclass|galera|memcached|rabbitmq|bind|apache|runtest|oslo-templates|auditd)$":
+ "^salt-formulas/(nova|cinder|glance|keystone|horizon|neutron|designate|heat|ironic|barbican|aodh|ceilometer|gnocchi|panko|manila|salt|linux|reclass|galera|memcached|rabbitmq|bind|apache|runtest|oslo-templates|auditd|octavia)$":
compare_type: 'REG_EXP'
branches:
- master
diff --git a/jenkins/client/job/salt-models/tests.yml b/jenkins/client/job/salt-models/tests.yml
index 983a88b..c6c54bb 100644
--- a/jenkins/client/job/salt-models/tests.yml
+++ b/jenkins/client/job/salt-models/tests.yml
@@ -48,10 +48,6 @@
PARALLEL_NODE_GROUP_SIZE:
type: string
default: "9"
- # Salt master setup extra formulas
- EXTRA_FORMULAS:
- type: string
- default: "{{extra_formulas}}"
FORMULAS_SOURCE:
type: string
default: "{{formulas_src}}"
@@ -158,10 +154,6 @@
PARALLEL_NODE_GROUP_SIZE:
type: string
default: "9"
- # Salt master setup extra formulas
- EXTRA_FORMULAS:
- type: string
- default: "{{extra_formulas}}"
FORMULAS_SOURCE:
type: string
default: "{{formulas_src}}"
@@ -235,6 +227,10 @@
DEFAULT_GIT_REF:
type: string
default: master
+ EXTRA_VARIABLES_YAML:
+ type: text
+ default: ""
+ description: "Extra vars passed as YAML"
PARALLEL_NODE_GROUP_SIZE:
type: string
default: "5"
@@ -244,10 +240,10 @@
- cookiecutter_template: cookiecutter-templates
template:
discard:
- build:
- keep_num: 50
- artifact:
- keep_num: 50
+ build:
+ keep_days: 4
+ artifact:
+ keep_days: 4
type: workflow-scm
concurrent: true
scm:
@@ -272,37 +268,40 @@
COOKIECUTTER_TEMPLATE_URL:
type: string
default: "${_param:jenkins_gerrit_url}/mk/{{cookiecutter_template}}"
- CREDENTIALS_ID:
- type: string
- default: gerrit
COOKIECUTTER_TEMPLATE_BRANCH:
type: string
default: master
- RECLASS_MODEL_URL:
+ description: "Those variable will be ignored, in case gerritTrigger=>GERRIT_BRANCH"
+ COOKIECUTTER_TEMPLATE_REF:
+ type: string
+ default: ""
+ description: "Example: refs/changes/49/25549/1"
+ RECLASS_SYSTEM_URL:
type: string
default: "${_param:jenkins_gerrit_url}/salt-models/reclass-system"
- RECLASS_MODEL_BRANCH:
+ RECLASS_SYSTEM_BRANCH:
type: string
default: master
+ description: "Those variable will be ignored, in case gerritTrigger=>GERRIT_BRANCH"
+ RECLASS_SYSTEM_GIT_REF:
+ type: string
+ default: ""
+ description: "Example: refs/changes/49/25549/1"
DISTRIB_REVISION:
type: string
default: 'nightly'
- SYSTEM_GIT_URL:
- type: string
- default: ""
- SYSTEM_GIT_REF:
- type: string
- default: ""
- PARALLEL_NODE_GROUP_SIZE:
- type: string
- default: "1"
- EXTRA_FORMULAS:
- type: string
- default: "aptly artifactory auditd backupninja collectd devops-portal docker elasticsearch fluentd freeipa gerrit glusterfs grafana haproxy heka horizon influxdb jenkins keepalived kibana libvirt maas memcached mysql nginx ntp openldap openssh postfix prometheus rsync rsyslog rundeck sensu sphinx telegraf xtrabackup watchdog logrotate"
+ description: "Those variable will be ignored, in case gerritTrigger=>GERRIT_BRANCH. Version of bin-artifacts,passed to test-env"
RECLASS_VERSION:
type: string
default: 'v1.5.4'
- description: "Version (branch) of Reclass we will use"
+ description: "Version (branch) of reclass PACKAGE we will use"
+ CREDENTIALS_ID:
+ type: string
+ default: gerrit
+ EXTRA_VARIABLES_YAML:
+ type: text
+ default: ""
+ description: "Extra vars passed as YAML"
job:
test-salt-model-node:
name: test-salt-model-node
@@ -341,9 +340,6 @@
CREDENTIALS_ID:
type: string
default: "gerrit"
- EXTRA_FORMULAS:
- type: string
- default: ""
FORMULAS_SOURCE:
type: string
default: "pkg"
@@ -383,9 +379,9 @@
name: test-mk-cookiecutter-templates-chunk
discard:
build:
- keep_num: 300
+ keep_days: 3
artifact:
- keep_num: 30
+ keep_days: 3
type: workflow-scm
concurrent: true
plugin_properties:
@@ -402,5 +398,5 @@
script: test-cookiecutter-reclass-chunk.groovy
param:
EXTRA_VARIABLES_YAML:
- type: string
+ type: text
default: ""
diff --git a/jenkins/client/job/security/openscap.yml b/jenkins/client/job/security/openscap.yml
new file mode 100644
index 0000000..fae68ab
--- /dev/null
+++ b/jenkins/client/job/security/openscap.yml
@@ -0,0 +1,57 @@
+#
+# Job to collect oscap results based on input benchmarks
+#
+parameters:
+ jenkins:
+ client:
+ job:
+ run-openscap-xccdf-evaluation:
+ type: workflow-scm
+ concurrent: true
+ discard:
+ build:
+ keep_num: 10
+ artifact:
+ keep_num: 10
+ display_name: "Run openscap xccdf evaluation on given nodes"
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
+ branch: "${_param:jenkins_pipelines_branch}"
+ credentials: "gerrit"
+ script: test-openscap-pipeline.groovy
+ param:
+ DASHBOARD_API_URL:
+ type: string
+ default: ""
+ description: "The WORP api base url. Mandatory if UPLOAD_TO_DASHBOARD is true"
+ SALT_MASTER_URL:
+ type: string
+ default: ""
+ SALT_MASTER_CREDENTIALS:
+ type: string
+ default: "salt"
+ TARGET_SERVERS:
+ type: string
+ default: '*'
+ description: "The target Salt nodes"
+ UPLOAD_TO_DASHBOARD:
+ type: boolean
+ default: "false"
+ description: "Upload results to the WORP or not"
+ XCCDF_BENCHMARKS:
+ type: string
+ default: "cis_ubuntu_1604_server_l2/cis_ubuntu_1604_server_l2-xccdf.xml,default"
+ description: "List of pairs XCCDF benchmark filename and corresponding profile, format xccdf_benchmark 1, profile; xccdf_benchmark 2, profile"
+ XCCDF_BENCHMARKS_DIR:
+ type: string
+ default: "/usr/share/xccdf-benchmarks/mirantis/"
+ description: "The XCCDF benchmarks base directory"
+ XCCDF_VERSION:
+ type: string
+ default: "1.2"
+ description: "The XCCDF version"
+ XCCDF_TAILORING_ID:
+ type: string
+ default: "None"
+ description: "The tailoring id"
diff --git a/jenkins/client/job/stacklight/cookiecutter.yml b/jenkins/client/job/stacklight/cookiecutter.yml
index 0a2c6ed..0f40403 100644
--- a/jenkins/client/job/stacklight/cookiecutter.yml
+++ b/jenkins/client/job/stacklight/cookiecutter.yml
@@ -31,6 +31,16 @@
type: string
description: "Context for cookiecutter template specified as filename"
default: 'stacklight-openstack-ovs-core-pike'
+ OPENSTACK_ENVIRONMENT:
+ type: choice
+ description: "Target openstack environment"
+ choices:
+ - devcloud
+ - presales
+ - oscore_devcloud
+ OPENSTACK_API_CREDENTIALS:
+ type: string
+ description: "Credentials to the OpenStack API"
OPENSTACK_API_PROJECT:
type: string
default: "mcp-stacklight"
diff --git a/keepalived/cluster/instance/openstack_manila_vip.yml b/keepalived/cluster/instance/openstack_manila_vip.yml
new file mode 100644
index 0000000..d8330c4
--- /dev/null
+++ b/keepalived/cluster/instance/openstack_manila_vip.yml
@@ -0,0 +1,11 @@
+classes:
+- service.keepalived.cluster.single
+parameters:
+ _param:
+ keepalived_openstack_manila_vip_address: ${_param:cluster_vip_address}
+ keepalived_openstack_manila_vip_password: password
+ keepalived_openstack_manila_vip_interface: eth1
+ keepalived_vip_virtual_router_id: 235
+ keepalived_vip_address: ${_param:keepalived_openstack_manila_vip_address}
+ keepalived_vip_password: ${_param:keepalived_openstack_manila_vip_password}
+ keepalived_vip_interface: ${_param:keepalived_openstack_manila_vip_interface}
diff --git a/keystone/client/os_client_config/octavia_identity.yml b/keystone/client/os_client_config/octavia_identity.yml
new file mode 100644
index 0000000..3d84b0c
--- /dev/null
+++ b/keystone/client/os_client_config/octavia_identity.yml
@@ -0,0 +1,20 @@
+parameters:
+ keystone:
+ client:
+ os_client_config:
+ enabled: true
+ cfgs:
+ root:
+ content:
+ clouds:
+ octavia_identity:
+ region_name: ${_param:openstack_region}
+ identity_api_version: '3'
+ interface: 'internal'
+ auth:
+ username: 'octavia'
+ password: ${_param:keystone_octavia_password}
+ user_domain_name: 'Default'
+ project_name: 'service'
+ project_domain_name: 'Default'
+ auth_url: ${_param:keystone_service_protocol}://${_param:keystone_service_host}:5000
\ No newline at end of file
diff --git a/keystone/client/service/gnocchi.yml b/keystone/client/service/gnocchi.yml
index 27d38b0..1d1b075 100644
--- a/keystone/client/service/gnocchi.yml
+++ b/keystone/client/service/gnocchi.yml
@@ -5,6 +5,8 @@
cluster_public_protocol: https
gnocchi_service_protocol: http
gnocchi_public_host: ${_param:cluster_public_host}
+ gnocchi_public_port: 8041
+ gnocchi_public_path: '/'
keystone:
client:
server:
@@ -24,8 +26,8 @@
- region: ${_param:openstack_region}
public_address: ${_param:gnocchi_public_host}
public_protocol: ${_param:cluster_public_protocol}
- public_port: 8041
- public_path: '/'
+ public_port: ${_param:gnocchi_public_port}
+ public_path: ${_param:gnocchi_public_path}
internal_address: ${_param:gnocchi_service_host}
internal_port: 8041
internal_path: '/'
diff --git a/keystone/client/service/keystone.yml b/keystone/client/service/keystone.yml
index 0cfa963..53e7cd1 100644
--- a/keystone/client/service/keystone.yml
+++ b/keystone/client/service/keystone.yml
@@ -7,6 +7,8 @@
keystone_public_path: "/v2.0"
keystone_internal_path: "/v2.0"
keystone_admin_path: "/v2.0"
+ keystone_public_address: ${_param:cluster_public_host}
+ keystone_public_port: 5000
keystone:
client:
server:
@@ -17,9 +19,9 @@
description: OpenStack Identity Service
endpoints:
- region: ${_param:openstack_region}
- public_address: ${_param:cluster_public_host}
+ public_address: ${_param:keystone_public_address}
public_protocol: ${_param:cluster_public_protocol}
- public_port: 5000
+ public_port: ${_param:keystone_public_port}
public_path: ${_param:keystone_public_path}
internal_address: ${_param:keystone_service_host}
internal_port: 5000
diff --git a/keystone/client/service/octavia.yml b/keystone/client/service/octavia.yml
index 304d70f..bf16b79 100644
--- a/keystone/client/service/octavia.yml
+++ b/keystone/client/service/octavia.yml
@@ -9,6 +9,9 @@
client:
server:
identity:
+ roles:
+ - load-balancer_member
+ - load-balancer_admin
project:
service:
user:
@@ -18,7 +21,7 @@
email: ${_param:admin_email}
service:
octavia:
- type: octavia
+ type: load-balancer
description: OpenStack Loadbalancing Service
endpoints:
- region: ${_param:openstack_region}
diff --git a/keystone/client/v3/service/octavia.yml b/keystone/client/v3/service/octavia.yml
index a43b0a9..56de95b 100644
--- a/keystone/client/v3/service/octavia.yml
+++ b/keystone/client/v3/service/octavia.yml
@@ -1,3 +1,6 @@
+classes:
+- system.keystone.client.os_client_config.octavia_identity
+
parameters:
_param:
cluster_public_protocol: https
@@ -5,8 +8,25 @@
octavia_service_protocol: http
keystone:
client:
+ server:
+ identity:
+ octavia:
+ api_version: 3
+ octavia_identity:
+ admin:
+ api_version: ''
+ user_domain_name: 'Default'
+ project_domain_name: 'Default'
resources:
v3:
+ cloud_name: 'octavia_identity'
+ roles:
+ global_load_balancer_member:
+ name: load-balancer_member
+ enabled: true
+ global_load_balancer_admin:
+ name: load-balancer_admin
+ enabled: true
users:
octavia:
password: ${_param:keystone_octavia_password}
@@ -17,7 +37,7 @@
project_id: service
services:
octavia:
- type: octavia
+ type: load-balancer
description: OpenStack Loadbalancing Service
endpoints:
octavia_public:
diff --git a/keystone/server/cluster.yml b/keystone/server/cluster.yml
index 24840fe..a42d3b6 100644
--- a/keystone/server/cluster.yml
+++ b/keystone/server/cluster.yml
@@ -6,12 +6,16 @@
- system.linux.system.users.keystone
- system.keystone.server.fernet_rotation.cluster
- system.salt.minion.cert.mysql.clients.openstack.keystone
+- system.salt.minion.cert.rabbitmq.clients.openstack.keystone
parameters:
_param:
keystone_tokens_expiration: 3600
openstack_node_role: primary
openstack_mysql_x509_enabled: False
+ openstack_rabbitmq_x509_enabled: False
galera_ssl_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
package:
@@ -60,6 +64,7 @@
credential:
location: /var/lib/keystone/credential-keys
message_queue:
+ port: ${_param:openstack_rabbitmq_port}
engine: rabbitmq
members:
- host: ${_param:openstack_message_queue_node01_address}
@@ -69,6 +74,13 @@
password: ${_param:rabbitmq_openstack_password}
virtual_host: '/openstack'
ha_queues: true
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_keystone_ssl_ca_file}
+ key_file: ${_param:rabbitmq_keystone_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_keystone_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
auth_methods:
- password
- token
diff --git a/keystone/server/fernet_rotation/cluster.yml b/keystone/server/fernet_rotation/cluster.yml
index 7da8b5b..c34c4f8 100644
--- a/keystone/server/fernet_rotation/cluster.yml
+++ b/keystone/server/fernet_rotation/cluster.yml
@@ -24,6 +24,9 @@
credential_rotation_driver: ${_param:credential_rotation_driver}
linux:
system:
+ package:
+ rsync:
+ version: latest
cron:
user:
keystone:
diff --git a/keystone/server/fernet_rotation/single.yml b/keystone/server/fernet_rotation/single.yml
index bb6f234..8a3d6fb 100644
--- a/keystone/server/fernet_rotation/single.yml
+++ b/keystone/server/fernet_rotation/single.yml
@@ -10,6 +10,9 @@
credential_rotation_driver: ${_param:credential_rotation_driver}
linux:
system:
+ package:
+ rsync:
+ version: latest
cron:
user:
keystone:
diff --git a/keystone/server/single.yml b/keystone/server/single.yml
index d926c0d..10a5331 100644
--- a/keystone/server/single.yml
+++ b/keystone/server/single.yml
@@ -3,6 +3,7 @@
- system.linux.system.users.keystone
- system.keystone.server.fernet_rotation.single
- system.salt.minion.cert.mysql.clients.openstack.keystone
+- system.salt.minion.cert.rabbitmq.clients.openstack.keystone
parameters:
_param:
keystone_service_token: token
@@ -13,7 +14,10 @@
keystone_tokens_expiration: 3600
openstack_node_role: primary
openstack_mysql_x509_enabled: False
+ openstack_rabbitmq_x509_enabled: False
galera_ssl_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
package:
@@ -59,12 +63,20 @@
credential:
location: /var/lib/keystone/credential-keys
message_queue:
+ port: ${_param:openstack_rabbitmq_port}
engine: rabbitmq
host: ${_param:single_address}
user: openstack
password: ${_param:rabbitmq_openstack_password}
virtual_host: '/openstack'
ha_queues: true
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_keystone_ssl_ca_file}
+ key_file: ${_param:rabbitmq_keystone_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_keystone_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
roles:
- admin
- Member
diff --git a/kubernetes/common/addons/alertmanager.yml b/kubernetes/common/addons/alertmanager.yml
new file mode 100644
index 0000000..c7483cf
--- /dev/null
+++ b/kubernetes/common/addons/alertmanager.yml
@@ -0,0 +1,24 @@
+classes:
+- system.prometheus.alertmanager.container
+parameters:
+ _param:
+ kubernetes_alertmanager_enabled: false
+ kubernetes_alertmanager_image: ${_param:mcp_docker_registry}/openstack-docker/alertmanager:2018.8.0
+ kubernetes_alertmanager_namespace: stacklight
+ kubernetes_alertmanager_node_port: 31993
+ kubernetes:
+ common:
+ addons:
+ alertmanager:
+ enabled: ${_param:kubernetes_alertmanager_enabled}
+ image: ${_param:kubernetes_alertmanager_image}
+ namespace: ${_param:kubernetes_alertmanager_namespace}
+ dir:
+ config: ${_param:prometheus_alertmanager_config_directory}
+ data: ${_param:prometheus_alertmanager_data_directory}
+ host_config: ${prometheus:alertmanager:dir:config}
+ host_data: ${prometheus:alertmanager:dir:data}
+ bind:
+ address: ${prometheus:alertmanager:bind:address}
+ port: ${prometheus:alertmanager:bind:port}
+ node_port: ${_param:kubernetes_alertmanager_node_port}
diff --git a/kubernetes/common/addons/prometheus.yml b/kubernetes/common/addons/prometheus.yml
new file mode 100644
index 0000000..5f5fcea
--- /dev/null
+++ b/kubernetes/common/addons/prometheus.yml
@@ -0,0 +1,37 @@
+classes:
+- system.prometheus.server.container
+parameters:
+ _param:
+ kubernetes_prometheus_image: ${_param:mcp_docker_registry}/openstack-docker/prometheus:2018.8.0
+ kubernetes_prometheus_enabled: false
+ kubernetes_prometheus_namespace: stacklight
+ kubernetes_prometheus_server_resources_limits_memory: 500M
+ kubernetes_prometheus_server_resources_requests_memory: 500M
+ kubernetes_prometheus_server_bind_host_port: 31990
+ kubernetes_prometheus_server_storage_local_engine: persisted
+ kubernetes_prometheus_server_use_static_datadir: true
+ kubernetes:
+ common:
+ addons:
+ prometheus:
+ enabled: ${_param:kubernetes_prometheus_enabled}
+ image: ${_param:kubernetes_prometheus_image}
+ namespace: ${_param:kubernetes_prometheus_namespace}
+ server:
+ bind:
+ port: ${prometheus:server:bind:port}
+ host: ${prometheus:server:bind:address}
+ host_port: ${_param:kubernetes_prometheus_server_bind_host_port}
+ config:
+ config_dir: ${prometheus:server:dir:config_in_container}
+ host_config_dir: ${prometheus:server:dir:config}
+ data_dir: ${_param:prometheus_server_data_directory}
+ host_data_dir: ${prometheus:server:dir:data}
+ storage_local_engine: ${_param:kubernetes_prometheus_server_storage_local_engine}
+ storage_local_retention: ${prometheus:server:storage:local:retention}
+ use_static_datadir: ${_param:kubernetes_prometheus_server_use_static_datadir}
+ resources:
+ limits:
+ memory: ${_param:kubernetes_prometheus_server_resources_limits_memory}
+ requests:
+ memory: ${_param:kubernetes_prometheus_server_resources_requests_memory}
diff --git a/kubernetes/common.yml b/kubernetes/common/init.yml
similarity index 95%
rename from kubernetes/common.yml
rename to kubernetes/common/init.yml
index bf5886b..45d688f 100644
--- a/kubernetes/common.yml
+++ b/kubernetes/common/init.yml
@@ -12,14 +12,14 @@
kubernetes_netchecker_server_repo: mirantis
kubernetes_virtlet_repo: mirantis
kubernetes_kubedns_repo: gcr.io/google_containers
- kubernetes_externaldns_repo: mirantis
+ kubernetes_externaldns_repo: ${_param:mcp_docker_registry}/mirantis/external-dns
kubernetes_genie_repo: https://docker-prod-local.artifactory.mirantis.com/artifactory/binary-prod-local/mirantis/kubernetes/cni-genie
kubernetes_flannel_repo: quay.io/coreos
- kubernetes_metallb_repo: metallb
+ kubernetes_metallb_repo: ${_param:mcp_docker_registry}/mirantis/metallb
kubernetes_sriov_repo: https://docker-prod-local.artifactory.mirantis.com/artifactory/binary-prod-local/mirantis/kubernetes/sriov-cni
kubernetes_cniplugins_repo: https://docker-prod-local.artifactory.mirantis.com/artifactory/binary-prod-local/mirantis/kubernetes/containernetworking-plugins
kubernetes_dashboard_repo: ${_param:mcp_docker_registry}/mirantis/kubernetes
- kubernetes_coredns_repo: coredns
+ kubernetes_coredns_repo: ${_param:mcp_docker_registry}/mirantis/coredns
# component docker images
kubernetes_docker_package: docker-engine=1.13.1-0~ubuntu-xenial
@@ -31,21 +31,21 @@
kubernetes_pause_image: ${_param:kubernetes_hyperkube_repo}/pause-amd64:v1.11.2-1
kubernetes_contrail_cni_image: ${_param:kubernetes_contrail_cni_repo}/contrail-cni:v1.2.0
kubernetes_contrail_network_controller_image: ${_param:kubernetes_contrail_network_controller_repo}/contrail-network-controller:v1.2.0
- kubernetes_virtlet_image: ${_param:kubernetes_virtlet_repo}/virtlet:v1.1.2
- kubernetes_criproxy_version: v0.11.1
- kubernetes_criproxy_checksum: md5=a3f1f08bdc7a8d6eb73b7c8fa5bae200
+ kubernetes_virtlet_image: ${_param:kubernetes_virtlet_repo}/virtlet:v1.4.0
+ kubernetes_criproxy_version: v0.12.0
+ kubernetes_criproxy_checksum: md5=371cacd3d8568eb88425498b48a649dd
kubernetes_netchecker_agent_image: ${_param:kubernetes_netchecker_agent_repo}/k8s-netchecker-agent:v1.2.2
kubernetes_netchecker_server_image: ${_param:kubernetes_netchecker_server_repo}/k8s-netchecker-server:v1.2.2
kubernetes_kubedns_image: ${_param:kubernetes_kubedns_repo}/k8s-dns-kube-dns-amd64:1.14.5
kubernetes_dnsmasq_image: ${_param:kubernetes_kubedns_repo}/k8s-dns-dnsmasq-amd64:1.14.5
kubernetes_sidecar_image: ${_param:kubernetes_kubedns_repo}/k8s-dns-sidecar-amd64:1.14.5
kubernetes_dns_autoscaler_image: ${_param:kubernetes_kubedns_repo}/cluster-proportional-autoscaler-amd64:1.0.0
- kubernetes_externaldns_image: ${_param:kubernetes_externaldns_repo}/external-dns:v0.5.3
+ kubernetes_externaldns_image: ${_param:kubernetes_externaldns_repo}/external-dns:v0.5.6-1
kubernetes_genie_source: ${_param:kubernetes_genie_repo}/genie_v1.0-138-gbf5dbaa
kubernetes_genie_source_hash: md5=b024052ed4ecb1d5354e0cc8f51afaca
kubernetes_flannel_image: ${_param:kubernetes_flannel_repo}/flannel:v0.10.0-amd64
- kubernetes_metallb_controller_image: ${_param:kubernetes_metallb_repo}/controller:v0.7.3
- kubernetes_metallb_speaker_image: ${_param:kubernetes_metallb_repo}/speaker:v0.7.3
+ kubernetes_metallb_controller_image: ${_param:kubernetes_metallb_repo}/controller:v0.7.3-2
+ kubernetes_metallb_speaker_image: ${_param:kubernetes_metallb_repo}/speaker:v0.7.3-2
kubernetes_sriov_source: ${_param:kubernetes_sriov_repo}/sriov_v0.3-8-g8b7ed98
kubernetes_sriov_source_hash: md5=c0cc33202afd02e4cc44b977a8faf6e7
kubernetes_cniplugins_source: ${_param:kubernetes_cniplugins_repo}/cni-plugins_v0.7.1-48-g696b1f9.tar.gz
@@ -54,7 +54,7 @@
kubernetes_fluentd_aggregator_image: fluent/fluentd-kubernetes-daemonset:v1.2-debian-elasticsearch
kubernetes_fluentd_logger_image: fluent/fluentd-kubernetes-daemonset:v1.2-debian-stackdriver
kubernetes_telegraf_image: ${_param:mcp_docker_registry}/openstack-docker/telegraf:2018.8.0
- kubernetes_coredns_image: ${_param:kubernetes_coredns_repo}/coredns:1.2.0
+ kubernetes_coredns_image: ${_param:kubernetes_coredns_repo}/coredns:v1.2.2-12
kubelet_fail_on_swap: true
kubernetes_dashboard_enabled: true
@@ -63,6 +63,7 @@
kubernetes_coredns_enabled: true
kubernetes_externaldns_provider: coredns
kubernetes_virtlet_enabled: false
+ kubernetes_virtlet_use_apparmor: false
kubernetes_flannel_enabled: false
kubernetes_genie_enabled: false
kubernetes_calico_enabled: false
@@ -256,8 +257,11 @@
image: ${_param:kubernetes_virtlet_image}
criproxy_version: ${_param:kubernetes_criproxy_version}
criproxy_source: ${_param:kubernetes_criproxy_checksum}
+ use_apparmor: ${_param:kubernetes_virtlet_use_apparmor}
metallb:
enabled: ${_param:kubernetes_metallb_enabled}
+ controller_image: ${_param:kubernetes_metallb_controller_image}
+ speaker_image: ${_param:kubernetes_metallb_speaker_image}
pool:
enabled: false
kubelet:
diff --git a/kubernetes/control/opencontrail.yml b/kubernetes/control/opencontrail.yml
index e5556fa..2a46d00 100644
--- a/kubernetes/control/opencontrail.yml
+++ b/kubernetes/control/opencontrail.yml
@@ -20,6 +20,10 @@
public_ip_range: ${_param:opencontrail_public_ip_range}
public_network: ${_param:opencontrail_public_ip_network}
private_ip_range: ${_param:opencontrail_private_ip_range}
+ cluster_network:
+ project: 'default'
+ domain: 'default-domain'
+ name: 'cluster-network'
config:
api:
host: ${_param:opencontrail_control_address}
diff --git a/linux/system/repo/keystorage/mirantis_com/init.yml b/linux/system/repo/keystorage/mirantis_com/init.yml
new file mode 100644
index 0000000..b6c9a86
--- /dev/null
+++ b/linux/system/repo/keystorage/mirantis_com/init.yml
@@ -0,0 +1,2 @@
+classes:
+- system.linux.system.repo.keystorage.mirantis_com.openstack
diff --git a/linux/system/repo/keystorage/mirantis_com/openstack.yml b/linux/system/repo/keystorage/mirantis_com/openstack.yml
new file mode 100644
index 0000000..12d5e73
--- /dev/null
+++ b/linux/system/repo/keystorage/mirantis_com/openstack.yml
@@ -0,0 +1,26 @@
+parameters:
+ linux:
+ system:
+ repo:
+ mirantis_openstack:
+ # pub 2048R/4C5289EF 2018-07-25
+ key: |
+ -----BEGIN PGP PUBLIC KEY BLOCK-----
+ Version: GnuPG v1
+
+ mQENBFtYVY8BCAC3oli93husG0ZVtv/L8I4/bcW60LFCyB0DuwEznGlSaj1fjOQu
+ C7QX9wvGRq8mRZ8mfZ6sbxGmgs0LnV5QIBle1l5I3B+AMGksf6UGEWgoN/vq86g+
+ 0Jg6kJP/D0sjGXvdlfy+bgAqjsx2bWOLjQGtHSIxhe4cE9HPBfMiYsFwGQua3XN3
+ tiGKcifszvDA6uqdjS6DuTEPCzyKiSyUevnWtBh0oUtUt//X4lG2Mx0lU91uUQGj
+ KeZ+fYXOLqgZm/FxLVT5w3g/UGK9Cbz5h4kGCJOfk0EwIZp0IRRs1phOC6gVMwoV
+ yWKCtdHmg7Ob8I4AZ8OW5HJn1UPHTprxcHBnABEBAAG0LEF1dG9idWlsZGVyIDxp
+ bmZyYSthdXRpYnVpbGRlckBtaXJhbnRpcy5jb20+iQE4BBMBAgAiBQJbWFWPAhsD
+ BgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRCRZVp5TFKJ70cJB/9ArWrSFyEx
+ qs7Tyo9M5WCPjqw7y2F7jd4Et3hqwc5jx6KlxGpg17SHt4oWcmtML3VBx+ziBAi0
+ 5Ry4Z4w0QqFW6gAqQepeW76Yq/OP5SoqEI9sUwzLfUY7raK/P1buvXB1eZh4mMw4
+ TFf4Hgo8yUQ3geYNnUBBfaSfkmiyBJGsMXBfW2zhlpVIyB6Cye5R823FxGNJe+li
+ hggNCQnKYqrGtr55RO6xYI1v89cgGrO2EVwPkFLA/MUnQEb433Ck+sjp1NZDUfuJ
+ U3gg8S0hT+Cf5XiknT/xqIhhTY/KzlNmynZt/51DzZzsbM+RO6JZFYJL2LuC69gB
+ +R5jrmaGu9fG
+ =sqIn
+ -----END PGP PUBLIC KEY BLOCK-----
diff --git a/linux/system/repo/mcp/apt_mirantis/hotfix/init.yml b/linux/system/repo/mcp/apt_mirantis/hotfix/init.yml
new file mode 100644
index 0000000..e9e45e6
--- /dev/null
+++ b/linux/system/repo/mcp/apt_mirantis/hotfix/init.yml
@@ -0,0 +1,2 @@
+classes:
+- system.linux.system.repo.mcp.apt_mirantis.hotfix.ubuntu
diff --git a/linux/system/repo/mcp/apt_mirantis/hotfix/ubuntu.yml b/linux/system/repo/mcp/apt_mirantis/hotfix/ubuntu.yml
new file mode 100644
index 0000000..77d5202
--- /dev/null
+++ b/linux/system/repo/mcp/apt_mirantis/hotfix/ubuntu.yml
@@ -0,0 +1,22 @@
+parameters:
+ _param:
+ linux_system_repo_hotfix_url: http://mirror.mirantis.com/hotfix/${_param:apt_mk_version}/
+ linux_system_repo_hotfix_ubuntu_url: ${_param:linux_system_repo_hotfix_url}/ubuntu/
+ linux:
+ system:
+ repo:
+# ubuntu_hotfix:
+# refresh_db: ${_param:linux_repo_refresh_db}
+# source: "deb [arch=amd64] ${_param:linux_system_repo_hotfix_ubuntu_url} ${_param:linux_system_codename} main restricted universe"
+# architectures: amd64
+# default: true
+# ubuntu_updates_hotfix:
+# refresh_db: ${_param:linux_repo_refresh_db}
+# source: "deb [arch=amd64] ${_param:linux_system_repo_hotfix_ubuntu_url} ${_param:linux_system_codename}-updates main restricted universe"
+# architectures: amd64
+# default: true
+ ubuntu_security_hotfix:
+ refresh_db: ${_param:linux_repo_refresh_db}
+ source: "deb [arch=amd64] ${_param:linux_system_repo_hotfix_ubuntu_url} ${_param:linux_system_codename}-security main restricted universe"
+ architectures: amd64
+ default: true
diff --git a/linux/system/repo/mcp/apt_mirantis/saltstack.yml b/linux/system/repo/mcp/apt_mirantis/saltstack.yml
index 22b3bb8..5ba85c0 100644
--- a/linux/system/repo/mcp/apt_mirantis/saltstack.yml
+++ b/linux/system/repo/mcp/apt_mirantis/saltstack.yml
@@ -13,7 +13,16 @@
source: "deb [arch=amd64] ${_param:linux_system_repo_mcp_saltstack_url}/${_param:linux_system_codename}/ ${_param:linux_system_codename} main"
architectures: amd64
clean_file: true
- pin:
- - pin: 'release o=SaltStack'
- priority: 1100
- package: '*'
+ pinning:
+ 10:
+ enabled: true
+ pin: 'release o=SaltStack'
+ # WA for https://github.com/saltstack/salt/issues/49653
+ # Should be removed with new version\fix in upstream.
+ priority: 50
+ package: 'libsodium18'
+ 20:
+ enabled: true
+ pin: 'release o=SaltStack'
+ priority: 1100
+ package: '*'
diff --git a/linux/system/repo/mcp/apt_mirantis/update/init.yml b/linux/system/repo/mcp/apt_mirantis/update/init.yml
new file mode 100644
index 0000000..167f896
--- /dev/null
+++ b/linux/system/repo/mcp/apt_mirantis/update/init.yml
@@ -0,0 +1,2 @@
+classes:
+- system.linux.system.repo.mcp.apt_mirantis.update.ubuntu
diff --git a/linux/system/repo/mcp/apt_mirantis/update/ubuntu.yml b/linux/system/repo/mcp/apt_mirantis/update/ubuntu.yml
new file mode 100644
index 0000000..d58ff85
--- /dev/null
+++ b/linux/system/repo/mcp/apt_mirantis/update/ubuntu.yml
@@ -0,0 +1,22 @@
+parameters:
+ _param:
+ linux_system_repo_update_url: http://mirror.mirantis.com/update/${_param:apt_mk_version}/
+ linux_system_repo_update_ubuntu_url: ${_param:linux_system_repo_update_url}/ubuntu/
+ linux:
+ system:
+ repo:
+# ubuntu_update:
+# refresh_db: ${_param:linux_repo_refresh_db}
+# source: "deb [arch=amd64] ${_param:linux_system_repo_update_ubuntu_url} ${_param:linux_system_codename} main restricted universe"
+# architectures: amd64
+# default: true
+# ubuntu_updates_update:
+# refresh_db: ${_param:linux_repo_refresh_db}
+# source: "deb [arch=amd64] ${_param:linux_system_repo_update_ubuntu_url} ${_param:linux_system_codename}-updates main restricted universe"
+# architectures: amd64
+# default: true
+ ubuntu_security_update:
+ refresh_db: ${_param:linux_repo_refresh_db}
+ source: "deb [arch=amd64] ${_param:linux_system_repo_update_ubuntu_url} ${_param:linux_system_codename}-security main restricted universe"
+ architectures: amd64
+ default: true
diff --git a/linux/system/repo/mcp/mirror/v1/openstack.yml b/linux/system/repo/mcp/mirror/v1/openstack.yml
index a4a369b..37482da 100644
--- a/linux/system/repo/mcp/mirror/v1/openstack.yml
+++ b/linux/system/repo/mcp/mirror/v1/openstack.yml
@@ -1,15 +1,17 @@
+classes:
+- system.linux.system.repo.keystorage.mirantis_com
parameters:
_param:
- apt_mk_version: stable
linux_system_architecture: 'amd64'
+ linux_system_repo_url: http://mirror.mirantis.com/${_param:apt_mk_version}/
+ linux_system_repo_mirantis_openstack_url: ${_param:linux_system_repo_url}/openstack-${_param:openstack_version}/
linux:
system:
repo:
mirantis_openstack:
- source: "deb http://mirror.mirantis.com/${_param:apt_mk_version}/openstack-${_param:openstack_version}/${_param:linux_system_codename} ${_param:linux_system_codename} main"
+ source: "deb ${_param:linux_system_repo_mirantis_openstack_url}/${_param:linux_system_codename} ${_param:linux_system_codename} main"
architectures: ${_param:linux_system_architecture}
clean_file: true
- key_url: https://mirror.mirantis.com/${_param:apt_mk_version}/openstack-${_param:openstack_version}/${_param:linux_system_codename}/archive-${_param:openstack_version}.key
pin:
- pin: 'release o=Mirantis'
priority: 1100
diff --git a/manila/common/cluster.yml b/manila/common/cluster.yml
index d71364e..9ea811e 100644
--- a/manila/common/cluster.yml
+++ b/manila/common/cluster.yml
@@ -1,18 +1,34 @@
classes:
- - service.manila.common.cluster
- - service.haproxy.proxy.single
- - system.haproxy.proxy.listen.openstack.manila
+- service.manila.common.cluster
+- service.haproxy.proxy.single
+- system.haproxy.proxy.listen.openstack.manila
+- system.salt.minion.cert.mysql.clients.openstack.manila
+- system.salt.minion.cert.rabbitmq.clients.openstack.manila
parameters:
+ _param:
+ openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
+ manila_cluster_vip_address: ${_param:cluster_vip_address}
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
manila:
common:
version: ${_param:openstack_version}
message_queue:
engine: rabbitmq
- port: 5672
+ port: ${_param:openstack_rabbitmq_port}
user: openstack
password: ${_param:rabbitmq_openstack_password}
virtual_host: '/openstack'
host: ${_param:openstack_message_queue_address}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_manila_ssl_ca_file}
+ key_file: ${_param:rabbitmq_manila_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_manila_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
database:
engine: mysql
host: ${_param:openstack_database_address}
@@ -20,10 +36,17 @@
name: manila
user: manila
password: ${_param:mysql_manila_password}
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_manila_ssl_ca_file}
+ key_file: ${_param:mysql_manila_client_ssl_key_file}
+ cert_file: ${_param:mysql_manila_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
identity:
engine: keystone
region: ${_param:openstack_region}
- host: ${_param:cluster_vip_address}
+ host: ${_param:manila_cluster_vip_address}
port: 35357
user: manila
password: ${_param:keystone_manila_password}
diff --git a/manila/common/single.yml b/manila/common/single.yml
index 1b139c2..f984ab7 100644
--- a/manila/common/single.yml
+++ b/manila/common/single.yml
@@ -1,16 +1,31 @@
classes:
- - service.manila.common.single
+- service.manila.common.single
+- system.salt.minion.cert.mysql.clients.openstack.manila
+- system.salt.minion.cert.rabbitmq.clients.openstack.manila
parameters:
+ _param:
+ openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
manila:
common:
version: ${_param:openstack_version}
message_queue:
engine: rabbitmq
- port: 5672
+ port: ${_param:openstack_rabbitmq_port}
user: openstack
password: ${_param:rabbitmq_openstack_password}
virtual_host: '/openstack'
host: ${_param:single_address}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_manila_ssl_ca_file}
+ key_file: ${_param:rabbitmq_manila_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_manila_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
database:
engine: mysql
host: ${_param:single_address}
@@ -18,6 +33,13 @@
name: manila
user: manila
password: ${_param:mysql_manila_password}
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_manila_ssl_ca_file}
+ key_file: ${_param:mysql_manila_client_ssl_key_file}
+ cert_file: ${_param:mysql_manila_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
identity:
engine: keystone
region: ${_param:openstack_region}
diff --git a/manila/control/single.yml b/manila/control/single.yml
index 262a158..9d5f9f6 100644
--- a/manila/control/single.yml
+++ b/manila/control/single.yml
@@ -1,15 +1,18 @@
classes:
- - system.manila.common.cluster
+ - system.manila.common.single
- system.apache.server.site.manila
parameters:
+ _param:
+ openstack_node_role: primary
manila:
common:
dhss: false
+ default_share_type: default
version: ${_param:openstack_version}
api:
+ role: ${_param:openstack_node_role}
enabled: true
version: ${_param:openstack_version}
- role: ${_param:openstack_node_role}
scheduler:
enabled: true
version: ${_param:openstack_version}
diff --git a/manila/share/backend/lvm.yml b/manila/share/backend/lvm.yml
index fe709da..9f5c660 100644
--- a/manila/share/backend/lvm.yml
+++ b/manila/share/backend/lvm.yml
@@ -1,12 +1,13 @@
parameters:
_param:
manila_share_address: ${_param:single_address}
+ manila_lvm_volume_name: manila-volume
linux:
storage:
lvm:
manila-vg:
enabled: true
- name: manila-volume
+ name: ${_param:manila_lvm_volume_name}
devices: ${_param:manila_lvm_devices}
system:
package:
@@ -25,4 +26,4 @@
- "${_param:manila_share_address}"
dhss: false
share_driver: manila.share.drivers.lvm.LVMShareDriver
- lvm_share_volume_group: manila-volume
+ lvm_share_volume_group: ${_param:manila_lvm_volume_name}
diff --git a/neutron/client/service/public_v2.yml b/neutron/client/service/public_v2.yml
new file mode 100644
index 0000000..1cef167
--- /dev/null
+++ b/neutron/client/service/public_v2.yml
@@ -0,0 +1,24 @@
+classes:
+- service.neutron.client
+parameters:
+ neutron:
+ client:
+ resources:
+ v2:
+ admin_identity:
+ network:
+ public:
+ shared: False
+ router_external: True
+ default: True
+ provider_network_type: flat
+ provider_physical_network: physnet1
+ subnet:
+ public-subnet:
+ cidr: ${_param:openstack_public_neutron_subnet_cidr}
+ gateway_ip: ${_param:openstack_public_neutron_subnet_gateway}
+ allocation_pools:
+ - start: ${_param:openstack_public_neutron_subnet_allocation_start}
+ end: ${_param:openstack_public_neutron_subnet_allocation_end}
+ enable_dhcp: False
+ ip_version: 4
diff --git a/neutron/compute/cluster.yml b/neutron/compute/cluster.yml
index e348a93..92e3a2e 100644
--- a/neutron/compute/cluster.yml
+++ b/neutron/compute/cluster.yml
@@ -1,11 +1,15 @@
classes:
- service.neutron.compute.single
+- system.salt.minion.cert.rabbitmq.clients.openstack.neutron
parameters:
_param:
neutron_enable_qos: False
neutron_enable_vlan_aware_vms: False
neutron_enable_bgp_vpn: False
neutron_bgp_vpn_driver: bagpipe
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
package:
@@ -25,7 +29,15 @@
backend:
tenant_network_types: ${_param:neutron_tenant_network_types}"
message_queue:
+ port: ${_param:openstack_rabbitmq_port}
members:
- host: ${_param:openstack_message_queue_node01_address}
- host: ${_param:openstack_message_queue_node02_address}
- host: ${_param:openstack_message_queue_node03_address}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_neutron_ssl_ca_file}
+ key_file: ${_param:rabbitmq_neutron_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_neutron_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
diff --git a/neutron/control/cluster.yml b/neutron/control/cluster.yml
index 12baf43..ceaed1d 100644
--- a/neutron/control/cluster.yml
+++ b/neutron/control/cluster.yml
@@ -5,41 +5,36 @@
- system.haproxy.proxy.listen.openstack.neutron
- system.galera.server.database.neutron
- system.salt.minion.cert.mysql.clients.openstack.neutron
+- system.salt.minion.cert.rabbitmq.clients.openstack.neutron
parameters:
_param:
cluster_internal_protocol: 'http'
openstack_mysql_x509_enabled: False
+ openstack_rabbitmq_x509_enabled: False
galera_ssl_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
package:
python-pymysql:
fromrepo: ${_param:openstack_version}
version: latest
- haproxy:
- proxy:
- listen:
- neutron_api:
- type: openstack-service
- service_name: neutron
- binds:
- - address: ${_param:cluster_vip_address}
- port: 9696
- servers:
- - name: ${_param:cluster_node01_hostname}
- host: ${_param:cluster_node01_address}
- port: 9696
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
- - name: ${_param:cluster_node02_hostname}
- host: ${_param:cluster_node02_address}
- port: 9696
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
- - name: ${_param:cluster_node03_hostname}
- host: ${_param:cluster_node03_address}
- port: 9696
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
neutron:
server:
+ message_queue:
+ port: ${_param:openstack_rabbitmq_port}
+ members:
+ - host: ${_param:openstack_message_queue_node01_address}
+ - host: ${_param:openstack_message_queue_node02_address}
+ - host: ${_param:openstack_message_queue_node03_address}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_neutron_ssl_ca_file}
+ key_file: ${_param:rabbitmq_neutron_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_neutron_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
database:
x509:
enabled: ${_param:openstack_mysql_x509_enabled}
@@ -49,6 +44,5 @@
ssl:
enabled: ${_param:galera_ssl_enabled}
role: ${_param:openstack_node_role}
- plugin: contrail
identity:
protocol: ${_param:cluster_internal_protocol}
diff --git a/neutron/control/opencontrail/cluster.yml b/neutron/control/opencontrail/cluster.yml
index d85e554..4bc0e71 100644
--- a/neutron/control/opencontrail/cluster.yml
+++ b/neutron/control/opencontrail/cluster.yml
@@ -1,9 +1,5 @@
classes:
-- service.keepalived.cluster.single
-- service.haproxy.proxy.single
-- service.neutron.control.cluster
-- system.haproxy.proxy.listen.openstack.neutron
-- system.galera.server.database.neutron
+- system.neutron.control.cluster
parameters:
neutron:
server:
@@ -13,11 +9,6 @@
identity:
region: ${_param:openstack_region}
host: ${_param:openstack_control_address}
- message_queue:
- members:
- - host: ${_param:openstack_message_queue_node01_address}
- - host: ${_param:openstack_message_queue_node02_address}
- - host: ${_param:openstack_message_queue_node03_address}
compute:
host: ${_param:openstack_control_address}
region: ${_param:openstack_region}
@@ -28,4 +19,4 @@
user: admin
password: ${_param:keystone_admin_password}
tenant: admin
- token: ${_param:keystone_service_token}
\ No newline at end of file
+ token: ${_param:keystone_service_token}
diff --git a/neutron/control/opencontrail/single.yml b/neutron/control/opencontrail/single.yml
index 4bbd8f8..5cf06bf 100644
--- a/neutron/control/opencontrail/single.yml
+++ b/neutron/control/opencontrail/single.yml
@@ -1,5 +1,5 @@
classes:
-- service.neutron.control.single
+- system.neutron.control.single
- system.galera.server.database.neutron
parameters:
neutron:
@@ -12,7 +12,7 @@
host: ${_param:openstack_control_address}
message_queue:
members:
- - host: ${_param:openstack_message_queue_node01_address}
+ - host: ${_param:single_address}
compute:
host: ${_param:openstack_control_address}
region: ${_param:openstack_region}
@@ -23,4 +23,4 @@
user: admin
password: ${_param:keystone_admin_password}
tenant: admin
- token: ${_param:keystone_service_token}
\ No newline at end of file
+ token: ${_param:keystone_service_token}
diff --git a/neutron/control/opendaylight/cluster.yml b/neutron/control/opendaylight/cluster.yml
index 1f8142e..2f22403 100644
--- a/neutron/control/opendaylight/cluster.yml
+++ b/neutron/control/opendaylight/cluster.yml
@@ -1,7 +1,4 @@
classes:
-- service.keepalived.cluster.single
-- service.haproxy.proxy.single
-- service.neutron.control.cluster
- system.neutron.control.openvswitch.cluster
parameters:
_param:
diff --git a/neutron/control/opendaylight/single.yml b/neutron/control/opendaylight/single.yml
index 297cfa0..c12d04a 100644
--- a/neutron/control/opendaylight/single.yml
+++ b/neutron/control/opendaylight/single.yml
@@ -1,5 +1,4 @@
classes:
-- service.neutron.control.single
- system.neutron.control.openvswitch.single
parameters:
_param:
diff --git a/neutron/control/openvswitch/cluster.yml b/neutron/control/openvswitch/cluster.yml
index 5800060..094449e 100644
--- a/neutron/control/openvswitch/cluster.yml
+++ b/neutron/control/openvswitch/cluster.yml
@@ -1,8 +1,5 @@
classes:
-- service.keepalived.cluster.single
-- service.haproxy.proxy.single
-- service.neutron.control.cluster
-- system.galera.server.database.neutron
+- system.neutron.control.cluster
parameters:
_param:
neutron_control_dvr: True
@@ -40,30 +37,3 @@
identity:
region: ${_param:openstack_region}
protocol: ${_param:cluster_internal_protocol}
- message_queue:
- members:
- - host: ${_param:openstack_message_queue_node01_address}
- - host: ${_param:openstack_message_queue_node02_address}
- - host: ${_param:openstack_message_queue_node03_address}
- haproxy:
- proxy:
- listen:
- neutron_api:
- type: openstack-service
- service_name: neutron
- binds:
- - address: ${_param:cluster_vip_address}
- port: 9696
- servers:
- - name: ${_param:cluster_node01_hostname}
- host: ${_param:cluster_node01_address}
- port: 9696
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
- - name: ${_param:cluster_node02_hostname}
- host: ${_param:cluster_node02_address}
- port: 9696
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
- - name: ${_param:cluster_node03_hostname}
- host: ${_param:cluster_node03_address}
- port: 9696
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
diff --git a/neutron/control/openvswitch/single.yml b/neutron/control/openvswitch/single.yml
index baa710e..5beb0ca 100644
--- a/neutron/control/openvswitch/single.yml
+++ b/neutron/control/openvswitch/single.yml
@@ -1,6 +1,5 @@
classes:
-- service.neutron.control.single
-- system.galera.server.database.neutron
+- system.neutron.control.single
parameters:
_param:
neutron_control_dvr: True
@@ -13,8 +12,10 @@
neutron_enable_bgp_vpn: False
neutron_bgp_vpn_driver: bagpipe
internal_protocol: 'http'
+ openstack_node_role: primary
neutron:
server:
+ role: ${_param:openstack_node_role}
global_physnet_mtu: ${_param:neutron_global_physnet_mtu}
l3_ha: ${_param:neutron_l3_ha}
dvr: ${_param:neutron_control_dvr}
@@ -39,4 +40,4 @@
protocol: ${_param:internal_protocol}
message_queue:
members:
- - host: ${_param:openstack_message_queue_node01_address}
+ - host: ${_param:single_address}
diff --git a/neutron/control/ovn/single.yml b/neutron/control/ovn/single.yml
index 92b8258..f3dd749 100644
--- a/neutron/control/ovn/single.yml
+++ b/neutron/control/ovn/single.yml
@@ -9,6 +9,7 @@
neutron_tenant_network_types: "geneve,flat"
neutron_enable_qos: False
neutron_enable_vlan_aware_vms: False
+ neutron_ovn_metadata_enabled: True
neutron:
server:
global_physnet_mtu: ${_param:neutron_global_physnet_mtu}
@@ -23,6 +24,8 @@
mechanism:
ovn:
driver: ovn
+ ovn:
+ metadata_enabled: ${_param:neutron_ovn_metadata_enabled}
compute:
region: ${_param:openstack_region}
database:
diff --git a/neutron/control/single.yml b/neutron/control/single.yml
index 6ced2f1..27d16e1 100644
--- a/neutron/control/single.yml
+++ b/neutron/control/single.yml
@@ -2,11 +2,15 @@
- service.neutron.control.single
- system.galera.server.database.neutron
- system.salt.minion.cert.mysql.clients.openstack.neutron
+- system.salt.minion.cert.rabbitmq.clients.openstack.neutron
parameters:
_param:
internal_protocol: 'http'
openstack_mysql_x509_enabled: False
+ openstack_rabbitmq_x509_enabled: False
galera_ssl_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
package:
@@ -17,7 +21,6 @@
server:
role: ${_param:openstack_node_role}
database:
- host: ${_param:single_address}
x509:
enabled: ${_param:openstack_mysql_x509_enabled}
ca_file: ${_param:mysql_neutron_ssl_ca_file}
@@ -25,5 +28,14 @@
cert_file: ${_param:mysql_neutron_client_ssl_cert_file}
ssl:
enabled: ${_param:galera_ssl_enabled}
+ message_queue:
+ port: ${_param:openstack_rabbitmq_port}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_neutron_ssl_ca_file}
+ key_file: ${_param:rabbitmq_neutron_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_neutron_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
identity:
protocol: ${_param:internal_protocol}
diff --git a/neutron/gateway/cluster.yml b/neutron/gateway/cluster.yml
index 558a814..03ab583 100644
--- a/neutron/gateway/cluster.yml
+++ b/neutron/gateway/cluster.yml
@@ -1,9 +1,13 @@
classes:
- service.neutron.gateway.single
+- system.salt.minion.cert.rabbitmq.clients.openstack.neutron
parameters:
_param:
neutron_enable_qos: False
neutron_enable_vlan_aware_vms: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
kernel:
@@ -18,7 +22,15 @@
backend:
tenant_network_types: ${_param:neutron_tenant_network_types}"
message_queue:
+ port: ${_param:openstack_rabbitmq_port}
members:
- host: ${_param:openstack_message_queue_node01_address}
- host: ${_param:openstack_message_queue_node02_address}
- host: ${_param:openstack_message_queue_node03_address}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_neutron_ssl_ca_file}
+ key_file: ${_param:rabbitmq_neutron_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_neutron_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
diff --git a/nova/compute/cluster.yml b/nova/compute/cluster.yml
index c88dcc7..b281f4d 100644
--- a/nova/compute/cluster.yml
+++ b/nova/compute/cluster.yml
@@ -1,5 +1,6 @@
classes:
- service.nova.compute.kvm
+- system.salt.minion.cert.rabbitmq.clients.openstack.nova
parameters:
_param:
nova_vncproxy_url: https://${_param:cluster_public_host}:6080
@@ -36,6 +37,9 @@
SG9MrLHCd5l60aCUQg0UA5ed7Hd6SA314k+HwxJno9/wJ+voBeacMg==
-----END RSA PRIVATE KEY-----
cluster_internal_protocol: 'http'
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
openssh:
client:
enabled: True
@@ -72,7 +76,7 @@
protocol: ${_param:cluster_internal_protocol}
message_queue:
engine: rabbitmq
- port: 5672
+ port: ${_param:openstack_rabbitmq_port}
user: openstack
password: ${_param:rabbitmq_openstack_password}
virtual_host: '/openstack'
@@ -80,6 +84,13 @@
- host: ${_param:openstack_message_queue_node01_address}
- host: ${_param:openstack_message_queue_node02_address}
- host: ${_param:openstack_message_queue_node03_address}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_nova_ssl_ca_file}
+ key_file: ${_param:rabbitmq_nova_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_nova_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
image:
engine: glance
host: ${_param:cluster_vip_address}
diff --git a/nova/compute/single.yml b/nova/compute/single.yml
index 67c329d..32d5087 100644
--- a/nova/compute/single.yml
+++ b/nova/compute/single.yml
@@ -2,6 +2,7 @@
- nova
classes:
- service.nova.compute.kvm
+- system.salt.minion.cert.rabbitmq.clients.openstack.nova
parameters:
_param:
nova_vncproxy_url: https://${_param:cluster_public_host}:6080
@@ -36,6 +37,9 @@
SG9MrLHCd5l60aCUQg0UA5ed7Hd6SA314k+HwxJno9/wJ+voBeacMg==
-----END RSA PRIVATE KEY-----
cluster_internal_protocol: 'http'
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
openssh:
client:
enabled: True
@@ -72,10 +76,17 @@
message_queue:
engine: rabbitmq
host: ${_param:control_address}
- port: 5672
+ port: ${_param:openstack_rabbitmq_port}
user: openstack
password: ${_param:rabbitmq_openstack_password}
virtual_host: '/openstack'
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_nova_ssl_ca_file}
+ key_file: ${_param:rabbitmq_nova_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_nova_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
image:
engine: glance
host: ${_param:control_address}
diff --git a/nova/control/cluster.yml b/nova/control/cluster.yml
index 2f411b5..3f0a644 100644
--- a/nova/control/cluster.yml
+++ b/nova/control/cluster.yml
@@ -5,6 +5,7 @@
- system.haproxy.proxy.listen.openstack.nova
- system.haproxy.proxy.listen.openstack.novnc
- system.salt.minion.cert.mysql.clients.openstack.nova
+- system.salt.minion.cert.rabbitmq.clients.openstack.nova
parameters:
_param:
nova_vncproxy_url: http://${_param:cluster_vip_address}:6080
@@ -15,6 +16,9 @@
cluster_internal_protocol: 'http'
openstack_mysql_x509_enabled: False
galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
package:
@@ -65,7 +69,7 @@
protocol: ${_param:cluster_internal_protocol}
message_queue:
engine: rabbitmq
- port: 5672
+ port: ${_param:openstack_rabbitmq_port}
user: openstack
password: ${_param:rabbitmq_openstack_password}
virtual_host: '/openstack'
@@ -73,6 +77,13 @@
- host: ${_param:openstack_message_queue_node01_address}
- host: ${_param:openstack_message_queue_node02_address}
- host: ${_param:openstack_message_queue_node03_address}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_nova_ssl_ca_file}
+ key_file: ${_param:rabbitmq_nova_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_nova_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
glance:
host: ${_param:cluster_vip_address}
port: 9292
diff --git a/nova/control/single.yml b/nova/control/single.yml
index e7d7671..2a28cc7 100644
--- a/nova/control/single.yml
+++ b/nova/control/single.yml
@@ -1,11 +1,15 @@
classes:
- system.salt.minion.cert.mysql.clients.openstack.nova
+- system.salt.minion.cert.rabbitmq.clients.openstack.nova
- service.nova.control.single
parameters:
_param:
cluster_internal_protocol: 'http'
openstack_mysql_x509_enabled: False
galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
package:
@@ -32,3 +36,13 @@
region: ${_param:openstack_region}
glance:
protocol: ${_param:cluster_internal_protocol}
+ message_queue:
+ port: ${_param:openstack_rabbitmq_port}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_nova_ssl_ca_file}
+ key_file: ${_param:rabbitmq_nova_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_nova_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
+
diff --git a/opencontrail/control/cluster4_0.yml b/opencontrail/control/cluster4_0.yml
index 4f1127f..c97196f 100644
--- a/opencontrail/control/cluster4_0.yml
+++ b/opencontrail/control/cluster4_0.yml
@@ -22,6 +22,7 @@
opencontrail_controller_container_name: opencontrail_controller_1
opencontrail_analytics_container_name: opencontrail_analytics_1
opencontrail_analyticsdb_container_name: opencontrail_analyticsdb_1
+ opencontrail_api_workers_count: 6
analytics_vip_address: ${_param:opencontrail_analytics_address}
# Temprorary fix for MOS9 packages to pin old version of kafka
linux:
@@ -81,6 +82,7 @@
host: None
api:
host: ${_param:opencontrail_control_address}
+ workers_count: ${_param:opencontrail_api_workers_count}
analytics:
members:
- host: ${_param:cluster_node01_address}
diff --git a/opencontrail/control/control4_0.yml b/opencontrail/control/control4_0.yml
index 207e9da..123392c 100644
--- a/opencontrail/control/control4_0.yml
+++ b/opencontrail/control/control4_0.yml
@@ -14,6 +14,7 @@
opencontrail_message_queue_node03_address: ${_param:openstack_message_queue_node03_address}
opencontrail_controller_image: ${_param:mcp_docker_registry}/opencontrail-${_param:linux_repo_contrail_component}/opencontrail-controller:${_param:opencontrail_image_tag}
opencontrail_controller_container_name: opencontrail_controller_1
+ opencontrail_api_workers_count: 6
analytics_vip_address: ${_param:opencontrail_analytics_address}
opencontrail:
common:
@@ -32,6 +33,7 @@
host: None
api:
host: ${_param:opencontrail_control_address}
+ workers_count: ${_param:opencontrail_api_workers_count}
analytics:
members:
- host: ${_param:opencontrail_analytics_node01_address}
diff --git a/openscap/server/init.yml b/openscap/server/init.yml
new file mode 100644
index 0000000..0f2a76f
--- /dev/null
+++ b/openscap/server/init.yml
@@ -0,0 +1,2 @@
+classes:
+- service.openscap.cis
diff --git a/openssh/server/team/drivetrain.yml b/openssh/server/team/drivetrain.yml
index a48400a..65117cd 100644
--- a/openssh/server/team/drivetrain.yml
+++ b/openssh/server/team/drivetrain.yml
@@ -1,7 +1,7 @@
classes:
+- system.openssh.server.team.members.azvyagintsev
- system.openssh.server.team.members.degorenko
- system.openssh.server.team.members.iberezovskiy
-
parameters:
_param:
linux_system_user_sudo: true
diff --git a/openssh/server/team/maintenance.yml b/openssh/server/team/maintenance.yml
index 6f79522..0bceaad 100644
--- a/openssh/server/team/maintenance.yml
+++ b/openssh/server/team/maintenance.yml
@@ -2,7 +2,6 @@
- system.linux.system.sudo
- system.openssh.server.team.members.dmeltsaykin
- system.openssh.server.team.members.omolchanov
-- system.openssh.server.team.members.ibumarskov
- system.openssh.server.team.members.vkhlyunev
- system.openssh.server.team.members.dtsapikov
- system.openssh.server.team.members.rlubianyi
diff --git a/openssh/server/team/members/akiseleva.yml b/openssh/server/team/members/akiseleva.yml
new file mode 100644
index 0000000..d7e8db0
--- /dev/null
+++ b/openssh/server/team/members/akiseleva.yml
@@ -0,0 +1,20 @@
+parameters:
+ linux:
+ system:
+ user:
+ akiseleva:
+ enabled: true
+ name: akiseleva
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: Alena Kiseleva
+ home: /home/akiseleva
+ email: akiseleva@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ akiseleva:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCyxzlFKlCcfwagnnmCg1r9SUVfAgy/IdPSxsnpELjCRaz3FI66sYa1F1RdZngoXmYxe5qlmkiRQ0rCjIYk12I08du5FJGYQvMttJEgmVeHtFKW0o3uGBIKNJ5nCni3lR8idPTRXqhwdXYeA4A9+COQO4MGcaJZrqHgEviZt4jQrYy90WdqbKTD4meBRy4MC9+TOUs719kTxK54tmMHBq2l/ukmv3FwgtLz2xMeNW7htiS/1rzA9CEerjkvpc0mOxc4DCY4bH8sR2Ts3Y33Rx6aUN8shTij2aX2v8UvUay2JPqQTJicY+IsYl4D8w/XPx00Oj/3b54f6kTLlzzoNDq5 alena@alena-Lenovo-V580c
+ user: ${linux:system:user:akiseleva}
diff --git a/openssh/server/team/members/alis.yml b/openssh/server/team/members/alis.yml
new file mode 100644
index 0000000..2714198
--- /dev/null
+++ b/openssh/server/team/members/alis.yml
@@ -0,0 +1,19 @@
+parameters:
+ linux:
+ system:
+ user:
+ alis:
+ enabled: true
+ name: alis
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: Adam Lis
+ home: /home/alis
+ email: alis@mirantis.com
+ openssh:
+ server:
+ user:
+ alis:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDW3VR61NPwpwW0PGAaIuimtOtQjXIp3zAE15KphEejPEciceE/AJeKTsBpvKmP23pCJYhoCJOSQxxxWIiLHPoUEr2aGgy8+wLnResqEOtobpbtGHYzvsAUY/Uc+1Vk6S6Ho9ysrhlpY+Ih4yuSzTaZKqMFXx47/L0HZLNZmCbPD/siki0X3tnCS09RS8KSaTJdZ/Sd/PnUEb6JGg5taid9VNkUUOcgYoudNWPJS3Pjrtijiczq9IZ0cArueEVx4NCkKEb+dDUls4BRVGfNUt3iZY2LrGTd4FeyrWV7IGoPTxyiaJdtpcjDHe4omqsY705LRvBQs6de6enG0PMpQ9KR adamlis@tuchiegu
+ user: ${linux:system:user:alis}
diff --git a/openssh/server/team/members/azvyagintsev.yml b/openssh/server/team/members/azvyagintsev.yml
new file mode 100644
index 0000000..c6c62a0
--- /dev/null
+++ b/openssh/server/team/members/azvyagintsev.yml
@@ -0,0 +1,20 @@
+parameters:
+ linux:
+ system:
+ user:
+ azvyagintsev:
+ enabled: true
+ name: azvyagintsev
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: Aleksey Zvyagintsev
+ home: /home/azvyagintsev
+ email: azvyagintsev@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ azvyagintsev:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGmNI+xV2sgIZX6tr5i4eQcxM4rkNoMiFbUuxtZYw5rKci9cSp9C/NC11VnJzpLG3lf11vLwTztlaM7hjdYlKoynpfDhfRhg1p5w/Pd/uoh6bO7KP/r2QuSpVsc6NGAHD2f0qxmrFX81xMG6zq0MCHXc+BGMZTKWAW7dMGsjJUnIa/wv24J25DOILoEBhclGQHx5r7R5ysqSOTdBEgN304KL8XPP+bAwDFTNJIwtfBdNt8jSv6yR2CyfB7t8pqXf93DvwaGBJfuu1r4gljj5ozCyvGExEtRTzvAC+oLq2NIfDOCC3iRWXrls3iDLZYxwm7VLcQSre4Yp6jfp+WuRI7 azvyagintsev@mirantis.com
+ user: ${linux:system:user:azvyagintsev}
diff --git a/openssh/server/team/members/mrasskazov.yml b/openssh/server/team/members/mrasskazov.yml
new file mode 100644
index 0000000..23926e8
--- /dev/null
+++ b/openssh/server/team/members/mrasskazov.yml
@@ -0,0 +1,20 @@
+parameters:
+ linux:
+ system:
+ user:
+ mrasskazov:
+ enabled: true
+ name: mrasskazov
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: Maxim Rasskazov
+ home: /home/mrasskazov
+ email: mrasskazov@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ mrasskazov:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCysPXCuMbUjqjtO/n0jVZK13/uMA/TI6Qsdyciih6jWJLbd6FCL/GWvkykngLHGH9lVGFYsOPRiAmlh8gXfYohCZFYuHxE88GoiycvJGRGoBDdxd/beDca6nP4Peqlg3TUUum9PefULDiv3eVHKwX4BC9mGIR6bWB41O003OxJMwEN9lLGmWqxAlAdCUwRIm9TlgTu6Fq3ZIkjSwGsZg4E+saBLnUiOjwYWSwmTiB8WTR2b19lZhXFEovdVY3/gF8Td84WT1TDXeWBAvwmAcFLRPEx/AI1Nt4AhM1toMMoq64pYbGCOYSgI7DZR/2vtxGa0IjQclLZ+M8YktyNErc9
+ user: ${linux:system:user:mrasskazov}
diff --git a/openssh/server/team/members/obryndzii.yml b/openssh/server/team/members/obryndzii.yml
index 9f7498c..911bdd8 100644
--- a/openssh/server/team/members/obryndzii.yml
+++ b/openssh/server/team/members/obryndzii.yml
@@ -16,6 +16,5 @@
obryndzii:
enabled: true
public_keys:
- - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCdHeeCZb+4YOBC925Byc0JkdFiNHnxl1DikrJlvza66n+URnfpTvtYhy70oT4jWruWf5dGAh81LK6SJfcLKqDvSNwAU4utQp1t71VllPB482oUhFSBAPOhWHElFakWcgnayOFVtMKhUZ4d5i+C7vXr+JpporBk6le7LuHD0/vNEG6SywexV3/lDZV1kahPSHblBxaED6nNeAODXXRMAOzgV25+UcDINaVTSzzQtCfUHydkVmw+TmxYc5wbdac1AtUkFmFbC6XTsv4VyZsH563jHNRf4UYPN6MP4SWv8axPiGUU5jr4laaIpDQ0TF/b+0Z+QidDxxTIsQxR0r/auUJp obryndzii@obryndzii-pc
- - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDD+5Ykrt46voaBAZ4BnYCB7EjRWNd6R+IqLaoQJzHh0joXVyZj/MsV0LcegxVV21Qnecp3qSw9XQiyJ9cghJbN3/AhEFpx7yZzf7sHez7FxRFefBSCO2IYSDBabO4eyv1X8UXtJrZ88lJBmWQr8nVy3E78za1cq0jRKNlGyvTrRtwY69WDhhc6k8CxIGAUrT6uAFeNCfroRKuw3zDm0FIxoq0eExNwBNw0rIXXUowDoCafTYSVpqSQ+Sby/wfRMc12ISmUnOQ2d9A1+YWoZgdHs+G/OK1ADQu/6edaSOWhX0BGLNRig5lWfgbOmAlzIqNqcLDMaBrcwcpi2LN5pIQf obryndzii@obryndzii-pc
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDCHoSxtdURZfgjJbbcKDA4TUUTixKVcRkGfgISYu55IF3scjoFRynaFP4zjBIitcTzxuvo7ZlE5ymxMHC0UNm5HU8tjmVscKcQs73lrjTr7jT24dZ8mr27nEbuTOa73FotPoIH5ao0wSSDc7PDXRUvJNI3xoZAd2KW1NZVRFFJ5jo/byuIfqIJLIAvOBTyUDoIrbL+3/WFIjdZ8MPlfyC8Bi09KfrM4hmzGDja4Mcfm4M7kMcw+B2DCpTtYUFCqjuYgTNC6EbTch21Afe9MCtdVqBBddFKFDU0WZtKfcHTuOVfiSrK47jA0ljU6HdHxFGmh3cz1ajux58T6/RHfXID obryndzii@obryndzii-pc
user: ${linux:system:user:obryndzii}
diff --git a/openssh/server/team/networking.yml b/openssh/server/team/networking.yml
index 219c2ee..d89b227 100644
--- a/openssh/server/team/networking.yml
+++ b/openssh/server/team/networking.yml
@@ -9,6 +9,8 @@
- system.openssh.server.team.members.gzimin
- system.openssh.server.team.members.dpyzhov
- system.openssh.server.team.members.asamoylov
+- system.openssh.server.team.members.mrasskazov
+- system.openssh.server.team.members.ibumarskov
parameters:
_param:
linux_system_user_sudo: true
diff --git a/openssh/server/team/oscore_devops.yml b/openssh/server/team/oscore_devops.yml
index 31830fc..5ba280a 100644
--- a/openssh/server/team/oscore_devops.yml
+++ b/openssh/server/team/oscore_devops.yml
@@ -12,6 +12,7 @@
- system.openssh.server.team.members.sgarbuz
- system.openssh.server.team.members.oshyshko
- system.openssh.server.team.members.pshchelo
+- system.openssh.server.team.members.obryndzii
parameters:
_param:
linux_system_user_sudo: true
diff --git a/openssh/server/team/services.yml b/openssh/server/team/services.yml
index 3116d90..21ccba7 100644
--- a/openssh/server/team/services.yml
+++ b/openssh/server/team/services.yml
@@ -20,6 +20,7 @@
- system.openssh.server.team.members.mchernik
- system.openssh.server.team.members.hkraemer
- system.openssh.server.team.members.pbasov
+- system.openssh.server.team.members.alis
parameters:
_param:
linux_system_user_sudo: true
diff --git a/openssh/server/team/stacklight.yml b/openssh/server/team/stacklight.yml
index 032466b..4736b4a 100644
--- a/openssh/server/team/stacklight.yml
+++ b/openssh/server/team/stacklight.yml
@@ -1,3 +1,5 @@
+classes:
+- system.openssh.server.team.members.akiseleva
parameters:
_param:
linux_system_user_sudo: true
@@ -123,6 +125,13 @@
full_name: Michal Kobus
home: /home/mkobus
email: mkobus@mirantis.com
+ akiseleva:
+ enabled: true
+ name: akiseleva
+ sudo: true
+ full_name: Alena Kiseleva
+ home: /home/akiseleva
+ email: akiseleva@mirantis.com
openssh:
client:
enabled: true
@@ -214,6 +223,11 @@
public_keys:
- ${public_keys:mkobus}
user: ${linux:system:user:mkobus}
+ akiseleva:
+ enabled: true
+ public_keys:
+ - ${public_keys:akiseleva}
+ user: ${linux:system:user:akiseleva}
public_keys:
newt:
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC3odU+3V2uDA2ptAFL9hrJRPNEEdAyztWOZFQ5Oyd9oerTGOU3p4xmrgWWjfKFKbYGhiiIUcYAol5PkTfKukGEkkjCHYA1t023soCaaAj85wCZCnw2zQNAziwxTYmAzTqgxiSvtZNMMrtJvFHRIRDzJ3M1lV0prWNWkMM1/3FAd4W49y6VT3fkMCo8uqG7CfGdgR2DgBCxf9KaNPfW5eDEPOgmE5lK8tVSEI6T+Cg7hbcTf4lFYnlFBnlQgp/0JstsM4Vbwb4B34LOpOsf2S8rrWk2xQMjwaMHXkc2s/E8iW3F5nVFuyEXYISFQIiAHw8dzC6CHgLcyHUVWwznKawZ newt@newt-dev1
@@ -249,3 +263,5 @@
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDC6TGCQAH3FGNSOhSbovhwODabOAsgVqG71rEDdXvDSShwyNB3RIICefas3mdSLsG7+1K9mZ1jicWzNbotvePwzrM/MESzntzp4QZ5J/9L3BMiqWWKL2u6BQ65LGe0YMzMmdSkqMAj0uxt3+OiFDPDrwqH6qN0hwxAJM+byeUlQW8uWQYm/pmWMD60GUrnjYUfKfEa/S3symaZBHQvjtp26De8D6u/jr4TWi5VJpKqVREqU7Z4IKwn8JvHMmUbRO4endW3cRiv35Qb7s66rO6TD0KlDFnnTxOtFvLhL51j58X4MrV9FHUI6czoqjAgEDe9CW7DzZ1xMj03d6IAipgL
mkobus:
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCBqe3X+LrneiuieWGjlw5wRtgixBu2Q8LZjH6W+8nsOkB7iN6qRdKom3jac1Cdd5wSJ0NFAhDNcTLK4Etz/3YACglsTxk09TzXlqs1V0Y7U5a2eqn3KTOgMNsJ1aOhFq/LnmUwTdN8NXac6TIkwZZBj5KhHSvIoO+mfsascct5FIVU/+p32d3o/4NqMDDdTg/qxIMKQsh5sw5Y9Tz9h28LGbDh+QF2lW+b5YJhnCG21Uw17xcyxf3/53EpJwTXfElonSR7HMVLxrq7oDzmqKFZ2z8i9do6EgODKlZpSkxiAFOBw5oA2hPtEeqtXqvddu2FcNGuSNhx/6O8ZHIKq3Xh/tTOYnoc+qYDMRCzDwzeyivfr5Ci3n64giUaZl+KUr6D1CKeL2s8j9+kod/1JJDEeoYR+V93MTiTD/39N8eQAGv+6r9HBapXIkvr3iNuTH1+5eN36Vc90jXXRmGMZkF5P9ivNGDZGcy2pBwwPg/bRn2xb0zx1fsxd4qOi+Cd7mBCF4+SfnVCqUd2H9R0O3S7WgfLr+wOXpFq6/WwgjzI9RVhLJ5cZmePJKvYZYYhkAxsVwWSE639zFFuU1zhFXr49wa0njK9DdYWiQEhOki0ki3huABmVbWKg/zP1Rlllmtk0S4mwggJ57JYbuhEV3a1x1KOtWMzODW5cb3HlPTQw==
+ akiseleva:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCyxzlFKlCcfwagnnmCg1r9SUVfAgy/IdPSxsnpELjCRaz3FI66sYa1F1RdZngoXmYxe5qlmkiRQ0rCjIYk12I08du5FJGYQvMttJEgmVeHtFKW0o3uGBIKNJ5nCni3lR8idPTRXqhwdXYeA4A9+COQO4MGcaJZrqHgEviZt4jQrYy90WdqbKTD4meBRy4MC9+TOUs719kTxK54tmMHBq2l/ukmv3FwgtLz2xMeNW7htiS/1rzA9CEerjkvpc0mOxc4DCY4bH8sR2Ts3Y33Rx6aUN8shTij2aX2v8UvUay2JPqQTJicY+IsYl4D8w/XPx00Oj/3b54f6kTLlzzoNDq5 alena@alena-Lenovo-V580c
diff --git a/panko/server/cluster.yml b/panko/server/cluster.yml
index 3a4cb65..7954944 100644
--- a/panko/server/cluster.yml
+++ b/panko/server/cluster.yml
@@ -4,6 +4,7 @@
- system.apache.server.site.panko
- system.haproxy.proxy.listen.openstack.panko
- system.keepalived.cluster.instance.openstack_telemetry_vip
+- system.salt.minion.cert.mysql.clients.openstack.panko
parameters:
_param:
panko_memcached_node01_address: ${_param:cluster_node01_address}
@@ -11,6 +12,8 @@
panko_memcached_node03_address: ${_param:cluster_node03_address}
# Keep events in database for 30 days
panko_event_time_to_live: 2592000
+ openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
linux:
system:
cron:
@@ -23,8 +26,16 @@
event_time_to_live: ${_param:panko_event_time_to_live}
identity:
host: ${_param:openstack_control_address}
+ protocol: ${_param:cluster_internal_protocol}
database:
host: ${_param:openstack_database_address}
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_panko_ssl_ca_file}
+ key_file: ${_param:mysql_panko_client_ssl_key_file}
+ cert_file: ${_param:mysql_panko_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
cache:
engine: memcached
members:
diff --git a/panko/server/single.yml b/panko/server/single.yml
index 4ba2787..968267c 100644
--- a/panko/server/single.yml
+++ b/panko/server/single.yml
@@ -1,10 +1,13 @@
classes:
- service.panko.server.single
- system.apache.server.site.panko
+- system.salt.minion.cert.mysql.clients.openstack.panko
parameters:
_param:
# Keep events in database for 30 days
panko_event_time_to_live: 2592000
+ openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
linux:
system:
cron:
@@ -13,6 +16,16 @@
enabled: true
panko:
server:
+ identity:
+ protocol: ${_param:internal_protocol}
+ database:
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_panko_ssl_ca_file}
+ key_file: ${_param:mysql_panko_client_ssl_key_file}
+ cert_file: ${_param:mysql_panko_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
role: ${_param:openstack_node_role}
event_time_to_live: ${_param:panko_event_time_to_live}
# Check for expired events every day at 2 AM
diff --git a/prometheus/server/alertmanager/kubernetes.yml b/prometheus/server/alertmanager/kubernetes.yml
new file mode 100644
index 0000000..3b1ff1c
--- /dev/null
+++ b/prometheus/server/alertmanager/kubernetes.yml
@@ -0,0 +1,11 @@
+parameters:
+ prometheus:
+ server:
+ config:
+ alertmanager:
+ kubernetes_alertmanager:
+ enabled: true
+ kubernetes_sd_configs:
+ role: pod
+ namespace: ${_param:kubernetes_alertmanager_namespace}
+ pod_name_regex: ^alertmanager.*
diff --git a/prometheus/server/init.yml b/prometheus/server/init.yml
index 5d115ac..cd511d4 100644
--- a/prometheus/server/init.yml
+++ b/prometheus/server/init.yml
@@ -2,10 +2,12 @@
_param:
prometheus_server_config_directory: /srv/prometheus
prometheus_server_data_directory: /data
+ prometheus_server_host_config_directory: /srv/volumes/local/prometheus/config
+ prometheus_server_host_data_directory: /srv/volumes/local/prometheus/data
prometheus:
server:
version: 2.0
dir:
- data: /srv/volumes/local/prometheus/data
- config: /srv/volumes/local/prometheus/config
+ data: ${_param:prometheus_server_host_data_directory}
+ config: ${_param:prometheus_server_host_config_directory}
config_in_container: ${_param:prometheus_server_config_directory}
diff --git a/rabbitmq/server/ssl/init.yml b/rabbitmq/server/ssl/init.yml
index 7fefae7..961d28d 100644
--- a/rabbitmq/server/ssl/init.yml
+++ b/rabbitmq/server/ssl/init.yml
@@ -4,8 +4,11 @@
parameters:
_param:
rabbitmq_ssl_enabled: true
- rabbitmq_port: 5671 # for non-ssl use 5672 / for ssl 5671
+ openstack_rabbitmq_x509_enabled: false
+ openstack_rabbitmq_port: 5671 # for non-ssl use 5672 / for ssl 5671
rabbitmq:
server:
ssl:
enabled: ${_param:rabbitmq_ssl_enabled}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
diff --git a/reclass/storage/salt.yml b/reclass/storage/salt.yml
index 0a21cdb..b2025c4 100644
--- a/reclass/storage/salt.yml
+++ b/reclass/storage/salt.yml
@@ -8,6 +8,8 @@
engine: git
address: '${_param:reclass_data_repository}'
branch: ${_param:reclass_data_revision}
+
+ # TODO, remove this once not required for backward compatibility
salt:
master:
pillar:
diff --git a/reclass/storage/system/cicd_control_cluster.yml b/reclass/storage/system/cicd_control_cluster.yml
index bc31944..34f0de1 100644
--- a/reclass/storage/system/cicd_control_cluster.yml
+++ b/reclass/storage/system/cicd_control_cluster.yml
@@ -18,6 +18,7 @@
single_address: ${_param:cicd_control_node01_address}
keepalived_vip_priority: 103
cicd_database_id: 1
+ glusterfs_node_role: primary
cicd_control_node02:
name: ${_param:cicd_control_node02_hostname}
domain: ${_param:cluster_domain}
@@ -29,6 +30,7 @@
single_address: ${_param:cicd_control_node02_address}
keepalived_vip_priority: 102
cicd_database_id: 2
+ glusterfs_node_role: secondary
cicd_control_node03:
name: ${_param:cicd_control_node03_hostname}
domain: ${_param:cluster_domain}
@@ -40,3 +42,4 @@
single_address: ${_param:cicd_control_node03_address}
keepalived_vip_priority: 101
cicd_database_id: 3
+ glusterfs_node_role: secondary
diff --git a/reclass/storage/system/kubernetes_contrail_cluster.yml b/reclass/storage/system/kubernetes_contrail_cluster.yml
index 49a70e2..c85f6f0 100644
--- a/reclass/storage/system/kubernetes_contrail_cluster.yml
+++ b/reclass/storage/system/kubernetes_contrail_cluster.yml
@@ -15,7 +15,6 @@
domain: ${_param:cluster_domain}
classes:
- cluster.${_param:cluster_name}.kubernetes.control
- - cluster.${_param:cluster_name}.opencontrail.control
params:
salt_master_host: ${_param:reclass_config_master}
linux_system_codename: ${_param:kubernetes_control_system_codename}
@@ -29,7 +28,6 @@
domain: ${_param:cluster_domain}
classes:
- cluster.${_param:cluster_name}.kubernetes.control
- - cluster.${_param:cluster_name}.opencontrail.control
params:
salt_master_host: ${_param:reclass_config_master}
linux_system_codename: ${_param:kubernetes_control_system_codename}
@@ -43,7 +41,6 @@
domain: ${_param:cluster_domain}
classes:
- cluster.${_param:cluster_name}.kubernetes.control
- - cluster.${_param:cluster_name}.opencontrail.control
params:
salt_master_host: ${_param:reclass_config_master}
linux_system_codename: ${_param:kubernetes_control_system_codename}
diff --git a/reclass/storage/system/openstack_control_cluster.yml b/reclass/storage/system/openstack_control_cluster.yml
index e05b3e9..cf21437 100644
--- a/reclass/storage/system/openstack_control_cluster.yml
+++ b/reclass/storage/system/openstack_control_cluster.yml
@@ -20,6 +20,7 @@
opencontrail_database_id: 1
rabbitmq_cluster_role: master
openstack_node_role: primary
+ glusterfs_node_role: primary
openstack_control_node02:
name: ${_param:openstack_control_node02_hostname}
domain: ${_param:cluster_domain}
@@ -33,6 +34,7 @@
opencontrail_database_id: 2
rabbitmq_cluster_role: slave
openstack_node_role: secondary
+ glusterfs_node_role: secondary
openstack_control_node03:
name: ${_param:openstack_control_node03_hostname}
domain: ${_param:cluster_domain}
@@ -46,3 +48,4 @@
opencontrail_database_id: 3
rabbitmq_cluster_role: slave
openstack_node_role: secondary
+ glusterfs_node_role: secondary
diff --git a/reclass/storage/system/openstack_control_large.yml b/reclass/storage/system/openstack_control_large.yml
index 4ad2e90..f02b24c 100644
--- a/reclass/storage/system/openstack_control_large.yml
+++ b/reclass/storage/system/openstack_control_large.yml
@@ -20,6 +20,7 @@
single_address: ${_param:openstack_control_node01_address}
keepalived_vip_priority: 105
openstack_node_role: primary
+ glusterfs_node_role: primary
openstack_control_node02:
name: ${_param:openstack_control_node02_hostname}
domain: ${_param:cluster_domain}
@@ -31,6 +32,7 @@
single_address: ${_param:openstack_control_node02_address}
keepalived_vip_priority: 104
openstack_node_role: secondary
+ glusterfs_node_role: secondary
openstack_control_node03:
name: ${_param:openstack_control_node03_hostname}
domain: ${_param:cluster_domain}
@@ -42,6 +44,7 @@
single_address: ${_param:openstack_control_node03_address}
keepalived_vip_priority: 103
openstack_node_role: secondary
+ glusterfs_node_role: secondary
openstack_control_node04:
name: ${_param:openstack_control_node04_hostname}
domain: ${_param:cluster_domain}
@@ -53,6 +56,7 @@
single_address: ${_param:openstack_control_node04_address}
keepalived_vip_priority: 102
openstack_node_role: secondary
+ glusterfs_node_role: secondary
openstack_control_node05:
name: ${_param:openstack_control_node05_hostname}
domain: ${_param:cluster_domain}
@@ -64,3 +68,4 @@
single_address: ${_param:openstack_control_node05_address}
keepalived_vip_priority: 101
openstack_node_role: secondary
+ glusterfs_node_role: secondary
diff --git a/reclass/storage/system/openstack_control_upgrade_single.yml b/reclass/storage/system/openstack_control_upgrade_single.yml
index b00cc81..a48c9a3 100644
--- a/reclass/storage/system/openstack_control_upgrade_single.yml
+++ b/reclass/storage/system/openstack_control_upgrade_single.yml
@@ -15,3 +15,4 @@
linux_system_codename: ${_param:openstack_upgrade_system_codename}
single_address: ${_param:openstack_upgrade_node01_address}
openstack_node_role: primary
+ glusterfs_node_role: primary
diff --git a/reclass/storage/system/openstack_share_multi.yml b/reclass/storage/system/openstack_share_multi.yml
index a70af28..abc52ce 100644
--- a/reclass/storage/system/openstack_share_multi.yml
+++ b/reclass/storage/system/openstack_share_multi.yml
@@ -20,6 +20,8 @@
linux_system_codename: ${_param:linux_system_codename}
single_address: ${_param:openstack_share_node01_address}
manila_share_address: ${_param:openstack_share_node01_share_address}
+ keepalived_vip_priority: 103
+ openstack_node_role: primary
openstack_share_node02:
name: ${_param:openstack_share_node02_hostname}
domain: ${_param:cluster_domain}
@@ -30,6 +32,8 @@
linux_system_codename: ${_param:linux_system_codename}
single_address: ${_param:openstack_share_node02_address}
manila_share_address: ${_param:openstack_share_node02_share_address}
+ keepalived_vip_priority: 102
+ openstack_node_role: secondary
openstack_share_node03:
name: ${_param:openstack_share_node03_hostname}
domain: ${_param:cluster_domain}
@@ -40,3 +44,5 @@
linux_system_codename: ${_param:linux_system_codename}
single_address: ${_param:openstack_share_node03_address}
manila_share_address: ${_param:openstack_share_node03_share_address}
+ keepalived_vip_priority: 101
+ openstack_node_role: secondary
diff --git a/reclass/storage/system/openstack_telemetry_cluster.yml b/reclass/storage/system/openstack_telemetry_cluster.yml
index 4c688a8..198c356 100644
--- a/reclass/storage/system/openstack_telemetry_cluster.yml
+++ b/reclass/storage/system/openstack_telemetry_cluster.yml
@@ -18,6 +18,7 @@
single_address: ${_param:openstack_telemetry_node01_address}
keepalived_vip_priority: 103
openstack_node_role: primary
+ glusterfs_node_role: primary
ceilometer_create_gnocchi_resources: true
redis_cluster_role: 'master'
openstack_telemetry_node02:
@@ -31,6 +32,7 @@
single_address: ${_param:openstack_telemetry_node02_address}
keepalived_vip_priority: 102
openstack_node_role: secondary
+ glusterfs_node_role: secondary
redis_cluster_role: 'slave'
openstack_telemetry_node03:
name: ${_param:openstack_telemetry_node03_hostname}
@@ -43,4 +45,5 @@
single_address: ${_param:openstack_telemetry_node03_address}
keepalived_vip_priority: 101
openstack_node_role: secondary
+ glusterfs_node_role: secondary
redis_cluster_role: 'slave'
diff --git a/reclass/storage/system/oss_cluster.yml b/reclass/storage/system/oss_cluster.yml
index 71d42ce..784d8a7 100644
--- a/reclass/storage/system/oss_cluster.yml
+++ b/reclass/storage/system/oss_cluster.yml
@@ -19,6 +19,7 @@
linux_system_codename: ${_param:oss_system_codename}
single_address: ${_param:oss_node01_address}
keepalived_vip_priority: 103
+ glusterfs_node_role: primary
stacklight_server_node02:
name: ${_param:oss_node02_hostname}
domain: ${_param:cluster_domain}
@@ -30,6 +31,7 @@
linux_system_codename: ${_param:oss_system_codename}
single_address: ${_param:oss_node02_address}
keepalived_vip_priority: 102
+ glusterfs_node_role: secondary
stacklight_server_node03:
name: ${_param:oss_node03_hostname}
domain: ${_param:cluster_domain}
@@ -41,3 +43,4 @@
linux_system_codename: ${_param:oss_system_codename}
single_address: ${_param:oss_node03_address}
keepalived_vip_priority: 101
+ glusterfs_node_role: secondary
diff --git a/reclass/storage/system/physical_control_cluster.yml b/reclass/storage/system/physical_control_cluster.yml
index ebd0eb0..1621a4c 100644
--- a/reclass/storage/system/physical_control_cluster.yml
+++ b/reclass/storage/system/physical_control_cluster.yml
@@ -32,6 +32,7 @@
deploy_address: ${_param:infra_kvm_node01_deploy_address}
public_address: ${_param:infra_kvm_node01_public_address}
storage_address: ${_param:infra_kvm_node01_storage_address}
+ glusterfs_node_role: primary
infra_kvm_node02:
name: ${_param:infra_kvm_node02_hostname}
domain: ${_param:cluster_domain}
@@ -44,6 +45,7 @@
deploy_address: ${_param:infra_kvm_node02_deploy_address}
public_address: ${_param:infra_kvm_node02_public_address}
storage_address: ${_param:infra_kvm_node02_storage_address}
+ glusterfs_node_role: secondary
infra_kvm_node03:
name: ${_param:infra_kvm_node03_hostname}
domain: ${_param:cluster_domain}
@@ -56,3 +58,4 @@
deploy_address: ${_param:infra_kvm_node03_deploy_address}
public_address: ${_param:infra_kvm_node03_public_address}
storage_address: ${_param:infra_kvm_node03_storage_address}
+ glusterfs_node_role: secondary
diff --git a/reclass/storage/system/physical_control_full.yml b/reclass/storage/system/physical_control_full.yml
index 1bdd345..7c3b030 100644
--- a/reclass/storage/system/physical_control_full.yml
+++ b/reclass/storage/system/physical_control_full.yml
@@ -57,6 +57,7 @@
deploy_address: ${_param:infra_kvm_node01_deploy_address}
public_address: ${_param:infra_kvm_node01_public_address}
storage_address: ${_param:infra_kvm_node01_storage_address}
+ glusterfs_node_role: primary
infra_kvm_node02:
name: ${_param:infra_kvm_node02_hostname}
domain: ${_param:cluster_domain}
@@ -69,6 +70,7 @@
deploy_address: ${_param:infra_kvm_node02_deploy_address}
public_address: ${_param:infra_kvm_node02_public_address}
storage_address: ${_param:infra_kvm_node02_storage_address}
+ glusterfs_node_role: secondary
infra_kvm_node03:
name: ${_param:infra_kvm_node03_hostname}
domain: ${_param:cluster_domain}
@@ -81,6 +83,7 @@
deploy_address: ${_param:infra_kvm_node03_deploy_address}
public_address: ${_param:infra_kvm_node03_public_address}
storage_address: ${_param:infra_kvm_node03_storage_address}
+ glusterfs_node_role: secondary
infra_kvm_node04:
name: ${_param:infra_kvm_node04_hostname}
domain: ${_param:cluster_domain}
diff --git a/reclass/storage/system/physical_control_large.yml b/reclass/storage/system/physical_control_large.yml
index 1070f47..93cc565 100644
--- a/reclass/storage/system/physical_control_large.yml
+++ b/reclass/storage/system/physical_control_large.yml
@@ -81,6 +81,7 @@
deploy_address: ${_param:infra_kvm_node01_deploy_address}
public_address: ${_param:infra_kvm_node01_public_address}
storage_address: ${_param:infra_kvm_node01_storage_address}
+ glusterfs_node_role: primary
infra_kvm_node02:
name: ${_param:infra_kvm_node02_hostname}
domain: ${_param:cluster_domain}
@@ -93,6 +94,7 @@
deploy_address: ${_param:infra_kvm_node02_deploy_address}
public_address: ${_param:infra_kvm_node02_public_address}
storage_address: ${_param:infra_kvm_node02_storage_address}
+ glusterfs_node_role: secondary
infra_kvm_node03:
name: ${_param:infra_kvm_node03_hostname}
domain: ${_param:cluster_domain}
@@ -105,6 +107,7 @@
deploy_address: ${_param:infra_kvm_node03_deploy_address}
public_address: ${_param:infra_kvm_node03_public_address}
storage_address: ${_param:infra_kvm_node03_storage_address}
+ glusterfs_node_role: secondary
infra_kvm_node04:
name: ${_param:infra_kvm_node04_hostname}
domain: ${_param:cluster_domain}
diff --git a/reclass/storage/system/physical_control_medium.yml b/reclass/storage/system/physical_control_medium.yml
index 5ad7d24..70d7313 100644
--- a/reclass/storage/system/physical_control_medium.yml
+++ b/reclass/storage/system/physical_control_medium.yml
@@ -69,6 +69,7 @@
deploy_address: ${_param:infra_kvm_node01_deploy_address}
public_address: ${_param:infra_kvm_node01_public_address}
storage_address: ${_param:infra_kvm_node01_storage_address}
+ glusterfs_node_role: primary
infra_kvm_node02:
name: ${_param:infra_kvm_node02_hostname}
domain: ${_param:cluster_domain}
@@ -81,6 +82,7 @@
deploy_address: ${_param:infra_kvm_node02_deploy_address}
public_address: ${_param:infra_kvm_node02_public_address}
storage_address: ${_param:infra_kvm_node02_storage_address}
+ glusterfs_node_role: secondary
infra_kvm_node03:
name: ${_param:infra_kvm_node03_hostname}
domain: ${_param:cluster_domain}
@@ -93,6 +95,7 @@
deploy_address: ${_param:infra_kvm_node03_deploy_address}
public_address: ${_param:infra_kvm_node03_public_address}
storage_address: ${_param:infra_kvm_node03_storage_address}
+ glusterfs_node_role: secondary
infra_kvm_node04:
name: ${_param:infra_kvm_node04_hostname}
domain: ${_param:cluster_domain}
diff --git a/reclass/storage/system/physical_control_small.yml b/reclass/storage/system/physical_control_small.yml
index 4ce3759..5727dd6 100644
--- a/reclass/storage/system/physical_control_small.yml
+++ b/reclass/storage/system/physical_control_small.yml
@@ -45,6 +45,7 @@
deploy_address: ${_param:infra_kvm_node01_deploy_address}
public_address: ${_param:infra_kvm_node01_public_address}
storage_address: ${_param:infra_kvm_node01_storage_address}
+ glusterfs_node_role: primary
infra_kvm_node02:
name: ${_param:infra_kvm_node02_hostname}
domain: ${_param:cluster_domain}
@@ -57,6 +58,7 @@
deploy_address: ${_param:infra_kvm_node02_deploy_address}
public_address: ${_param:infra_kvm_node02_public_address}
storage_address: ${_param:infra_kvm_node02_storage_address}
+ glusterfs_node_role: secondary
infra_kvm_node03:
name: ${_param:infra_kvm_node03_hostname}
domain: ${_param:cluster_domain}
@@ -69,6 +71,7 @@
deploy_address: ${_param:infra_kvm_node03_deploy_address}
public_address: ${_param:infra_kvm_node03_public_address}
storage_address: ${_param:infra_kvm_node03_storage_address}
+ glusterfs_node_role: secondary
infra_kvm_node04:
name: ${_param:infra_kvm_node04_hostname}
domain: ${_param:cluster_domain}
diff --git a/salt/control/cluster/ceph_mon_cluster.yml b/salt/control/cluster/ceph_mon_cluster.yml
index bccec01..39cee29 100644
--- a/salt/control/cluster/ceph_mon_cluster.yml
+++ b/salt/control/cluster/ceph_mon_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ ceph_mon_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -16,14 +19,17 @@
name: ${_param:ceph_mon_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:ceph_mon_backend_image}
size: ceph.mon
cmn02:
name: ${_param:ceph_mon_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:ceph_mon_backend_image}
size: ceph.mon
cmn03:
name: ${_param:ceph_mon_node03_hostname}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
- size: ceph.mon
\ No newline at end of file
+ backend: ${_param:ceph_mon_backend_image}
+ size: ceph.mon
diff --git a/salt/control/cluster/ceph_rgw_cluster.yml b/salt/control/cluster/ceph_rgw_cluster.yml
index 6f24819..e0109db 100644
--- a/salt/control/cluster/ceph_rgw_cluster.yml
+++ b/salt/control/cluster/ceph_rgw_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ ceph_rgw_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -16,14 +19,17 @@
name: ${_param:ceph_rgw_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:ceph_rgw_backend_image}
size: ceph.rgw
rgw02:
name: ${_param:ceph_rgw_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:ceph_rgw_backend_image}
size: ceph.rgw
rgw03:
name: ${_param:ceph_rgw_node03_hostname}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
- size: ceph.rgw
\ No newline at end of file
+ backend: ${_param:ceph_rgw_backend_image}
+ size: ceph.rgw
diff --git a/salt/control/cluster/cicd_control_cluster.yml b/salt/control/cluster/cicd_control_cluster.yml
index 82366a8..33945e2 100644
--- a/salt/control/cluster/cicd_control_cluster.yml
+++ b/salt/control/cluster/cicd_control_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ cicd_control_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -16,14 +19,17 @@
name: ${_param:cicd_control_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:cicd_control_backend_image}
size: cicd.control
cid02:
name: ${_param:cicd_control_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:cicd_control_backend_image}
size: cicd.control
cid03:
name: ${_param:cicd_control_node03_hostname}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:cicd_control_backend_image}
size: cicd.control
diff --git a/salt/control/cluster/infra_idm_cluster.yml b/salt/control/cluster/infra_idm_cluster.yml
index ff135a1..f322910 100644
--- a/salt/control/cluster/infra_idm_cluster.yml
+++ b/salt/control/cluster/infra_idm_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_centos7_image_backend: /var/lib/libvirt/images/backends/centos7.qcow2
+ infra_idm_backend_image: ${_param:salt_control_centos7_image_backend}
salt:
control:
size:
@@ -16,14 +19,17 @@
name: ${_param:infra_idm_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_centos7_image}
+ backend: ${_param:infra_idm_backend_image}
size: infra.idm
idm02:
name: ${_param:infra_idm_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_centos7_image}
+ backend: ${_param:infra_idm_backend_image}
size: infra.idm
idm03:
name: ${_param:infra_idm_node03_hostname}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_centos7_image}
+ backend: ${_param:infra_idm_backend_image}
size: infra.idm
diff --git a/salt/control/cluster/infra_integration_single.yml b/salt/control/cluster/infra_integration_single.yml
index 66de895..0c774ab 100644
--- a/salt/control/cluster/infra_integration_single.yml
+++ b/salt/control/cluster/infra_integration_single.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ infra_integration_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -16,4 +19,5 @@
name: ${_param:cicd_control_node01_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:infra_integration_backend_image}
size: infra.integration
diff --git a/salt/control/cluster/infra_maas_single.yml b/salt/control/cluster/infra_maas_single.yml
index d8675e8..9bd4fe2 100644
--- a/salt/control/cluster/infra_maas_single.yml
+++ b/salt/control/cluster/infra_maas_single.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ infra_maas_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -16,5 +19,6 @@
name: ${_param:infra_maas_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:infra_maas_backend_image}
size: infra.maas
diff --git a/salt/control/cluster/infra_proxy_cluster.yml b/salt/control/cluster/infra_proxy_cluster.yml
index f3453ff..00c9679 100644
--- a/salt/control/cluster/infra_proxy_cluster.yml
+++ b/salt/control/cluster/infra_proxy_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_trusty_image_backend: /var/lib/libvirt/images/backends/trusty.qcow2
+ infra_proxy_backend_image: ${_param:salt_control_trusty_image_backend}
salt:
control:
size:
@@ -16,9 +19,11 @@
name: ${_param:openstack_proxy_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:infra_proxy_backend_image}
size: infra.proxy
prx02:
name: ${_param:openstack_proxy_node01_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:infra_proxy_backend_image}
size: infra.proxy
diff --git a/salt/control/cluster/infra_proxy_single.yml b/salt/control/cluster/infra_proxy_single.yml
index 7d092fa..483b2d4 100644
--- a/salt/control/cluster/infra_proxy_single.yml
+++ b/salt/control/cluster/infra_proxy_single.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_trusty_image_backend: /var/lib/libvirt/images/backends/trusty.qcow2
+ infra_proxy_backend_image: ${_param:salt_control_trusty_image_backend}
salt:
control:
size:
@@ -16,4 +19,5 @@
name: ${_param:openstack_proxy_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:infra_proxy_backend_image}
size: infra.proxy
diff --git a/salt/control/cluster/infra_storage_single.yml b/salt/control/cluster/infra_storage_single.yml
index ca8ce26..b6c0a85 100644
--- a/salt/control/cluster/infra_storage_single.yml
+++ b/salt/control/cluster/infra_storage_single.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ infra_storage_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -15,4 +18,5 @@
sto01:
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:infra_storage_backend_image}
size: infra.storage
diff --git a/salt/control/cluster/infra_version_control_single.yml b/salt/control/cluster/infra_version_control_single.yml
index 10e01ab..d7e02d5 100644
--- a/salt/control/cluster/infra_version_control_single.yml
+++ b/salt/control/cluster/infra_version_control_single.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ infra_version_control_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -15,4 +18,5 @@
git01:
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:infra_version_control_backend_image}
size: infra.version_control
diff --git a/salt/control/cluster/kubernetes_control_cluster.yml b/salt/control/cluster/kubernetes_control_cluster.yml
index c3049ec..252ccbf 100644
--- a/salt/control/cluster/kubernetes_control_cluster.yml
+++ b/salt/control/cluster/kubernetes_control_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ kubernetes_control_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -16,14 +19,17 @@
name: ${_param:kubernetes_control_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:kubernetes_control_backend_image}
size: kubernetes.control
ctl02:
name: ${_param:kubernetes_control_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:kubernetes_control_backend_image}
size: kubernetes.control
ctl03:
name: ${_param:kubernetes_control_node03_hostname}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:kubernetes_control_backend_image}
size: kubernetes.control
diff --git a/salt/control/cluster/kubernetes_proxy_cluster.yml b/salt/control/cluster/kubernetes_proxy_cluster.yml
index 379a333..0a47f39 100644
--- a/salt/control/cluster/kubernetes_proxy_cluster.yml
+++ b/salt/control/cluster/kubernetes_proxy_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ kubernetes_proxy_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -16,10 +19,12 @@
name: ${_param:kubernetes_proxy_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:kubernetes_proxy_backend_image}
size: kubernetes.proxy
prx02:
name: ${_param:kubernetes_proxy_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:kubernetes_proxy_backend_image}
size: kubernetes.proxy
diff --git a/salt/control/cluster/opencontrail_analytics_cluster.yml b/salt/control/cluster/opencontrail_analytics_cluster.yml
index 37fb60a..b4e7b75 100644
--- a/salt/control/cluster/opencontrail_analytics_cluster.yml
+++ b/salt/control/cluster/opencontrail_analytics_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_trusty_image_backend: /var/lib/libvirt/images/backends/trusty.qcow2
+ opencontrail_analytics_backend_image: ${_param:salt_control_trusty_image_backend}
salt:
control:
size:
@@ -16,14 +19,17 @@
name: ${_param:opencontrail_analytics_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:opencontrail_analytics_backend_image}
size: opencontrail.analytics
nal02:
name: ${_param:opencontrail_analytics_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:opencontrail_analytics_backend_image}
size: opencontrail.analytics
nal03:
name: ${_param:opencontrail_analytics_node03_hostname}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:opencontrail_analytics_backend_image}
size: opencontrail.analytics
diff --git a/salt/control/cluster/opencontrail_control_cluster.yml b/salt/control/cluster/opencontrail_control_cluster.yml
index 10ddf5e..9d2fbb9 100644
--- a/salt/control/cluster/opencontrail_control_cluster.yml
+++ b/salt/control/cluster/opencontrail_control_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_trusty_image_backend: /var/lib/libvirt/images/backends/trusty.qcow2
+ opencontrail_control_backend_image: ${_param:salt_control_trusty_image_backend}
salt:
control:
size:
@@ -16,14 +19,17 @@
name: ${_param:opencontrail_control_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:opencontrail_control_backend_image}
size: opencontrail.control
ntw02:
name: ${_param:opencontrail_control_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:opencontrail_control_backend_image}
size: opencontrail.control
ntw03:
name: ${_param:opencontrail_control_node03_hostname}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:opencontrail_control_backend_image}
size: opencontrail.control
diff --git a/salt/control/cluster/openstack_barbican_cluster.yml b/salt/control/cluster/openstack_barbican_cluster.yml
index cfa7ba6..b24c0fa 100644
--- a/salt/control/cluster/openstack_barbican_cluster.yml
+++ b/salt/control/cluster/openstack_barbican_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ openstack_barbican_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -16,14 +19,17 @@
name: ${_param:openstack_barbican_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_barbican_backend_image}
size: openstack.barbican
kmn02:
name: ${_param:openstack_barbican_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_barbican_backend_image}
size: openstack.barbican
kmn03:
name: ${_param:openstack_barbican_node03_hostname}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_barbican_backend_image}
size: openstack.barbican
diff --git a/salt/control/cluster/openstack_baremetal_cluster.yml b/salt/control/cluster/openstack_baremetal_cluster.yml
index 4dd62e4..f166484 100644
--- a/salt/control/cluster/openstack_baremetal_cluster.yml
+++ b/salt/control/cluster/openstack_baremetal_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ openstack_baremetal_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -16,14 +19,17 @@
name: ${_param:openstack_baremetal_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_baremetal_backend_image}
size: openstack.baremetal
bmt02:
name: ${_param:openstack_baremetal_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_baremetal_backend_image}
size: openstack.baremetal
bmt03:
name: ${_param:openstack_baremetal_node03_hostname}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_baremetal_backend_image}
size: openstack.baremetal
diff --git a/salt/control/cluster/openstack_baremetal_single.yml b/salt/control/cluster/openstack_baremetal_single.yml
index f0aa319..853f45e 100644
--- a/salt/control/cluster/openstack_baremetal_single.yml
+++ b/salt/control/cluster/openstack_baremetal_single.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ openstack_baremetal_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -16,4 +19,5 @@
name: ${_param:openstack_baremetal_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_baremetal_backend_image}
size: openstack.baremetal
diff --git a/salt/control/cluster/openstack_benchmark_single.yml b/salt/control/cluster/openstack_benchmark_single.yml
index ea10fc3..83c18f5 100644
--- a/salt/control/cluster/openstack_benchmark_single.yml
+++ b/salt/control/cluster/openstack_benchmark_single.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_trusty_image_backend: /var/lib/libvirt/images/backends/trusty.qcow2
+ openstack_benchmark_backend_image: ${_param:salt_control_trusty_image_backend}
salt:
control:
size:
@@ -16,4 +19,5 @@
name: ${_param:openstack_benchmark_node01_hostname}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:openstack_benchmark_backend_image}
size: openstack.benchmark
diff --git a/salt/control/cluster/openstack_billing_single.yml b/salt/control/cluster/openstack_billing_single.yml
index f8dacf7..36f9824 100644
--- a/salt/control/cluster/openstack_billing_single.yml
+++ b/salt/control/cluster/openstack_billing_single.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_trusty_image_backend: /var/lib/libvirt/images/backends/trusty.qcow2
+ openstack_billing_backend_image: ${_param:salt_control_trusty_image_backend}
salt:
control:
size:
@@ -15,4 +18,5 @@
bil01:
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:openstack_billing_backend_image}
size: openstack.control
diff --git a/salt/control/cluster/openstack_control_cluster.yml b/salt/control/cluster/openstack_control_cluster.yml
index f28a7d0..328cfd0 100644
--- a/salt/control/cluster/openstack_control_cluster.yml
+++ b/salt/control/cluster/openstack_control_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_trusty_image_backend: /var/lib/libvirt/images/backends/trusty.qcow2
+ openstack_control_backend_image: ${_param:salt_control_trusty_image_backend}
salt:
control:
size:
@@ -16,14 +19,17 @@
name: ${_param:openstack_control_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:openstack_control_backend_image}
size: openstack.control
ctl02:
name: ${_param:openstack_control_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:openstack_control_backend_image}
size: openstack.control
ctl03:
name: ${_param:openstack_control_node03_hostname}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:openstack_control_backend_image}
size: openstack.control
diff --git a/salt/control/cluster/openstack_database_cluster.yml b/salt/control/cluster/openstack_database_cluster.yml
index 2a00308..acbcc36 100644
--- a/salt/control/cluster/openstack_database_cluster.yml
+++ b/salt/control/cluster/openstack_database_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_trusty_image_backend: /var/lib/libvirt/images/backends/trusty.qcow2
+ openstack_database_backend_image: ${_param:salt_control_trusty_image_backend}
salt:
control:
size:
@@ -16,14 +19,17 @@
name: ${_param:openstack_database_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:openstack_database_backend_image}
size: openstack.database
dbs02:
name: ${_param:openstack_database_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:openstack_database_backend_image}
size: openstack.database
dbs03:
name: ${_param:openstack_database_node03_hostname}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:openstack_database_backend_image}
size: openstack.database
diff --git a/salt/control/cluster/openstack_dns_cluster.yml b/salt/control/cluster/openstack_dns_cluster.yml
index 7f1dbb8..6fcc546 100644
--- a/salt/control/cluster/openstack_dns_cluster.yml
+++ b/salt/control/cluster/openstack_dns_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ openstack_dns_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -16,9 +19,11 @@
name: ${_param:openstack_dns_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_dns_backend_image}
size: openstack.dns
dns02:
name: ${_param:openstack_dns_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_dns_backend_image}
size: openstack.dns
diff --git a/salt/control/cluster/openstack_gateway_cluster.yml b/salt/control/cluster/openstack_gateway_cluster.yml
index 1a7e06b..8475004 100644
--- a/salt/control/cluster/openstack_gateway_cluster.yml
+++ b/salt/control/cluster/openstack_gateway_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ openstack_gateway_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -16,14 +19,17 @@
name: ${_param:openstack_gateway_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_gateway_backend_image}
size: openstack.gateway
gtw02:
name: ${_param:openstack_gateway_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_gateway_backend_image}
size: openstack.gateway
gtw03:
name: ${_param:openstack_gateway_node03_hostname}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_gateway_backend_image}
size: openstack.gateway
diff --git a/salt/control/cluster/openstack_gateway_single.yml b/salt/control/cluster/openstack_gateway_single.yml
index 801ee0c..e240d12 100644
--- a/salt/control/cluster/openstack_gateway_single.yml
+++ b/salt/control/cluster/openstack_gateway_single.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ openstack_gateway_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -16,4 +19,5 @@
name: ${_param:openstack_gateway_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_gateway_backend_image}
size: openstack.gateway
diff --git a/salt/control/cluster/openstack_manila_cluster.yml b/salt/control/cluster/openstack_manila_cluster.yml
index feb1d4f..477d6ca 100644
--- a/salt/control/cluster/openstack_manila_cluster.yml
+++ b/salt/control/cluster/openstack_manila_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ openstack_manila_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -16,14 +19,17 @@
name: ${_param:openstack_share_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_manila_backend_image}
size: openstack.manila
share02:
name: ${_param:openstack_share_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_manila_backend_image}
size: openstack.manila
share03:
name: ${_param:openstack_share_node03_hostname}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_manila_backend_image}
size: openstack.manila
diff --git a/salt/control/cluster/openstack_message_queue_cluster.yml b/salt/control/cluster/openstack_message_queue_cluster.yml
index cab5adb..f91faf6 100644
--- a/salt/control/cluster/openstack_message_queue_cluster.yml
+++ b/salt/control/cluster/openstack_message_queue_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_trusty_image_backend: /var/lib/libvirt/images/backends/trusty.qcow2
+ openstack_message_queue_backend_image: ${_param:salt_control_trusty_image_backend}
salt:
control:
size:
@@ -16,14 +19,17 @@
name: ${_param:openstack_message_queue_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:openstack_message_queue_backend_image}
size: openstack.message_queue
msg02:
name: ${_param:openstack_message_queue_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:openstack_message_queue_backend_image}
size: openstack.message_queue
msg03:
name: ${_param:openstack_message_queue_node03_hostname}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:openstack_message_queue_backend_image}
size: openstack.message_queue
diff --git a/salt/control/cluster/openstack_proxy_cluster.yml b/salt/control/cluster/openstack_proxy_cluster.yml
index 628dcd8..87a5176 100644
--- a/salt/control/cluster/openstack_proxy_cluster.yml
+++ b/salt/control/cluster/openstack_proxy_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_trusty_image_backend: /var/lib/libvirt/images/backends/trusty.qcow2
+ openstack_proxy_backend_image: ${_param:salt_control_trusty_image_backend}
salt:
control:
size:
@@ -16,10 +19,12 @@
name: ${_param:openstack_proxy_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:openstack_proxy_backend_image}
size: openstack.proxy
prx02:
name: ${_param:openstack_proxy_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:openstack_proxy_backend_image}
size: openstack.proxy
diff --git a/salt/control/cluster/openstack_proxy_single.yml b/salt/control/cluster/openstack_proxy_single.yml
index 8ad0baf..ca5c751 100644
--- a/salt/control/cluster/openstack_proxy_single.yml
+++ b/salt/control/cluster/openstack_proxy_single.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_trusty_image_backend: /var/lib/libvirt/images/backends/trusty.qcow2
+ openstack_proxy_backend_image: ${_param:salt_control_trusty_image_backend}
salt:
control:
size:
@@ -16,4 +19,5 @@
name: ${_param:openstack_proxy_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:openstack_proxy_backend_image}
size: openstack.proxy
diff --git a/salt/control/cluster/openstack_telemetry_cluster.yml b/salt/control/cluster/openstack_telemetry_cluster.yml
index 633b984..bbf6fd1 100644
--- a/salt/control/cluster/openstack_telemetry_cluster.yml
+++ b/salt/control/cluster/openstack_telemetry_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_trusty_image_backend: /var/lib/libvirt/images/backends/trusty.qcow2
+ openstack_telemetry_backend_image: ${_param:salt_control_trusty_image_backend}
salt:
control:
size:
@@ -16,14 +19,17 @@
name: ${_param:openstack_telemetry_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:openstack_telemetry_backend_image}
size: openstack.telemetry
mdb02:
name: ${_param:openstack_telemetry_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:openstack_telemetry_backend_image}
size: openstack.telemetry
mdb03:
name: ${_param:openstack_telemetry_node03_hostname}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:openstack_telemetry_backend_image}
size: openstack.telemetry
diff --git a/salt/control/cluster/openstack_upgrade_single.yml b/salt/control/cluster/openstack_upgrade_single.yml
index 3189f3e..0b5e0fb 100644
--- a/salt/control/cluster/openstack_upgrade_single.yml
+++ b/salt/control/cluster/openstack_upgrade_single.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ openstack_upgrade_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -15,4 +18,5 @@
upg01:
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_upgrade_backend_image}
size: openstack.upgrade
diff --git a/salt/control/cluster/rsyslog_single.yml b/salt/control/cluster/rsyslog_single.yml
index 72e6c86..dd64869 100644
--- a/salt/control/cluster/rsyslog_single.yml
+++ b/salt/control/cluster/rsyslog_single.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ rsyslog_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -16,4 +19,5 @@
name: ${_param:rsyslog_node01_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:rsyslog_backend_image}
size: infra.rsyslog
diff --git a/salt/control/cluster/stacklight_log_cluster.yml b/salt/control/cluster/stacklight_log_cluster.yml
index e4c08b6..6d3dba9 100644
--- a/salt/control/cluster/stacklight_log_cluster.yml
+++ b/salt/control/cluster/stacklight_log_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ stacklight_log_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -16,14 +19,17 @@
name: ${_param:stacklight_log_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_log_backend_image}
size: stacklight.log
log02:
name: ${_param:stacklight_log_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_log_backend_image}
size: stacklight.log
log03:
name: ${_param:stacklight_log_node03_hostname}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_log_backend_image}
size: stacklight.log
diff --git a/salt/control/cluster/stacklight_server_cluster.yml b/salt/control/cluster/stacklight_server_cluster.yml
index 6e7da61..8ab6a9d 100644
--- a/salt/control/cluster/stacklight_server_cluster.yml
+++ b/salt/control/cluster/stacklight_server_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ stacklight_server_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -16,14 +19,17 @@
name: ${_param:stacklight_monitor_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_server_backend_image}
size: stacklight.server
mon02:
name: ${_param:stacklight_monitor_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_server_backend_image}
size: stacklight.server
mon03:
name: ${_param:stacklight_monitor_node03_hostname}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_server_backend_image}
size: stacklight.server
diff --git a/salt/control/cluster/stacklight_telemetry_cluster.yml b/salt/control/cluster/stacklight_telemetry_cluster.yml
index 1b39b61..4a58a23 100644
--- a/salt/control/cluster/stacklight_telemetry_cluster.yml
+++ b/salt/control/cluster/stacklight_telemetry_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ stacklight_telemetry_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -16,14 +19,17 @@
name: ${_param:stacklight_telemetry_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_telemetry_backend_image}
size: stacklight.telemetry
mtr02:
name: ${_param:stacklight_telemetry_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_telemetry_backend_image}
size: stacklight.telemetry
mtr03:
name: ${_param:stacklight_telemetry_node03_hostname}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_telemetry_backend_image}
size: stacklight.telemetry
diff --git a/salt/control/cluster/stacklight_telemetry_single.yml b/salt/control/cluster/stacklight_telemetry_single.yml
index 81fd6fb..3012dc6 100644
--- a/salt/control/cluster/stacklight_telemetry_single.yml
+++ b/salt/control/cluster/stacklight_telemetry_single.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ stacklight_telemetry_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -16,4 +19,5 @@
name: ${_param:stacklight_telemetry_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_telemetry_backend_image}
size: stacklight.telemetry
diff --git a/salt/control/placement/cicd/compact.yml b/salt/control/placement/cicd/compact.yml
index 9bdf4a4..9f700f1 100644
--- a/salt/control/placement/cicd/compact.yml
+++ b/salt/control/placement/cicd/compact.yml
@@ -6,6 +6,8 @@
cicd_control_node01_hostname: cid01
cicd_control_node02_hostname: cid02
cicd_control_node03_hostname: cid03
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ cicd_control_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -14,15 +16,18 @@
cid01:
name: ${_param:cicd_control_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:cicd_control_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: cicd.control
cid02:
name: ${_param:cicd_control_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:cicd_control_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: cicd.control
cid03:
name: ${_param:cicd_control_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:cicd_control_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
- size: cicd.control
\ No newline at end of file
+ size: cicd.control
diff --git a/salt/control/placement/cicd/large.yml b/salt/control/placement/cicd/large.yml
index 9bdf4a4..9f700f1 100644
--- a/salt/control/placement/cicd/large.yml
+++ b/salt/control/placement/cicd/large.yml
@@ -6,6 +6,8 @@
cicd_control_node01_hostname: cid01
cicd_control_node02_hostname: cid02
cicd_control_node03_hostname: cid03
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ cicd_control_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -14,15 +16,18 @@
cid01:
name: ${_param:cicd_control_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:cicd_control_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: cicd.control
cid02:
name: ${_param:cicd_control_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:cicd_control_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: cicd.control
cid03:
name: ${_param:cicd_control_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:cicd_control_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
- size: cicd.control
\ No newline at end of file
+ size: cicd.control
diff --git a/salt/control/placement/cicd/medium.yml b/salt/control/placement/cicd/medium.yml
index 9bdf4a4..9f700f1 100644
--- a/salt/control/placement/cicd/medium.yml
+++ b/salt/control/placement/cicd/medium.yml
@@ -6,6 +6,8 @@
cicd_control_node01_hostname: cid01
cicd_control_node02_hostname: cid02
cicd_control_node03_hostname: cid03
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ cicd_control_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -14,15 +16,18 @@
cid01:
name: ${_param:cicd_control_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:cicd_control_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: cicd.control
cid02:
name: ${_param:cicd_control_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:cicd_control_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: cicd.control
cid03:
name: ${_param:cicd_control_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:cicd_control_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
- size: cicd.control
\ No newline at end of file
+ size: cicd.control
diff --git a/salt/control/placement/cicd/minimal.yml b/salt/control/placement/cicd/minimal.yml
index 9bdf4a4..9f700f1 100644
--- a/salt/control/placement/cicd/minimal.yml
+++ b/salt/control/placement/cicd/minimal.yml
@@ -6,6 +6,8 @@
cicd_control_node01_hostname: cid01
cicd_control_node02_hostname: cid02
cicd_control_node03_hostname: cid03
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ cicd_control_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -14,15 +16,18 @@
cid01:
name: ${_param:cicd_control_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:cicd_control_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: cicd.control
cid02:
name: ${_param:cicd_control_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:cicd_control_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: cicd.control
cid03:
name: ${_param:cicd_control_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:cicd_control_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
- size: cicd.control
\ No newline at end of file
+ size: cicd.control
diff --git a/salt/control/placement/cicd/small.yml b/salt/control/placement/cicd/small.yml
index 9bdf4a4..9f700f1 100644
--- a/salt/control/placement/cicd/small.yml
+++ b/salt/control/placement/cicd/small.yml
@@ -6,6 +6,8 @@
cicd_control_node01_hostname: cid01
cicd_control_node02_hostname: cid02
cicd_control_node03_hostname: cid03
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ cicd_control_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -14,15 +16,18 @@
cid01:
name: ${_param:cicd_control_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:cicd_control_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: cicd.control
cid02:
name: ${_param:cicd_control_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:cicd_control_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: cicd.control
cid03:
name: ${_param:cicd_control_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:cicd_control_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
- size: cicd.control
\ No newline at end of file
+ size: cicd.control
diff --git a/salt/control/placement/opencontrail/compact.yml b/salt/control/placement/opencontrail/compact.yml
index a619956..584b65e 100644
--- a/salt/control/placement/opencontrail/compact.yml
+++ b/salt/control/placement/opencontrail/compact.yml
@@ -9,6 +9,9 @@
opencontrail_analytics_node01_hostname: nal01
opencontrail_analytics_node02_hostname: nal02
opencontrail_analytics_node03_hostname: nal03
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ opencontrail_control_backend_image: ${_param:salt_control_xenial_image_backend}
+ opencontrail_analytics_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -17,30 +20,36 @@
ntw01:
name: ${_param:opencontrail_control_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_control_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: opencontrail.control
ntw02:
name: ${_param:opencontrail_control_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_control_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: opencontrail.control
ntw03:
name: ${_param:opencontrail_control_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_control_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: opencontrail.control
nal01:
name: ${_param:opencontrail_analytics_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_analytics_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: opencontrail.analytics
nal02:
name: ${_param:opencontrail_analytics_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_analytics_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: opencontrail.analytics
nal03:
name: ${_param:opencontrail_analytics_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_analytics_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
- size: opencontrail.analytics
\ No newline at end of file
+ size: opencontrail.analytics
diff --git a/salt/control/placement/opencontrail/large.yml b/salt/control/placement/opencontrail/large.yml
index 1aabd0d..d7e662c 100644
--- a/salt/control/placement/opencontrail/large.yml
+++ b/salt/control/placement/opencontrail/large.yml
@@ -9,6 +9,9 @@
opencontrail_analytics_node01_hostname: nal01
opencontrail_analytics_node02_hostname: nal02
opencontrail_analytics_node03_hostname: nal03
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ opencontrail_control_backend_image: ${_param:salt_control_xenial_image_backend}
+ opencontrail_analytics_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -17,30 +20,36 @@
ntw01:
name: ${_param:opencontrail_control_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_control_backend_image}
provider: ${_param:infra_kvm_node10_hostname}.${_param:cluster_domain}
size: opencontrail.control
ntw02:
name: ${_param:opencontrail_control_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_control_backend_image}
provider: ${_param:infra_kvm_node11_hostname}.${_param:cluster_domain}
size: opencontrail.control
ntw03:
name: ${_param:opencontrail_control_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_control_backend_image}
provider: ${_param:infra_kvm_node12_hostname}.${_param:cluster_domain}
size: opencontrail.control
nal01:
name: ${_param:opencontrail_analytics_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_analytics_backend_image}
provider: ${_param:infra_kvm_node10_hostname}.${_param:cluster_domain}
size: opencontrail.analytics
nal02:
name: ${_param:opencontrail_analytics_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_analytics_backend_image}
provider: ${_param:infra_kvm_node11_hostname}.${_param:cluster_domain}
size: opencontrail.analytics
nal03:
name: ${_param:opencontrail_analytics_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_analytics_backend_image}
provider: ${_param:infra_kvm_node12_hostname}.${_param:cluster_domain}
- size: opencontrail.analytics
\ No newline at end of file
+ size: opencontrail.analytics
diff --git a/salt/control/placement/opencontrail/medium.yml b/salt/control/placement/opencontrail/medium.yml
index dfc32f3..448cd23 100644
--- a/salt/control/placement/opencontrail/medium.yml
+++ b/salt/control/placement/opencontrail/medium.yml
@@ -9,6 +9,9 @@
opencontrail_analytics_node01_hostname: nal01
opencontrail_analytics_node02_hostname: nal02
opencontrail_analytics_node03_hostname: nal03
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ opencontrail_control_backend_image: ${_param:salt_control_xenial_image_backend}
+ opencontrail_analytics_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -17,30 +20,36 @@
ntw01:
name: ${_param:opencontrail_control_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_control_backend_image}
provider: ${_param:infra_kvm_node07_hostname}.${_param:cluster_domain}
size: opencontrail.control
ntw02:
name: ${_param:opencontrail_control_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_control_backend_image}
provider: ${_param:infra_kvm_node08_hostname}.${_param:cluster_domain}
size: opencontrail.control
ntw03:
name: ${_param:opencontrail_control_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_control_backend_image}
provider: ${_param:infra_kvm_node09_hostname}.${_param:cluster_domain}
size: opencontrail.control
nal01:
name: ${_param:opencontrail_analytics_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_analytics_backend_image}
provider: ${_param:infra_kvm_node07_hostname}.${_param:cluster_domain}
size: opencontrail.analytics
nal02:
name: ${_param:opencontrail_analytics_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_analytics_backend_image}
provider: ${_param:infra_kvm_node08_hostname}.${_param:cluster_domain}
size: opencontrail.analytics
nal03:
name: ${_param:opencontrail_analytics_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_analytics_backend_image}
provider: ${_param:infra_kvm_node09_hostname}.${_param:cluster_domain}
- size: opencontrail.analytics
\ No newline at end of file
+ size: opencontrail.analytics
diff --git a/salt/control/placement/opencontrail/minimal.yml b/salt/control/placement/opencontrail/minimal.yml
index a619956..584b65e 100644
--- a/salt/control/placement/opencontrail/minimal.yml
+++ b/salt/control/placement/opencontrail/minimal.yml
@@ -9,6 +9,9 @@
opencontrail_analytics_node01_hostname: nal01
opencontrail_analytics_node02_hostname: nal02
opencontrail_analytics_node03_hostname: nal03
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ opencontrail_control_backend_image: ${_param:salt_control_xenial_image_backend}
+ opencontrail_analytics_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -17,30 +20,36 @@
ntw01:
name: ${_param:opencontrail_control_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_control_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: opencontrail.control
ntw02:
name: ${_param:opencontrail_control_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_control_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: opencontrail.control
ntw03:
name: ${_param:opencontrail_control_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_control_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: opencontrail.control
nal01:
name: ${_param:opencontrail_analytics_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_analytics_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: opencontrail.analytics
nal02:
name: ${_param:opencontrail_analytics_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_analytics_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: opencontrail.analytics
nal03:
name: ${_param:opencontrail_analytics_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_analytics_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
- size: opencontrail.analytics
\ No newline at end of file
+ size: opencontrail.analytics
diff --git a/salt/control/placement/opencontrail/small.yml b/salt/control/placement/opencontrail/small.yml
index a619956..584b65e 100644
--- a/salt/control/placement/opencontrail/small.yml
+++ b/salt/control/placement/opencontrail/small.yml
@@ -9,6 +9,9 @@
opencontrail_analytics_node01_hostname: nal01
opencontrail_analytics_node02_hostname: nal02
opencontrail_analytics_node03_hostname: nal03
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ opencontrail_control_backend_image: ${_param:salt_control_xenial_image_backend}
+ opencontrail_analytics_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -17,30 +20,36 @@
ntw01:
name: ${_param:opencontrail_control_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_control_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: opencontrail.control
ntw02:
name: ${_param:opencontrail_control_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_control_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: opencontrail.control
ntw03:
name: ${_param:opencontrail_control_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_control_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: opencontrail.control
nal01:
name: ${_param:opencontrail_analytics_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_analytics_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: opencontrail.analytics
nal02:
name: ${_param:opencontrail_analytics_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_analytics_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: opencontrail.analytics
nal03:
name: ${_param:opencontrail_analytics_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_analytics_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
- size: opencontrail.analytics
\ No newline at end of file
+ size: opencontrail.analytics
diff --git a/salt/control/placement/openstack/compact.yml b/salt/control/placement/openstack/compact.yml
index 8c62e28..83f2254 100644
--- a/salt/control/placement/openstack/compact.yml
+++ b/salt/control/placement/openstack/compact.yml
@@ -14,6 +14,11 @@
openstack_message_queue_node03_hostname: msg03
openstack_proxy_node01_hostname: prx01
openstack_proxy_node02_hostname: prx02
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ openstack_control_backend_image: ${_param:salt_control_xenial_image_backend}
+ openstack_database_backend_image: ${_param:salt_control_xenial_image_backend}
+ openstack_message_queue_backend_image: ${_param:salt_control_xenial_image_backend}
+ openstack_proxy_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -22,55 +27,66 @@
ctl01:
name: ${_param:openstack_control_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_control_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: openstack.control
ctl02:
name: ${_param:openstack_control_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_control_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: openstack.control
ctl03:
name: ${_param:openstack_control_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_control_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: openstack.control
dbs01:
name: ${_param:openstack_database_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_database_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: openstack.database
dbs02:
name: ${_param:openstack_database_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_database_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: openstack.database
dbs03:
name: ${_param:openstack_database_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_database_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: openstack.database
msg01:
name: ${_param:openstack_message_queue_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_message_queue_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: openstack.message_queue
msg02:
name: ${_param:openstack_message_queue_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_message_queue_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: openstack.message_queue
msg03:
name: ${_param:openstack_message_queue_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_message_queue_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: openstack.message_queue
prx01:
name: ${_param:openstack_proxy_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_proxy_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: openstack.proxy
prx02:
name: ${_param:openstack_proxy_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_proxy_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: openstack.proxy
diff --git a/salt/control/placement/openstack/large.yml b/salt/control/placement/openstack/large.yml
index cb056dd..f09d3f6 100644
--- a/salt/control/placement/openstack/large.yml
+++ b/salt/control/placement/openstack/large.yml
@@ -21,6 +21,11 @@
openstack_message_queue_node03_hostname: msg03
openstack_proxy_node01_hostname: prx01
openstack_proxy_node02_hostname: prx02
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ openstack_control_backend_image: ${_param:salt_control_xenial_image_backend}
+ openstack_database_backend_image: ${_param:salt_control_xenial_image_backend}
+ openstack_message_queue_backend_image: ${_param:salt_control_xenial_image_backend}
+ openstack_proxy_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -29,65 +34,78 @@
ctl01:
name: ${_param:openstack_control_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_control_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: openstack.control
ctl02:
name: ${_param:openstack_control_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_control_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: openstack.control
ctl03:
name: ${_param:openstack_control_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_control_backend_image}
provider: ${_param:infra_kvm_node04_hostname}.${_param:cluster_domain}
size: openstack.control
ctl04:
name: ${_param:openstack_control_node04_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_control_backend_image}
provider: ${_param:infra_kvm_node05_hostname}.${_param:cluster_domain}
size: openstack.control
ctl05:
name: ${_param:openstack_control_node05_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_control_backend_image}
provider: ${_param:infra_kvm_node06_hostname}.${_param:cluster_domain}
size: openstack.control
dbs01:
name: ${_param:openstack_database_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_database_backend_image}
provider: ${_param:infra_kvm_node04_hostname}.${_param:cluster_domain}
size: openstack.database
dbs02:
name: ${_param:openstack_database_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_database_backend_image}
provider: ${_param:infra_kvm_node05_hostname}.${_param:cluster_domain}
size: openstack.database
dbs03:
name: ${_param:openstack_database_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_database_backend_image}
provider: ${_param:infra_kvm_node06_hostname}.${_param:cluster_domain}
size: openstack.database
msg01:
name: ${_param:openstack_message_queue_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_message_queue_backend_image}
provider: ${_param:infra_kvm_node07_hostname}.${_param:cluster_domain}
size: openstack.message_queue
msg02:
name: ${_param:openstack_message_queue_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_message_queue_backend_image}
provider: ${_param:infra_kvm_node08_hostname}.${_param:cluster_domain}
size: openstack.message_queue
msg03:
name: ${_param:openstack_message_queue_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_message_queue_backend_image}
provider: ${_param:infra_kvm_node09_hostname}.${_param:cluster_domain}
size: openstack.message_queue
prx01:
name: ${_param:openstack_proxy_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_proxy_backend_image}
provider: ${_param:infra_kvm_node07_hostname}.${_param:cluster_domain}
size: openstack.proxy
prx02:
name: ${_param:openstack_proxy_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_proxy_backend_image}
provider: ${_param:infra_kvm_node08_hostname}.${_param:cluster_domain}
size: openstack.proxy
diff --git a/salt/control/placement/openstack/medium.yml b/salt/control/placement/openstack/medium.yml
index 7d0e166..2419c74 100644
--- a/salt/control/placement/openstack/medium.yml
+++ b/salt/control/placement/openstack/medium.yml
@@ -17,6 +17,11 @@
openstack_message_queue_node03_hostname: msg03
openstack_proxy_node01_hostname: prx01
openstack_proxy_node02_hostname: prx02
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ openstack_control_backend_image: ${_param:salt_control_xenial_image_backend}
+ openstack_database_backend_image: ${_param:salt_control_xenial_image_backend}
+ openstack_message_queue_backend_image: ${_param:salt_control_xenial_image_backend}
+ openstack_proxy_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -25,55 +30,66 @@
ctl01:
name: ${_param:openstack_control_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_control_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: openstack.control
ctl02:
name: ${_param:openstack_control_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_control_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: openstack.control
ctl03:
name: ${_param:openstack_control_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_control_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: openstack.control
dbs01:
name: ${_param:openstack_database_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_database_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: openstack.database
dbs02:
name: ${_param:openstack_database_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_database_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: openstack.database
dbs03:
name: ${_param:openstack_database_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_database_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: openstack.database
msg01:
name: ${_param:openstack_message_queue_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_message_queue_backend_image}
provider: ${_param:infra_kvm_node04_hostname}.${_param:cluster_domain}
size: openstack.message_queue
msg02:
name: ${_param:openstack_message_queue_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_message_queue_backend_image}
provider: ${_param:infra_kvm_node05_hostname}.${_param:cluster_domain}
size: openstack.message_queue
msg03:
name: ${_param:openstack_message_queue_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_message_queue_backend_image}
provider: ${_param:infra_kvm_node06_hostname}.${_param:cluster_domain}
size: openstack.message_queue
prx01:
name: ${_param:openstack_proxy_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_proxy_backend_image}
provider: ${_param:infra_kvm_node04_hostname}.${_param:cluster_domain}
size: openstack.proxy
prx02:
name: ${_param:openstack_proxy_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_proxy_backend_image}
provider: ${_param:infra_kvm_node05_hostname}.${_param:cluster_domain}
size: openstack.proxy
diff --git a/salt/control/placement/openstack/minimal.yml b/salt/control/placement/openstack/minimal.yml
index 8c62e28..83f2254 100644
--- a/salt/control/placement/openstack/minimal.yml
+++ b/salt/control/placement/openstack/minimal.yml
@@ -14,6 +14,11 @@
openstack_message_queue_node03_hostname: msg03
openstack_proxy_node01_hostname: prx01
openstack_proxy_node02_hostname: prx02
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ openstack_control_backend_image: ${_param:salt_control_xenial_image_backend}
+ openstack_database_backend_image: ${_param:salt_control_xenial_image_backend}
+ openstack_message_queue_backend_image: ${_param:salt_control_xenial_image_backend}
+ openstack_proxy_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -22,55 +27,66 @@
ctl01:
name: ${_param:openstack_control_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_control_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: openstack.control
ctl02:
name: ${_param:openstack_control_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_control_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: openstack.control
ctl03:
name: ${_param:openstack_control_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_control_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: openstack.control
dbs01:
name: ${_param:openstack_database_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_database_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: openstack.database
dbs02:
name: ${_param:openstack_database_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_database_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: openstack.database
dbs03:
name: ${_param:openstack_database_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_database_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: openstack.database
msg01:
name: ${_param:openstack_message_queue_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_message_queue_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: openstack.message_queue
msg02:
name: ${_param:openstack_message_queue_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_message_queue_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: openstack.message_queue
msg03:
name: ${_param:openstack_message_queue_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_message_queue_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: openstack.message_queue
prx01:
name: ${_param:openstack_proxy_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_proxy_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: openstack.proxy
prx02:
name: ${_param:openstack_proxy_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_proxy_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: openstack.proxy
diff --git a/salt/control/placement/openstack/small.yml b/salt/control/placement/openstack/small.yml
index 8c62e28..83f2254 100644
--- a/salt/control/placement/openstack/small.yml
+++ b/salt/control/placement/openstack/small.yml
@@ -14,6 +14,11 @@
openstack_message_queue_node03_hostname: msg03
openstack_proxy_node01_hostname: prx01
openstack_proxy_node02_hostname: prx02
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ openstack_control_backend_image: ${_param:salt_control_xenial_image_backend}
+ openstack_database_backend_image: ${_param:salt_control_xenial_image_backend}
+ openstack_message_queue_backend_image: ${_param:salt_control_xenial_image_backend}
+ openstack_proxy_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -22,55 +27,66 @@
ctl01:
name: ${_param:openstack_control_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_control_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: openstack.control
ctl02:
name: ${_param:openstack_control_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_control_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: openstack.control
ctl03:
name: ${_param:openstack_control_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_control_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: openstack.control
dbs01:
name: ${_param:openstack_database_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_database_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: openstack.database
dbs02:
name: ${_param:openstack_database_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_database_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: openstack.database
dbs03:
name: ${_param:openstack_database_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_database_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: openstack.database
msg01:
name: ${_param:openstack_message_queue_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_message_queue_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: openstack.message_queue
msg02:
name: ${_param:openstack_message_queue_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_message_queue_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: openstack.message_queue
msg03:
name: ${_param:openstack_message_queue_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_message_queue_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: openstack.message_queue
prx01:
name: ${_param:openstack_proxy_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_proxy_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: openstack.proxy
prx02:
name: ${_param:openstack_proxy_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_proxy_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: openstack.proxy
diff --git a/salt/control/placement/ovs/compact.yml b/salt/control/placement/ovs/compact.yml
index 3102b3e..de0569c 100644
--- a/salt/control/placement/ovs/compact.yml
+++ b/salt/control/placement/ovs/compact.yml
@@ -6,6 +6,8 @@
openstack_gateway_node01_hostname: gtw01
openstack_gateway_node02_hostname: gtw02
openstack_gateway_node03_hostname: gtw03
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ openstack_gateway_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -14,15 +16,18 @@
gtw01:
name: ${_param:openstack_gateway_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_gateway_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: openstack.gateway
gtw02:
name: ${_param:openstack_gateway_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_gateway_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: openstack.gateway
gtw03:
name: ${_param:openstack_gateway_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_gateway_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
- size: openstack.gateway
\ No newline at end of file
+ size: openstack.gateway
diff --git a/salt/control/placement/ovs/minimal.yml b/salt/control/placement/ovs/minimal.yml
index 3102b3e..de0569c 100644
--- a/salt/control/placement/ovs/minimal.yml
+++ b/salt/control/placement/ovs/minimal.yml
@@ -6,6 +6,8 @@
openstack_gateway_node01_hostname: gtw01
openstack_gateway_node02_hostname: gtw02
openstack_gateway_node03_hostname: gtw03
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ openstack_gateway_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -14,15 +16,18 @@
gtw01:
name: ${_param:openstack_gateway_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_gateway_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: openstack.gateway
gtw02:
name: ${_param:openstack_gateway_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_gateway_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: openstack.gateway
gtw03:
name: ${_param:openstack_gateway_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_gateway_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
- size: openstack.gateway
\ No newline at end of file
+ size: openstack.gateway
diff --git a/salt/control/placement/ovs/small.yml b/salt/control/placement/ovs/small.yml
index 3102b3e..de0569c 100644
--- a/salt/control/placement/ovs/small.yml
+++ b/salt/control/placement/ovs/small.yml
@@ -6,6 +6,8 @@
openstack_gateway_node01_hostname: gtw01
openstack_gateway_node02_hostname: gtw02
openstack_gateway_node03_hostname: gtw03
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ openstack_gateway_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -14,15 +16,18 @@
gtw01:
name: ${_param:openstack_gateway_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_gateway_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: openstack.gateway
gtw02:
name: ${_param:openstack_gateway_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_gateway_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: openstack.gateway
gtw03:
name: ${_param:openstack_gateway_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_gateway_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
- size: openstack.gateway
\ No newline at end of file
+ size: openstack.gateway
diff --git a/salt/control/placement/stacklight/compact.yml b/salt/control/placement/stacklight/compact.yml
index 2cde570..e03ea85 100644
--- a/salt/control/placement/stacklight/compact.yml
+++ b/salt/control/placement/stacklight/compact.yml
@@ -12,6 +12,10 @@
stacklight_telemetry_node01_hostname: mtr01
stacklight_telemetry_node02_hostname: mtr02
stacklight_telemetry_node03_hostname: mtr03
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ stacklight_log_backend_image: ${_param:salt_control_xenial_image_backend}
+ stacklight_monitor_backend_image: ${_param:salt_control_xenial_image_backend}
+ stacklight_telemetry_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -20,45 +24,54 @@
mtr01:
name: ${_param:stacklight_telemetry_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_telemetry_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: stacklight.telemetry
mtr02:
name: ${_param:stacklight_telemetry_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_telemetry_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: stacklight.telemetry
mtr03:
name: ${_param:stacklight_telemetry_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_telemetry_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: stacklight.telemetry
log01:
name: ${_param:stacklight_log_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_log_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: stacklight.log
log02:
name: ${_param:stacklight_log_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_log_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: stacklight.log
log03:
name: ${_param:stacklight_log_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_log_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: stacklight.log
mon01:
name: ${_param:stacklight_monitor_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_monitor_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: stacklight.server
mon02:
name: ${_param:stacklight_monitor_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_monitor_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: stacklight.server
mon03:
name: ${_param:stacklight_monitor_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_monitor_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
- size: stacklight.server
\ No newline at end of file
+ size: stacklight.server
diff --git a/salt/control/placement/stacklight/large.yml b/salt/control/placement/stacklight/large.yml
index 7b380d8..7b1f716 100644
--- a/salt/control/placement/stacklight/large.yml
+++ b/salt/control/placement/stacklight/large.yml
@@ -12,6 +12,10 @@
stacklight_telemetry_node01_hostname: mtr01
stacklight_telemetry_node02_hostname: mtr02
stacklight_telemetry_node03_hostname: mtr03
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ stacklight_log_backend_image: ${_param:salt_control_xenial_image_backend}
+ stacklight_monitor_backend_image: ${_param:salt_control_xenial_image_backend}
+ stacklight_telemetry_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -20,45 +24,54 @@
mtr01:
name: ${_param:stacklight_telemetry_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_telemetry_backend_image}
provider: ${_param:infra_kvm_node13_hostname}.${_param:cluster_domain}
size: stacklight.telemetry
mtr02:
name: ${_param:stacklight_telemetry_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_telemetry_backend_image}
provider: ${_param:infra_kvm_node14_hostname}.${_param:cluster_domain}
size: stacklight.telemetry
mtr03:
name: ${_param:stacklight_telemetry_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_telemetry_backend_image}
provider: ${_param:infra_kvm_node15_hostname}.${_param:cluster_domain}
size: stacklight.telemetry
log01:
name: ${_param:stacklight_log_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_log_backend_image}
provider: ${_param:infra_kvm_node13_hostname}.${_param:cluster_domain}
size: stacklight.log
log02:
name: ${_param:stacklight_log_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_log_backend_image}
provider: ${_param:infra_kvm_node14_hostname}.${_param:cluster_domain}
size: stacklight.log
log03:
name: ${_param:stacklight_log_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_log_backend_image}
provider: ${_param:infra_kvm_node15_hostname}.${_param:cluster_domain}
size: stacklight.log
mon01:
name: ${_param:stacklight_monitor_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_monitor_backend_image}
provider: ${_param:infra_kvm_node13_hostname}.${_param:cluster_domain}
size: stacklight.server
mon02:
name: ${_param:stacklight_monitor_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_monitor_backend_image}
provider: ${_param:infra_kvm_node14_hostname}.${_param:cluster_domain}
size: stacklight.server
mon03:
name: ${_param:stacklight_monitor_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_monitor_backend_image}
provider: ${_param:infra_kvm_node15_hostname}.${_param:cluster_domain}
- size: stacklight.server
\ No newline at end of file
+ size: stacklight.server
diff --git a/salt/control/placement/stacklight/medium.yml b/salt/control/placement/stacklight/medium.yml
index 7f54f4d..a9643fe 100644
--- a/salt/control/placement/stacklight/medium.yml
+++ b/salt/control/placement/stacklight/medium.yml
@@ -12,6 +12,10 @@
stacklight_telemetry_node01_hostname: mtr01
stacklight_telemetry_node02_hostname: mtr02
stacklight_telemetry_node03_hostname: mtr03
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ stacklight_log_backend_image: ${_param:salt_control_xenial_image_backend}
+ stacklight_monitor_backend_image: ${_param:salt_control_xenial_image_backend}
+ stacklight_telemetry_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -20,45 +24,54 @@
mtr01:
name: ${_param:stacklight_telemetry_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_telemetry_backend_image}
provider: ${_param:infra_kvm_node10_hostname}.${_param:cluster_domain}
size: stacklight.telemetry
mtr02:
name: ${_param:stacklight_telemetry_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_telemetry_backend_image}
provider: ${_param:infra_kvm_node11_hostname}.${_param:cluster_domain}
size: stacklight.telemetry
mtr03:
name: ${_param:stacklight_telemetry_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_telemetry_backend_image}
provider: ${_param:infra_kvm_node12_hostname}.${_param:cluster_domain}
size: stacklight.telemetry
log01:
name: ${_param:stacklight_log_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_log_backend_image}
provider: ${_param:infra_kvm_node10_hostname}.${_param:cluster_domain}
size: stacklight.log
- lop02:
+ log02:
name: ${_param:stacklight_log_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_log_backend_image}
provider: ${_param:infra_kvm_node11_hostname}.${_param:cluster_domain}
size: stacklight.log
log03:
name: ${_param:stacklight_log_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_log_backend_image}
provider: ${_param:infra_kvm_node12_hostname}.${_param:cluster_domain}
size: stacklight.log
mon01:
name: ${_param:stacklight_monitor_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_monitor_backend_image}
provider: ${_param:infra_kvm_node10_hostname}.${_param:cluster_domain}
size: stacklight.server
mon02:
name: ${_param:stacklight_monitor_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_monitor_backend_image}
provider: ${_param:infra_kvm_node11_hostname}.${_param:cluster_domain}
size: stacklight.server
mon03:
name: ${_param:stacklight_monitor_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_monitor_backend_image}
provider: ${_param:infra_kvm_node12_hostname}.${_param:cluster_domain}
- size: stacklight.server
\ No newline at end of file
+ size: stacklight.server
diff --git a/salt/control/placement/stacklight/minimal.yml b/salt/control/placement/stacklight/minimal.yml
index 2cde570..e03ea85 100644
--- a/salt/control/placement/stacklight/minimal.yml
+++ b/salt/control/placement/stacklight/minimal.yml
@@ -12,6 +12,10 @@
stacklight_telemetry_node01_hostname: mtr01
stacklight_telemetry_node02_hostname: mtr02
stacklight_telemetry_node03_hostname: mtr03
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ stacklight_log_backend_image: ${_param:salt_control_xenial_image_backend}
+ stacklight_monitor_backend_image: ${_param:salt_control_xenial_image_backend}
+ stacklight_telemetry_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -20,45 +24,54 @@
mtr01:
name: ${_param:stacklight_telemetry_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_telemetry_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: stacklight.telemetry
mtr02:
name: ${_param:stacklight_telemetry_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_telemetry_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: stacklight.telemetry
mtr03:
name: ${_param:stacklight_telemetry_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_telemetry_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: stacklight.telemetry
log01:
name: ${_param:stacklight_log_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_log_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: stacklight.log
log02:
name: ${_param:stacklight_log_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_log_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: stacklight.log
log03:
name: ${_param:stacklight_log_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_log_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: stacklight.log
mon01:
name: ${_param:stacklight_monitor_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_monitor_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: stacklight.server
mon02:
name: ${_param:stacklight_monitor_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_monitor_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: stacklight.server
mon03:
name: ${_param:stacklight_monitor_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_monitor_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
- size: stacklight.server
\ No newline at end of file
+ size: stacklight.server
diff --git a/salt/control/placement/stacklight/small.yml b/salt/control/placement/stacklight/small.yml
index e16a7cb..fec0fbf 100644
--- a/salt/control/placement/stacklight/small.yml
+++ b/salt/control/placement/stacklight/small.yml
@@ -12,6 +12,10 @@
stacklight_telemetry_node01_hostname: mtr01
stacklight_telemetry_node02_hostname: mtr02
stacklight_telemetry_node03_hostname: mtr03
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ stacklight_log_backend_image: ${_param:salt_control_xenial_image_backend}
+ stacklight_monitor_backend_image: ${_param:salt_control_xenial_image_backend}
+ stacklight_telemetry_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -20,45 +24,54 @@
mtr01:
name: ${_param:stacklight_telemetry_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_telemetry_backend_image}
provider: ${_param:infra_kvm_node04_hostname}.${_param:cluster_domain}
size: stacklight.telemetry
mtr02:
name: ${_param:stacklight_telemetry_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_telemetry_backend_image}
provider: ${_param:infra_kvm_node05_hostname}.${_param:cluster_domain}
size: stacklight.telemetry
mtr03:
name: ${_param:stacklight_telemetry_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_telemetry_backend_image}
provider: ${_param:infra_kvm_node06_hostname}.${_param:cluster_domain}
size: stacklight.telemetry
log01:
name: ${_param:stacklight_log_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_log_backend_image}
provider: ${_param:infra_kvm_node04_hostname}.${_param:cluster_domain}
size: stacklight.log
log02:
name: ${_param:stacklight_log_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_log_backend_image}
provider: ${_param:infra_kvm_node05_hostname}.${_param:cluster_domain}
size: stacklight.log
log03:
name: ${_param:stacklight_log_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_log_backend_image}
provider: ${_param:infra_kvm_node06_hostname}.${_param:cluster_domain}
size: stacklight.log
mon01:
name: ${_param:stacklight_monitor_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_monitor_backend_image}
provider: ${_param:infra_kvm_node04_hostname}.${_param:cluster_domain}
size: stacklight.server
mon02:
name: ${_param:stacklight_monitor_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_monitor_backend_image}
provider: ${_param:infra_kvm_node05_hostname}.${_param:cluster_domain}
size: stacklight.server
mon03:
name: ${_param:stacklight_monitor_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_monitor_backend_image}
provider: ${_param:infra_kvm_node06_hostname}.${_param:cluster_domain}
- size: stacklight.server
\ No newline at end of file
+ size: stacklight.server
diff --git a/salt/master/formula/git/openscap.yml b/salt/master/formula/git/openscap.yml
new file mode 100644
index 0000000..a091ffe
--- /dev/null
+++ b/salt/master/formula/git/openscap.yml
@@ -0,0 +1,10 @@
+parameters:
+ salt:
+ master:
+ environment:
+ dev:
+ formula:
+ openscap:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-openscap.git'
+ revision: ${_param:salt_master_environment_revision}
diff --git a/salt/master/formula/pkg/openscap.yml b/salt/master/formula/pkg/openscap.yml
new file mode 100644
index 0000000..ebb6e86
--- /dev/null
+++ b/salt/master/formula/pkg/openscap.yml
@@ -0,0 +1,9 @@
+parameters:
+ salt:
+ master:
+ environment:
+ prd:
+ formula:
+ openscap:
+ source: pkg
+ name: salt-formula-openscap
diff --git a/salt/master/pillar/composite/reclass.yml b/salt/master/pillar/composite/reclass.yml
index 0b5443b..601f3bf 100644
--- a/salt/master/pillar/composite/reclass.yml
+++ b/salt/master/pillar/composite/reclass.yml
@@ -1,2 +1,15 @@
classes:
- service.salt.master.pillar.composite.reclass
+
+parameters:
+ salt:
+ master:
+ pillar:
+ reclass:
+ allow_none_override: True
+
+ # NOTE, it's not good practice to combine formula pillars here
+ # exception: in this case is required to sync the same options
+ reclass:
+ storage:
+ allow_none_override: True
diff --git a/salt/master/pillar/reclass.yml b/salt/master/pillar/reclass.yml
index cfeca33..8b88bf4 100644
--- a/salt/master/pillar/reclass.yml
+++ b/salt/master/pillar/reclass.yml
@@ -1,2 +1,9 @@
classes:
- service.salt.master.pillar.reclass
+
+parameters:
+ salt:
+ master:
+ pillar:
+ engine: reclass
+ data_dir: /srv/salt/reclass
diff --git a/salt/minion/cert/mysql/clients/openstack/barbican.yml b/salt/minion/cert/mysql/clients/openstack/barbican.yml
new file mode 100644
index 0000000..8d158ee
--- /dev/null
+++ b/salt/minion/cert/mysql/clients/openstack/barbican.yml
@@ -0,0 +1,27 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ mysql_barbican_client_ssl_key_file: /etc/barbican/ssl/mysql/client-key.pem
+ mysql_barbican_client_ssl_cert_file: /etc/barbican/ssl/mysql/client-cert.pem
+ mysql_barbican_ssl_ca_file: /etc/barbican/ssl/mysql/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ mysql-barbican-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: mysql-barbican-client
+ signing_policy: cert_client
+ alternative_names: >
+ IP:${_param:cluster_local_address},
+ DNS:${_param:cluster_local_address},
+ DNS:${linux:system:name},
+ DNS:${linux:network:fqdn}
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:mysql_barbican_client_ssl_key_file}
+ cert_file: ${_param:mysql_barbican_client_ssl_cert_file}
+ ca_file: ${_param:mysql_barbican_ssl_ca_file}
+ user: barbican
+ group: barbican
+ mode: 640
diff --git a/salt/minion/cert/mysql/clients/openstack/gnocchi.yml b/salt/minion/cert/mysql/clients/openstack/gnocchi.yml
new file mode 100644
index 0000000..1aa31c9
--- /dev/null
+++ b/salt/minion/cert/mysql/clients/openstack/gnocchi.yml
@@ -0,0 +1,27 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ mysql_gnocchi_client_ssl_key_file: /etc/gnocchi/ssl/mysql/client-key.pem
+ mysql_gnocchi_client_ssl_cert_file: /etc/gnocchi/ssl/mysql/client-cert.pem
+ mysql_gnocchi_ssl_ca_file: /etc/gnocchi/ssl/mysql/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ mysql-gnocchi-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: mysql-gnocchi-client
+ signing_policy: cert_client
+ alternative_names: >
+ IP:${_param:cluster_local_address},
+ DNS:${_param:cluster_local_address},
+ DNS:${linux:system:name},
+ DNS:${linux:network:fqdn}
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:mysql_gnocchi_client_ssl_key_file}
+ cert_file: ${_param:mysql_gnocchi_client_ssl_cert_file}
+ ca_file: ${_param:mysql_gnocchi_ssl_ca_file}
+ user: gnocchi
+ group: gnocchi
+ mode: 640
diff --git a/salt/minion/cert/mysql/clients/openstack/ironic.yml b/salt/minion/cert/mysql/clients/openstack/ironic.yml
new file mode 100644
index 0000000..fe4aa19
--- /dev/null
+++ b/salt/minion/cert/mysql/clients/openstack/ironic.yml
@@ -0,0 +1,27 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ mysql_ironic_client_ssl_key_file: /etc/ironic/ssl/mysql/client-key.pem
+ mysql_ironic_client_ssl_cert_file: /etc/ironic/ssl/mysql/client-cert.pem
+ mysql_ironic_ssl_ca_file: /etc/ironic/ssl/mysql/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ mysql-ironic-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: mysql-ironic-client
+ signing_policy: cert_client
+ alternative_names: >
+ IP:${_param:cluster_local_address},
+ DNS:${_param:cluster_local_address},
+ DNS:${linux:system:name},
+ DNS:${linux:network:fqdn}
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:mysql_ironic_client_ssl_key_file}
+ cert_file: ${_param:mysql_ironic_client_ssl_cert_file}
+ ca_file: ${_param:mysql_ironic_ssl_ca_file}
+ user: ironic
+ group: ironic
+ mode: 640
diff --git a/salt/minion/cert/mysql/clients/openstack/manila.yml b/salt/minion/cert/mysql/clients/openstack/manila.yml
new file mode 100644
index 0000000..a1ca797
--- /dev/null
+++ b/salt/minion/cert/mysql/clients/openstack/manila.yml
@@ -0,0 +1,27 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ mysql_manila_client_ssl_key_file: /etc/manila/ssl/mysql/client-key.pem
+ mysql_manila_client_ssl_cert_file: /etc/manila/ssl/mysql/client-cert.pem
+ mysql_manila_ssl_ca_file: /etc/manila/ssl/mysql/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ mysql-manila-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: mysql-manila-client
+ signing_policy: cert_client
+ alternative_names: >
+ IP:${_param:cluster_local_address},
+ DNS:${_param:cluster_local_address},
+ DNS:${linux:system:name},
+ DNS:${linux:network:fqdn}
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:mysql_manila_client_ssl_key_file}
+ cert_file: ${_param:mysql_manila_client_ssl_cert_file}
+ ca_file: ${_param:mysql_manila_ssl_ca_file}
+ user: manila
+ group: manila
+ mode: 640
diff --git a/salt/minion/cert/mysql/clients/openstack/panko.yml b/salt/minion/cert/mysql/clients/openstack/panko.yml
new file mode 100644
index 0000000..0593ae2
--- /dev/null
+++ b/salt/minion/cert/mysql/clients/openstack/panko.yml
@@ -0,0 +1,27 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ mysql_panko_client_ssl_key_file: /etc/panko/ssl/mysql/client-key.pem
+ mysql_panko_client_ssl_cert_file: /etc/panko/ssl/mysql/client-cert.pem
+ mysql_panko_ssl_ca_file: /etc/panko/ssl/mysql/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ mysql-panko-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: mysql-panko-client
+ signing_policy: cert_client
+ alternative_names: >
+ IP:${_param:cluster_local_address},
+ DNS:${_param:cluster_local_address},
+ DNS:${linux:system:name},
+ DNS:${linux:network:fqdn}
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:mysql_panko_client_ssl_key_file}
+ cert_file: ${_param:mysql_panko_client_ssl_cert_file}
+ ca_file: ${_param:mysql_panko_ssl_ca_file}
+ user: panko
+ group: panko
+ mode: 640
diff --git a/salt/minion/cert/openstack_api.yml b/salt/minion/cert/openstack_api.yml
new file mode 100644
index 0000000..1095f7e
--- /dev/null
+++ b/salt/minion/cert/openstack_api.yml
@@ -0,0 +1,22 @@
+parameters:
+ _param:
+ salt_minion_ca_host: ${linux:network:fqdn}
+ salt_minion_ca_authority: salt_master_ca
+ openstack_api_cert_alternative_names: IP:127.0.0.1,IP:${_param:cluster_local_address},IP:${_param:cluster_vip_address},DNS:${linux:system:name},DNS:${linux:network:fqdn}
+ openstack_api_cert_key_file: "/etc/ssl/private/openstack_api.key"
+ openstack_api_cert_cert_file: "/etc/ssl/certs/openstack_api.crt"
+ openstack_api_cert_all_file: "/etc/ssl/certs/openstack_api_with_chain.crt"
+ salt:
+ minion:
+ cert:
+ openstack_api:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: openstack_api
+ signing_policy: cert_server
+ alternative_names: ${_param:openstack_api_cert_alternative_names}
+ key_file: ${_param:openstack_api_cert_key_file}
+ cert_file: ${_param:openstack_api_cert_cert_file}
+ all_file: ${_param:openstack_api_cert_all_file}
+ enabled: true
+ engine: salt
diff --git a/salt/minion/cert/rabbitmq/clients/openstack/aodh.yml b/salt/minion/cert/rabbitmq/clients/openstack/aodh.yml
new file mode 100644
index 0000000..537a3a4
--- /dev/null
+++ b/salt/minion/cert/rabbitmq/clients/openstack/aodh.yml
@@ -0,0 +1,27 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ rabbitmq_aodh_client_ssl_key_file: /etc/aodh/ssl/rabbitmq/client-key.pem
+ rabbitmq_aodh_client_ssl_cert_file: /etc/aodh/ssl/rabbitmq/client-cert.pem
+ rabbitmq_aodh_ssl_ca_file: /etc/aodh/ssl/rabbitmq/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ rabbitmq-aodh-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: rabbitmq-aodh-client
+ signing_policy: cert_client
+ alternative_names: >
+ IP:${_param:cluster_local_address},
+ DNS:${_param:cluster_local_address},
+ DNS:${linux:system:name},
+ DNS:${linux:network:fqdn}
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:rabbitmq_aodh_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_aodh_client_ssl_cert_file}
+ ca_file: ${_param:rabbitmq_aodh_ssl_ca_file}
+ user: aodh
+ group: aodh
+ mode: 640
diff --git a/salt/minion/cert/rabbitmq/clients/openstack/barbican.yml b/salt/minion/cert/rabbitmq/clients/openstack/barbican.yml
new file mode 100644
index 0000000..9fa04ef
--- /dev/null
+++ b/salt/minion/cert/rabbitmq/clients/openstack/barbican.yml
@@ -0,0 +1,22 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ rabbitmq_barbican_client_ssl_key_file: /etc/barbican/ssl/rabbitmq/client-key.pem
+ rabbitmq_barbican_client_ssl_cert_file: /etc/barbican/ssl/rabbitmq/client-cert.pem
+ rabbitmq_barbican_ssl_ca_file: /etc/barbican/ssl/rabbitmq/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ rabbitmq-barbican-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: rabbitmq-barbican-client
+ signing_policy: cert_client
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:rabbitmq_barbican_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_barbican_client_ssl_cert_file}
+ ca_file: ${_param:rabbitmq_barbican_ssl_ca_file}
+ user: barbican
+ group: barbican
+ mode: 640
diff --git a/salt/minion/cert/rabbitmq/clients/openstack/ceilometer.yml b/salt/minion/cert/rabbitmq/clients/openstack/ceilometer.yml
new file mode 100644
index 0000000..a2b91fd
--- /dev/null
+++ b/salt/minion/cert/rabbitmq/clients/openstack/ceilometer.yml
@@ -0,0 +1,22 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ rabbitmq_ceilometer_client_ssl_key_file: /etc/ceilometer/ssl/rabbitmq/client-key.pem
+ rabbitmq_ceilometer_client_ssl_cert_file: /etc/ceilometer/ssl/rabbitmq/client-cert.pem
+ rabbitmq_ceilometer_ssl_ca_file: /etc/ceilometer/ssl/rabbitmq/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ rabbitmq-ceilometer-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: rabbitmq-ceilometer-client
+ signing_policy: cert_client
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:rabbitmq_ceilometer_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_ceilometer_client_ssl_cert_file}
+ ca_file: ${_param:rabbitmq_ceilometer_ssl_ca_file}
+ user: ceilometer
+ group: ceilometer
+ mode: 640
diff --git a/salt/minion/cert/rabbitmq/clients/openstack/cinder.yml b/salt/minion/cert/rabbitmq/clients/openstack/cinder.yml
new file mode 100644
index 0000000..576c135
--- /dev/null
+++ b/salt/minion/cert/rabbitmq/clients/openstack/cinder.yml
@@ -0,0 +1,27 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ rabbitmq_cinder_client_ssl_key_file: /etc/cinder/ssl/rabbitmq/client-key.pem
+ rabbitmq_cinder_client_ssl_cert_file: /etc/cinder/ssl/rabbitmq/client-cert.pem
+ rabbitmq_cinder_ssl_ca_file: /etc/cinder/ssl/rabbitmq/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ rabbitmq-cinder-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: rabbitmq-cinder-client
+ signing_policy: cert_client
+ alternative_names: >
+ IP:${_param:cluster_local_address},
+ DNS:${_param:cluster_local_address},
+ DNS:${linux:system:name},
+ DNS:${linux:network:fqdn}
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:rabbitmq_cinder_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_cinder_client_ssl_cert_file}
+ ca_file: ${_param:rabbitmq_cinder_ssl_ca_file}
+ user: cinder
+ group: cinder
+ mode: 640
diff --git a/salt/minion/cert/rabbitmq/clients/openstack/designate.yml b/salt/minion/cert/rabbitmq/clients/openstack/designate.yml
new file mode 100644
index 0000000..f5eb631
--- /dev/null
+++ b/salt/minion/cert/rabbitmq/clients/openstack/designate.yml
@@ -0,0 +1,22 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ rabbitmq_designate_client_ssl_key_file: /etc/designate/ssl/rabbitmq/client-key.pem
+ rabbitmq_designate_client_ssl_cert_file: /etc/designate/ssl/rabbitmq/client-cert.pem
+ rabbitmq_designate_ssl_ca_file: /etc/designate/ssl/rabbitmq/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ rabbitmq-designate-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: rabbitmq-designate-client
+ signing_policy: cert_client
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:rabbitmq_designate_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_designate_client_ssl_cert_file}
+ ca_file: ${_param:rabbitmq_designate_ssl_ca_file}
+ user: designate
+ group: designate
+ mode: 640
diff --git a/salt/minion/cert/rabbitmq/clients/openstack/glance.yml b/salt/minion/cert/rabbitmq/clients/openstack/glance.yml
new file mode 100644
index 0000000..94749ae
--- /dev/null
+++ b/salt/minion/cert/rabbitmq/clients/openstack/glance.yml
@@ -0,0 +1,27 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ rabbitmq_glance_client_ssl_key_file: /etc/glance/ssl/rabbitmq/client-key.pem
+ rabbitmq_glance_client_ssl_cert_file: /etc/glance/ssl/rabbitmq/client-cert.pem
+ rabbitmq_glance_ssl_ca_file: /etc/glance/ssl/rabbitmq/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ rabbitmq-glance-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: rabbitmq-glance-client
+ signing_policy: cert_client
+ alternative_names: >
+ IP:${_param:cluster_local_address},
+ DNS:${_param:cluster_local_address},
+ DNS:${linux:system:name},
+ DNS:${linux:network:fqdn}
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:rabbitmq_glance_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_glance_client_ssl_cert_file}
+ ca_file: ${_param:rabbitmq_glance_ssl_ca_file}
+ user: glance
+ group: glance
+ mode: 640
diff --git a/salt/minion/cert/rabbitmq/clients/openstack/heat.yml b/salt/minion/cert/rabbitmq/clients/openstack/heat.yml
new file mode 100644
index 0000000..e69ab14
--- /dev/null
+++ b/salt/minion/cert/rabbitmq/clients/openstack/heat.yml
@@ -0,0 +1,27 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ rabbitmq_heat_client_ssl_key_file: /etc/heat/ssl/rabbitmq/client-key.pem
+ rabbitmq_heat_client_ssl_cert_file: /etc/heat/ssl/rabbitmq/client-cert.pem
+ rabbitmq_heat_ssl_ca_file: /etc/heat/ssl/rabbitmq/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ rabbitmq-heat-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: rabbitmq-heat-client
+ signing_policy: cert_client
+ alternative_names: >
+ IP:${_param:cluster_local_address},
+ DNS:${_param:cluster_local_address},
+ DNS:${linux:system:name},
+ DNS:${linux:network:fqdn}
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:rabbitmq_heat_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_heat_client_ssl_cert_file}
+ ca_file: ${_param:rabbitmq_heat_ssl_ca_file}
+ user: heat
+ group: heat
+ mode: 640
diff --git a/salt/minion/cert/rabbitmq/clients/openstack/ironic.yml b/salt/minion/cert/rabbitmq/clients/openstack/ironic.yml
new file mode 100644
index 0000000..f9b0d74
--- /dev/null
+++ b/salt/minion/cert/rabbitmq/clients/openstack/ironic.yml
@@ -0,0 +1,22 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ rabbitmq_ironic_client_ssl_key_file: /etc/ironic/ssl/rabbitmq/client-key.pem
+ rabbitmq_ironic_client_ssl_cert_file: /etc/ironic/ssl/rabbitmq/client-cert.pem
+ rabbitmq_ironic_ssl_ca_file: /etc/ironic/ssl/rabbitmq/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ rabbitmq-ironic-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: rabbitmq-ironic-client
+ signing_policy: cert_client
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:rabbitmq_ironic_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_ironic_client_ssl_cert_file}
+ ca_file: ${_param:rabbitmq_ironic_ssl_ca_file}
+ user: ironic
+ group: ironic
+ mode: 640
diff --git a/salt/minion/cert/rabbitmq/clients/openstack/keystone.yml b/salt/minion/cert/rabbitmq/clients/openstack/keystone.yml
new file mode 100644
index 0000000..8261f73
--- /dev/null
+++ b/salt/minion/cert/rabbitmq/clients/openstack/keystone.yml
@@ -0,0 +1,27 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ rabbitmq_keystone_client_ssl_key_file: /etc/keystone/ssl/rabbitmq/client-key.pem
+ rabbitmq_keystone_client_ssl_cert_file: /etc/keystone/ssl/rabbitmq/client-cert.pem
+ rabbitmq_keystone_ssl_ca_file: /etc/keystone/ssl/rabbitmq/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ rabbitmq-keystone-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: rabbitmq-keystone-client
+ signing_policy: cert_client
+ alternative_names: >
+ IP:${_param:cluster_local_address},
+ DNS:${_param:cluster_local_address},
+ DNS:${linux:system:name},
+ DNS:${linux:network:fqdn}
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:rabbitmq_keystone_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_keystone_client_ssl_cert_file}
+ ca_file: ${_param:rabbitmq_keystone_ssl_ca_file}
+ user: keystone
+ group: keystone
+ mode: 640
diff --git a/salt/minion/cert/rabbitmq/clients/openstack/manila.yml b/salt/minion/cert/rabbitmq/clients/openstack/manila.yml
new file mode 100644
index 0000000..345b697
--- /dev/null
+++ b/salt/minion/cert/rabbitmq/clients/openstack/manila.yml
@@ -0,0 +1,22 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ rabbitmq_manila_client_ssl_key_file: /etc/manila/ssl/rabbitmq/client-key.pem
+ rabbitmq_manila_client_ssl_cert_file: /etc/manila/ssl/rabbitmq/client-cert.pem
+ rabbitmq_manila_ssl_ca_file: /etc/manila/ssl/rabbitmq/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ rabbitmq-manila-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: rabbitmq-manila-client
+ signing_policy: cert_client
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:rabbitmq_manila_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_manila_client_ssl_cert_file}
+ ca_file: ${_param:rabbitmq_manila_ssl_ca_file}
+ user: manila
+ group: manila
+ mode: 640
diff --git a/salt/minion/cert/rabbitmq/clients/openstack/neutron.yml b/salt/minion/cert/rabbitmq/clients/openstack/neutron.yml
new file mode 100644
index 0000000..2f8f5c3
--- /dev/null
+++ b/salt/minion/cert/rabbitmq/clients/openstack/neutron.yml
@@ -0,0 +1,25 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ rabbitmq_neutron_client_ssl_key_file: /etc/neutron/ssl/rabbitmq/client-key.pem
+ rabbitmq_neutron_client_ssl_cert_file: /etc/neutron/ssl/rabbitmq/client-cert.pem
+ rabbitmq_neutron_ssl_ca_file: /etc/neutron/ssl/rabbitmq/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ rabbitmq-neutron-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: rabbitmq-neutron-client
+ signing_policy: cert_client
+ alternative_names: >
+ DNS:${linux:system:name},
+ DNS:${linux:network:fqdn}
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:rabbitmq_neutron_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_neutron_client_ssl_cert_file}
+ ca_file: ${_param:rabbitmq_neutron_ssl_ca_file}
+ user: neutron
+ group: neutron
+ mode: 640
diff --git a/salt/minion/cert/rabbitmq/clients/openstack/nova.yml b/salt/minion/cert/rabbitmq/clients/openstack/nova.yml
new file mode 100644
index 0000000..04a6078
--- /dev/null
+++ b/salt/minion/cert/rabbitmq/clients/openstack/nova.yml
@@ -0,0 +1,27 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ rabbitmq_nova_client_ssl_key_file: /etc/nova/ssl/rabbitmq/client-key.pem
+ rabbitmq_nova_client_ssl_cert_file: /etc/nova/ssl/rabbitmq/client-cert.pem
+ rabbitmq_nova_ssl_ca_file: /etc/nova/ssl/rabbitmq/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ rabbitmq-nova-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: rabbitmq-nova-client
+ signing_policy: cert_client
+ alternative_names: >
+ IP:${_param:cluster_local_address},
+ DNS:${_param:cluster_local_address},
+ DNS:${linux:system:name},
+ DNS:${linux:network:fqdn}
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:rabbitmq_nova_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_nova_client_ssl_cert_file}
+ ca_file: ${_param:rabbitmq_nova_ssl_ca_file}
+ user: nova
+ group: nova
+ mode: 640