Merge "Enable OVN metadata agent"
diff --git a/aodh/server/cluster.yml b/aodh/server/cluster.yml
index fb6839b..444050a 100644
--- a/aodh/server/cluster.yml
+++ b/aodh/server/cluster.yml
@@ -1,13 +1,26 @@
classes:
- service.aodh.server.cluster
+- system.salt.minion.cert.mysql.clients.openstack.aodh
- service.haproxy.proxy.single
- system.haproxy.proxy.listen.openstack.aodh
- system.keepalived.cluster.instance.openstack_telemetry_vip
+- system.salt.minion.cert.rabbitmq.clients.openstack.aodh
parameters:
_param:
openstack_event_alarm_topic: alarm.all
# Keep alarm history in database for 30 days
aodh_alarm_history_ttl: 2592000
+ openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
+ linux:
+ system:
+ cron:
+ user:
+ aodh:
+ enabled: true
aodh:
server:
enabled: true
@@ -26,6 +39,13 @@
name: aodh
user: aodh
password: ${_param:mysql_aodh_password}
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_aodh_ssl_ca_file}
+ key_file: ${_param:mysql_aodh_client_ssl_key_file}
+ cert_file: ${_param:mysql_aodh_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
bind:
host: ${_param:cluster_local_address}
port: 8042
@@ -37,9 +57,10 @@
user: aodh
password: ${_param:keystone_aodh_password}
region: ${_param:openstack_region}
+ protocol: ${_param:cluster_internal_protocol}
message_queue:
engine: rabbitmq
- port: 5672
+ port: ${_param:openstack_rabbitmq_port}
user: openstack
password: ${_param:rabbitmq_openstack_password}
virtual_host: '/openstack'
@@ -47,6 +68,13 @@
- host: ${_param:openstack_message_queue_node01_address}
- host: ${_param:openstack_message_queue_node02_address}
- host: ${_param:openstack_message_queue_node03_address}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_aodh_ssl_ca_file}
+ key_file: ${_param:rabbitmq_aodh_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_aodh_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
# Check for expired alarm history every day at 2 AM
expirer:
cron:
diff --git a/aodh/server/single.yml b/aodh/server/single.yml
index 6fec2a6..2dfdea9 100644
--- a/aodh/server/single.yml
+++ b/aodh/server/single.yml
@@ -1,18 +1,49 @@
classes:
- service.aodh.server.single
+- system.salt.minion.cert.mysql.clients.openstack.aodh
+- system.salt.minion.cert.rabbitmq.clients.openstack.aodh
parameters:
_param:
openstack_event_alarm_topic: alarm.all
# Keep alarm history in database for 30 days
aodh_alarm_history_ttl: 2592000
+ openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
+ linux:
+ system:
+ cron:
+ user:
+ aodh:
+ enabled: true
aodh:
server:
+ database:
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_aodh_ssl_ca_file}
+ key_file: ${_param:mysql_aodh_client_ssl_key_file}
+ cert_file: ${_param:mysql_aodh_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
+ message_queue:
+ port: ${_param:openstack_rabbitmq_port}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_aodh_ssl_ca_file}
+ key_file: ${_param:rabbitmq_aodh_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_aodh_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
ttl: ${_param:aodh_alarm_history_ttl}
role: ${_param:openstack_node_role}
region: ${_param:openstack_region}
event_alarm_topic: ${_param:openstack_event_alarm_topic}
identity:
region: ${_param:openstack_region}
+ protocol: ${_param:internal_protocol}
# Check for expired alarm history every day at 2 AM
expirer:
cron:
diff --git a/apache/server/proxy/init.yml b/apache/server/proxy/init.yml
new file mode 100644
index 0000000..06921f8
--- /dev/null
+++ b/apache/server/proxy/init.yml
@@ -0,0 +1,7 @@
+parameters:
+ apache:
+ server:
+ modules:
+ - proxy
+ - proxy_http
+ - headers
diff --git a/apache/server/site/manila.yml b/apache/server/site/manila.yml
index cecf1d4..3080d1d 100644
--- a/apache/server/site/manila.yml
+++ b/apache/server/site/manila.yml
@@ -12,6 +12,8 @@
server:
enabled: true
default_mpm: event
+ modules:
+ - wsgi
site:
manila:
enabled: false
diff --git a/barbican/server/cluster.yml b/barbican/server/cluster.yml
index 81ee5af..7e4c0e4 100644
--- a/barbican/server/cluster.yml
+++ b/barbican/server/cluster.yml
@@ -1,9 +1,16 @@
classes:
- service.barbican.server.cluster
- system.haproxy.proxy.listen.openstack.barbican
+- system.salt.minion.cert.mysql.clients.openstack.barbican
+- system.salt.minion.cert.rabbitmq.clients.openstack.barbican
parameters:
_param:
cluster_internal_protocol: 'http'
+ openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
barbican:
server:
role: ${_param:openstack_node_role}
@@ -11,3 +18,25 @@
protocol: ${_param:cluster_internal_protocol}
database:
host: ${_param:openstack_database_address}
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_barbican_ssl_ca_file}
+ key_file: ${_param:mysql_barbican_client_ssl_key_file}
+ cert_file: ${_param:mysql_barbican_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
+ message_queue:
+ port: ${_param:openstack_rabbitmq_port}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_barbican_ssl_ca_file}
+ key_file: ${_param:rabbitmq_barbican_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_barbican_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
+ linux:
+ system:
+ package:
+ python-pymysql:
+ fromrepo: ${_param:openstack_version}
+ version: latest
diff --git a/barbican/server/single.yml b/barbican/server/single.yml
index b115e79..befad42 100644
--- a/barbican/server/single.yml
+++ b/barbican/server/single.yml
@@ -1,10 +1,40 @@
classes:
- service.barbican.server.single
+- system.salt.minion.cert.mysql.clients.openstack.barbican
+- system.salt.minion.cert.rabbitmq.clients.openstack.barbican
parameters:
_param:
internal_protocol: 'http'
+ openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
barbican:
server:
+ database:
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_barbican_ssl_ca_file}
+ key_file: ${_param:mysql_barbican_client_ssl_key_file}
+ cert_file: ${_param:mysql_barbican_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
role: ${_param:openstack_node_role}
identity:
protocol: ${_param:internal_protocol}
+ message_queue:
+ port: ${_param:openstack_rabbitmq_port}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_barbican_ssl_ca_file}
+ key_file: ${_param:rabbitmq_barbican_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_barbican_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
+ linux:
+ system:
+ package:
+ python-pymysql:
+ fromrepo: ${_param:openstack_version}
+ version: latest
diff --git a/bind/server/cluster.yml b/bind/server/cluster.yml
new file mode 100644
index 0000000..1f9e943
--- /dev/null
+++ b/bind/server/cluster.yml
@@ -0,0 +1,37 @@
+classes:
+- service.bind.server.single
+parameters:
+ _param:
+ mgmt_allow_node01_address: ${_param:openstack_control_node01_address}
+ mgmt_allow_node02_address: ${_param:openstack_control_node02_address}
+ mgmt_allow_node03_address: ${_param:openstack_control_node03_address}
+ bind:
+ server:
+ key:
+ mgmt:
+ secret: "${_param:bind9_mgmt_rndc_key}"
+ algorithm: "${_param:bind9_mgmt_rndc_algorithm}"
+ allow_new_zones: true
+ query: true
+ # for local server management /etc/bind/rndc.key
+ # generated by bind9 package postinstall script
+ # will be used
+ control:
+ local:
+ enabled: true
+ bind:
+ address: 127.0.0.1
+ port: 953
+ allow:
+ - 127.0.0.1
+ mgmt:
+ enabled: true
+ bind:
+ address: ${_param:single_address}
+ port: 953
+ allow:
+ - ${_param:mgmt_allow_node01_address}
+ - ${_param:mgmt_allow_node02_address}
+ - ${_param:mgmt_allow_node03_address}
+ keys:
+ - mgmt
\ No newline at end of file
diff --git a/cassandra/backup/server/single.yml b/cassandra/backup/server/single.yml
index ffb43cf..c441529 100644
--- a/cassandra/backup/server/single.yml
+++ b/cassandra/backup/server/single.yml
@@ -3,6 +3,12 @@
parameters:
_param:
cassandra_backup_public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCzLUiHKAjfFXiZ3fsgx35uXF6VivfC5WFafu4QMalxmj6W+s277oCfdWA8Du5f1wtQXM73VQ5nHkXhM2UIfUMarsyhXK+BxKVrcgEBNHdKlDytaecUPyuOxTDdGWhN/DPv5/vL8NYWweEYBbNbLgU0Td7Rvm52TUXKThIDjeF7XDxX4ShXWipBSwU4boOUBtR8KWfga8fsqeBN+eacuAQFR3MrrOfVvAuWW6Bsf047cmd+V6Qv0raoW73Nu4M/ZAdTsaR5k62a0cHsSRoi3hCmNRqw+CZaQi8prQU6t26eWPEtznjp5EkPF+LLh8LxUoCfWqWT+Lxe8QQwT1nx/LCN
+ linux:
+ system:
+ cron:
+ user:
+ cassandra:
+ enabled: true
cassandra:
backup:
server:
diff --git a/ceilometer/agent/cluster.yml b/ceilometer/agent/cluster.yml
index a598ee5..cadbaa9 100644
--- a/ceilometer/agent/cluster.yml
+++ b/ceilometer/agent/cluster.yml
@@ -1,6 +1,11 @@
classes:
- service.ceilometer.agent.cluster
+- system.salt.minion.cert.rabbitmq.clients.openstack.ceilometer
parameters:
+ _param:
+ openstack_rabbitmq_port: 5672
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
ceilometer:
agent:
region: ${_param:openstack_region}
@@ -15,7 +20,9 @@
user: ceilometer
password: ${_param:keystone_ceilometer_password}
region: ${_param:openstack_region}
+ protocol: ${_param:cluster_internal_protocol}
message_queue:
+ port: ${_param:openstack_rabbitmq_port}
engine: rabbitmq
members:
- host: ${_param:openstack_message_queue_node01_address}
@@ -25,6 +32,13 @@
password: ${_param:rabbitmq_openstack_password}
virtual_host: '/openstack'
ha_queues: true
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_ceilometer_ssl_ca_file}
+ key_file: ${_param:rabbitmq_ceilometer_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_ceilometer_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
nova:
compute:
notification:
diff --git a/ceilometer/agent/single.yml b/ceilometer/agent/single.yml
index ebb1d60..3803d12 100644
--- a/ceilometer/agent/single.yml
+++ b/ceilometer/agent/single.yml
@@ -1,2 +1,21 @@
classes:
- service.ceilometer.agent.single
+- system.salt.minion.cert.rabbitmq.clients.openstack.ceilometer
+parameters:
+ _param:
+ openstack_rabbitmq_port: 5672
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ ceilometer:
+ agent:
+ identity:
+ protocol: ${_param:internal_protocol}
+ message_queue:
+ port: ${_param:openstack_rabbitmq_port}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_ceilometer_ssl_ca_file}
+ key_file: ${_param:rabbitmq_ceilometer_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_ceilometer_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
diff --git a/ceilometer/agent/telemetry/cluster.yml b/ceilometer/agent/telemetry/cluster.yml
index bc67493..56ca6cc 100644
--- a/ceilometer/agent/telemetry/cluster.yml
+++ b/ceilometer/agent/telemetry/cluster.yml
@@ -1,6 +1,11 @@
classes:
- service.ceilometer.agent.cluster.common
+- system.salt.minion.cert.rabbitmq.clients.openstack.ceilometer
parameters:
+ _param:
+ openstack_rabbitmq_port: 5672
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
ceilometer:
agent:
region: ${_param:openstack_region}
@@ -15,7 +20,9 @@
user: ceilometer
password: ${_param:keystone_ceilometer_password}
region: ${_param:openstack_region}
+ protocol: ${_param:cluster_internal_protocol}
message_queue:
+ port: ${_param:openstack_rabbitmq_port}
engine: rabbitmq
members:
- host: ${_param:openstack_message_queue_node01_address}
@@ -25,6 +32,13 @@
password: ${_param:rabbitmq_openstack_password}
virtual_host: '/openstack'
ha_queues: true
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_ceilometer_ssl_ca_file}
+ key_file: ${_param:rabbitmq_ceilometer_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_ceilometer_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
nova:
compute:
notification:
diff --git a/ceilometer/agent/telemetry/single.yml b/ceilometer/agent/telemetry/single.yml
index 6b42537..a5fcd51 100644
--- a/ceilometer/agent/telemetry/single.yml
+++ b/ceilometer/agent/telemetry/single.yml
@@ -1,2 +1,21 @@
classes:
- service.ceilometer.agent.single.common
+- system.salt.minion.cert.rabbitmq.clients.openstack.ceilometer
+parameters:
+ _param:
+ openstack_rabbitmq_port: 5672
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ ceilometer:
+ agent:
+ message_queue:
+ port: ${_param:openstack_rabbitmq_port}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_ceilometer_ssl_ca_file}
+ key_file: ${_param:rabbitmq_ceilometer_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_ceilometer_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
+ identity:
+ protocol: ${_param:internal_protocol}
diff --git a/ceilometer/server/cluster.yml b/ceilometer/server/cluster.yml
index ad804f8..31a0abe 100644
--- a/ceilometer/server/cluster.yml
+++ b/ceilometer/server/cluster.yml
@@ -4,7 +4,12 @@
- service.haproxy.proxy.single
- system.haproxy.proxy.listen.openstack.ceilometer
- system.keepalived.cluster.instance.openstack_telemetry_vip
+- system.salt.minion.cert.rabbitmq.clients.openstack.ceilometer
parameters:
+ _param:
+ openstack_rabbitmq_port: 5672
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
ceilometer:
server:
enabled: true
@@ -30,12 +35,21 @@
user: ceilometer
password: ${_param:keystone_ceilometer_password}
region: ${_param:openstack_region}
+ protocol: ${_param:cluster_internal_protocol}
message_queue:
+ port: ${_param:openstack_rabbitmq_port}
engine: rabbitmq
members:
- host: ${_param:openstack_message_queue_node01_address}
- host: ${_param:openstack_message_queue_node02_address}
- host: ${_param:openstack_message_queue_node03_address}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_ceilometer_ssl_ca_file}
+ key_file: ${_param:rabbitmq_ceilometer_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_ceilometer_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
user: openstack
password: ${_param:rabbitmq_openstack_password}
virtual_host: '/openstack'
diff --git a/ceilometer/server/single.yml b/ceilometer/server/single.yml
index ae642f1..37feddc 100644
--- a/ceilometer/server/single.yml
+++ b/ceilometer/server/single.yml
@@ -1,6 +1,11 @@
classes:
- service.ceilometer.server.single
+- system.salt.minion.cert.rabbitmq.clients.openstack.ceilometer
parameters:
+ _param:
+ openstack_rabbitmq_port: 5672
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
ceilometer:
server:
role: ${_param:openstack_node_role}
@@ -15,3 +20,14 @@
enabled: true
host: ${_param:stacklight_monitor_address}
port: 9200
+ message_queue:
+ port: ${_param:openstack_rabbitmq_port}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_ceilometer_ssl_ca_file}
+ key_file: ${_param:rabbitmq_ceilometer_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_ceilometer_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
+ identity:
+ protocol: ${_param:cluster_internal_protocol}
diff --git a/ceilometer/server/telemetry/cluster.yml b/ceilometer/server/telemetry/cluster.yml
index fdf3e03..a887536 100644
--- a/ceilometer/server/telemetry/cluster.yml
+++ b/ceilometer/server/telemetry/cluster.yml
@@ -2,7 +2,12 @@
classes:
- service.ceilometer.server.cluster.common
- system.keepalived.cluster.instance.openstack_telemetry_vip
+- system.salt.minion.cert.rabbitmq.clients.openstack.ceilometer
parameters:
+ _param:
+ openstack_rabbitmq_port: 5672
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
ceilometer:
server:
enabled: true
@@ -26,7 +31,9 @@
user: ceilometer
password: ${_param:keystone_ceilometer_password}
region: ${_param:openstack_region}
+ protocol: ${_param:cluster_internal_protocol}
message_queue:
+ port: ${_param:openstack_rabbitmq_port}
engine: rabbitmq
members:
- host: ${_param:openstack_message_queue_node01_address}
@@ -35,3 +42,10 @@
user: openstack
password: ${_param:rabbitmq_openstack_password}
virtual_host: '/openstack'
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_ceilometer_ssl_ca_file}
+ key_file: ${_param:rabbitmq_ceilometer_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_ceilometer_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
diff --git a/ceilometer/server/telemetry/single.yml b/ceilometer/server/telemetry/single.yml
index 2d8828c..9ff35d1 100644
--- a/ceilometer/server/telemetry/single.yml
+++ b/ceilometer/server/telemetry/single.yml
@@ -1,6 +1,22 @@
classes:
- service.ceilometer.server.single.common
+- system.salt.minion.cert.rabbitmq.clients.openstack.ceilometer
parameters:
+ _param:
+ openstack_rabbitmq_port: 5672
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
ceilometer:
server:
role: ${_param:openstack_node_role}
+ message_queue:
+ port: ${_param:openstack_rabbitmq_port}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_ceilometer_ssl_ca_file}
+ key_file: ${_param:rabbitmq_ceilometer_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_ceilometer_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
+ identity:
+ protocol: ${_param:internal_protocol}
diff --git a/ceph/backup/server/single.yml b/ceph/backup/server/single.yml
index ca36297..896a6cc 100644
--- a/ceph/backup/server/single.yml
+++ b/ceph/backup/server/single.yml
@@ -1,2 +1,9 @@
classes:
- service.ceph.backup.server
+parameters:
+ linux:
+ system:
+ cron:
+ user:
+ ceph:
+ enabled: true
diff --git a/cinder/control/cluster.yml b/cinder/control/cluster.yml
index b5d6862..e4a0718 100644
--- a/cinder/control/cluster.yml
+++ b/cinder/control/cluster.yml
@@ -3,9 +3,16 @@
- service.haproxy.proxy.single
- service.keepalived.cluster.single
- system.haproxy.proxy.listen.openstack.cinder
+- system.salt.minion.cert.mysql.clients.openstack.cinder
+- system.salt.minion.cert.rabbitmq.clients.openstack.cinder
parameters:
_param:
cluster_internal_protocol: 'http'
+ openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
package:
@@ -35,6 +42,13 @@
name: cinder
user: cinder
password: ${_param:mysql_cinder_password}
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_cinder_ssl_ca_file}
+ key_file: ${_param:mysql_cinder_client_ssl_key_file}
+ cert_file: ${_param:mysql_cinder_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
identity:
engine: keystone
region: ${_param:openstack_region}
@@ -49,6 +63,7 @@
port: 9292
protocol: ${_param:cluster_internal_protocol}
message_queue:
+ port: ${_param:openstack_rabbitmq_port}
engine: rabbitmq
members:
- host: ${_param:openstack_message_queue_node01_address}
@@ -57,6 +72,13 @@
user: openstack
password: ${_param:rabbitmq_openstack_password}
virtual_host: '/openstack'
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_cinder_ssl_ca_file}
+ key_file: ${_param:rabbitmq_cinder_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_cinder_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
cache:
engine: memcached
members:
diff --git a/cinder/control/single.yml b/cinder/control/single.yml
index 89c5307..0d29e31 100644
--- a/cinder/control/single.yml
+++ b/cinder/control/single.yml
@@ -1,8 +1,15 @@
classes:
- service.cinder.control.single
+- system.salt.minion.cert.mysql.clients.openstack.cinder
+- system.salt.minion.cert.rabbitmq.clients.openstack.cinder
parameters:
_param:
internal_protocol: 'http'
+ openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
package:
@@ -18,7 +25,23 @@
role: ${_param:openstack_node_role}
database:
host: ${_param:single_address}
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_cinder_ssl_ca_file}
+ key_file: ${_param:mysql_cinder_client_ssl_key_file}
+ cert_file: ${_param:mysql_cinder_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
identity:
protocol: ${_param:internal_protocol}
region: ${_param:openstack_region}
+ message_queue:
+ port: ${_param:openstack_rabbitmq_port}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_cinder_ssl_ca_file}
+ key_file: ${_param:rabbitmq_cinder_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_cinder_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
diff --git a/cinder/volume/local.yml b/cinder/volume/local.yml
index d03d6f7..b0e179a 100644
--- a/cinder/volume/local.yml
+++ b/cinder/volume/local.yml
@@ -1,15 +1,38 @@
classes:
- service.cinder.volume.local
+- system.salt.minion.cert.mysql.clients.openstack.cinder
+- system.salt.minion.cert.rabbitmq.clients.openstack.cinder
parameters:
+ _param:
+ openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
cinder:
volume:
enabled: True
database:
host: ${_param:single_address}
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_cinder_ssl_ca_file}
+ key_file: ${_param:mysql_cinder_client_ssl_key_file}
+ cert_file: ${_param:mysql_cinder_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
glance:
host: ${_param:single_address}
message_queue:
+ port: ${_param:openstack_rabbitmq_port}
host: ${_param:single_address}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_cinder_ssl_ca_file}
+ key_file: ${_param:rabbitmq_cinder_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_cinder_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
identity:
host: ${_param:single_address}
region: ${_param:openstack_region}
diff --git a/cinder/volume/single.yml b/cinder/volume/single.yml
index f66a190..03c4b3c 100644
--- a/cinder/volume/single.yml
+++ b/cinder/volume/single.yml
@@ -1,8 +1,15 @@
classes:
- service.cinder.volume.single
+- system.salt.minion.cert.mysql.clients.openstack.cinder
+- system.salt.minion.cert.rabbitmq.clients.openstack.cinder
parameters:
_param:
cluster_internal_protocol: 'http'
+ openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
package:
@@ -14,14 +21,29 @@
enabled: True
database:
host: ${_param:openstack_database_address}
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_cinder_ssl_ca_file}
+ key_file: ${_param:mysql_cinder_client_ssl_key_file}
+ cert_file: ${_param:mysql_cinder_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
glance:
host: ${_param:openstack_control_address}
protocol: ${_param:cluster_internal_protocol}
message_queue:
+ port: ${_param:openstack_rabbitmq_port}
members:
- host: ${_param:openstack_message_queue_node01_address}
- host: ${_param:openstack_message_queue_node02_address}
- host: ${_param:openstack_message_queue_node03_address}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_cinder_ssl_ca_file}
+ key_file: ${_param:rabbitmq_cinder_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_cinder_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
identity:
host: ${_param:openstack_control_address}
protocol: ${_param:cluster_internal_protocol}
diff --git a/debmirror/mirror_mirantis_com/cassandra/xenial.yml b/debmirror/mirror_mirantis_com/cassandra/xenial.yml
new file mode 100644
index 0000000..7e6b320
--- /dev/null
+++ b/debmirror/mirror_mirantis_com/cassandra/xenial.yml
@@ -0,0 +1,21 @@
+parameters:
+ _param:
+ apt_mk_version: 'stable'
+ mirror_mirantis_com_cassandra_xenial_force: False
+ debmirror_mirrors_base_target_dir: "/srv/volumes/aptly/public/${_param:apt_mk_version}/"
+ debmirror:
+ client:
+ enabled: true
+ mirrors:
+ mirror_mirantis_com_cassandra_xenial:
+ force: ${_param:mirror_mirantis_com_cassandra_xenial_force}
+ lock_target: True
+ extra_flags: [ '--verbose', '--progress', '--nosource', '--no-check-gpg', '--rsync-extra=none' ]
+ method: "rsync"
+ arch: [ 'amd64' ]
+ mirror_host: "mirror.mirantis.com"
+ mirror_root: ":mirror/${_param:apt_mk_version}/cassandra/xenial/"
+ target_dir: "${_param:debmirror_mirrors_base_target_dir}/cassandra/xenial/"
+ log_file: "/var/log/debmirror/mirror_mirantis_com_cassandra_xenial.log"
+ dist: [ "21x" ]
+ section: [ main ]
diff --git a/defaults/init.yml b/defaults/init.yml
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/defaults/init.yml
diff --git a/designate/server/backend/bind.yml b/designate/server/backend/bind.yml
index 823d52d..bbce637 100644
--- a/designate/server/backend/bind.yml
+++ b/designate/server/backend/bind.yml
@@ -38,4 +38,4 @@
key:
designate:
secret: "${_param:designate_bind9_rndc_key}"
- algorithm: "${_param:designate_bind9_rndc_algorithm}"
+ algorithm: "${_param:designate_bind9_rndc_algorithm}"
\ No newline at end of file
diff --git a/designate/server/backend/pdns.yml b/designate/server/backend/pdns.yml
index 45ad0b7..151ef10 100644
--- a/designate/server/backend/pdns.yml
+++ b/designate/server/backend/pdns.yml
@@ -23,4 +23,4 @@
enabled: true
address: ${_param:single_address}
port: ${_param:powerdns_webserver_port}
- password: ${_param:powerdns_webserver_password}
+ password: ${_param:powerdns_webserver_password}
\ No newline at end of file
diff --git a/designate/server/cluster/bind.yml b/designate/server/cluster/bind.yml
new file mode 100644
index 0000000..39c802b
--- /dev/null
+++ b/designate/server/cluster/bind.yml
@@ -0,0 +1,39 @@
+classes:
+ - system.designate.server.cluster.default
+parameters:
+ _param:
+ designate_bind9_rndc_algorithm: hmac-sha512
+ designate:
+ worker:
+ enabled: true
+ server:
+ backend:
+ bind9:
+ rndc_key: "${_param:designate_bind9_rndc_key}"
+ rndc_algorithm: "${_param:designate_bind9_rndc_algorithm}"
+ pools:
+ default:
+ description: 'default pool'
+ ns_records: ${_param:designate_pool_ns_records}
+ nameservers: ${_param:designate_pool_nameservers}
+ targets:
+ default01:
+ type: bind9
+ description: 'default target01'
+ masters: ${_param:designate_pool_target_masters}
+ options:
+ host: ${_param:openstack_dns_node01_address}
+ port: 53
+ rndc_host: ${_param:openstack_dns_node01_address}
+ rndc_port: 953
+ rndc_key_file: /etc/designate/rndc.key
+ default02:
+ type: bind9
+ description: 'default target02'
+ masters: ${_param:designate_pool_target_masters}
+ options:
+ host: ${_param:openstack_dns_node02_address}
+ port: 53
+ rndc_host: ${_param:openstack_dns_node02_address}
+ rndc_port: 953
+ rndc_key_file: /etc/designate/rndc.key
\ No newline at end of file
diff --git a/designate/server/cluster/default.yml b/designate/server/cluster/default.yml
new file mode 100644
index 0000000..1e8076e
--- /dev/null
+++ b/designate/server/cluster/default.yml
@@ -0,0 +1,80 @@
+classes:
+- service.keepalived.cluster.single
+- service.haproxy.proxy.single
+- system.haproxy.proxy.listen.openstack.designate
+- service.designate.server.cluster
+- system.salt.minion.cert.mysql.clients.openstack.designate
+- system.salt.minion.cert.rabbitmq.clients.openstack.designate
+parameters:
+ _param:
+ designate_admin_api_enabled: false
+ cluster_internal_protocol: 'http'
+ openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
+ linux:
+ system:
+ package:
+ python-pymysql:
+ fromrepo: ${_param:openstack_version}
+ version: latest
+ designate:
+ _support:
+ sensu:
+ enabled: false
+ server:
+ enabled: true
+ local_bind: true
+ region: ${_param:openstack_region}
+ domain_id: ${_param:designate_domain_id}
+ version: ${_param:designate_version}
+ role: ${_param:openstack_node_role}
+ admin_api:
+ enabled: ${_param:designate_admin_api_enabled}
+ enabled_extensions_admin: quotas
+ database:
+ engine: mysql
+ host: ${_param:openstack_database_address}
+ port: 3306
+ name:
+ main_database: designate
+ pool_manager: designate_pool_manager
+ user: designate
+ password: ${_param:mysql_designate_password}
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_designate_ssl_ca_file}
+ key_file: ${_param:mysql_designate_client_ssl_key_file}
+ cert_file: ${_param:mysql_designate_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
+ identity:
+ engine: keystone
+ host: ${_param:openstack_control_address}
+ port: 35357
+ tenant: service
+ user: designate
+ password: ${_param:keystone_designate_password}
+ protocol: ${_param:cluster_internal_protocol}
+ bind:
+ api:
+ address: ${_param:single_address}
+ message_queue:
+ engine: rabbitmq
+ port: ${_param:openstack_rabbitmq_port}
+ members:
+ - host: ${_param:openstack_message_queue_node01_address}
+ - host: ${_param:openstack_message_queue_node02_address}
+ - host: ${_param:openstack_message_queue_node03_address}
+ user: openstack
+ password: ${_param:rabbitmq_openstack_password}
+ virtual_host: '/openstack'
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_designate_ssl_ca_file}
+ key_file: ${_param:rabbitmq_designate_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_designate_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
diff --git a/designate/server/cluster/pdns.yml b/designate/server/cluster/pdns.yml
new file mode 100644
index 0000000..7d81f90
--- /dev/null
+++ b/designate/server/cluster/pdns.yml
@@ -0,0 +1,42 @@
+classes:
+ - system.designate.server.cluster.default
+parameters:
+ _param:
+ designate_pool_manager_enabled: true
+ designate_pool_manager_periodic_sync_interval: '120'
+ designate_mdns_address: 0.0.0.0
+ # required for supermasters functionality
+ designate_mdns_port: 53
+ designate:
+ pool_manager:
+ # required for supermasters functionality
+ enabled: ${_param:designate_pool_manager_enabled}
+ periodic_sync_interval: ${_param:designate_pool_manager_periodic_sync_interval}
+ server:
+ mdns:
+ address: ${_param:designate_mdns_address}
+ port: ${_param:designate_mdns_port}
+ pools:
+ default:
+ description: 'default pool'
+ ns_records: ${_param:designate_pool_ns_records}
+ nameservers: ${_param:designate_pool_nameservers}
+ targets:
+ default:
+ type: pdns4
+ description: 'default target1'
+ masters: ${_param:designate_pool_target_masters}
+ options:
+ host: ${_param:openstack_dns_node01_address}
+ port: 53
+ api_endpoint: "http://${_param:openstack_dns_node01_address}:${_param:powerdns_webserver_port}"
+ api_token: ${_param:designate_pdns_api_key}
+ default1:
+ type: pdns4
+ description: 'default target2'
+ masters: ${_param:designate_pool_target_masters}
+ options:
+ host: ${_param:openstack_dns_node02_address}
+ port: 53
+ api_endpoint: "http://${_param:openstack_dns_node02_address}:${_param:powerdns_webserver_port}"
+ api_token: ${_param:designate_pdns_api_key}
\ No newline at end of file
diff --git a/designate/server/cluster/simple.yml b/designate/server/cluster/simple.yml
index 9f9b18b..459ab96 100644
--- a/designate/server/cluster/simple.yml
+++ b/designate/server/cluster/simple.yml
@@ -1,9 +1,16 @@
classes:
- service.designate.server.cluster
+- system.salt.minion.cert.mysql.clients.openstack.designate
+- system.salt.minion.cert.rabbitmq.clients.openstack.designate
parameters:
_param:
designate_admin_api_enabled: false
cluster_internal_protocol: 'http'
+ openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
package:
@@ -33,6 +40,13 @@
pool_manager: designate_pool_manager
user: designate
password: ${_param:mysql_designate_password}
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_designate_ssl_ca_file}
+ key_file: ${_param:mysql_designate_client_ssl_key_file}
+ cert_file: ${_param:mysql_designate_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
identity:
engine: keystone
host: ${_param:openstack_control_address}
@@ -46,7 +60,7 @@
address: ${_param:single_address}
message_queue:
engine: rabbitmq
- port: 5672
+ port: ${_param:openstack_rabbitmq_port}
members:
- host: ${_param:openstack_message_queue_node01_address}
- host: ${_param:openstack_message_queue_node02_address}
@@ -54,6 +68,13 @@
user: openstack
password: ${_param:rabbitmq_openstack_password}
virtual_host: '/openstack'
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_designate_ssl_ca_file}
+ key_file: ${_param:rabbitmq_designate_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_designate_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
pools:
default:
description: 'default pool'
diff --git a/designate/server/single.yml b/designate/server/single.yml
index 683180e..e89afe1 100644
--- a/designate/server/single.yml
+++ b/designate/server/single.yml
@@ -1,9 +1,16 @@
classes:
- service.designate.server.single
+- system.salt.minion.cert.mysql.clients.openstack.designate
+- system.salt.minion.cert.rabbitmq.clients.openstack.designate
parameters:
_param:
designate_admin_api_enabled: false
internal_protocol: 'http'
+ openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
package:
@@ -33,6 +40,13 @@
pool_manager: designate_pool_manager
user: designate
password: ${_param:mysql_designate_password}
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_designate_ssl_ca_file}
+ key_file: ${_param:mysql_designate_client_ssl_key_file}
+ cert_file: ${_param:mysql_designate_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
identity:
engine: keystone
host: ${_param:single_address}
@@ -44,10 +58,17 @@
message_queue:
engine: rabbitmq
host: ${_param:cluster_vip_address}
- port: 5672
+ port: ${_param:openstack_rabbitmq_port}
user: openstack
password: ${_param:rabbitmq_openstack_password}
virtual_host: '/openstack'
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_designate_ssl_ca_file}
+ key_file: ${_param:rabbitmq_designate_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_designate_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
pools:
default:
description: 'default pool'
diff --git a/docker/host.yml b/docker/host.yml
index aef7a32..bb3dffa 100644
--- a/docker/host.yml
+++ b/docker/host.yml
@@ -1,6 +1,8 @@
classes:
- service.docker.host
parameters:
+ _param:
+ docker_garbage_collection_enabled: false
docker:
host:
pkgs:
@@ -14,3 +16,16 @@
ipv6: true
fixed-cidr-v6: fc00::/7
storage-driver: overlay2
+ linux:
+ system:
+ cron:
+ user:
+ root:
+ enabled: true
+ job:
+ docker_garbage_collection:
+ command: docker system prune -f --filter until=$(date +%s -d "1 week ago")
+ enabled: ${_param:docker_garbage_collection_enabled}
+ user: root
+ hour: 6
+ minute: 0
diff --git a/elasticsearch/server/curator.yml b/elasticsearch/server/curator.yml
index fe7383d..a73ef44 100644
--- a/elasticsearch/server/curator.yml
+++ b/elasticsearch/server/curator.yml
@@ -2,6 +2,12 @@
_param:
elasticsearch_curator_indices_pattern: "^(log|notification)-.*$"
elasticsearch_curator_retention_period: 31
+ linux:
+ system:
+ cron:
+ user:
+ elasticsearch:
+ enabled: true
elasticsearch:
server:
curator:
diff --git a/galera/server/database/manila.yml b/galera/server/database/manila.yml
index 3339b83..d233ce9 100644
--- a/galera/server/database/manila.yml
+++ b/galera/server/database/manila.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ mysql_manila_ssl_option: []
mysql:
server:
database:
@@ -9,7 +11,9 @@
password: ${_param:mysql_manila_password}
host: '%'
rights: all
+ ssl_option: ${_param:mysql_manila_ssl_option}
- name: manila
password: ${_param:mysql_manila_password}
host: ${_param:cluster_local_address}
rights: all
+ ssl_option: ${_param:mysql_manila_ssl_option}
diff --git a/galera/server/database/ssl/aodh.yml b/galera/server/database/ssl/aodh.yml
new file mode 100644
index 0000000..e68e0fa
--- /dev/null
+++ b/galera/server/database/ssl/aodh.yml
@@ -0,0 +1,4 @@
+parameters:
+ _param:
+ mysql_aodh_ssl_option:
+ - SSL: True
\ No newline at end of file
diff --git a/galera/server/database/ssl/barbican.yml b/galera/server/database/ssl/barbican.yml
new file mode 100644
index 0000000..1b1c7c1
--- /dev/null
+++ b/galera/server/database/ssl/barbican.yml
@@ -0,0 +1,4 @@
+parameters:
+ _param:
+ mysql_barbican_ssl_option:
+ - SSL: True
\ No newline at end of file
diff --git a/galera/server/database/ssl/cinder.yml b/galera/server/database/ssl/cinder.yml
new file mode 100644
index 0000000..24554a7
--- /dev/null
+++ b/galera/server/database/ssl/cinder.yml
@@ -0,0 +1,4 @@
+parameters:
+ _param:
+ mysql_cinder_ssl_option:
+ - SSL: True
\ No newline at end of file
diff --git a/galera/server/database/ssl/designate.yml b/galera/server/database/ssl/designate.yml
new file mode 100644
index 0000000..d8a7ed8
--- /dev/null
+++ b/galera/server/database/ssl/designate.yml
@@ -0,0 +1,4 @@
+parameters:
+ _param:
+ mysql_designate_ssl_option:
+ - SSL: True
\ No newline at end of file
diff --git a/galera/server/database/ssl/glance.yml b/galera/server/database/ssl/glance.yml
new file mode 100644
index 0000000..99802f8
--- /dev/null
+++ b/galera/server/database/ssl/glance.yml
@@ -0,0 +1,4 @@
+parameters:
+ _param:
+ mysql_glance_ssl_option:
+ - SSL: True
\ No newline at end of file
diff --git a/galera/server/database/ssl/gnocchi.yml b/galera/server/database/ssl/gnocchi.yml
new file mode 100644
index 0000000..c1bb459
--- /dev/null
+++ b/galera/server/database/ssl/gnocchi.yml
@@ -0,0 +1,4 @@
+parameters:
+ _param:
+ mysql_gnocchi_ssl_option:
+ - SSL: True
\ No newline at end of file
diff --git a/galera/server/database/ssl/heat.yml b/galera/server/database/ssl/heat.yml
new file mode 100644
index 0000000..567d611
--- /dev/null
+++ b/galera/server/database/ssl/heat.yml
@@ -0,0 +1,4 @@
+parameters:
+ _param:
+ mysql_heat_ssl_option:
+ - SSL: True
\ No newline at end of file
diff --git a/galera/server/database/ssl/ironic.yaml b/galera/server/database/ssl/ironic.yaml
new file mode 100644
index 0000000..eeb9dbb
--- /dev/null
+++ b/galera/server/database/ssl/ironic.yaml
@@ -0,0 +1,4 @@
+parameters:
+ _param:
+ mysql_ironic_ssl_option:
+ - SSL: True
\ No newline at end of file
diff --git a/galera/server/database/ssl/keystone.yml b/galera/server/database/ssl/keystone.yml
new file mode 100644
index 0000000..bcaec18
--- /dev/null
+++ b/galera/server/database/ssl/keystone.yml
@@ -0,0 +1,4 @@
+parameters:
+ _param:
+ mysql_keystone_ssl_option:
+ - SSL: True
\ No newline at end of file
diff --git a/galera/server/database/ssl/manila.yml b/galera/server/database/ssl/manila.yml
new file mode 100644
index 0000000..c3b30dd
--- /dev/null
+++ b/galera/server/database/ssl/manila.yml
@@ -0,0 +1,4 @@
+parameters:
+ _param:
+ mysql_manila_ssl_option:
+ - SSL: True
\ No newline at end of file
diff --git a/galera/server/database/ssl/neutron.yml b/galera/server/database/ssl/neutron.yml
new file mode 100644
index 0000000..c8f3761
--- /dev/null
+++ b/galera/server/database/ssl/neutron.yml
@@ -0,0 +1,4 @@
+parameters:
+ _param:
+ mysql_neutron_ssl_option:
+ - SSL: True
\ No newline at end of file
diff --git a/galera/server/database/ssl/panko.yml b/galera/server/database/ssl/panko.yml
new file mode 100644
index 0000000..ce1c504
--- /dev/null
+++ b/galera/server/database/ssl/panko.yml
@@ -0,0 +1,4 @@
+parameters:
+ _param:
+ mysql_panko_ssl_option:
+ - SSL: True
\ No newline at end of file
diff --git a/galera/server/database/x509/aodh.yml b/galera/server/database/x509/aodh.yml
new file mode 100644
index 0000000..d90d17e
--- /dev/null
+++ b/galera/server/database/x509/aodh.yml
@@ -0,0 +1,7 @@
+parameters:
+ _param:
+ mysql_aodh_client_ssl_x509_subject: '/C=cz/CN=mysql-aodh-client/L=Prague/O=Mirantis'
+ mysql_aodh_client_ssl_x509_issuer: '/C=cz/CN=Salt Master CA/L=Prague/O=Mirantis'
+ mysql_aodh_ssl_option:
+ - SUBJECT: ${_param:mysql_aodh_client_ssl_x509_subject}
+ - ISSUER: ${_param:mysql_aodh_client_ssl_x509_issuer}
\ No newline at end of file
diff --git a/galera/server/database/x509/barbican.yml b/galera/server/database/x509/barbican.yml
new file mode 100644
index 0000000..ae1865f
--- /dev/null
+++ b/galera/server/database/x509/barbican.yml
@@ -0,0 +1,7 @@
+parameters:
+ _param:
+ mysql_barbican_client_ssl_x509_subject: '/C=cz/CN=mysql-barbican-client/L=Prague/O=Mirantis'
+ mysql_barbican_client_ssl_x509_issuer: '/C=cz/CN=Salt Master CA/L=Prague/O=Mirantis'
+ mysql_barbican_ssl_option:
+ - SUBJECT: ${_param:mysql_barbican_client_ssl_x509_subject}
+ - ISSUER: ${_param:mysql_barbican_client_ssl_x509_issuer}
\ No newline at end of file
diff --git a/galera/server/database/x509/cinder.yml b/galera/server/database/x509/cinder.yml
new file mode 100644
index 0000000..be45c03
--- /dev/null
+++ b/galera/server/database/x509/cinder.yml
@@ -0,0 +1,7 @@
+parameters:
+ _param:
+ mysql_cinder_client_ssl_x509_subject: '/C=cz/CN=mysql-cinder-client/L=Prague/O=Mirantis'
+ mysql_cinder_client_ssl_x509_issuer: '/C=cz/CN=Salt Master CA/L=Prague/O=Mirantis'
+ mysql_cinder_ssl_option:
+ - SUBJECT: ${_param:mysql_cinder_client_ssl_x509_subject}
+ - ISSUER: ${_param:mysql_cinder_client_ssl_x509_issuer}
\ No newline at end of file
diff --git a/galera/server/database/x509/designate.yml b/galera/server/database/x509/designate.yml
new file mode 100644
index 0000000..27e3ae4
--- /dev/null
+++ b/galera/server/database/x509/designate.yml
@@ -0,0 +1,7 @@
+parameters:
+ _param:
+ mysql_designate_client_ssl_x509_subject: '/C=cz/CN=mysql-designate-client/L=Prague/O=Mirantis'
+ mysql_designate_client_ssl_x509_issuer: '/C=cz/CN=Salt Master CA/L=Prague/O=Mirantis'
+ mysql_designate_ssl_option:
+ - SUBJECT: ${_param:mysql_designate_client_ssl_x509_subject}
+ - ISSUER: ${_param:mysql_designate_client_ssl_x509_issuer}
\ No newline at end of file
diff --git a/galera/server/database/x509/glance.yml b/galera/server/database/x509/glance.yml
new file mode 100644
index 0000000..2fdcea3
--- /dev/null
+++ b/galera/server/database/x509/glance.yml
@@ -0,0 +1,7 @@
+parameters:
+ _param:
+ mysql_glance_client_ssl_x509_subject: '/C=cz/CN=mysql-glance-client/L=Prague/O=Mirantis'
+ mysql_glance_client_ssl_x509_issuer: '/C=cz/CN=Salt Master CA/L=Prague/O=Mirantis'
+ mysql_glance_ssl_option:
+ - SUBJECT: ${_param:mysql_glance_client_ssl_x509_subject}
+ - ISSUER: ${_param:mysql_glance_client_ssl_x509_issuer}
\ No newline at end of file
diff --git a/galera/server/database/x509/gnocchi.yml b/galera/server/database/x509/gnocchi.yml
new file mode 100644
index 0000000..5cb3c58
--- /dev/null
+++ b/galera/server/database/x509/gnocchi.yml
@@ -0,0 +1,7 @@
+parameters:
+ _param:
+ mysql_gnocchi_client_ssl_x509_subject: '/C=cz/CN=mysql-gnocchi-client/L=Prague/O=Mirantis'
+ mysql_gnocchi_client_ssl_x509_issuer: '/C=cz/CN=Salt Master CA/L=Prague/O=Mirantis'
+ mysql_gnocchi_ssl_option:
+ - SUBJECT: ${_param:mysql_gnocchi_client_ssl_x509_subject}
+ - ISSUER: ${_param:mysql_gnocchi_client_ssl_x509_issuer}
\ No newline at end of file
diff --git a/galera/server/database/x509/heat.yml b/galera/server/database/x509/heat.yml
new file mode 100644
index 0000000..57dbd5f
--- /dev/null
+++ b/galera/server/database/x509/heat.yml
@@ -0,0 +1,7 @@
+parameters:
+ _param:
+ mysql_heat_client_ssl_x509_subject: '/C=cz/CN=mysql-heat-client/L=Prague/O=Mirantis'
+ mysql_heat_client_ssl_x509_issuer: '/C=cz/CN=Salt Master CA/L=Prague/O=Mirantis'
+ mysql_heat_ssl_option:
+ - SUBJECT: ${_param:mysql_heat_client_ssl_x509_subject}
+ - ISSUER: ${_param:mysql_heat_client_ssl_x509_issuer}
\ No newline at end of file
diff --git a/galera/server/database/x509/ironic.yml b/galera/server/database/x509/ironic.yml
new file mode 100644
index 0000000..85082f5
--- /dev/null
+++ b/galera/server/database/x509/ironic.yml
@@ -0,0 +1,7 @@
+parameters:
+ _param:
+ mysql_ironic_client_ssl_x509_subject: '/C=cz/CN=mysql-ironic-client/L=Prague/O=Mirantis'
+ mysql_ironic_client_ssl_x509_issuer: '/C=cz/CN=Salt Master CA/L=Prague/O=Mirantis'
+ mysql_ironic_ssl_option:
+ - SUBJECT: ${_param:mysql_ironic_client_ssl_x509_subject}
+ - ISSUER: ${_param:mysql_ironic_client_ssl_x509_issuer}
\ No newline at end of file
diff --git a/galera/server/database/x509/keystone.yml b/galera/server/database/x509/keystone.yml
new file mode 100644
index 0000000..0a790e7
--- /dev/null
+++ b/galera/server/database/x509/keystone.yml
@@ -0,0 +1,7 @@
+parameters:
+ _param:
+ mysql_keystone_client_ssl_x509_subject: '/C=cz/CN=mysql-keystone-client/L=Prague/O=Mirantis'
+ mysql_keystone_client_ssl_x509_issuer: '/C=cz/CN=Salt Master CA/L=Prague/O=Mirantis'
+ mysql_keystone_ssl_option:
+ - SUBJECT: ${_param:mysql_keystone_client_ssl_x509_subject}
+ - ISSUER: ${_param:mysql_keystone_client_ssl_x509_issuer}
\ No newline at end of file
diff --git a/galera/server/database/x509/manila.yml b/galera/server/database/x509/manila.yml
new file mode 100644
index 0000000..15e6c88
--- /dev/null
+++ b/galera/server/database/x509/manila.yml
@@ -0,0 +1,7 @@
+parameters:
+ _param:
+ mysql_manila_client_ssl_x509_subject: '/C=cz/CN=mysql-manila-client/L=Prague/O=Mirantis'
+ mysql_manila_client_ssl_x509_issuer: '/C=cz/CN=Salt Master CA/L=Prague/O=Mirantis'
+ mysql_manila_ssl_option:
+ - SUBJECT: ${_param:mysql_manila_client_ssl_x509_subject}
+ - ISSUER: ${_param:mysql_manila_client_ssl_x509_issuer}
\ No newline at end of file
diff --git a/galera/server/database/x509/neutron.yml b/galera/server/database/x509/neutron.yml
new file mode 100644
index 0000000..2c07e05
--- /dev/null
+++ b/galera/server/database/x509/neutron.yml
@@ -0,0 +1,7 @@
+parameters:
+ _param:
+ mysql_neutron_client_ssl_x509_subject: '/C=cz/CN=mysql-neutron-client/L=Prague/O=Mirantis'
+ mysql_neutron_client_ssl_x509_issuer: '/C=cz/CN=Salt Master CA/L=Prague/O=Mirantis'
+ mysql_neutron_ssl_option:
+ - SUBJECT: ${_param:mysql_neutron_client_ssl_x509_subject}
+ - ISSUER: ${_param:mysql_neutron_client_ssl_x509_issuer}
\ No newline at end of file
diff --git a/galera/server/database/x509/panko.yml b/galera/server/database/x509/panko.yml
new file mode 100644
index 0000000..15c37bf
--- /dev/null
+++ b/galera/server/database/x509/panko.yml
@@ -0,0 +1,7 @@
+parameters:
+ _param:
+ mysql_panko_client_ssl_x509_subject: '/C=cz/CN=mysql-panko-client/L=Prague/O=Mirantis'
+ mysql_panko_client_ssl_x509_issuer: '/C=cz/CN=Salt Master CA/L=Prague/O=Mirantis'
+ mysql_panko_ssl_option:
+ - SUBJECT: ${_param:mysql_panko_client_ssl_x509_subject}
+ - ISSUER: ${_param:mysql_panko_client_ssl_x509_issuer}
\ No newline at end of file
diff --git a/glance/control/cluster.yml b/glance/control/cluster.yml
index e218835..c69cf55 100644
--- a/glance/control/cluster.yml
+++ b/glance/control/cluster.yml
@@ -3,9 +3,21 @@
- service.keepalived.cluster.single
- service.haproxy.proxy.single
- system.haproxy.proxy.listen.openstack.glance
+- system.salt.minion.cert.mysql.clients.openstack.glance
+- system.salt.minion.cert.rabbitmq.clients.openstack.glance
parameters:
+ _param:
+ openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
+ cron:
+ user:
+ glance:
+ enabled: true
package:
python-pymysql:
fromrepo: ${_param:openstack_version}
@@ -23,9 +35,17 @@
name: glance
user: glance
password: ${_param:mysql_glance_password}
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_glance_ssl_ca_file}
+ key_file: ${_param:mysql_glance_client_ssl_key_file}
+ cert_file: ${_param:mysql_glance_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
registry:
host: ${_param:cluster_vip_address}
port: 9191
+ protocol: ${_param:cluster_internal_protocol}
bind:
address: ${_param:cluster_local_address}
port: 9292
@@ -37,9 +57,10 @@
password: ${_param:keystone_glance_password}
region: ${_param:openstack_region}
tenant: service
+ protocol: ${_param:cluster_internal_protocol}
message_queue:
engine: rabbitmq
- port: 5672
+ port: ${_param:openstack_rabbitmq_port}
user: openstack
password: ${_param:rabbitmq_openstack_password}
virtual_host: '/openstack'
@@ -47,6 +68,13 @@
- host: ${_param:openstack_message_queue_node01_address}
- host: ${_param:openstack_message_queue_node02_address}
- host: ${_param:openstack_message_queue_node03_address}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_glance_ssl_ca_file}
+ key_file: ${_param:rabbitmq_glance_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_glance_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
storage:
engine: file
images: []
diff --git a/glance/control/single.yml b/glance/control/single.yml
index 63e1b48..a789a56 100644
--- a/glance/control/single.yml
+++ b/glance/control/single.yml
@@ -1,8 +1,20 @@
classes:
- service.glance.control.single
+- system.salt.minion.cert.mysql.clients.openstack.glance
+- system.salt.minion.cert.rabbitmq.clients.openstack.glance
parameters:
+ _param:
+ openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
+ cron:
+ user:
+ glance:
+ enabled: true
package:
python-pymysql:
fromrepo: ${_param:openstack_version}
@@ -12,6 +24,25 @@
role: ${_param:openstack_node_role}
database:
host: ${_param:single_address}
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_glance_ssl_ca_file}
+ key_file: ${_param:mysql_glance_client_ssl_key_file}
+ cert_file: ${_param:mysql_glance_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
identity:
region: ${_param:openstack_region}
+ protocol: ${_param:internal_protocol}
+ registry:
+ protocol: ${_param:internal_protocol}
show_multiple_locations: True
+ message_queue:
+ port: ${_param:openstack_rabbitmq_port}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_glance_ssl_ca_file}
+ key_file: ${_param:rabbitmq_glance_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_glance_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
diff --git a/glusterfs/server/cluster.yml b/glusterfs/server/cluster.yml
index 16453c9..f7c520e 100644
--- a/glusterfs/server/cluster.yml
+++ b/glusterfs/server/cluster.yml
@@ -8,6 +8,7 @@
iptables:
enabled: false
server:
+ role: ${_param:glusterfs_node_role}
peers:
- ${_param:cluster_node01_address}
- ${_param:cluster_node02_address}
diff --git a/gnocchi/common/cluster.yml b/gnocchi/common/cluster.yml
new file mode 100644
index 0000000..8d7ae5e
--- /dev/null
+++ b/gnocchi/common/cluster.yml
@@ -0,0 +1,17 @@
+classes:
+- service.gnocchi.common.cluster
+- system.salt.minion.cert.mysql.clients.openstack.gnocchi
+parameters:
+ _param:
+ openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
+ gnocchi:
+ common:
+ database:
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_gnocchi_ssl_ca_file}
+ key_file: ${_param:mysql_gnocchi_client_ssl_key_file}
+ cert_file: ${_param:mysql_gnocchi_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
diff --git a/gnocchi/common/single.yml b/gnocchi/common/single.yml
new file mode 100644
index 0000000..1f68f5c
--- /dev/null
+++ b/gnocchi/common/single.yml
@@ -0,0 +1,17 @@
+classes:
+- service.gnocchi.common.single
+- system.salt.minion.cert.mysql.clients.openstack.gnocchi
+parameters:
+ _param:
+ openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
+ gnocchi:
+ common:
+ database:
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_gnocchi_ssl_ca_file}
+ key_file: ${_param:mysql_gnocchi_client_ssl_key_file}
+ cert_file: ${_param:mysql_gnocchi_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
diff --git a/gnocchi/common/storage/ceph.yml b/gnocchi/common/storage/ceph.yml
new file mode 100644
index 0000000..5af2456
--- /dev/null
+++ b/gnocchi/common/storage/ceph.yml
@@ -0,0 +1,11 @@
+parameters:
+ _param:
+ gnocchi_storage_ceph_pool: gnocchi
+ gnocchi_storage_ceph_user: gnocchi
+ gnocchi_storage_driver: ceph
+ gnocchi:
+ common:
+ storage:
+ driver: ${_param:gnocchi_storage_driver}
+ ceph_pool: ${_param:gnocchi_storage_ceph_pool}
+ ceph_username: ${_param:gnocchi_storage_ceph_user}
\ No newline at end of file
diff --git a/gnocchi/common/storage/incoming/ceph.yml b/gnocchi/common/storage/incoming/ceph.yml
new file mode 100644
index 0000000..9937d29
--- /dev/null
+++ b/gnocchi/common/storage/incoming/ceph.yml
@@ -0,0 +1,12 @@
+parameters:
+ _param:
+ gnocchi_storage_incoming_ceph_pool: gnocchi_incoming
+ gnocchi_storage_incoming_ceph_user: gnocchi
+ gnocchi_storage_incoming_driver: ceph
+ gnocchi:
+ common:
+ storage:
+ incoming:
+ driver: ${_param:gnocchi_storage_incoming_driver}
+ ceph_pool: ${_param:gnocchi_storage_incoming_ceph_pool}
+ ceph_username: ${_param:gnocchi_storage_incoming_ceph_user}
\ No newline at end of file
diff --git a/gnocchi/server/cluster.yml b/gnocchi/server/cluster.yml
index ede63c5..7de3ede 100644
--- a/gnocchi/server/cluster.yml
+++ b/gnocchi/server/cluster.yml
@@ -19,6 +19,7 @@
identity:
host: ${_param:openstack_control_address}
region: ${_param:openstack_region}
+ protocol: ${_param:cluster_internal_protocol}
cache:
engine: memcached
members:
diff --git a/gnocchi/server/single.yml b/gnocchi/server/single.yml
index 11ddf39..c4e1547 100644
--- a/gnocchi/server/single.yml
+++ b/gnocchi/server/single.yml
@@ -6,6 +6,7 @@
role: ${_param:openstack_node_role}
identity:
region: ${_param:openstack_region}
+ protocol: ${_param:internal_protocol}
metricd:
metric_processing_delay: 15
metric_reporting_delay: 30
diff --git a/grafana/client/datasource/gnocchi.yml b/grafana/client/datasource/gnocchi.yml
new file mode 100644
index 0000000..4266fe7
--- /dev/null
+++ b/grafana/client/datasource/gnocchi.yml
@@ -0,0 +1,23 @@
+parameters:
+ _param:
+ grafana_gnocchi_is_default: false
+ grafana_gnocchi_ds_name: gnocchi
+ grafana_gnocchi_address: ${_param:gnocchi_public_host}
+ keystone_public_url_path: /identity
+ keystone_gnocchi_user: gnocchi
+ grafana_gnocchi_domain: default
+ grafana_gnocchi_project: service
+ grafana:
+ client:
+ datasource:
+ gnocchi:
+ type: gnocchixyz-gnocchi-datasource
+ name: ${_param:grafana_gnocchi_ds_name}
+ host: ${_param:grafana_gnocchi_address}
+ url_path: ${_param:keystone_public_url_path}
+ mode: keystone
+ domain: ${_param:grafana_gnocchi_domain}
+ project: ${_param:grafana_gnocchi_project}
+ user: ${_param:keystone_gnocchi_user}
+ password: ${_param:keystone_gnocchi_password}
+ is_default: ${_param:grafana_gnocchi_is_default}
diff --git a/grafana/client/datasource/influxdb.yml b/grafana/client/datasource/influxdb.yml
index 7abe22f..7e2a459 100644
--- a/grafana/client/datasource/influxdb.yml
+++ b/grafana/client/datasource/influxdb.yml
@@ -14,4 +14,3 @@
password: ${_param:grafana_influxdb_password}
database: ${_param:grafana_influxdb_database}
is_default: ${_param:grafana_influxdb_is_default}
-
diff --git a/haproxy/proxy/listen/opencontrail/control.yml b/haproxy/proxy/listen/opencontrail/control.yml
index 490d100..db407be 100644
--- a/haproxy/proxy/listen/opencontrail/control.yml
+++ b/haproxy/proxy/listen/opencontrail/control.yml
@@ -1,6 +1,8 @@
parameters:
_param:
opencontrail_stats_password: password
+ opencontrail_api_start_offset: 0
+ opencontrail_api_workers_count: 1
haproxy:
proxy:
listen:
@@ -15,14 +17,20 @@
host: ${_param:cluster_node01_address}
port: 9100
params: check inter 2000 rise 2 fall 3
+ port_range_length: ${_param:opencontrail_api_workers_count}
+ port_range_start_offset: ${_param:opencontrail_api_start_offset}
- name: ntw02
host: ${_param:cluster_node02_address}
port: 9100
params: check inter 2000 rise 2 fall 3
+ port_range_length: ${_param:opencontrail_api_workers_count}
+ port_range_start_offset: ${_param:opencontrail_api_start_offset}
- name: ntw03
host: ${_param:cluster_node03_address}
port: 9100
params: check inter 2000 rise 2 fall 3
+ port_range_length: ${_param:opencontrail_api_workers_count}
+ port_range_start_offset: ${_param:opencontrail_api_start_offset}
contrail_discovery:
type: contrail-api
service_name: contrail
diff --git a/haproxy/proxy/listen/openstack/aodh.yml b/haproxy/proxy/listen/openstack/aodh.yml
index acd6340..bf30f93 100644
--- a/haproxy/proxy/listen/openstack/aodh.yml
+++ b/haproxy/proxy/listen/openstack/aodh.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ haproxy_aodh-api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
haproxy:
proxy:
listen:
@@ -12,12 +14,12 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8042
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_aodh-api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8042
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_aodh-api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8042
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
\ No newline at end of file
+ params: ${_param:haproxy_aodh-api_check_params}
diff --git a/haproxy/proxy/listen/openstack/aodh_large.yml b/haproxy/proxy/listen/openstack/aodh_large.yml
new file mode 100644
index 0000000..b70e1fb
--- /dev/null
+++ b/haproxy/proxy/listen/openstack/aodh_large.yml
@@ -0,0 +1,31 @@
+parameters:
+ haproxy:
+ proxy:
+ listen:
+ aodh-api:
+ type: openstack-service
+ service_name: aodh
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 8042
+ servers:
+ - name: ${_param:cluster_node01_hostname}
+ host: ${_param:cluster_node01_address}
+ port: 8042
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node02_hostname}
+ host: ${_param:cluster_node02_address}
+ port: 8042
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node03_hostname}
+ host: ${_param:cluster_node03_address}
+ port: 8042
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node04_hostname}
+ host: ${_param:cluster_node04_address}
+ port: 8042
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node05_hostname}
+ host: ${_param:cluster_node05_address}
+ port: 8042
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
diff --git a/haproxy/proxy/listen/openstack/barbican.yml b/haproxy/proxy/listen/openstack/barbican.yml
index c1f9877..d4a35d9 100644
--- a/haproxy/proxy/listen/openstack/barbican.yml
+++ b/haproxy/proxy/listen/openstack/barbican.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ haproxy_barbican-api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ haproxy_barbican-admin-api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
haproxy:
proxy:
listen:
@@ -12,15 +15,15 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 9311
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_barbican-api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 9311
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_barbican-api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 9311
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_barbican-api_check_params}
barbican-admin-api:
type: openstack-service
service_name: barbican
@@ -31,12 +34,12 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 9312
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_barbican-admin-api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 9312
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_barbican-admin-api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 9312
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
\ No newline at end of file
+ params: ${_param:haproxy_barbican-admin-api_check_params}
diff --git a/haproxy/proxy/listen/openstack/ceilometer.yml b/haproxy/proxy/listen/openstack/ceilometer.yml
index 68eef43..563aa21 100644
--- a/haproxy/proxy/listen/openstack/ceilometer.yml
+++ b/haproxy/proxy/listen/openstack/ceilometer.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ haproxy_ceilometer_api_check_params: check
haproxy:
proxy:
listen:
@@ -12,12 +14,12 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8777
- params: check
+ params: ${_param:haproxy_ceilometer_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8777
- params: check
+ params: ${_param:haproxy_ceilometer_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8777
- params: check
\ No newline at end of file
+ params: ${_param:haproxy_ceilometer_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/ceilometer_large.yml b/haproxy/proxy/listen/openstack/ceilometer_large.yml
index 8b9fa7e..4ca55d9 100644
--- a/haproxy/proxy/listen/openstack/ceilometer_large.yml
+++ b/haproxy/proxy/listen/openstack/ceilometer_large.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ haproxy_ceilometer_api_check_params: check
haproxy:
proxy:
listen:
@@ -12,20 +14,20 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8777
- params: check
+ params: ${_param:haproxy_ceilometer_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8777
- params: check
+ params: ${_param:haproxy_ceilometer_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8777
- params: check
+ params: ${_param:haproxy_ceilometer_api_check_params}
- name: ${_param:cluster_node04_hostname}
host: ${_param:cluster_node04_address}
port: 8777
- params: check
+ params: ${_param:haproxy_ceilometer_api_check_params}
- name: ${_param:cluster_node05_hostname}
host: ${_param:cluster_node05_address}
port: 8777
- params: check
+ params: ${_param:haproxy_ceilometer_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/cinder.yml b/haproxy/proxy/listen/openstack/cinder.yml
index c0bb7be..85f2c46 100644
--- a/haproxy/proxy/listen/openstack/cinder.yml
+++ b/haproxy/proxy/listen/openstack/cinder.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ haproxy_cinder_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
haproxy:
proxy:
listen:
@@ -12,12 +14,12 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8776
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_cinder_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8776
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_cinder_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8776
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
\ No newline at end of file
+ params: ${_param:haproxy_cinder_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/cinder_large.yml b/haproxy/proxy/listen/openstack/cinder_large.yml
index 7721f94..e13f54b 100644
--- a/haproxy/proxy/listen/openstack/cinder_large.yml
+++ b/haproxy/proxy/listen/openstack/cinder_large.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ haproxy_cinder_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
haproxy:
proxy:
listen:
@@ -12,20 +14,20 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8776
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_cinder_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8776
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_cinder_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8776
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_cinder_api_check_params}
- name: ${_param:cluster_node04_hostname}
host: ${_param:cluster_node04_address}
port: 8776
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_cinder_api_check_params}
- name: ${_param:cluster_node05_hostname}
host: ${_param:cluster_node05_address}
port: 8776
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
\ No newline at end of file
+ params: ${_param:haproxy_cinder_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/glance.yml b/haproxy/proxy/listen/openstack/glance.yml
index 144fd4e..aa1d923 100644
--- a/haproxy/proxy/listen/openstack/glance.yml
+++ b/haproxy/proxy/listen/openstack/glance.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ haproxy_glance_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ haproxy_glance_registry_api_check_params: check
haproxy:
proxy:
listen:
@@ -12,15 +15,15 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 9292
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_glance_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 9292
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_glance_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 9292
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_glance_api_check_params}
glance_registry_api:
type: general-service
service_name: glance
@@ -31,12 +34,12 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 9191
- params: check
+ params: ${_param:haproxy_glance_registry_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 9191
- params: check
+ params: ${_param:haproxy_glance_registry_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 9191
- params: check
+ params: ${_param:haproxy_glance_registry_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/glance_large.yml b/haproxy/proxy/listen/openstack/glance_large.yml
index 6d88933..c6be106 100644
--- a/haproxy/proxy/listen/openstack/glance_large.yml
+++ b/haproxy/proxy/listen/openstack/glance_large.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ haproxy_glance_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ haproxy_glance_registry_api_check_params: check
haproxy:
proxy:
listen:
@@ -12,23 +15,23 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 9292
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_glance_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 9292
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_glance_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 9292
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_glance_api_check_params}
- name: ${_param:cluster_node04_hostname}
host: ${_param:cluster_node04_address}
port: 9292
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_glance_api_check_params}
- name: ${_param:cluster_node05_hostname}
host: ${_param:cluster_node05_address}
port: 9292
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_glance_api_check_params}
glance_registry_api:
type: general-service
service_name: glance
@@ -39,20 +42,20 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 9191
- params: check
+ params: ${_param:haproxy_glance_registry_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 9191
- params: check
+ params: ${_param:haproxy_glance_registry_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 9191
- params: check
+ params: ${_param:haproxy_glance_registry_api_check_params}
- name: ${_param:cluster_node04_hostname}
host: ${_param:cluster_node04_address}
port: 9191
- params: check
+ params: ${_param:haproxy_glance_registry_api_check_params}
- name: ${_param:cluster_node05_hostname}
host: ${_param:cluster_node05_address}
port: 9191
- params: check
\ No newline at end of file
+ params: ${_param:haproxy_glance_registry_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/glare.yml b/haproxy/proxy/listen/openstack/glare.yml
index 36a6337..afdf436 100644
--- a/haproxy/proxy/listen/openstack/glare.yml
+++ b/haproxy/proxy/listen/openstack/glare.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ haproxy_glare_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
haproxy:
proxy:
listen:
@@ -12,12 +14,12 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 9494
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_glare_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 9494
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_glare_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 9494
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_glare_check_params}
diff --git a/haproxy/proxy/listen/openstack/glare_large.yml b/haproxy/proxy/listen/openstack/glare_large.yml
index 4e3bd08..0e8c8d7 100644
--- a/haproxy/proxy/listen/openstack/glare_large.yml
+++ b/haproxy/proxy/listen/openstack/glare_large.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ haproxy_glare_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
haproxy:
proxy:
listen:
@@ -12,20 +14,20 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 9494
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_glare_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 9494
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_glare_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 9494
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_glare_check_params}
- name: ${_param:cluster_node04_hostname}
host: ${_param:cluster_node04_address}
port: 9494
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_glare_check_params}
- name: ${_param:cluster_node05_hostname}
host: ${_param:cluster_node05_address}
port: 9494
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
\ No newline at end of file
+ params: ${_param:haproxy_glare_check_params}
diff --git a/haproxy/proxy/listen/openstack/gnocchi.yml b/haproxy/proxy/listen/openstack/gnocchi.yml
index ec2bb20..8971d6d 100644
--- a/haproxy/proxy/listen/openstack/gnocchi.yml
+++ b/haproxy/proxy/listen/openstack/gnocchi.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ haproxy_gnocchi_api_check_params: check
haproxy:
proxy:
listen:
@@ -12,12 +14,12 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8041
- params: check
+ params: ${_param:haproxy_gnocchi_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8041
- params: check
+ params: ${_param:haproxy_gnocchi_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8041
- params: check
\ No newline at end of file
+ params: ${_param:haproxy_gnocchi_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/heat.yml b/haproxy/proxy/listen/openstack/heat.yml
index 50595ea..cb24614 100644
--- a/haproxy/proxy/listen/openstack/heat.yml
+++ b/haproxy/proxy/listen/openstack/heat.yml
@@ -1,4 +1,8 @@
parameters:
+ _param:
+ haproxy_heat_cloudwatch_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ haproxy_heat_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ haproxy_heat_cfn_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
haproxy:
proxy:
listen:
@@ -12,15 +16,15 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8003
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_cloudwatch_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8003
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_cloudwatch_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8003
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_cloudwatch_api_check_params}
heat_api:
type: openstack-service
service_name: heat
@@ -31,15 +35,15 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8004
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8004
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8004
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_api_check_params}
heat_cfn_api:
type: openstack-service
service_name: heat
@@ -50,12 +54,12 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8000
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_cfn_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8000
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_cfn_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8000
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_cfn_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/heat_large.yml b/haproxy/proxy/listen/openstack/heat_large.yml
index 50ba69f..2272c3e 100644
--- a/haproxy/proxy/listen/openstack/heat_large.yml
+++ b/haproxy/proxy/listen/openstack/heat_large.yml
@@ -1,4 +1,8 @@
parameters:
+ _param:
+ haproxy_heat_cloudwatch_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ haproxy_heat_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ haproxy_heat_cfn_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
haproxy:
proxy:
listen:
@@ -12,23 +16,23 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8003
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_cloudwatch_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8003
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_cloudwatch_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8003
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_cloudwatch_api_check_params}
- name: ${_param:cluster_node04_hostname}
host: ${_param:cluster_node04_address}
port: 8003
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_cloudwatch_api_check_params}
- name: ${_param:cluster_node05_hostname}
host: ${_param:cluster_node05_address}
port: 8003
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_cloudwatch_api_check_params}
heat_api:
type: openstack-service
service_name: heat
@@ -39,23 +43,23 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8004
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8004
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8004
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_api_check_params}
- name: ${_param:cluster_node04_hostname}
host: ${_param:cluster_node04_address}
port: 8004
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_api_check_params}
- name: ${_param:cluster_node05_hostname}
host: ${_param:cluster_node05_address}
port: 8004
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_api_check_params}
heat_cfn_api:
type: openstack-service
service_name: heat
@@ -66,20 +70,20 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8000
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_cfn_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8000
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_cfn_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8000
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_cfn_api_check_params}
- name: ${_param:cluster_node04_hostname}
host: ${_param:cluster_node04_address}
port: 8000
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_heat_cfn_api_check_params}
- name: ${_param:cluster_node05_hostname}
host: ${_param:cluster_node05_address}
port: 8000
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
\ No newline at end of file
+ params: ${_param:haproxy_heat_cfn_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/horizon.yml b/haproxy/proxy/listen/openstack/horizon.yml
index d507b96..dfa826b 100644
--- a/haproxy/proxy/listen/openstack/horizon.yml
+++ b/haproxy/proxy/listen/openstack/horizon.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ haproxy_horizon_web_check_params: check
haproxy:
proxy:
listen:
@@ -12,12 +14,12 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8078
- params: check
+ params: ${_param:haproxy_horizon_web_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8078
- params: check
+ params: ${_param:haproxy_horizon_web_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8078
- params: check
+ params: ${_param:haproxy_horizon_web_check_params}
diff --git a/haproxy/proxy/listen/openstack/ironic.yml b/haproxy/proxy/listen/openstack/ironic.yml
index 1713085..9565ba6 100644
--- a/haproxy/proxy/listen/openstack/ironic.yml
+++ b/haproxy/proxy/listen/openstack/ironic.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ haproxy_ironic_check_params: check
haproxy:
proxy:
listen:
@@ -13,13 +15,13 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 6385
- params: check
+ params: ${_param:haproxy_ironic_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 6385
- params: check
+ params: ${_param:haproxy_ironic_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 6385
- params: check
+ params: ${_param:haproxy_ironic_check_params}
diff --git a/haproxy/proxy/listen/openstack/ironic_deploy.yml b/haproxy/proxy/listen/openstack/ironic_deploy.yml
index f5e7a4f..fadc4c5 100644
--- a/haproxy/proxy/listen/openstack/ironic_deploy.yml
+++ b/haproxy/proxy/listen/openstack/ironic_deploy.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ haproxy_ironic_deploy_check_params: check
haproxy:
proxy:
listen:
@@ -13,12 +15,12 @@
- name: bmt01
host: ${_param:openstack_baremetal_node01_baremetal_address}
port: 6385
- params: check
+ params: ${_param:haproxy_ironic_deploy_check_params}
- name: bmt02
host: ${_param:openstack_baremetal_node02_baremetal_address}
port: 6385
- params: check
+ params: ${_param:haproxy_ironic_deploy_check_params}
- name: bmt03
host: ${_param:openstack_baremetal_node03_baremetal_address}
port: 6385
- params: check
+ params: ${_param:haproxy_ironic_deploy_check_params}
diff --git a/haproxy/proxy/listen/openstack/keystone/init.yml b/haproxy/proxy/listen/openstack/keystone/init.yml
index 32f776e..8fe4dad 100644
--- a/haproxy/proxy/listen/openstack/keystone/init.yml
+++ b/haproxy/proxy/listen/openstack/keystone/init.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ haproxy_keystone_public_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ haproxy_keystone_admin_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
haproxy:
proxy:
listen:
@@ -10,15 +13,15 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 5000
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_keystone_public_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 5000
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_keystone_public_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 5000
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_keystone_public_api_check_params}
keystone_admin_api:
binds:
- address: ${_param:cluster_vip_address}
@@ -27,12 +30,12 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 35357
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_keystone_admin_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 35357
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_keystone_admin_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 35357
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_keystone_admin_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/keystone/large.yml b/haproxy/proxy/listen/openstack/keystone/large.yml
index 17510ac..e40803b 100644
--- a/haproxy/proxy/listen/openstack/keystone/large.yml
+++ b/haproxy/proxy/listen/openstack/keystone/large.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ haproxy_keystone_public_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ haproxy_keystone_admin_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
haproxy:
proxy:
listen:
@@ -10,23 +13,23 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 5000
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_keystone_public_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 5000
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_keystone_public_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 5000
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_keystone_public_api_check_params}
- name: ${_param:cluster_node04_hostname}
host: ${_param:cluster_node04_address}
port: 5000
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_keystone_public_api_check_params}
- name: ${_param:cluster_node05_hostname}
host: ${_param:cluster_node05_address}
port: 5000
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_keystone_public_api_check_params}
keystone_admin_api:
binds:
- address: ${_param:cluster_vip_address}
@@ -35,20 +38,20 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 35357
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_keystone_admin_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 35357
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_keystone_admin_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 35357
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_keystone_admin_api_check_params}
- name: ${_param:cluster_node04_hostname}
host: ${_param:cluster_node04_address}
port: 35357
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_keystone_admin_api_check_params}
- name: ${_param:cluster_node05_hostname}
host: ${_param:cluster_node05_address}
port: 35357
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_keystone_admin_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/manila.yml b/haproxy/proxy/listen/openstack/manila.yml
index a28f365..fcc09de 100644
--- a/haproxy/proxy/listen/openstack/manila.yml
+++ b/haproxy/proxy/listen/openstack/manila.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ haproxy_manila_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
haproxy:
proxy:
listen:
@@ -12,12 +14,12 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8786
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_manila_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8786
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_manila_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8786
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_manila_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/murano.yml b/haproxy/proxy/listen/openstack/murano.yml
index 0427820..1c9714e 100644
--- a/haproxy/proxy/listen/openstack/murano.yml
+++ b/haproxy/proxy/listen/openstack/murano.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ haproxy_murano_api_check_params: check
haproxy:
proxy:
listen:
@@ -12,7 +14,8 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8082
- params: check
+ params: ${_param:haproxy_murano_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
- port: 8082
\ No newline at end of file
+ port: 8082
+ params: ${_param:haproxy_murano_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/nova-placement.yml b/haproxy/proxy/listen/openstack/nova-placement.yml
index 58c9dd2..41bedc8 100644
--- a/haproxy/proxy/listen/openstack/nova-placement.yml
+++ b/haproxy/proxy/listen/openstack/nova-placement.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ haproxy_nova_placement_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
haproxy:
proxy:
listen:
@@ -21,12 +23,12 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8778
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_placement_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8778
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_placement_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8778
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_placement_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/nova-placement_large.yml b/haproxy/proxy/listen/openstack/nova-placement_large.yml
index 0139959..9d8dfb8 100644
--- a/haproxy/proxy/listen/openstack/nova-placement_large.yml
+++ b/haproxy/proxy/listen/openstack/nova-placement_large.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ haproxy_nova_placement_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
haproxy:
proxy:
listen:
@@ -21,20 +23,20 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8778
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_placement_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8778
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_placement_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8778
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_placement_api_check_params}
- name: ${_param:cluster_node04_hostname}
host: ${_param:cluster_node04_address}
port: 8778
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_placement_api_check_params}
- name: ${_param:cluster_node05_hostname}
host: ${_param:cluster_node05_address}
port: 8778
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_placement_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/nova.yml b/haproxy/proxy/listen/openstack/nova.yml
index 1e090ef..2abea3d 100644
--- a/haproxy/proxy/listen/openstack/nova.yml
+++ b/haproxy/proxy/listen/openstack/nova.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ haproxy_nova_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ haproxy_nova_metadata_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
haproxy:
proxy:
listen:
@@ -12,15 +15,15 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8774
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8774
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8774
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_api_check_params}
nova_metadata_api:
type: openstack-service
binds:
@@ -30,12 +33,12 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8775
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_metadata_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8775
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_metadata_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8775
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_metadata_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/nova_large.yml b/haproxy/proxy/listen/openstack/nova_large.yml
index 645e904..b09a3b6 100644
--- a/haproxy/proxy/listen/openstack/nova_large.yml
+++ b/haproxy/proxy/listen/openstack/nova_large.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ haproxy_nova_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ haproxy_nova_metadata_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
haproxy:
proxy:
listen:
@@ -12,23 +15,23 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8774
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8774
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8774
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_api_check_params}
- name: ${_param:cluster_node04_hostname}
host: ${_param:cluster_node04_address}
port: 8774
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_api_check_params}
- name: ${_param:cluster_node05_hostname}
host: ${_param:cluster_node05_address}
port: 8774
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_api_check_params}
nova_metadata_api:
type: openstack-service
binds:
@@ -38,20 +41,20 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8775
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_metadata_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8775
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_metadata_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8775
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_metadata_api_check_params}
- name: ${_param:cluster_node04_hostname}
host: ${_param:cluster_node04_address}
port: 8775
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_metadata_api_check_params}
- name: ${_param:cluster_node05_hostname}
host: ${_param:cluster_node05_address}
port: 8775
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_nova_metadata_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/novnc.yml b/haproxy/proxy/listen/openstack/novnc.yml
index 40b9d9c..37934c0 100644
--- a/haproxy/proxy/listen/openstack/novnc.yml
+++ b/haproxy/proxy/listen/openstack/novnc.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ haproxy_nova_novnc_check_params: check
haproxy:
proxy:
listen:
@@ -13,13 +15,13 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 6080
- params: check
+ params: ${_param:haproxy_nova_novnc_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 6080
- params: check
+ params: ${_param:haproxy_nova_novnc_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 6080
- params: check
+ params: ${_param:haproxy_nova_novnc_check_params}
diff --git a/haproxy/proxy/listen/openstack/novnc_large.yml b/haproxy/proxy/listen/openstack/novnc_large.yml
index 0951777..2c2cbd6 100644
--- a/haproxy/proxy/listen/openstack/novnc_large.yml
+++ b/haproxy/proxy/listen/openstack/novnc_large.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ haproxy_nova_novnc_check_params: check
haproxy:
proxy:
listen:
@@ -13,20 +15,20 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 6080
- params: check
+ params: ${_param:haproxy_nova_novnc_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 6080
- params: check
+ params: ${_param:haproxy_nova_novnc_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 6080
- params: check
+ params: ${_param:haproxy_nova_novnc_check_params}
- name: ${_param:cluster_node04_hostname}
host: ${_param:cluster_node04_address}
port: 6080
- params: check
+ params: ${_param:haproxy_nova_novnc_check_params}
- name: ${_param:cluster_node05_hostname}
host: ${_param:cluster_node05_address}
port: 6080
- params: check
+ params: ${_param:haproxy_nova_novnc_check_params}
diff --git a/haproxy/proxy/listen/openstack/octavia.yml b/haproxy/proxy/listen/openstack/octavia.yml
index c2b8e6d..89f0569 100644
--- a/haproxy/proxy/listen/openstack/octavia.yml
+++ b/haproxy/proxy/listen/openstack/octavia.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ haproxy_octavia_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
haproxy:
proxy:
listen:
@@ -12,12 +14,12 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 9876
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_octavia_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 9876
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_octavia_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 9876
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_octavia_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/panko.yml b/haproxy/proxy/listen/openstack/panko.yml
index 51eb030..bf638ef 100644
--- a/haproxy/proxy/listen/openstack/panko.yml
+++ b/haproxy/proxy/listen/openstack/panko.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ haproxy_panko_api_check_params: check
haproxy:
proxy:
listen:
@@ -12,12 +14,12 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8977
- params: check
+ params: ${_param:haproxy_panko_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8977
- params: check
+ params: ${_param:haproxy_panko_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8977
- params: check
\ No newline at end of file
+ params: ${_param:haproxy_panko_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/placement.yml b/haproxy/proxy/listen/openstack/placement.yml
index f3b2b99..b2e37bb 100644
--- a/haproxy/proxy/listen/openstack/placement.yml
+++ b/haproxy/proxy/listen/openstack/placement.yml
@@ -2,6 +2,8 @@
# returns 200 with version data instead of 401 as it was before.
# This file should be included for nova/placement higher than Queens.
parameters:
+ _param:
+ haproxy_placement_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
haproxy:
proxy:
listen:
@@ -15,12 +17,12 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8778
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_placement_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8778
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_placement_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8778
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_placement_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/placement_large.yml b/haproxy/proxy/listen/openstack/placement_large.yml
index c871fd7..d559572 100644
--- a/haproxy/proxy/listen/openstack/placement_large.yml
+++ b/haproxy/proxy/listen/openstack/placement_large.yml
@@ -2,6 +2,8 @@
# returns 200 with version data instead of 401 as it was before.
# This file should be included for nova/placement higher than Queens.
parameters:
+ _param:
+ haproxy_placement_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
haproxy:
proxy:
listen:
@@ -15,20 +17,20 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8778
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_placement_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8778
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_placement_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8778
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_placement_api_check_params}
- name: ${_param:cluster_node04_hostname}
host: ${_param:cluster_node04_address}
port: 8778
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_placement_api_check_params}
- name: ${_param:cluster_node05_hostname}
host: ${_param:cluster_node05_address}
port: 8778
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_placement_api_check_params}
diff --git a/haproxy/proxy/listen/openstack/sahara.yml b/haproxy/proxy/listen/openstack/sahara.yml
index 335c4f6..7ece261 100644
--- a/haproxy/proxy/listen/openstack/sahara.yml
+++ b/haproxy/proxy/listen/openstack/sahara.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ haproxy_sahara_api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
haproxy:
proxy:
listen:
@@ -13,12 +15,12 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 8386
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_sahara_api_check_params}
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 8386
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_sahara_api_check_params}
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 8386
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ params: ${_param:haproxy_sahara_api_check_params}
diff --git a/heat/server/cluster.yml b/heat/server/cluster.yml
index eee2b63..e11feae 100644
--- a/heat/server/cluster.yml
+++ b/heat/server/cluster.yml
@@ -3,10 +3,17 @@
- service.haproxy.proxy.single
- service.keepalived.cluster.single
- system.haproxy.proxy.listen.openstack.heat
+- system.salt.minion.cert.mysql.clients.openstack.heat
+- system.salt.minion.cert.rabbitmq.clients.openstack.heat
parameters:
_param:
cluster_public_protocol: 'https'
cluster_internal_protocol: 'http'
+ openstack_mysql_x509_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ galera_ssl_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
package:
@@ -37,6 +44,13 @@
name: heat
user: heat
password: ${_param:mysql_heat_password}
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_heat_ssl_ca_file}
+ key_file: ${_param:mysql_heat_client_ssl_key_file}
+ cert_file: ${_param:mysql_heat_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
metadata:
host: ${_param:cluster_public_host}
port: 8000
@@ -59,7 +73,7 @@
protocol: ${_param:cluster_internal_protocol}
message_queue:
engine: rabbitmq
- port: 5672
+ port: ${_param:openstack_rabbitmq_port}
user: openstack
password: ${_param:rabbitmq_openstack_password}
virtual_host: '/openstack'
@@ -67,3 +81,10 @@
- host: ${_param:openstack_message_queue_node01_address}
- host: ${_param:openstack_message_queue_node02_address}
- host: ${_param:openstack_message_queue_node03_address}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_heat_ssl_ca_file}
+ key_file: ${_param:rabbitmq_heat_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_heat_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
diff --git a/heat/server/single.yml b/heat/server/single.yml
index 2f28613..1ecb122 100644
--- a/heat/server/single.yml
+++ b/heat/server/single.yml
@@ -1,6 +1,14 @@
classes:
- service.heat.server.single
+- system.salt.minion.cert.mysql.clients.openstack.heat
+- system.salt.minion.cert.rabbitmq.clients.openstack.heat
parameters:
+ _param:
+ openstack_mysql_x509_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ galera_ssl_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
package:
@@ -20,4 +28,22 @@
waitcondition:
protocol: ${_param:cluster_public_protocol}
watch:
- protocol: ${_param:cluster_public_protocol}
\ No newline at end of file
+ protocol: ${_param:cluster_public_protocol}
+ database:
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_heat_ssl_ca_file}
+ key_file: ${_param:mysql_heat_client_ssl_key_file}
+ cert_file: ${_param:mysql_heat_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
+ message_queue:
+ port: ${_param:openstack_rabbitmq_port}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_heat_ssl_ca_file}
+ key_file: ${_param:rabbitmq_heat_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_heat_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
+
diff --git a/horizon/server/plugin/lbaasv2.yml b/horizon/server/plugin/lbaasv2.yml
index 69e2682..37bf013 100644
--- a/horizon/server/plugin/lbaasv2.yml
+++ b/horizon/server/plugin/lbaasv2.yml
@@ -5,5 +5,5 @@
lbaasv2:
source:
engine: pkg
- name: python-horizon-neutron-lbaasv2-panel
+ name: python-neutron-lbaas-dashboard
diff --git a/ironic/api/cluster.yml b/ironic/api/cluster.yml
index b0bb69f..849b923 100644
--- a/ironic/api/cluster.yml
+++ b/ironic/api/cluster.yml
@@ -1,6 +1,14 @@
classes:
+- system.salt.minion.cert.mysql.clients.openstack.ironic
+- system.salt.minion.cert.rabbitmq.clients.openstack.ironic
- service.ironic.api.cluster
parameters:
+ _param:
+ openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
package:
@@ -14,3 +22,20 @@
role: ${_param:openstack_node_role}
bind:
address: ${_param:cluster_baremetal_local_address}
+ database:
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_ironic_ssl_ca_file}
+ key_file: ${_param:mysql_ironic_client_ssl_key_file}
+ cert_file: ${_param:mysql_ironic_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
+ message_queue:
+ port: ${_param:openstack_rabbitmq_port}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_ironic_ssl_ca_file}
+ key_file: ${_param:rabbitmq_ironic_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_ironic_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
\ No newline at end of file
diff --git a/ironic/api/single.yml b/ironic/api/single.yml
index 51c3f9c..3313eb2 100644
--- a/ironic/api/single.yml
+++ b/ironic/api/single.yml
@@ -1,6 +1,14 @@
classes:
+- system.salt.minion.cert.mysql.clients.openstack.ironic
+- system.salt.minion.cert.rabbitmq.clients.openstack.ironic
- service.ironic.api.single
parameters:
+ _param:
+ openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
package:
@@ -12,3 +20,20 @@
role: ${_param:openstack_node_role}
bind:
address: ${_param:single_address}
+ database:
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_ironic_ssl_ca_file}
+ key_file: ${_param:mysql_ironic_client_ssl_key_file}
+ cert_file: ${_param:mysql_ironic_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
+ message_queue:
+ port: ${_param:openstack_rabbitmq_port}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_ironic_ssl_ca_file}
+ key_file: ${_param:rabbitmq_ironic_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_ironic_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
diff --git a/ironic/conductor/cluster.yml b/ironic/conductor/cluster.yml
index 063719c..81fa2b5 100644
--- a/ironic/conductor/cluster.yml
+++ b/ironic/conductor/cluster.yml
@@ -1,6 +1,14 @@
classes:
+- system.salt.minion.cert.mysql.clients.openstack.ironic
+- system.salt.minion.cert.rabbitmq.clients.openstack.ironic
- service.ironic.conductor.cluster
parameters:
+ _param:
+ openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
package:
@@ -10,3 +18,20 @@
ironic:
conductor:
api_url: 'http://${_param:cluster_baremetal_vip_address}:6385'
+ database:
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_ironic_ssl_ca_file}
+ key_file: ${_param:mysql_ironic_client_ssl_key_file}
+ cert_file: ${_param:mysql_ironic_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
+ message_queue:
+ port: ${_param:openstack_rabbitmq_port}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_ironic_ssl_ca_file}
+ key_file: ${_param:rabbitmq_ironic_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_ironic_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
diff --git a/ironic/conductor/single.yml b/ironic/conductor/single.yml
index d827129..7a24028 100644
--- a/ironic/conductor/single.yml
+++ b/ironic/conductor/single.yml
@@ -1,6 +1,14 @@
classes:
+- system.salt.minion.cert.mysql.clients.openstack.ironic
+- system.salt.minion.cert.rabbitmq.clients.openstack.ironic
- service.ironic.conductor.single
parameters:
+ _param:
+ openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
package:
@@ -11,3 +19,20 @@
conductor:
enabled: true
version: ${_param:ironic_version}
+ database:
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_ironic_ssl_ca_file}
+ key_file: ${_param:mysql_ironic_client_ssl_key_file}
+ cert_file: ${_param:mysql_ironic_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
+ message_queue:
+ port: ${_param:openstack_rabbitmq_port}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_ironic_ssl_ca_file}
+ key_file: ${_param:rabbitmq_ironic_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_ironic_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
diff --git a/jenkins/client/approved_scripts.yml b/jenkins/client/approved_scripts.yml
index 0dc20b0..ed6292e 100644
--- a/jenkins/client/approved_scripts.yml
+++ b/jenkins/client/approved_scripts.yml
@@ -1,6 +1,7 @@
parameters:
jenkins:
client:
+ # Please keep those list sorted
approved_scripts:
- field java.lang.String value
- field java.util.ArrayList size
@@ -12,13 +13,14 @@
- method groovy.json.JsonSlurperClassic parseText java.lang.String
- method groovy.lang.GString getBytes
- method groovy.lang.GroovyObject getProperty java.lang.String
- - method groovy.util.Node get java.lang.String
- method groovy.util.Node attributes
+ - method groovy.util.Node get java.lang.String
- method groovy.util.XmlParser parse java.io.File
- method groovy.util.XmlParser parseText java.lang.String
- method hudson.EnvVars get java.lang.String java.lang.String
- method hudson.PluginManager getPlugins
- method hudson.PluginWrapper getShortName
+ - method hudson.model.Actionable getAction java.lang.Class
- method hudson.model.Hudson getSlaves
- method hudson.model.Item getName
- method hudson.model.ItemGroup getItem java.lang.String
@@ -26,21 +28,27 @@
- method hudson.model.Job getBuildByNumber int
- method hudson.model.Job getBuilds
- method hudson.model.Job getLastBuild
+ - method hudson.model.Job getProperty java.lang.Class
- method hudson.model.Node getLabelString
- method hudson.model.Node getNodeName
+ - method hudson.model.ParameterDefinition getName
+ - method hudson.model.ParametersDefinitionProperty getParameterDefinitions
- method hudson.model.Run getEnvironment
- method hudson.model.Run getId
- method hudson.model.Run getNumber
- method hudson.model.Run getResult
- method hudson.model.Run getTimeInMillis
- method hudson.model.Run isBuilding
+ - method hudson.model.StringParameterDefinition getDefaultValue
- method java.io.File getAbsolutePath
- method java.io.File getName
- method java.io.File getParent
+ - method java.io.File listFiles
- method java.io.Writer write java.lang.String
- method java.lang.AutoCloseable close
- method java.lang.Class isInstance java.lang.Object
- method java.lang.Iterable iterator
+ - method java.lang.String concat java.lang.String
- method java.lang.Throwable printStackTrace
- method java.net.HttpURLConnection getResponseCode
- method java.net.HttpURLConnection setRequestMethod java.lang.String
@@ -52,17 +60,22 @@
- method java.net.URLConnection getOutputStream
- method java.net.URLConnection setDoOutput boolean
- method java.net.URLConnection setRequestProperty java.lang.String java.lang.String
+ - method java.text.DateFormat parse java.lang.String
+ - method java.util.Calendar add int int
+ - method java.util.Calendar getTime
- method java.util.Collection remove java.lang.Object
- method java.util.Collection stream
+ - method java.util.Collection toArray
+ - method java.util.Date before java.util.Date
- method java.util.Date getTime
- method java.util.LinkedHashMap$LinkedHashIterator hasNext
- method java.util.List add int java.lang.Object
- method java.util.List subList int int
- method java.util.Map containsValue java.lang.Object
- method java.util.Map get java.lang.Object
+ - method java.util.Map isEmpty
- method java.util.Map remove java.lang.Object
- method java.util.Map size
- - method java.util.Map isEmpty
- method java.util.regex.MatchResult group int
- method java.util.regex.MatchResult groupCount
- method java.util.regex.Matcher find
@@ -70,16 +83,14 @@
- method java.util.regex.Matcher matches
- method java.util.regex.Pattern matcher java.lang.CharSequence
- method java.util.stream.Stream collect java.util.stream.Collector
- - method java.util.Calendar add int int
- - method java.util.Calendar getTime
- - method java.util.Date before java.util.Date
- - method java.text.DateFormat parse java.lang.String
- method jenkins.model.Jenkins getItemByFullName java.lang.String
- method jenkins.model.Jenkins getPluginManager
- method org.jenkinsci.plugins.workflow.job.WorkflowRun doStop
- method org.jenkinsci.plugins.workflow.job.WorkflowRun finish hudson.model.Result java.lang.Throwable
+ - method org.jenkinsci.plugins.workflow.steps.FlowInterruptedException getCauses
- method org.jenkinsci.plugins.workflow.support.actions.EnvironmentAction getEnvironment
- method org.jenkinsci.plugins.workflow.support.steps.build.RunWrapper build
+ - method org.jenkinsci.plugins.workflow.support.steps.build.RunWrapper getRawBuild
- new groovy.json.JsonBuilder
- new groovy.json.JsonBuilder java.lang.Object
- new groovy.json.JsonSlurperClassic
@@ -94,12 +105,13 @@
- new java.lang.StringBuilder
- new java.lang.StringBuilder int
- new java.net.URI java.lang.String
+ - new java.text.SimpleDateFormat java.lang.String java.util.Locale
- new java.util.ArrayList
- new java.util.Date
- new java.util.HashMap
- - new java.text.SimpleDateFormat java.lang.String java.util.Locale
- staticField groovy.io.FileType FILES
- staticMethod com.cloudbees.plugins.credentials.CredentialsProvider lookupCredentials java.lang.Class hudson.model.ItemGroup
+ - staticMethod hudson.model.Hudson getInstance
- staticMethod java.lang.Double parseDouble java.lang.String
- staticMethod java.lang.Integer valueOf int
- staticMethod java.lang.Integer valueOf java.lang.String
@@ -113,6 +125,7 @@
- staticMethod java.util.regex.Pattern quote java.lang.String
- staticMethod java.util.stream.Collectors joining java.lang.CharSequence
- staticMethod jenkins.model.Jenkins getInstance
+ - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods asBoolean java.lang.CharSequence
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods asBoolean java.util.regex.Matcher
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods collect java.util.Map groovy.lang.Closure
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods eachFile java.io.File groovy.io.FileType groovy.lang.Closure
@@ -120,42 +133,31 @@
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods findAll java.util.List groovy.lang.Closure
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods get java.util.Map java.lang.Object java.lang.Object
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods getAt java.lang.Iterable int
+ - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods getAt java.lang.Object java.lang.String
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods getAt java.lang.String int
+ - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods getAt java.util.Collection java.lang.String
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods getAt java.util.List groovy.lang.Range
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods getBytes java.io.File
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods getText java.io.InputStream
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods hasProperty java.lang.Object java.lang.String
+ - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods init java.util.List
+ - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods intersect java.util.List java.lang.Iterable
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods iterator java.lang.Object
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods iterator java.lang.Object[]
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods leftShift java.lang.StringBuffer java.lang.Object
+ - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods minus java.lang.String java.lang.Object
+ - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods multiply java.lang.String java.lang.Number
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods plus java.util.List java.lang.Iterable
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods plus java.util.List java.lang.Object
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods plus java.util.List java.util.Collection
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods println java.lang.Object java.lang.Object
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods putAt java.lang.Object java.lang.String java.lang.Object
+ - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods readLines java.lang.String
+ - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods reverse java.util.List
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods sort java.util.Collection
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods split java.lang.String
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods takeRight java.util.List int
+ - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods toBoolean java.lang.Boolean
+ - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods toSorted java.lang.Iterable
- staticMethod org.codehaus.groovy.runtime.EncodingGroovyMethods encodeBase64 byte[]
- staticMethod org.codehaus.groovy.runtime.ScriptBytecodeAdapter bitwiseNegate java.lang.Object
- - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods toBoolean java.lang.Boolean
- - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods getAt java.lang.Object java.lang.String
- - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods multiply java.lang.String java.lang.Number
- - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods minus java.lang.String java.lang.Object
- - method java.io.File listFiles
- - method java.lang.String concat java.lang.String
- - method org.jenkinsci.plugins.workflow.steps.FlowInterruptedException getCauses
- - method org.jenkinsci.plugins.workflow.support.steps.build.RunWrapper getRawBuild
- - method hudson.model.Actionable getAction java.lang.Class
- - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods toSorted java.lang.Iterable
- - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods intersect java.util.List java.lang.Iterable
- - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods reverse java.util.List
- - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods getAt java.util.Collection java.lang.String
- - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods init java.util.List
- - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods asBoolean java.lang.CharSequence
- - staticMethod hudson.model.Hudson getInstance
- - method hudson.model.Job getProperty java.lang.Class
- - method hudson.model.ParametersDefinitionProperty getParameterDefinitions
- - method hudson.model.ParameterDefinition getName
- - method hudson.model.StringParameterDefinition getDefaultValue
- - method java.util.Collection toArray
diff --git a/jenkins/client/job/custompatches.yml b/jenkins/client/job/custompatches.yml
deleted file mode 100644
index e7a7eed..0000000
--- a/jenkins/client/job/custompatches.yml
+++ /dev/null
@@ -1,43 +0,0 @@
-parameters:
- jenkins:
- client:
- job:
- custompatches:
- concurrent: true
- discard:
- build:
- keep_num: 20
- display_name: Custom Patches - find and upload to review
- name: custom-patches
- param:
- GERRIT_URI:
- type: string
- default: ''
- description: "Gerrit URI to the projec"
- GERRIT_CREDENTIALS:
- default: mcp-ci-gerrit
- type: string
- description: "Name of creadentials to use when connecting to gerrit"
- TARGET_GERRIT_URI:
- default: ''
- type: string
- description: "Link to the target on gerrit, if not set GERRIT_URI is picked"
- OLD_BRANCH:
- default: ''
- type: string
- description: "Old branch on GERRIT_URI to take patches from, tupically previous release"
- NEW_BRANCH:
- default: ''
- type: string
- description: "New branch to compare with and push patches to, tupically current release"
- DRY_RUN:
- default: 'false'
- type: boolean
- description: "Do not upload custom patches on review, just log them"
- scm:
- script: custompatches.groovy
- type: git
- url: "${_param:jenkins_gerrit_url}/openstack-ci/openstack-pipelines"
- credentials: "gerrit"
- type: workflow-scm
-
diff --git a/jenkins/client/job/decapod/add_mon.yml b/jenkins/client/job/decapod/add_mon.yml
deleted file mode 100644
index 03daed2..0000000
--- a/jenkins/client/job/decapod/add_mon.yml
+++ /dev/null
@@ -1,30 +0,0 @@
-parameters:
- jenkins:
- client:
- job:
- decapod_add_mon:
- type: workflow-scm
- name: decapod-add_mon
- display_name: "Decapod - add monitors"
- discard:
- build:
- keep_num: 20
- concurrent: true
- scm:
- type: git
- url: "${_param:jenkins_gerrit_url}/mk/decapod-pipelines"
- credentials: "gerrit"
- script: add-mon.groovy
- param:
- SALT_MASTER_CREDENTIALS:
- type: string
- default: "salt"
- SALT_MASTER_IP:
- type: string
- default: "${_param:infra_config_address}"
- SALT_MASTER_PORT:
- type: string
- default: "${_param:salt_master_api_port}"
- ASK_ON_ERROR:
- type: boolean
- default: 'false'
\ No newline at end of file
diff --git a/jenkins/client/job/decapod/add_osd.yml b/jenkins/client/job/decapod/add_osd.yml
deleted file mode 100644
index f0a4333..0000000
--- a/jenkins/client/job/decapod/add_osd.yml
+++ /dev/null
@@ -1,30 +0,0 @@
-parameters:
- jenkins:
- client:
- job:
- decapod_add_osd:
- type: workflow-scm
- name: decapod-add_osd
- display_name: "Decapod - add new osd"
- discard:
- build:
- keep_num: 20
- concurrent: true
- scm:
- type: git
- url: "${_param:jenkins_gerrit_url}/mk/decapod-pipelines"
- credentials: "gerrit"
- script: add-osd.groovy
- param:
- SALT_MASTER_CREDENTIALS:
- type: string
- default: "salt"
- SALT_MASTER_IP:
- type: string
- default: "${_param:infra_config_address}"
- SALT_MASTER_PORT:
- type: string
- default: "${_param:salt_master_api_port}"
- ASK_ON_ERROR:
- type: boolean
- default: 'false'
\ No newline at end of file
diff --git a/jenkins/client/job/decapod/cluster.yml b/jenkins/client/job/decapod/cluster.yml
deleted file mode 100644
index cb353a6..0000000
--- a/jenkins/client/job/decapod/cluster.yml
+++ /dev/null
@@ -1,30 +0,0 @@
-parameters:
- jenkins:
- client:
- job:
- deploy_decapod:
- type: workflow-scm
- name: deploy-decapod
- display_name: "Deploy - Decapod"
- discard:
- build:
- keep_num: 20
- concurrent: true
- scm:
- type: git
- url: "${_param:jenkins_gerrit_url}/mk/decapod-pipelines"
- credentials: "gerrit"
- script: decapod-pipeline.groovy
- param:
- SALT_MASTER_CREDENTIALS:
- type: string
- default: "salt"
- SALT_MASTER_IP:
- type: string
- default: "${_param:infra_config_address}"
- SALT_MASTER_PORT:
- type: string
- default: "${_param:salt_master_api_port}"
- ASK_ON_ERROR:
- type: boolean
- default: 'false'
diff --git a/jenkins/client/job/decapod/del_mon.yml b/jenkins/client/job/decapod/del_mon.yml
deleted file mode 100644
index d858431..0000000
--- a/jenkins/client/job/decapod/del_mon.yml
+++ /dev/null
@@ -1,30 +0,0 @@
-parameters:
- jenkins:
- client:
- job:
- decapod_del_mon:
- type: workflow-scm
- name: decapod-del_mon
- display_name: "Decapod - del monitors"
- discard:
- build:
- keep_num: 20
- concurrent: true
- scm:
- type: git
- url: "${_param:jenkins_gerrit_url}/mk/decapod-pipelines"
- credentials: "gerrit"
- script: del-mon.groovy
- param:
- SALT_MASTER_CREDENTIALS:
- type: string
- default: "salt"
- SALT_MASTER_IP:
- type: string
- default: "${_param:infra_config_address}"
- SALT_MASTER_PORT:
- type: string
- default: "${_param:salt_master_api_port}"
- ASK_ON_ERROR:
- type: boolean
- default: 'false'
diff --git a/jenkins/client/job/decapod/del_osd.yml b/jenkins/client/job/decapod/del_osd.yml
deleted file mode 100644
index b432762..0000000
--- a/jenkins/client/job/decapod/del_osd.yml
+++ /dev/null
@@ -1,30 +0,0 @@
-parameters:
- jenkins:
- client:
- job:
- decapod_del_osd:
- type: workflow-scm
- name: decapod-del_osd
- display_name: "Decapod - del osd"
- discard:
- build:
- keep_num: 20
- concurrent: true
- scm:
- type: git
- url: "${_param:jenkins_gerrit_url}/mk/decapod-pipelines"
- credentials: "gerrit"
- script: del-osd.groovy
- param:
- SALT_MASTER_CREDENTIALS:
- type: string
- default: "salt"
- SALT_MASTER_IP:
- type: string
- default: "${_param:infra_config_address}"
- SALT_MASTER_PORT:
- type: string
- default: "${_param:salt_master_api_port}"
- ASK_ON_ERROR:
- type: boolean
- default: 'false'
\ No newline at end of file
diff --git a/jenkins/client/job/decapod/monitoring.yml b/jenkins/client/job/decapod/monitoring.yml
deleted file mode 100644
index ea6a5c2..0000000
--- a/jenkins/client/job/decapod/monitoring.yml
+++ /dev/null
@@ -1,30 +0,0 @@
-parameters:
- jenkins:
- client:
- job:
- decapod_monitoring:
- type: workflow-scm
- name: decapod-monitoring
- display_name: "Decapod - monitoring"
- discard:
- build:
- keep_num: 20
- concurrent: true
- scm:
- type: git
- url: "${_param:jenkins_gerrit_url}/mk/decapod-pipelines"
- credentials: "gerrit"
- script: monitoring.groovy
- param:
- SALT_MASTER_CREDENTIALS:
- type: string
- default: "salt"
- SALT_MASTER_IP:
- type: string
- default: "${_param:infra_config_address}"
- SALT_MASTER_PORT:
- type: string
- default: "${_param:salt_master_api_port}"
- ASK_ON_ERROR:
- type: boolean
- default: 'false'
\ No newline at end of file
diff --git a/jenkins/client/job/deploy/lab/component/stacklight.yml b/jenkins/client/job/deploy/lab/component/stacklight.yml
index 94ccce2..d6a4a5f 100644
--- a/jenkins/client/job/deploy/lab/component/stacklight.yml
+++ b/jenkins/client/job/deploy/lab/component/stacklight.yml
@@ -2,6 +2,12 @@
- system.jenkins.client.job.deploy.lab.deploy
parameters:
_param:
+ heat_stack_zone_job_param:
+ type: string
+ default: "mcp-stacklight"
+ openstack_api_projects_job_param:
+ type: string
+ default: "mcp-stacklight"
jenkins_deploy_jobs:
- stack_name: stacklight_k8s_calico
stack_env: devcloud
diff --git a/jenkins/client/job/deploy/lab/deploy.yml b/jenkins/client/job/deploy/lab/deploy.yml
index b1deafa..f5d34f6 100644
--- a/jenkins/client/job/deploy/lab/deploy.yml
+++ b/jenkins/client/job/deploy/lab/deploy.yml
@@ -117,9 +117,6 @@
type: string
default: ""
description: "Formulas revision to install on Salt Master bootstrap stage"
- EXTRA_FORMULAS:
- type: string
- default: ""
STATIC_MGMT_NETWORK:
type: boolean
default: 'false'
diff --git a/jenkins/client/job/deploy/rollout.yml b/jenkins/client/job/deploy/rollout.yml
deleted file mode 100644
index 25b088d..0000000
--- a/jenkins/client/job/deploy/rollout.yml
+++ /dev/null
@@ -1,96 +0,0 @@
-parameters:
- _param:
- mcp_docker_registry: 'docker-prod-local.artifactory.mirantis.com'
- jenkins:
- client:
- job:
- deploy_rollout_config_change:
- name: deploy-rollout-config-change
- type: workflow-scm
- discard:
- build:
- keep_num: 20
- concurrent: true
- display_name: "Deploy - Rollout change"
- scm:
- type: git
- url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
- branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
- script: rollout-config-change.groovy
- param:
- TST_SALT_MASTER_CREDENTIALS:
- type: string
- TST_SALT_MASTER_URL:
- type: string
- PRD_SALT_MASTER_CREDENTIALS:
- type: string
- PRD_SALT_MASTER_URL:
- type: string
- MODEL_REPO_URL:
- type: string
- MODEL_REPO_CREDENTIALS:
- type: string
- default: "gerrit"
- MODEL_REPO_SOURCE_BRANCH:
- type: string
- MODEL_REPO_TARGET_BRANCH:
- type: string
- TARGET_SERVERS:
- type: string
- TARGET_STATES:
- type: string
- TARGET_SUBSET_TEST:
- type: string
- TARGET_SUBSET_LIVE:
- type: string
- TARGET_BATCH_LIVE:
- type: string
- # test
- TEST_SERVICE:
- type: string
- TEST_K8S_API_SERVER:
- type: string
- default: "http://127.0.0.1:8080"
- TEST_K8S_CONFORMANCE_IMAGE:
- type: string
- default: "docker-dev-virtual.docker.mirantis.net/mirantis/kubernetes/k8s-conformance:v1.7.5-2_1504192939316"
- TEST_TEMPEST_IMAGE:
- type: string
- description: "Tempest docker image"
- default: "${_param:mcp_docker_registry}/mirantis/oscore/rally-tempest"
- TEST_TEMPEST_TARGET:
- type: string
- description: "Node to run tests"
- default: ""
- TEST_DOCKER_INSTALL:
- type: boolean
- description: "Install docker on the target if true"
- default: "true"
- TEST_TEMPEST_PATTERN:
- type: string
- description: "Run tests matched to pattern only"
- git_merge_branches:
- name: git-merge-branches
- type: workflow-scm
- discard:
- build:
- keep_num: 20
- concurrent: true
- display_name: "Git - Merge branches"
- scm:
- type: git
- url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
- branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
- script: git-merge-branches-pipeline.groovy
- param:
- REPO_URL:
- type: string
- CREDENTIALS_ID:
- type: string
- default: "gerrit"
- SOURCE_BRANCH:
- type: string
- TARGET_BRANCH:
- type: string
diff --git a/jenkins/client/job/deploy/test.yml b/jenkins/client/job/deploy/test.yml
deleted file mode 100644
index cad8ed4..0000000
--- a/jenkins/client/job/deploy/test.yml
+++ /dev/null
@@ -1,62 +0,0 @@
-parameters:
- _param:
- mcp_docker_registry: 'docker-prod-local.artifactory.mirantis.com'
- jenkins:
- client:
- job:
- test_service_job:
- name: deploy-test-service
- type: workflow-scm
- discard:
- build:
- keep_num: 50
- concurrent: true
- display_name: "Deploy - Test services in environment"
- scm:
- type: git
- url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
- branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
- script: test-service.groovy
- param:
-
- # salt
- SALT_MASTER_CREDENTIALS:
- type: string
- default: "salt-qa-credentials"
- SALT_MASTER_URL:
- type: string
- default: ""
-
- # test
- TEST_K8S_API_SERVER:
- type: string
- default: "http://127.0.0.1:8080"
- TEST_K8S_CONFORMANCE_IMAGE:
- type: string
- default: "docker-dev-virtual.docker.mirantis.net/mirantis/kubernetes/k8s-conformance:v1.7.5-2_1504192939316"
-
- TEST_TEMPEST_IMAGE:
- type: string
- description: "Tempest docker image"
- default: "${_param:mcp_docker_registry}/mirantis/oscore/rally-tempest"
- TEST_TEMPEST_TARGET:
- type: string
- description: "Node to run tests. use FQDN for ctl01 e.g. ctl01.deploy-heat-os_ha_contrail-17.bud-mk.local"
- default: ""
- TEST_DOCKER_INSTALL:
- type: boolean
- description: "Install docker on the target if true"
- default: "true"
- TEST_TEMPEST_PATTERN:
- type: string
- description: "Run tests matched to pattern only e.g. tempest.api.identity"
- default: "false"
- TEST_SERVICE:
- type: string
- description: "openstack or k8s"
- default: "openstack"
- TEST_JUNIT_RATIO:
- type: string
- description: "The amplification factor to apply to test failures when computing the test result contribution to the build health score."
- default: "1.0"
diff --git a/jenkins/client/job/deploy/update/cloud_update.yml b/jenkins/client/job/deploy/update/cloud_update.yml
index d4a05ec..4482324 100644
--- a/jenkins/client/job/deploy/update/cloud_update.yml
+++ b/jenkins/client/job/deploy/update/cloud_update.yml
@@ -165,3 +165,7 @@
type: boolean
default: 'false'
description: "Run cloud validation pipelines before and after update"
+ MINIONS_TEST_TIMEOUT:
+ type: string
+ default: 10
+ description: "Time in seconds for a Salt result to receive a response when calling a minionsReachable method."
diff --git a/jenkins/client/job/deploy/update/upgrade.yml b/jenkins/client/job/deploy/update/upgrade.yml
index 01fdf2a..f4f5630 100644
--- a/jenkins/client/job/deploy/update/upgrade.yml
+++ b/jenkins/client/job/deploy/update/upgrade.yml
@@ -29,27 +29,19 @@
SALT_MASTER_CREDENTIALS:
type: string
default: "salt"
- STAGE_TEST_UPGRADE:
- type: boolean
- default: 'true'
- description: "Test if syncdb and APIs succeed"
- STAGE_REAL_UPGRADE:
- type: boolean
- default: 'true'
- description: "Run real control upgrade"
- STAGE_ROLLBACK_UPGRADE:
- type: boolean
- default: 'true'
- description: "Rollback if control upgrade fails"
- OPERATING_SYSTEM_RELEASE_UPGRADE:
+ OS_DIST_UPGRADE:
type: boolean
default: 'false'
- description: "Set to true if operating system release upgrade is desired. For ex. from Ubuntu 14.04 currently running on ctl and prx nodes to Ubuntu 16.04"
- SKIP_VM_RELAUNCH:
+ description: "Upgrade system packages including kernel (apt-get dist-upgrade)"
+ OS_UPGRADE:
type: boolean
default: 'false'
- description: "Set to true if vms should not be recreated"
+ description: "Upgrade all installed applications (apt-get upgrade)"
INTERACTIVE:
type: boolean
default: 'true'
description: "Ask interactive questions during pipeline run (bool)"
+ TARGET_SERVERS:
+ type: string
+ default: 'ctl*'
+ description: "Salt compound expression to get control servers to upgrade."
diff --git a/jenkins/client/job/deploy/update/upgrade_compute.yml b/jenkins/client/job/deploy/update/upgrade_compute.yml
index 706863d..b4628fa 100644
--- a/jenkins/client/job/deploy/update/upgrade_compute.yml
+++ b/jenkins/client/job/deploy/update/upgrade_compute.yml
@@ -21,7 +21,7 @@
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
credentials: "gerrit"
- script: openstack-compute-upgrade.groovy
+ script: openstack-data-upgrade.groovy
param:
SALT_MASTER_URL:
type: string
@@ -29,18 +29,19 @@
SALT_MASTER_CREDENTIALS:
type: string
default: "salt"
- TARGET_SERVERS:
- type: string
- default: "cmp*"
- description: Salt compound target to match nodes to be updated [*, G@osfamily:debian].
- TARGET_SUBSET_TEST:
- type: string
- description: Number of nodes to list package updates, empty string means all targetted nodes.
- TARGET_SUBSET_LIVE:
- type: string
- default: '1'
- description: Number of selected nodes to live apply upgrade.
+ OS_DIST_UPGRADE:
+ type: boolean
+ default: 'false'
+ description: "Upgrade system packages including kernel (apt-get dist-upgrade)"
+ OS_UPGRADE:
+ type: boolean
+ default: 'false'
+ description: "Upgrade all installed applications (apt-get upgrade)"
INTERACTIVE:
type: boolean
default: 'true'
description: "Ask interactive questions during pipeline run (bool)"
+ TARGET_SERVERS:
+ type: string
+ default: 'cmp*'
+ description: "Salt compound expression to get control servers to upgrade."
diff --git a/jenkins/client/job/deploy/update/upgrade_ovs_gateway.yml b/jenkins/client/job/deploy/update/upgrade_ovs_gateway.yml
index b0c92b7..76bf436 100644
--- a/jenkins/client/job/deploy/update/upgrade_ovs_gateway.yml
+++ b/jenkins/client/job/deploy/update/upgrade_ovs_gateway.yml
@@ -21,7 +21,7 @@
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
credentials: "gerrit"
- script: ovs-gateway-upgrade.groovy
+ script: openstack-data-upgrade.groovy
param:
SALT_MASTER_URL:
type: string
@@ -29,18 +29,19 @@
SALT_MASTER_CREDENTIALS:
type: string
default: "salt"
- TARGET_SERVERS:
- type: string
- default: "gtw*"
- description: Salt compound target to match nodes to be updated [*, G@osfamily:debian].
- TARGET_SUBSET_TEST:
- type: string
- description: Number of nodes to list package updates, empty string means all targetted nodes.
- TARGET_SUBSET_LIVE:
- type: string
- default: '1'
- description: Number of selected nodes to live apply upgrade.
+ OS_DIST_UPGRADE:
+ type: boolean
+ default: 'false'
+ description: "Upgrade system packages including kernel (apt-get dist-upgrade)"
+ OS_UPGRADE:
+ type: boolean
+ default: 'false'
+ description: "Upgrade all installed applications (apt-get upgrade)"
INTERACTIVE:
type: boolean
default: 'true'
description: "Ask interactive questions during pipeline run (bool)"
+ TARGET_SERVERS:
+ type: string
+ default: 'gtw*'
+ description: "Salt compound expression to get control servers to upgrade."
diff --git a/jenkins/client/job/docker/cicd/tempest.yml b/jenkins/client/job/docker/cicd/tempest.yml
index 38cc667..e156802 100644
--- a/jenkins/client/job/docker/cicd/tempest.yml
+++ b/jenkins/client/job/docker/cicd/tempest.yml
@@ -22,7 +22,11 @@
"mcp/docker-ci-tempest":
branches:
- master
+ - queens
- pike
+ - ocata
+ - newton
+ - mitaka
event:
patchset:
- created:
diff --git a/jenkins/client/job/gating.yml b/jenkins/client/job/gating.yml
index 1ed093e..513df82 100644
--- a/jenkins/client/job/gating.yml
+++ b/jenkins/client/job/gating.yml
@@ -44,6 +44,8 @@
compare_type: REG_EXP
branches:
- master
+ - compare_type: ANT
+ name: release/*
skip_vote:
- successful
- failed
diff --git a/jenkins/client/job/git-mirrors/2way.yml b/jenkins/client/job/git-mirrors/2way.yml
index bb6b44b..71d8f9a 100644
--- a/jenkins/client/job/git-mirrors/2way.yml
+++ b/jenkins/client/job/git-mirrors/2way.yml
@@ -11,7 +11,7 @@
- name: mcp-common-scripts
source: mcp/mcp-common-scripts
target: Mirantis/mcp-common-scripts
- branches: "master"
+ branches: "master,release/2018.8.1"
- name: mcp-local-repo-model
source: mcp/mcp-local-repo-model
target: Mirantis/mcp-local-repo-model
@@ -24,6 +24,10 @@
source: mcp/mcp-drivetrain-model
target: Mirantis/mcp-drivetrain-model
branches: "master"
+ - name: model-manager
+ source: python-apps/model-manager
+ target: salt-formulas/django-model-manager
+ branches: "master"
template:
description: ${_param:job_description_2way}
discard:
diff --git a/jenkins/client/job/git-mirrors/downstream/pipelines.yml b/jenkins/client/job/git-mirrors/downstream/pipelines.yml
index 271a725..17611cb 100644
--- a/jenkins/client/job/git-mirrors/downstream/pipelines.yml
+++ b/jenkins/client/job/git-mirrors/downstream/pipelines.yml
@@ -8,8 +8,8 @@
- name: pipeline-library
downstream: mcp-ci/pipeline-library
upstream: "${_param:gerrit_pipeline_library_repo}"
- branches: master
+ branches: "master,release/2018.8.1"
- name: mk-pipelines
downstream: mk/mk-pipelines
upstream: "${_param:gerrit_mk_pipelines_repo}"
- branches: master
+ branches: "master,release/2018.8.1"
diff --git a/jenkins/client/job/git-mirrors/upstream/pipelines.yml b/jenkins/client/job/git-mirrors/upstream/pipelines.yml
index 20f7eb6..9e82f80 100644
--- a/jenkins/client/job/git-mirrors/upstream/pipelines.yml
+++ b/jenkins/client/job/git-mirrors/upstream/pipelines.yml
@@ -6,8 +6,8 @@
- name: pipeline-library
downstream: mcp-ci/pipeline-library
upstream: "git@github.com:Mirantis/pipeline-library.git"
- branches: master
+ branches: master,release/2018.8.1
- name: mk-pipelines
downstream: mk/mk-pipelines
upstream: "git@github.com:Mirantis/mk-pipelines.git"
- branches: master
+ branches: master,release/2018.8.1
diff --git a/jenkins/client/job/git-mirrors/upstream/templates.yml b/jenkins/client/job/git-mirrors/upstream/templates.yml
index a83a6de..a386ba4 100644
--- a/jenkins/client/job/git-mirrors/upstream/templates.yml
+++ b/jenkins/client/job/git-mirrors/upstream/templates.yml
@@ -6,7 +6,7 @@
- name: cookiecutter-templates
downstream: mk/cookiecutter-templates
upstream: "git@github.com:Mirantis/mk2x-cookiecutter-reclass-model"
- branches: master,mcp10
+ branches: master,mcp10,release/2018.8.1
- name: heat-fragments
downstream: mk/heat-fragments
upstream: "git@github.com:Mirantis/heat-fragments"
diff --git a/jenkins/client/job/image/centos.yml b/jenkins/client/job/image/centos.yml
deleted file mode 100644
index 5358d92..0000000
--- a/jenkins/client/job/image/centos.yml
+++ /dev/null
@@ -1,85 +0,0 @@
-classes:
- - system.jenkins.client.job.image
-parameters:
- _param:
- jenkins_packer_pipeline: "${_param:jenkins_gerrit_url}/mk/packer-templates"
- jenkins:
- client:
- job:
- build-image-centos-7:
- type: workflow-scm
- concurrent: false
- discard:
- build:
- keep_num: 5
- artifact:
- keep_num: 5
- scm:
- type: git
- url: "${_param:jenkins_packer_pipeline}"
- credentials: "gerrit"
- display_name: "[Images] Build Centos 7"
- param:
- BUILD_OS:
- type: string
- default: "centos-7"
- BUILD_ONLY:
- type: string
- default: "qemu"
- PACKER_DEBUG:
- type: boolean
- default: "false"
- PACKER_URL:
- type: string
- default: "https://releases.hashicorp.com/packer/0.8.6/packer_0.8.6_linux_amd64.zip"
- PACKER_ZIP:
- type: string
- default: "packer_0.8.6_linux_amd64.zip"
- PACKER_ZIP_MD5:
- type: string
- default: "4cda1c44cf666fada495dd8e01522e1c"
- PACKER_ARGS:
- type: string
- default: ""
- UPLOAD_URL:
- type: string
- default: "${_param:jenkins_packer_upload_url}"
- SKIP_UPLOAD:
- type: boolean
- default: "false"
- CLEANUP_OLD:
- type: boolean
- default: "true"
- CLEANUP_KEEP:
- type: string
- default: "3"
- GLANCE_UPLOAD:
- type: boolean
- default: "true"
- GLANCE_IMG_TYPES:
- type: string
- default: "qcow2"
- GLANCE_URL:
- type: string
- default: "https://cloud-cz.bud.mirantis.net:5000"
- GLANCE_CREDENTIALS_ID:
- type: string
- default: "openstack-devcloud-credentials"
- GLANCE_PROJECT:
- type: string
- default: "mcp-mk"
- GLANCE_ARGS:
- type: string
- default: ""
- GLANCE_PUBLIC:
- type: boolean
- default: "true"
- OPENSTACK_API_CLIENT:
- type: string
- default: ""
- IMAGE_NAME:
- type: string
- default: centos-7-x64
- EXTRA_VARIABLES:
- type: text
- default: ""
\ No newline at end of file
diff --git a/jenkins/client/job/image/debian.yml b/jenkins/client/job/image/debian.yml
deleted file mode 100644
index eef4740..0000000
--- a/jenkins/client/job/image/debian.yml
+++ /dev/null
@@ -1,85 +0,0 @@
-classes:
- - system.jenkins.client.job.image
-parameters:
- _param:
- jenkins_packer_pipeline: "${_param:jenkins_gerrit_url}/mk/packer-templates"
- jenkins:
- client:
- job:
- build-image-debian-8:
- type: workflow-scm
- concurrent: false
- discard:
- build:
- keep_num: 5
- artifact:
- keep_num: 5
- scm:
- type: git
- url: "${_param:jenkins_packer_pipeline}"
- credentials: "gerrit"
- display_name: "[Images] Build Debian 8 image"
- param:
- BUILD_OS:
- type: string
- default: "debian-8"
- BUILD_ONLY:
- type: string
- default: "qemu"
- PACKER_DEBUG:
- type: boolean
- default: "false"
- PACKER_URL:
- type: string
- default: "https://releases.hashicorp.com/packer/0.8.6/packer_0.8.6_linux_amd64.zip"
- PACKER_ZIP:
- type: string
- default: "packer_0.8.6_linux_amd64.zip"
- PACKER_ZIP_MD5:
- type: string
- default: "4cda1c44cf666fada495dd8e01522e1c"
- PACKER_ARGS:
- type: string
- default: ""
- UPLOAD_URL:
- type: string
- default: "${_param:jenkins_packer_upload_url}"
- SKIP_UPLOAD:
- type: boolean
- default: "false"
- CLEANUP_OLD:
- type: boolean
- default: "true"
- CLEANUP_KEEP:
- type: string
- default: "3"
- GLANCE_UPLOAD:
- type: boolean
- default: "true"
- GLANCE_IMG_TYPES:
- type: string
- default: "qcow2"
- GLANCE_URL:
- type: string
- default: "https://cloud-cz.bud.mirantis.net:5000"
- GLANCE_CREDENTIALS_ID:
- type: string
- default: "openstack-devcloud-credentials"
- GLANCE_PROJECT:
- type: string
- default: "mcp-mk"
- GLANCE_ARGS:
- type: string
- default: ""
- GLANCE_PUBLIC:
- type: boolean
- default: "true"
- OPENSTACK_API_CLIENT:
- type: string
- default: ""
- IMAGE_NAME:
- type: string
- default: debian-8-x64
- EXTRA_VARIABLES:
- type: text
- default: ""
diff --git a/jenkins/client/job/image/ubuntu.yml b/jenkins/client/job/image/ubuntu.yml
deleted file mode 100644
index e4a8251..0000000
--- a/jenkins/client/job/image/ubuntu.yml
+++ /dev/null
@@ -1,166 +0,0 @@
-classes:
- - system.jenkins.client.job.image
-parameters:
- _param:
- jenkins_packer_pipeline: "${_param:jenkins_gerrit_url}/mk/packer-templates"
- jenkins:
- client:
- job:
- build-image-ubuntu-14-04:
- type: workflow-scm
- concurrent: false
- discard:
- build:
- keep_num: 5
- keep_days: 5
- artifact:
- keep_num: 6
- keep_days: 6
- scm:
- type: git
- url: "${_param:jenkins_packer_pipeline}"
- credentials: "gerrit"
- display_name: "[Images] Build Ubuntu 14.04 image"
- param:
- BUILD_OS:
- type: string
- default: "ubuntu-14.04"
- BUILD_ONLY:
- type: string
- default: "qemu"
- PACKER_DEBUG:
- type: boolean
- default: "false"
- PACKER_URL:
- type: string
- default: "https://releases.hashicorp.com/packer/0.8.6/packer_0.8.6_linux_amd64.zip"
- PACKER_ZIP:
- type: string
- default: "packer_0.8.6_linux_amd64.zip"
- PACKER_ZIP_MD5:
- type: string
- default: "4cda1c44cf666fada495dd8e01522e1c"
- PACKER_ARGS:
- type: string
- default: ""
- UPLOAD_URL:
- type: string
- default: "${_param:jenkins_packer_upload_url}"
- SKIP_UPLOAD:
- type: boolean
- default: "false"
- CLEANUP_OLD:
- type: boolean
- default: "true"
- CLEANUP_KEEP:
- type: string
- default: "3"
- GLANCE_UPLOAD:
- type: boolean
- default: "true"
- GLANCE_IMG_TYPES:
- type: string
- default: "qcow2"
- GLANCE_URL:
- type: string
- default: "https://cloud-cz.bud.mirantis.net:5000"
- GLANCE_CREDENTIALS_ID:
- type: string
- default: "openstack-devcloud-credentials"
- GLANCE_PROJECT:
- type: string
- default: "mcp-mk"
- GLANCE_ARGS:
- type: string
- default: ""
- GLANCE_PUBLIC:
- type: boolean
- default: "true"
- OPENSTACK_API_CLIENT:
- type: string
- default: ""
- IMAGE_NAME:
- type: string
- default: ubuntu-14-04-x64
- EXTRA_VARIABLES:
- type: text
- default: ""
- build-image-ubuntu-16-04:
- type: workflow-scm
- concurrent: false
- discard:
- build:
- keep_num: 5
- keep_days: 5
- artifact:
- keep_num: 6
- keep_days: 6
- scm:
- type: git
- url: "${_param:jenkins_packer_pipeline}"
- credentials: "gerrit"
- display_name: "[Images] Build Ubuntu 16.04 image"
- param:
- BUILD_OS:
- type: string
- default: "ubuntu-16.04"
- BUILD_ONLY:
- type: string
- default: "qemu"
- PACKER_DEBUG:
- type: boolean
- default: "false"
- PACKER_URL:
- type: string
- default: "https://releases.hashicorp.com/packer/0.8.6/packer_0.8.6_linux_amd64.zip"
- PACKER_ZIP:
- type: string
- default: "packer_0.8.6_linux_amd64.zip"
- PACKER_ZIP_MD5:
- type: string
- default: "4cda1c44cf666fada495dd8e01522e1c"
- PACKER_ARGS:
- type: string
- default: ""
- UPLOAD_URL:
- type: string
- default: "${_param:jenkins_packer_upload_url}"
- SKIP_UPLOAD:
- type: boolean
- default: "false"
- CLEANUP_OLD:
- type: boolean
- default: "true"
- CLEANUP_KEEP:
- type: string
- default: "3"
- GLANCE_UPLOAD:
- type: boolean
- default: "true"
- GLANCE_IMG_TYPES:
- type: string
- default: "qcow2"
- GLANCE_URL:
- type: string
- default: "https://cloud-cz.bud.mirantis.net:5000"
- GLANCE_CREDENTIALS_ID:
- type: string
- default: "openstack-devcloud-credentials"
- GLANCE_PROJECT:
- type: string
- default: "mcp-mk"
- GLANCE_ARGS:
- type: string
- default: ""
- GLANCE_PUBLIC:
- type: boolean
- default: "true"
- OPENSTACK_API_CLIENT:
- type: string
- default: ""
- IMAGE_NAME:
- type: string
- default: ubuntu-16-04-x64
- EXTRA_VARIABLES:
- type: text
- default: ""
\ No newline at end of file
diff --git a/jenkins/client/job/k8s-test/init.yml b/jenkins/client/job/k8s-test/init.yml
index 4d22797..7a391af 100644
--- a/jenkins/client/job/k8s-test/init.yml
+++ b/jenkins/client/job/k8s-test/init.yml
@@ -1,4 +1,6 @@
classes:
- system.jenkins.client.job.k8s-test.mcp-k8s-test-pipeline
- system.jenkins.client.job.k8s-test.mcp-k8s-merge-pipeline
+- system.jenkins.client.job.k8s-test.mcp-k8s-generic-test-pipeline
+- system.jenkins.client.job.k8s-test.mcp-k8s-generic-merge-pipeline
- system.jenkins.client.job.k8s-test.mcp-k8s-formula-test-pipeline
diff --git a/jenkins/client/job/k8s-test/mcp-k8s-generic-merge-pipeline.yml b/jenkins/client/job/k8s-test/mcp-k8s-generic-merge-pipeline.yml
new file mode 100644
index 0000000..0c01626
--- /dev/null
+++ b/jenkins/client/job/k8s-test/mcp-k8s-generic-merge-pipeline.yml
@@ -0,0 +1,65 @@
+parameters:
+ _param:
+ mcp_docker_registry: 'docker-dev-local.docker.mirantis.net'
+ mcp_prod_docker_registry: 'docker-prod-local.docker.mirantis.net'
+ jenkins:
+ client:
+ job_template:
+ mcp-k8s-generic-merge-pipeline:
+ name: mcp-k8s-{{name}}-merge-pipeline
+ jobs:
+ - name: coredns
+ display_name: "CoreDNS merge pipeline"
+ pipeline: mcp-k8s-coredns-pipeline.groovy
+ repo: kubernetes/coredns
+ - name: dashboard
+ display_name: "Kubernetes dashboard merge pipeline"
+ pipeline: mcp-k8s-dashboard-pipeline.groovy
+ repo: kubernetes/dashboard
+ - name: external-dns
+ display_name: "External DNS merge pipeline"
+ pipeline: mcp-k8s-ext-dns-pipeline.groovy
+ repo: kubernetes/external-dns
+ - name: metallb
+ display_name: "Metal LB merge pipeline"
+ pipeline: mcp-k8s-metallb-pipeline.groovy
+ repo: kubernetes/metallb
+ - name: nginx-ingress
+ display_name: "NGINX ingress merge pipeline"
+ pipeline: mcp-k8s-ingress-nginx-pipeline.groovy
+ repo: kubernetes/ingress-nginx
+ template:
+ type: workflow-scm
+ display_name: "{{display_name}}"
+ discard:
+ build:
+ keep_num: 20
+ concurrent: false
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/kubernetes-ci/kubernetes-pipelines"
+ credentials: "gerrit"
+ script: "pipelines/{{pipeline}}"
+ trigger:
+ gerrit:
+ project:
+ "{{repo}}":
+ branches:
+ - compare_type: "ANT"
+ name: "**mcp**"
+ message:
+ build_successful: "Build successful"
+ build_unstable: "Build unstable"
+ build_failure: "Build failed"
+ event:
+ change:
+ - merged
+ param:
+ KUBE_DOCKER_REGISTRY:
+ type: string
+ default: ${_param:mcp_docker_registry}
+ description: 'Docker registry for binaries and images'
+ KUBE_PROD_DOCKER_REGISTRY:
+ type: string
+ default: ${_param:mcp_prod_docker_registry}
+ description: 'Prod docker registry for binaries and images'
diff --git a/jenkins/client/job/k8s-test/mcp-k8s-generic-test-pipeline.yml b/jenkins/client/job/k8s-test/mcp-k8s-generic-test-pipeline.yml
new file mode 100644
index 0000000..de5e5a6
--- /dev/null
+++ b/jenkins/client/job/k8s-test/mcp-k8s-generic-test-pipeline.yml
@@ -0,0 +1,69 @@
+parameters:
+ _param:
+ mcp_docker_registry: 'docker-dev-local.docker.mirantis.net'
+ jenkins:
+ client:
+ job_template:
+ mcp-k8s-generic-test-pipeline:
+ name: mcp-k8s-{{name}}-test-pipeline
+ jobs:
+ - name: coredns
+ display_name: "CoreDNS test pipeline"
+ pipeline: mcp-k8s-coredns-pipeline.groovy
+ repo: kubernetes/coredns
+ - name: dashboard
+ display_name: "Kubernetes dashboard test pipeline"
+ pipeline: mcp-k8s-dashboard-pipeline.groovy
+ repo: kubernetes/dashboard
+ - name: external-dns
+ display_name: "External DNS test pipeline"
+ pipeline: mcp-k8s-ext-dns-pipeline.groovy
+ repo: kubernetes/external-dns
+ - name: metallb
+ display_name: "Metal LB test pipeline"
+ pipeline: mcp-k8s-metallb-pipeline.groovy
+ repo: kubernetes/metallb
+ - name: nginx-ingress
+ display_name: "NGINX ingress test pipeline"
+ pipeline: mcp-k8s-ingress-nginx-pipeline.groovy
+ repo: kubernetes/ingress-nginx
+ template:
+ type: workflow-scm
+ display_name: "{{display_name}}"
+ discard:
+ build:
+ keep_num: 50
+ concurrent: true
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/kubernetes-ci/kubernetes-pipelines"
+ credentials: "gerrit"
+ script: "pipelines/{{pipeline}}"
+ trigger:
+ gerrit:
+ project:
+ "{{repo}}":
+ branches:
+ - compare_type: "ANT"
+ name: "**"
+ message:
+ build_successful: "Build successful"
+ build_unstable: "Build unstable"
+ build_failure: "Build failed"
+ event:
+ patchset:
+ - created:
+ excludeDrafts: false
+ excludeTrivialRebase: false
+ excludeNoCodeChange: false
+ comment:
+ - addedContains:
+ commentAddedCommentContains: '(recheck|reverify)'
+ override-votes:
+ gerritBuildUnstableVerifiedValue: 1
+ gerritBuildUnstableCodeReviewValue: 1
+ param:
+ KUBE_DOCKER_REGISTRY:
+ type: string
+ default: ${_param:mcp_docker_registry}
+ description: 'Docker registry for binaries and images'
diff --git a/jenkins/client/job/k8s-test/mcp-k8s-metallb-merge-pipeline.yml b/jenkins/client/job/k8s-test/mcp-k8s-metallb-merge-pipeline.yml
new file mode 100644
index 0000000..c4f2af0
--- /dev/null
+++ b/jenkins/client/job/k8s-test/mcp-k8s-metallb-merge-pipeline.yml
@@ -0,0 +1,43 @@
+parameters:
+ _param:
+ mcp_docker_registry: 'docker-dev-local.docker.mirantis.net'
+ mcp_prod_docker_registry: 'docker-prod-local.docker.mirantis.net'
+ jenkins:
+ client:
+ job:
+ mcp_k8s_metallb_merge_pipeline:
+ type: workflow-scm
+ name: mcp-k8s-metallb-merge-pipeline
+ display_name: "MetalLB merge pipeline"
+ discard:
+ build:
+ keep_num: 20
+ concurrent: false
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/kubernetes-ci/kubernetes-pipelines"
+ credentials: "gerrit"
+ script: pipelines/mcp-k8s-metallb-pipeline.groovy
+ trigger:
+ gerrit:
+ project:
+ kubernetes/metallb:
+ branches:
+ - compare_type: "ANT"
+ name: "**mcp**"
+ message:
+ build_successful: "Build successful"
+ build_unstable: "Build unstable"
+ build_failure: "Build failed"
+ event:
+ change:
+ - merged
+ param:
+ KUBE_DOCKER_REGISTRY:
+ type: string
+ default: ${_param:mcp_docker_registry}
+ description: 'Docker registry for binaries and images'
+ KUBE_PROD_DOCKER_REGISTRY:
+ type: string
+ default: ${_param:mcp_prod_docker_registry}
+ description: 'Prod docker registry for binaries and images'
diff --git a/jenkins/client/job/k8s-test/mcp-k8s-metallb-test-pipeline.yml b/jenkins/client/job/k8s-test/mcp-k8s-metallb-test-pipeline.yml
new file mode 100644
index 0000000..8ebd8eb
--- /dev/null
+++ b/jenkins/client/job/k8s-test/mcp-k8s-metallb-test-pipeline.yml
@@ -0,0 +1,48 @@
+parameters:
+ _param:
+ mcp_docker_registry: 'docker-dev-local.docker.mirantis.net'
+ jenkins:
+ client:
+ job:
+ mcp_k8s_metallb_test_pipeline:
+ type: workflow-scm
+ name: mcp-k8s-metallb-test-pipeline
+ display_name: "MetalLB tests pipeline"
+ discard:
+ build:
+ keep_num: 50
+ concurrent: true
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/kubernetes-ci/kubernetes-pipelines"
+ credentials: "gerrit"
+ script: pipelines/mcp-k8s-metallb-pipeline.groovy
+ trigger:
+ gerrit:
+ project:
+ kubernetes/metallb:
+ branches:
+ - compare_type: "ANT"
+ name: "**"
+ message:
+ build_successful: "Build successful"
+ build_unstable: "Build unstable"
+ build_failure: "Build failed"
+ event:
+ patchset:
+ - created:
+ excludeDrafts: false
+ excludeTrivialRebase: false
+ excludeNoCodeChange: false
+ comment:
+ - addedContains:
+ commentAddedCommentContains: '(recheck|reverify)'
+ override-votes:
+ gerritBuildUnstableVerifiedValue: 1
+ gerritBuildUnstableCodeReviewValue: 1
+ param:
+ KUBE_DOCKER_REGISTRY:
+ type: string
+ default: ${_param:mcp_docker_registry}
+ description: 'Docker registry for binaries and images'
+
diff --git a/jenkins/client/job/oscore/cookiecutter.yml b/jenkins/client/job/oscore/cookiecutter.yml
index bc180b4..84c96d8 100644
--- a/jenkins/client/job/oscore/cookiecutter.yml
+++ b/jenkins/client/job/oscore/cookiecutter.yml
@@ -35,6 +35,7 @@
- openstack-ovs-core-manila-pike
- openstack-ovs-core-telemetry-pike
- openstack-ovs-core-queens
+ - openstack-ovs-core-ssl-queens
STACK_INSTALL:
type: string
default: 'core,openstack,ovs'
@@ -42,6 +43,16 @@
type: boolean
description: "Delete Heat stack when finished (bool)"
default: 'false'
+ OPENSTACK_ENVIRONMENT:
+ type: choice
+ description: "Target openstack environment."
+ choices:
+ - devcloud
+ - presales
+ - oscore_devcloud
+ OPENSTACK_API_CREDENTIALS:
+ type: string
+ description: "Credentials to the OpenStack API"
OPENSTACK_API_PROJECT:
type: string
default: "mcp-oscore"
@@ -61,7 +72,7 @@
default: |-
#Extra context that will be merged with content of COOKIECUTTER_TEMPLATE_CONTEXT_FILE
default_context:
- openssh_groups: "qa_scale,oscore_devops,networking,tcpcloud,stacklight,k8s_team"
+ openssh_groups: "qa_scale,oscore_devops,networking,tcpcloud,stacklight,k8s_team,mcp_qa"
cookiecutter_template_url: https://gerrit.mcp.mirantis.net/mk/cookiecutter-templates.git
cookiecutter_template_branch: 'master'
shared_reclass_url: https://gerrit.mcp.mirantis.net/salt-models/reclass-system.git
@@ -97,6 +108,8 @@
compare_type: 'REG_EXP'
branches:
- master
+ - compare_type: ANT
+ name: release/*
skip_vote:
- successful
- failed
@@ -111,6 +124,16 @@
type: string
default: "gerrit"
description: "ID of jenkins credentials to be used when connecting to gerrit."
+ OPENSTACK_ENVIRONMENT:
+ type: choice
+ description: "Target openstack environment."
+ choices:
+ - devcloud
+ - presales
+ - oscore_devcloud
+ OPENSTACK_API_CREDENTIALS:
+ type: string
+ description: "Credentials to the OpenStack API"
OPENSTACK_API_PROJECT:
type: string
default: "mcp-oscore-ci"
diff --git a/jenkins/client/job/oscore/qa.yml b/jenkins/client/job/oscore/qa.yml
index f076a78..331bd7e 100644
--- a/jenkins/client/job/oscore/qa.yml
+++ b/jenkins/client/job/oscore/qa.yml
@@ -71,7 +71,11 @@
mcp/{{oscore-qa-project}}:
branches:
- master
+ - queens
- pike
+ - ocata
+ - newton
+ - mitaka
event:
patchset:
- created
diff --git a/jenkins/client/job/oscore/release.yml b/jenkins/client/job/oscore/release.yml
index f73bd22..e471e9d 100644
--- a/jenkins/client/job/oscore/release.yml
+++ b/jenkins/client/job/oscore/release.yml
@@ -59,6 +59,10 @@
type: string
default: "{{test_scheme}}"
description: "Structure which defines parameters of deployment jobs"
+ TEST_MILESTONE:
+ type: string
+ description: Product milestone
+ default: "{{test_milestone}}"
MIRROR_HOST:
type: string
default: "mirror.mirantis.com"
diff --git a/jenkins/client/job/oscore/test_upgrades.yml b/jenkins/client/job/oscore/test_upgrades.yml
index 26a9960..e193d58 100644
--- a/jenkins/client/job/oscore/test_upgrades.yml
+++ b/jenkins/client/job/oscore/test_upgrades.yml
@@ -19,17 +19,30 @@
credentials: "gerrit"
branch: 'master'
script: test-openstack-upgrade-pipeline.groovy
+ trigger:
+ timer:
+ spec: "H 22 * * *"
param:
CREDENTIALS_ID:
type: string
description: "ID of jenkins credentials to be used when connecting to gerrit."
default: "gerrit"
+ OPENSTACK_ENVIRONMENT:
+ type: choice
+ description: "Target openstack environment."
+ choices:
+ - devcloud
+ - presales
+ - oscore_devcloud
+ OPENSTACK_API_CREDENTIALS:
+ type: string
+ description: "Credentials to the OpenStack API"
OPENSTACK_API_PROJECT:
type: string
- default: "mcp-oscore"
+ default: "mcp-oscore-ci"
HEAT_STACK_ZONE:
type: string
- default: "mcp-oscore"
+ default: "mcp-oscore-ci"
FLAVOR_PREFIX:
type: string
default: 'dev'
@@ -40,8 +53,57 @@
TEST_SCHEME:
type: string
description: "Yaml based scheme to be applied in testing"
- default: '{"old": {"context_file_name": "openstack-ovs-core-{{openstack_version_old}}","extra_context": {"default_context": {"openstack_version": "{{openstack_version_old}}"}}}, "new": {"extra_context": {"default_context": {"openstack_version": "{{openstack_version_new}}"}}}}'
+ default: '{"old": {"run_smoke": True, "context_file_name": "openstack-ovs-core-{{openstack_version_old}}","extra_context": {"default_context": {"openstack_version": "{{openstack_version_old}}"}}}, "new": {"run_smoke": True, "extra_context": {"default_context": {"openstack_version": "{{openstack_version_new}}"}}}}'
job:
+ oscore-test-openstack-upgrade-mitaka-newton:
+ display_name: oscore-test-openstack-upgrade-mitaka-newton
+ name: oscore-test-openstack-upgrade-mitaka-newton
+ concurrent: true
+ description: Test upgrade flow for opentack cluster
+ discard:
+ build:
+ keep_num: 60
+ artifact:
+ keep_num: 60
+ type: workflow-scm
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/openstack-ci/openstack-pipelines"
+ credentials: "gerrit"
+ branch: 'master'
+ script: test-openstack-upgrade-pipeline.groovy
+ param:
+ CREDENTIALS_ID:
+ type: string
+ description: "ID of jenkins credentials to be used when connecting to gerrit."
+ default: "gerrit"
+ OPENSTACK_ENVIRONMENT:
+ type: choice
+ description: "Target openstack environment."
+ choices:
+ - devcloud
+ - presales
+ - oscore_devcloud
+ OPENSTACK_API_CREDENTIALS:
+ type: string
+ description: "Credentials to the OpenStack API"
+ OPENSTACK_API_PROJECT:
+ type: string
+ default: "mcp-oscore"
+ HEAT_STACK_ZONE:
+ type: string
+ default: "mcp-oscore"
+ FLAVOR_PREFIX:
+ type: string
+ default: 'dev'
+ STACK_DELETE:
+ type: boolean
+ default: 'true'
+ description: Don't enable it if you need to use the lab after
+ TEST_SCHEME:
+ type: string
+ description: "Yaml based scheme to be applied in testing"
+ default: '{"old": {"run_smoke": True, "context_file_name": "openstack-ovs-core-mitaka","extra_context": {"default_context": {"openstack_version": "mitaka"}}}, "new": {"run_smoke": True, "extra_context": {"default_context": {"openstack_version": "newton"}}}}'
oscore-test-adjust-cluster-model:
display_name: oscore-test-adjust-cluster-model
name: oscore-test-adjust-cluster-model
diff --git a/jenkins/client/job/salt-formulas/git-mirrors/2way.yml b/jenkins/client/job/salt-formulas/git-mirrors/2way.yml
index cae768a..f2efc67 100644
--- a/jenkins/client/job/salt-formulas/git-mirrors/2way.yml
+++ b/jenkins/client/job/salt-formulas/git-mirrors/2way.yml
@@ -338,6 +338,9 @@
- name: sentry
branches: ${_param:salt_formulas_branches}
notification_recipients: ${_param:salt_formulas_notification_recipients}
+ - name: shibboleth
+ branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: sphinx
branches: ${_param:salt_formulas_branches}
notification_recipients: ${_param:salt_formulas_notification_recipients}
@@ -453,7 +456,7 @@
default: "gerrit"
BRANCHES:
type: string
- default: "master"
+ default: "master,release/2018.8.1"
git-mirror-2way-salt-formulas-cookiecutter:
description: ${_param:job_description_2way}
discard:
diff --git a/jenkins/client/job/salt-models/tests.yml b/jenkins/client/job/salt-models/tests.yml
index 81dfd36..c6c54bb 100644
--- a/jenkins/client/job/salt-models/tests.yml
+++ b/jenkins/client/job/salt-models/tests.yml
@@ -48,10 +48,6 @@
PARALLEL_NODE_GROUP_SIZE:
type: string
default: "9"
- # Salt master setup extra formulas
- EXTRA_FORMULAS:
- type: string
- default: "{{extra_formulas}}"
FORMULAS_SOURCE:
type: string
default: "{{formulas_src}}"
@@ -158,10 +154,6 @@
PARALLEL_NODE_GROUP_SIZE:
type: string
default: "9"
- # Salt master setup extra formulas
- EXTRA_FORMULAS:
- type: string
- default: "{{extra_formulas}}"
FORMULAS_SOURCE:
type: string
default: "{{formulas_src}}"
@@ -217,6 +209,8 @@
salt-models/{{name}}:
branches:
- master
+ - compare_type: ANT
+ name: release/*
event:
comment:
- addedContains:
@@ -233,6 +227,10 @@
DEFAULT_GIT_REF:
type: string
default: master
+ EXTRA_VARIABLES_YAML:
+ type: text
+ default: ""
+ description: "Extra vars passed as YAML"
PARALLEL_NODE_GROUP_SIZE:
type: string
default: "5"
@@ -242,10 +240,10 @@
- cookiecutter_template: cookiecutter-templates
template:
discard:
- build:
- keep_num: 50
- artifact:
- keep_num: 50
+ build:
+ keep_days: 4
+ artifact:
+ keep_days: 4
type: workflow-scm
concurrent: true
scm:
@@ -260,6 +258,8 @@
mk/{{cookiecutter_template}}:
branches:
- master
+ - compare_type: ANT
+ name: release/*
event:
comment:
- addedContains:
@@ -268,37 +268,40 @@
COOKIECUTTER_TEMPLATE_URL:
type: string
default: "${_param:jenkins_gerrit_url}/mk/{{cookiecutter_template}}"
- CREDENTIALS_ID:
- type: string
- default: gerrit
COOKIECUTTER_TEMPLATE_BRANCH:
type: string
default: master
- RECLASS_MODEL_URL:
+ description: "Those variable will be ignored, in case gerritTrigger=>GERRIT_BRANCH"
+ COOKIECUTTER_TEMPLATE_REF:
+ type: string
+ default: ""
+ description: "Example: refs/changes/49/25549/1"
+ RECLASS_SYSTEM_URL:
type: string
default: "${_param:jenkins_gerrit_url}/salt-models/reclass-system"
- RECLASS_MODEL_BRANCH:
+ RECLASS_SYSTEM_BRANCH:
type: string
default: master
+ description: "Those variable will be ignored, in case gerritTrigger=>GERRIT_BRANCH"
+ RECLASS_SYSTEM_GIT_REF:
+ type: string
+ default: ""
+ description: "Example: refs/changes/49/25549/1"
DISTRIB_REVISION:
type: string
default: 'nightly'
- SYSTEM_GIT_URL:
- type: string
- default: ""
- SYSTEM_GIT_REF:
- type: string
- default: ""
- PARALLEL_NODE_GROUP_SIZE:
- type: string
- default: "1"
- EXTRA_FORMULAS:
- type: string
- default: "aptly artifactory auditd backupninja collectd devops-portal docker elasticsearch fluentd freeipa gerrit glusterfs grafana haproxy heka horizon influxdb jenkins keepalived kibana libvirt maas memcached mysql nginx ntp openldap openssh postfix prometheus rsync rsyslog rundeck sensu sphinx telegraf xtrabackup watchdog logrotate"
+ description: "Those variable will be ignored, in case gerritTrigger=>GERRIT_BRANCH. Version of bin-artifacts,passed to test-env"
RECLASS_VERSION:
type: string
default: 'v1.5.4'
- description: "Version (branch) of Reclass we will use"
+ description: "Version (branch) of reclass PACKAGE we will use"
+ CREDENTIALS_ID:
+ type: string
+ default: gerrit
+ EXTRA_VARIABLES_YAML:
+ type: text
+ default: ""
+ description: "Extra vars passed as YAML"
job:
test-salt-model-node:
name: test-salt-model-node
@@ -337,9 +340,6 @@
CREDENTIALS_ID:
type: string
default: "gerrit"
- EXTRA_FORMULAS:
- type: string
- default: ""
FORMULAS_SOURCE:
type: string
default: "pkg"
@@ -379,9 +379,9 @@
name: test-mk-cookiecutter-templates-chunk
discard:
build:
- keep_num: 300
+ keep_days: 3
artifact:
- keep_num: 30
+ keep_days: 3
type: workflow-scm
concurrent: true
plugin_properties:
@@ -398,5 +398,5 @@
script: test-cookiecutter-reclass-chunk.groovy
param:
EXTRA_VARIABLES_YAML:
- type: string
+ type: text
default: ""
diff --git a/jenkins/client/job/security/openscap.yml b/jenkins/client/job/security/openscap.yml
new file mode 100644
index 0000000..fae68ab
--- /dev/null
+++ b/jenkins/client/job/security/openscap.yml
@@ -0,0 +1,57 @@
+#
+# Job to collect oscap results based on input benchmarks
+#
+parameters:
+ jenkins:
+ client:
+ job:
+ run-openscap-xccdf-evaluation:
+ type: workflow-scm
+ concurrent: true
+ discard:
+ build:
+ keep_num: 10
+ artifact:
+ keep_num: 10
+ display_name: "Run openscap xccdf evaluation on given nodes"
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
+ branch: "${_param:jenkins_pipelines_branch}"
+ credentials: "gerrit"
+ script: test-openscap-pipeline.groovy
+ param:
+ DASHBOARD_API_URL:
+ type: string
+ default: ""
+ description: "The WORP api base url. Mandatory if UPLOAD_TO_DASHBOARD is true"
+ SALT_MASTER_URL:
+ type: string
+ default: ""
+ SALT_MASTER_CREDENTIALS:
+ type: string
+ default: "salt"
+ TARGET_SERVERS:
+ type: string
+ default: '*'
+ description: "The target Salt nodes"
+ UPLOAD_TO_DASHBOARD:
+ type: boolean
+ default: "false"
+ description: "Upload results to the WORP or not"
+ XCCDF_BENCHMARKS:
+ type: string
+ default: "cis_ubuntu_1604_server_l2/cis_ubuntu_1604_server_l2-xccdf.xml,default"
+ description: "List of pairs XCCDF benchmark filename and corresponding profile, format xccdf_benchmark 1, profile; xccdf_benchmark 2, profile"
+ XCCDF_BENCHMARKS_DIR:
+ type: string
+ default: "/usr/share/xccdf-benchmarks/mirantis/"
+ description: "The XCCDF benchmarks base directory"
+ XCCDF_VERSION:
+ type: string
+ default: "1.2"
+ description: "The XCCDF version"
+ XCCDF_TAILORING_ID:
+ type: string
+ default: "None"
+ description: "The tailoring id"
diff --git a/jenkins/client/job/stacklight/cookiecutter.yml b/jenkins/client/job/stacklight/cookiecutter.yml
new file mode 100644
index 0000000..0f40403
--- /dev/null
+++ b/jenkins/client/job/stacklight/cookiecutter.yml
@@ -0,0 +1,74 @@
+parameters:
+ jenkins:
+ client:
+ job:
+ stacklight-test-cookiecutter-model:
+ display_name: stacklight-test-cookiecutter-model
+ name: stacklight-test-cookiecutter-model
+ concurrent: true
+ description: Test specified cookiecutter context
+ discard:
+ build:
+ keep_num: 60
+ artifact:
+ keep_num: 60
+ type: workflow-scm
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/openstack-ci/openstack-pipelines"
+ credentials: "gerrit"
+ branch: 'master'
+ script: test-cookiecutter-model-pipeline.groovy
+ trigger:
+ timer:
+ spec: "H H(0-3) * * *"
+ param:
+ CREDENTIALS_ID:
+ type: string
+ description: "ID of jenkins credentials for connecting to gerrit"
+ default: "gerrit"
+ COOKIECUTTER_TEMPLATE_CONTEXT_FILE:
+ type: string
+ description: "Context for cookiecutter template specified as filename"
+ default: 'stacklight-openstack-ovs-core-pike'
+ OPENSTACK_ENVIRONMENT:
+ type: choice
+ description: "Target openstack environment"
+ choices:
+ - devcloud
+ - presales
+ - oscore_devcloud
+ OPENSTACK_API_CREDENTIALS:
+ type: string
+ description: "Credentials to the OpenStack API"
+ OPENSTACK_API_PROJECT:
+ type: string
+ default: "mcp-stacklight"
+ HEAT_STACK_ZONE:
+ type: string
+ default: "mcp-stacklight"
+ FLAVOR_PREFIX:
+ type: string
+ default: 'dev'
+ RUN_SMOKE:
+ type: boolean
+ description: "Run smoke after deployment or not (bool)"
+ default: 'false'
+ COOKIECUTTER_EXTRA_CONTEXT:
+ type: text
+ description: "Extra context items, will be merged to COOKIECUTTER_TEMPLATE_CONTEXT_FILE"
+ default: |-
+ #Extra context that will be merged with content of COOKIECUTTER_TEMPLATE_CONTEXT_FILE
+ default_context:
+ openssh_groups: "qa_scale,oscore_devops,networking,tcpcloud,stacklight,k8s_team"
+ cookiecutter_template_url: https://gerrit.mcp.mirantis.net/mk/cookiecutter-templates.git
+ cookiecutter_template_branch: 'master'
+ shared_reclass_url: https://gerrit.mcp.mirantis.net/salt-models/reclass-system.git
+ shared_reclass_branch: 'master'
+ STACK_INSTALL:
+ type: string
+ default: 'core,openstack,ovs,stacklight'
+ STACK_DELETE:
+ type: boolean
+ description: "Delete Heat stack when finished (bool). Don't enable it if you need to use the lab after"
+ default: 'true'
diff --git a/jenkins/client/job/stacklight/init.yml b/jenkins/client/job/stacklight/init.yml
new file mode 100644
index 0000000..6d8f563
--- /dev/null
+++ b/jenkins/client/job/stacklight/init.yml
@@ -0,0 +1,2 @@
+classes:
+ - system.jenkins.client.job.stacklight.cookiecutter
diff --git a/jenkins/client/job/test_pipelines.yml b/jenkins/client/job/test_pipelines.yml
index c8eaab0..4d661da 100644
--- a/jenkins/client/job/test_pipelines.yml
+++ b/jenkins/client/job/test_pipelines.yml
@@ -35,6 +35,8 @@
"{{repo}}":
branches:
- master
+ - compare_type: ANT
+ name: release/*
event:
patchset:
- created:
diff --git a/jenkins/client/job/validate.yml b/jenkins/client/job/validate.yml
index 57db539..c0ebf40 100644
--- a/jenkins/client/job/validate.yml
+++ b/jenkins/client/job/validate.yml
@@ -133,6 +133,10 @@
type: string
default: ""
description: Rally scenarios directory or file with scenarios
+ RALLY_SL_SCENARIOS:
+ type: string
+ default: ""
+ description: Stacklight Rally scenarios directory or file with scenarios
RALLY_TASK_ARGS_FILE:
type: string
default: ""
@@ -161,6 +165,10 @@
type: boolean
default: 'false'
description: If chosen then K8S Rally test will be executed
+ STACKLIGHT_RALLY:
+ type: boolean
+ default: 'false'
+ description: If chosen then Stacklight Rally test will be executed
JOB_TIMEOUT:
type: string
default: "3"
@@ -276,10 +284,6 @@
type: string
default: "https://github.com/Mirantis/cvp-configuration"
description: URL of repo where testing tools, scenarios, configs are located.
- TEMPEST_VERSION:
- type: string
- default: "15.0.0"
- description: Version of Tempest
cvp-ha:
type: workflow-scm
name: cvp-ha
diff --git a/keepalived/cluster/instance/openstack_barbican_vip.yml b/keepalived/cluster/instance/openstack_barbican_vip.yml
new file mode 100644
index 0000000..3c733c4
--- /dev/null
+++ b/keepalived/cluster/instance/openstack_barbican_vip.yml
@@ -0,0 +1,11 @@
+classes:
+- service.keepalived.cluster.single
+parameters:
+ _param:
+ keepalived_openstack_barbican_vip_address: ${_param:cluster_vip_address}
+ keepalived_openstack_barbican_vip_password: password
+ keepalived_openstack_barbican_vip_interface: eth1
+ keepalived_vip_virtual_router_id: 250
+ keepalived_vip_address: ${_param:keepalived_openstack_barbican_vip_address}
+ keepalived_vip_password: ${_param:keepalived_openstack_barbican_vip_password}
+ keepalived_vip_interface: ${_param:keepalived_openstack_barbican_vip_interface}
diff --git a/keepalived/cluster/instance/openstack_manila_vip.yml b/keepalived/cluster/instance/openstack_manila_vip.yml
new file mode 100644
index 0000000..d8330c4
--- /dev/null
+++ b/keepalived/cluster/instance/openstack_manila_vip.yml
@@ -0,0 +1,11 @@
+classes:
+- service.keepalived.cluster.single
+parameters:
+ _param:
+ keepalived_openstack_manila_vip_address: ${_param:cluster_vip_address}
+ keepalived_openstack_manila_vip_password: password
+ keepalived_openstack_manila_vip_interface: eth1
+ keepalived_vip_virtual_router_id: 235
+ keepalived_vip_address: ${_param:keepalived_openstack_manila_vip_address}
+ keepalived_vip_password: ${_param:keepalived_openstack_manila_vip_password}
+ keepalived_vip_interface: ${_param:keepalived_openstack_manila_vip_interface}
diff --git a/keystone/client/os_client_config/octavia_identity.yml b/keystone/client/os_client_config/octavia_identity.yml
new file mode 100644
index 0000000..3d84b0c
--- /dev/null
+++ b/keystone/client/os_client_config/octavia_identity.yml
@@ -0,0 +1,20 @@
+parameters:
+ keystone:
+ client:
+ os_client_config:
+ enabled: true
+ cfgs:
+ root:
+ content:
+ clouds:
+ octavia_identity:
+ region_name: ${_param:openstack_region}
+ identity_api_version: '3'
+ interface: 'internal'
+ auth:
+ username: 'octavia'
+ password: ${_param:keystone_octavia_password}
+ user_domain_name: 'Default'
+ project_name: 'service'
+ project_domain_name: 'Default'
+ auth_url: ${_param:keystone_service_protocol}://${_param:keystone_service_host}:5000
\ No newline at end of file
diff --git a/keystone/client/service/gnocchi.yml b/keystone/client/service/gnocchi.yml
index 27d38b0..1d1b075 100644
--- a/keystone/client/service/gnocchi.yml
+++ b/keystone/client/service/gnocchi.yml
@@ -5,6 +5,8 @@
cluster_public_protocol: https
gnocchi_service_protocol: http
gnocchi_public_host: ${_param:cluster_public_host}
+ gnocchi_public_port: 8041
+ gnocchi_public_path: '/'
keystone:
client:
server:
@@ -24,8 +26,8 @@
- region: ${_param:openstack_region}
public_address: ${_param:gnocchi_public_host}
public_protocol: ${_param:cluster_public_protocol}
- public_port: 8041
- public_path: '/'
+ public_port: ${_param:gnocchi_public_port}
+ public_path: ${_param:gnocchi_public_path}
internal_address: ${_param:gnocchi_service_host}
internal_port: 8041
internal_path: '/'
diff --git a/keystone/client/service/keystone.yml b/keystone/client/service/keystone.yml
index 0cfa963..53e7cd1 100644
--- a/keystone/client/service/keystone.yml
+++ b/keystone/client/service/keystone.yml
@@ -7,6 +7,8 @@
keystone_public_path: "/v2.0"
keystone_internal_path: "/v2.0"
keystone_admin_path: "/v2.0"
+ keystone_public_address: ${_param:cluster_public_host}
+ keystone_public_port: 5000
keystone:
client:
server:
@@ -17,9 +19,9 @@
description: OpenStack Identity Service
endpoints:
- region: ${_param:openstack_region}
- public_address: ${_param:cluster_public_host}
+ public_address: ${_param:keystone_public_address}
public_protocol: ${_param:cluster_public_protocol}
- public_port: 5000
+ public_port: ${_param:keystone_public_port}
public_path: ${_param:keystone_public_path}
internal_address: ${_param:keystone_service_host}
internal_port: 5000
diff --git a/keystone/client/service/octavia.yml b/keystone/client/service/octavia.yml
index 304d70f..bf16b79 100644
--- a/keystone/client/service/octavia.yml
+++ b/keystone/client/service/octavia.yml
@@ -9,6 +9,9 @@
client:
server:
identity:
+ roles:
+ - load-balancer_member
+ - load-balancer_admin
project:
service:
user:
@@ -18,7 +21,7 @@
email: ${_param:admin_email}
service:
octavia:
- type: octavia
+ type: load-balancer
description: OpenStack Loadbalancing Service
endpoints:
- region: ${_param:openstack_region}
diff --git a/keystone/client/v3/service/octavia.yml b/keystone/client/v3/service/octavia.yml
index a43b0a9..56de95b 100644
--- a/keystone/client/v3/service/octavia.yml
+++ b/keystone/client/v3/service/octavia.yml
@@ -1,3 +1,6 @@
+classes:
+- system.keystone.client.os_client_config.octavia_identity
+
parameters:
_param:
cluster_public_protocol: https
@@ -5,8 +8,25 @@
octavia_service_protocol: http
keystone:
client:
+ server:
+ identity:
+ octavia:
+ api_version: 3
+ octavia_identity:
+ admin:
+ api_version: ''
+ user_domain_name: 'Default'
+ project_domain_name: 'Default'
resources:
v3:
+ cloud_name: 'octavia_identity'
+ roles:
+ global_load_balancer_member:
+ name: load-balancer_member
+ enabled: true
+ global_load_balancer_admin:
+ name: load-balancer_admin
+ enabled: true
users:
octavia:
password: ${_param:keystone_octavia_password}
@@ -17,7 +37,7 @@
project_id: service
services:
octavia:
- type: octavia
+ type: load-balancer
description: OpenStack Loadbalancing Service
endpoints:
octavia_public:
diff --git a/keystone/server/cluster.yml b/keystone/server/cluster.yml
index c9642bd..a42d3b6 100644
--- a/keystone/server/cluster.yml
+++ b/keystone/server/cluster.yml
@@ -5,10 +5,17 @@
- system.haproxy.proxy.listen.openstack.keystone.standalone
- system.linux.system.users.keystone
- system.keystone.server.fernet_rotation.cluster
+- system.salt.minion.cert.mysql.clients.openstack.keystone
+- system.salt.minion.cert.rabbitmq.clients.openstack.keystone
parameters:
_param:
keystone_tokens_expiration: 3600
openstack_node_role: primary
+ openstack_mysql_x509_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ galera_ssl_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
package:
@@ -42,6 +49,13 @@
name: keystone
password: ${_param:mysql_keystone_password}
user: keystone
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_keystone_ssl_ca_file}
+ key_file: ${_param:mysql_keystone_client_ssl_key_file}
+ cert_file: ${_param:mysql_keystone_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
tokens:
engine: fernet
expiration: ${_param:keystone_tokens_expiration}
@@ -50,6 +64,7 @@
credential:
location: /var/lib/keystone/credential-keys
message_queue:
+ port: ${_param:openstack_rabbitmq_port}
engine: rabbitmq
members:
- host: ${_param:openstack_message_queue_node01_address}
@@ -59,6 +74,13 @@
password: ${_param:rabbitmq_openstack_password}
virtual_host: '/openstack'
ha_queues: true
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_keystone_ssl_ca_file}
+ key_file: ${_param:rabbitmq_keystone_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_keystone_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
auth_methods:
- password
- token
diff --git a/keystone/server/fernet_rotation/cluster.yml b/keystone/server/fernet_rotation/cluster.yml
index a4aad33..c34c4f8 100644
--- a/keystone/server/fernet_rotation/cluster.yml
+++ b/keystone/server/fernet_rotation/cluster.yml
@@ -24,6 +24,13 @@
credential_rotation_driver: ${_param:credential_rotation_driver}
linux:
system:
+ package:
+ rsync:
+ version: latest
+ cron:
+ user:
+ keystone:
+ enabled: true
job:
keystone_fernet_rotate_rsync:
command: '/var/lib/keystone/keystone_keys_rotate.sh -r -s -t fernet >> /var/log/keystone/keystone-rotate.log 2>> /var/log/keystone/keystone-rotate.log'
diff --git a/keystone/server/fernet_rotation/single.yml b/keystone/server/fernet_rotation/single.yml
index de5ca6a..8a3d6fb 100644
--- a/keystone/server/fernet_rotation/single.yml
+++ b/keystone/server/fernet_rotation/single.yml
@@ -10,6 +10,13 @@
credential_rotation_driver: ${_param:credential_rotation_driver}
linux:
system:
+ package:
+ rsync:
+ version: latest
+ cron:
+ user:
+ keystone:
+ enabled: true
job:
keystone_fernet_rotate_rsync:
command: '/var/lib/keystone/keystone_keys_rotate.sh -r -t fernet >> /var/log/keystone/keystone-rotate.log 2>> /var/log/keystone/keystone-rotate.log'
diff --git a/keystone/server/single.yml b/keystone/server/single.yml
index e1131c0..10a5331 100644
--- a/keystone/server/single.yml
+++ b/keystone/server/single.yml
@@ -2,6 +2,8 @@
- service.keystone.server.single
- system.linux.system.users.keystone
- system.keystone.server.fernet_rotation.single
+- system.salt.minion.cert.mysql.clients.openstack.keystone
+- system.salt.minion.cert.rabbitmq.clients.openstack.keystone
parameters:
_param:
keystone_service_token: token
@@ -11,6 +13,11 @@
mysql_keystone_password: password
keystone_tokens_expiration: 3600
openstack_node_role: primary
+ openstack_mysql_x509_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ galera_ssl_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
package:
@@ -41,6 +48,13 @@
name: keystone
password: ${_param:mysql_keystone_password}
user: keystone
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_keystone_ssl_ca_file}
+ key_file: ${_param:mysql_keystone_client_ssl_key_file}
+ cert_file: ${_param:mysql_keystone_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
tokens:
engine: fernet
expiration: ${_param:keystone_tokens_expiration}
@@ -49,12 +63,20 @@
credential:
location: /var/lib/keystone/credential-keys
message_queue:
+ port: ${_param:openstack_rabbitmq_port}
engine: rabbitmq
host: ${_param:single_address}
user: openstack
password: ${_param:rabbitmq_openstack_password}
virtual_host: '/openstack'
ha_queues: true
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_keystone_ssl_ca_file}
+ key_file: ${_param:rabbitmq_keystone_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_keystone_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
roles:
- admin
- Member
diff --git a/kubernetes/common.yml b/kubernetes/common.yml
deleted file mode 100644
index 639154e..0000000
--- a/kubernetes/common.yml
+++ /dev/null
@@ -1,155 +0,0 @@
-parameters:
- _param:
- mcp_docker_registry: 'docker-prod-local.artifactory.mirantis.com'
- kubernetes_calico_calicoctl_repo: ${_param:mcp_docker_registry}/mirantis/projectcalico/calico
- kubernetes_calico_repo: ${_param:mcp_docker_registry}/mirantis/projectcalico/calico
- kubernetes_calico_cni_repo: ${_param:mcp_docker_registry}/mirantis/projectcalico/calico
- kubernetes_hyperkube_repo: ${_param:mcp_docker_registry}/mirantis/kubernetes
- kubernetes_contrail_cni_repo: ${_param:mcp_docker_registry}/mirantis/kubernetes
- kubernetes_contrail_network_controller_repo: ${_param:mcp_docker_registry}/mirantis/kubernetes/contrail-integration
- kubernetes_netchecker_agent_repo: mirantis
- kubernetes_netchecker_server_repo: mirantis
- kubernetes_virtlet_repo: mirantis
- kubernetes_kubedns_repo: gcr.io/google_containers
- kubernetes_externaldns_repo: mirantis
- kubernetes_genie_repo: https://docker-prod-local.artifactory.mirantis.com/artifactory/binary-prod-local/mirantis/kubernetes/cni-genie
- kubernetes_flannel_repo: quay.io/coreos
- kubernetes_metallb_repo: metallb
- kubernetes_sriov_repo: https://docker-prod-local.artifactory.mirantis.com/artifactory/binary-prod-local/mirantis/kubernetes/sriov-cni
- kubernetes_cniplugins_repo: https://docker-prod-local.artifactory.mirantis.com/artifactory/binary-prod-local/mirantis/kubernetes/containernetworking-plugins
- kubernetes_dashboard_repo: k8s.gcr.io
-
- # component docker images
- kubernetes_docker_package: docker-engine=1.13.1-0~ubuntu-xenial
- kubernetes_calico_calicoctl_image: ${_param:kubernetes_calico_calicoctl_repo}/ctl:v1.6.4
- kubernetes_calico_image: ${_param:kubernetes_calico_repo}/node:v2.6.10
- kubernetes_calico_cni_image: ${_param:kubernetes_calico_cni_repo}/cni:v1.11.6
- kubernetes_hyperkube_image: ${_param:kubernetes_hyperkube_repo}/hyperkube-amd64:v1.10.4-4
- kubernetes_pause_image: ${_param:kubernetes_hyperkube_repo}/pause-amd64:v1.10.4-4
- kubernetes_contrail_cni_image: ${_param:kubernetes_contrail_cni_repo}/contrail-cni:v1.2.0
- kubernetes_contrail_network_controller_image: ${_param:kubernetes_contrail_network_controller_repo}/contrail-network-controller:v1.2.0
- kubernetes_virtlet_image: ${_param:kubernetes_virtlet_repo}/virtlet:v1.1.2
- kubernetes_criproxy_version: v0.11.1
- kubernetes_criproxy_checksum: md5=a3f1f08bdc7a8d6eb73b7c8fa5bae200
- kubernetes_netchecker_agent_image: ${_param:kubernetes_netchecker_agent_repo}/k8s-netchecker-agent:v1.2.2
- kubernetes_netchecker_server_image: ${_param:kubernetes_netchecker_server_repo}/k8s-netchecker-server:v1.2.2
- kubernetes_kubedns_image: ${_param:kubernetes_kubedns_repo}/k8s-dns-kube-dns-amd64:1.14.5
- kubernetes_dnsmasq_image: ${_param:kubernetes_kubedns_repo}/k8s-dns-dnsmasq-amd64:1.14.5
- kubernetes_sidecar_image: ${_param:kubernetes_kubedns_repo}/k8s-dns-sidecar-amd64:1.14.5
- kubernetes_dns_autoscaler_image: ${_param:kubernetes_kubedns_repo}/cluster-proportional-autoscaler-amd64:1.0.0
- kubernetes_externaldns_image: ${_param:kubernetes_externaldns_repo}/external-dns:v0.5.3
- kubernetes_genie_source: ${_param:kubernetes_genie_repo}/genie_v1.0-138-gbf5dbaa
- kubernetes_genie_source_hash: md5=b024052ed4ecb1d5354e0cc8f51afaca
- kubernetes_flannel_image: ${_param:kubernetes_flannel_repo}/flannel:v0.10.0-amd64
- kubernetes_metallb_controller_image: ${_param:kubernetes_metallb_repo}/controller:v0.6.2
- kubernetes_metallb_speaker_image: ${_param:kubernetes_metallb_repo}/speaker:v0.6.2
- kubernetes_sriov_source: ${_param:kubernetes_sriov_repo}/sriov_v0.3-8-g8b7ed98
- kubernetes_sriov_source_hash: md5=c0cc33202afd02e4cc44b977a8faf6e7
- kubernetes_cniplugins_source: ${_param:kubernetes_cniplugins_repo}/cni-plugins_v0.7.1-48-g696b1f9.tar.gz
- kubernetes_cniplugins_source_hash: md5=5ec1cf5e989097c6127ea5365e277b02
- kubernetes_dashboard_image: ${_param:kubernetes_dashboard_repo}/kubernetes-dashboard-amd64:v1.8.3
-
- kubelet_fail_on_swap: true
- kubernetes_dashboard_enabled: true
- kubernetes_kubedns_enabled: true
- kubernetes_externaldns_enabled: false
- kubernetes_coredns_enabled: false
- kubernetes_externaldns_provider: coredns
- kubernetes_virtlet_enabled: false
- kubernetes_flannel_enabled: false
- kubernetes_genie_enabled: false
- kubernetes_calico_enabled: false
- kubernetes_opencontrail_enabled: false
- kubernetes_contrail_network_controller_enabled: false
- kubernetes_metallb_enabled: false
- kubernetes_sriov_enabled: false
- kubernetes_fluentd_enabled: false
-
- # the rest of fluentd related params, the non bools
- kubernetes_fluentd_aggregator_bind_port: 24224
- kubernetes_fluentd_aggregator_es_host: 127.0.0.1
- kubernetes_fluentd_aggregator_es_port: 9200
- kubernetes_fluentd_aggregator_es_scheme: http
-
- docker:
- host:
- pkgs:
- - ${_param:kubernetes_docker_package}
- - python-docker
- options:
- bip: 172.31.255.1/24
- storage-driver: overlay2
-
- kubernetes:
- common:
- hyperkube:
- image: ${_param:kubernetes_hyperkube_image}
- pause_image: ${_param:kubernetes_pause_image}
- cni:
- plugins:
- source: ${_param:kubernetes_cniplugins_source}
- hash: ${_param:kubernetes_cniplugins_source_hash}
- addons:
- dashboard:
- enabled: ${_param:kubernetes_dashboard_enabled}
- image: ${_param:kubernetes_dashboard_image}
- dns:
- enabled: ${_param:kubernetes_kubedns_enabled}
- kubedns_image: ${_param:kubernetes_kubedns_image}
- dnsmasq_image: ${_param:kubernetes_dnsmasq_image}
- sidecar_image: ${_param:kubernetes_sidecar_image}
- autoscaler:
- image: ${_param:kubernetes_dns_autoscaler_image}
- externaldns:
- enabled: ${_param:kubernetes_externaldns_enabled}
- namespace: kube-system
- image: ${_param:kubernetes_externaldns_image}
- provider: ${_param:kubernetes_externaldns_provider}
- coredns:
- enabled: ${_param:kubernetes_coredns_enabled}
- contrail_network_controller:
- enabled: ${_param:kubernetes_contrail_network_controller_enabled}
- image: ${_param:kubernetes_contrail_network_controller_image}
- flannel:
- image: ${_param:kubernetes_flannel_image}
- fluentd:
- enabled: ${_param:kubernetes_fluentd_enabled}
- aggregator:
- bind:
- port: ${_param:kubernetes_fluentd_aggregator_bind_port}
- es:
- host: ${_param:kubernetes_fluentd_aggregator_es_host}
- port: ${_param:kubernetes_fluentd_aggregator_es_port}
- scheme: ${_param:kubernetes_fluentd_aggregator_es_scheme}
- virtlet:
- enabled: ${_param:kubernetes_virtlet_enabled}
- namespace: kube-system
- image: ${_param:kubernetes_virtlet_image}
- criproxy_version: ${_param:kubernetes_criproxy_version}
- criproxy_source: ${_param:kubernetes_criproxy_checksum}
- metallb:
- enabled: ${_param:kubernetes_metallb_enabled}
- pool:
- enabled: false
- kubelet:
- fail_on_swap: ${_param:kubelet_fail_on_swap}
- container: false
- network:
- genie:
- enabled: ${_param:kubernetes_genie_enabled}
- source: ${_param:kubernetes_genie_source}
- source_hash: ${_param:kubernetes_genie_source_hash}
- calico:
- enabled: ${_param:kubernetes_calico_enabled}
- image: ${_param:kubernetes_calico_image}
- calicoctl_image: ${_param:kubernetes_calico_calicoctl_image}
- cni_image: ${_param:kubernetes_calico_cni_image}
- opencontrail:
- enabled: ${_param:kubernetes_opencontrail_enabled}
- cni_image: ${_param:kubernetes_contrail_cni_image}
- sriov:
- enabled: ${_param:kubernetes_sriov_enabled}
- source: ${_param:kubernetes_sriov_source}
- source_hash: ${_param:kubernetes_sriov_source_hash}
- flannel:
- enabled: ${_param:kubernetes_flannel_enabled}
diff --git a/kubernetes/common/addons/alertmanager.yml b/kubernetes/common/addons/alertmanager.yml
new file mode 100644
index 0000000..c7483cf
--- /dev/null
+++ b/kubernetes/common/addons/alertmanager.yml
@@ -0,0 +1,24 @@
+classes:
+- system.prometheus.alertmanager.container
+parameters:
+ _param:
+ kubernetes_alertmanager_enabled: false
+ kubernetes_alertmanager_image: ${_param:mcp_docker_registry}/openstack-docker/alertmanager:2018.8.0
+ kubernetes_alertmanager_namespace: stacklight
+ kubernetes_alertmanager_node_port: 31993
+ kubernetes:
+ common:
+ addons:
+ alertmanager:
+ enabled: ${_param:kubernetes_alertmanager_enabled}
+ image: ${_param:kubernetes_alertmanager_image}
+ namespace: ${_param:kubernetes_alertmanager_namespace}
+ dir:
+ config: ${_param:prometheus_alertmanager_config_directory}
+ data: ${_param:prometheus_alertmanager_data_directory}
+ host_config: ${prometheus:alertmanager:dir:config}
+ host_data: ${prometheus:alertmanager:dir:data}
+ bind:
+ address: ${prometheus:alertmanager:bind:address}
+ port: ${prometheus:alertmanager:bind:port}
+ node_port: ${_param:kubernetes_alertmanager_node_port}
diff --git a/kubernetes/common/addons/prometheus.yml b/kubernetes/common/addons/prometheus.yml
new file mode 100644
index 0000000..5f5fcea
--- /dev/null
+++ b/kubernetes/common/addons/prometheus.yml
@@ -0,0 +1,37 @@
+classes:
+- system.prometheus.server.container
+parameters:
+ _param:
+ kubernetes_prometheus_image: ${_param:mcp_docker_registry}/openstack-docker/prometheus:2018.8.0
+ kubernetes_prometheus_enabled: false
+ kubernetes_prometheus_namespace: stacklight
+ kubernetes_prometheus_server_resources_limits_memory: 500M
+ kubernetes_prometheus_server_resources_requests_memory: 500M
+ kubernetes_prometheus_server_bind_host_port: 31990
+ kubernetes_prometheus_server_storage_local_engine: persisted
+ kubernetes_prometheus_server_use_static_datadir: true
+ kubernetes:
+ common:
+ addons:
+ prometheus:
+ enabled: ${_param:kubernetes_prometheus_enabled}
+ image: ${_param:kubernetes_prometheus_image}
+ namespace: ${_param:kubernetes_prometheus_namespace}
+ server:
+ bind:
+ port: ${prometheus:server:bind:port}
+ host: ${prometheus:server:bind:address}
+ host_port: ${_param:kubernetes_prometheus_server_bind_host_port}
+ config:
+ config_dir: ${prometheus:server:dir:config_in_container}
+ host_config_dir: ${prometheus:server:dir:config}
+ data_dir: ${_param:prometheus_server_data_directory}
+ host_data_dir: ${prometheus:server:dir:data}
+ storage_local_engine: ${_param:kubernetes_prometheus_server_storage_local_engine}
+ storage_local_retention: ${prometheus:server:storage:local:retention}
+ use_static_datadir: ${_param:kubernetes_prometheus_server_use_static_datadir}
+ resources:
+ limits:
+ memory: ${_param:kubernetes_prometheus_server_resources_limits_memory}
+ requests:
+ memory: ${_param:kubernetes_prometheus_server_resources_requests_memory}
diff --git a/kubernetes/common/init.yml b/kubernetes/common/init.yml
new file mode 100644
index 0000000..45d688f
--- /dev/null
+++ b/kubernetes/common/init.yml
@@ -0,0 +1,289 @@
+parameters:
+ _param:
+ mcp_docker_registry: 'docker-prod-local.artifactory.mirantis.com'
+ kubernetes_calico_calicoctl_repo: ${_param:mcp_docker_registry}/mirantis/projectcalico/calico
+ kubernetes_calico_repo: ${_param:mcp_docker_registry}/mirantis/projectcalico/calico
+ kubernetes_calico_cni_repo: ${_param:mcp_docker_registry}/mirantis/projectcalico/calico
+ kubernetes_calico_kube_ctl_repo: ${_param:mcp_docker_registry}/mirantis/projectcalico/calico
+ kubernetes_hyperkube_repo: ${_param:mcp_docker_registry}/mirantis/kubernetes
+ kubernetes_contrail_cni_repo: ${_param:mcp_docker_registry}/mirantis/kubernetes
+ kubernetes_contrail_network_controller_repo: ${_param:mcp_docker_registry}/mirantis/kubernetes/contrail-integration
+ kubernetes_netchecker_agent_repo: mirantis
+ kubernetes_netchecker_server_repo: mirantis
+ kubernetes_virtlet_repo: mirantis
+ kubernetes_kubedns_repo: gcr.io/google_containers
+ kubernetes_externaldns_repo: ${_param:mcp_docker_registry}/mirantis/external-dns
+ kubernetes_genie_repo: https://docker-prod-local.artifactory.mirantis.com/artifactory/binary-prod-local/mirantis/kubernetes/cni-genie
+ kubernetes_flannel_repo: quay.io/coreos
+ kubernetes_metallb_repo: ${_param:mcp_docker_registry}/mirantis/metallb
+ kubernetes_sriov_repo: https://docker-prod-local.artifactory.mirantis.com/artifactory/binary-prod-local/mirantis/kubernetes/sriov-cni
+ kubernetes_cniplugins_repo: https://docker-prod-local.artifactory.mirantis.com/artifactory/binary-prod-local/mirantis/kubernetes/containernetworking-plugins
+ kubernetes_dashboard_repo: ${_param:mcp_docker_registry}/mirantis/kubernetes
+ kubernetes_coredns_repo: ${_param:mcp_docker_registry}/mirantis/coredns
+
+ # component docker images
+ kubernetes_docker_package: docker-engine=1.13.1-0~ubuntu-xenial
+ kubernetes_calico_calicoctl_image: ${_param:kubernetes_calico_calicoctl_repo}/ctl:v3.1.3
+ kubernetes_calico_image: ${_param:kubernetes_calico_repo}/node:v3.1.3
+ kubernetes_calico_cni_image: ${_param:kubernetes_calico_cni_repo}/cni:v3.1.3
+ kubernetes_calico_kube_controllers_image: ${_param:kubernetes_calico_kube_ctl_repo}/kube-controllers:v3.1.3
+ kubernetes_hyperkube_image: ${_param:kubernetes_hyperkube_repo}/hyperkube-amd64:v1.11.2-1
+ kubernetes_pause_image: ${_param:kubernetes_hyperkube_repo}/pause-amd64:v1.11.2-1
+ kubernetes_contrail_cni_image: ${_param:kubernetes_contrail_cni_repo}/contrail-cni:v1.2.0
+ kubernetes_contrail_network_controller_image: ${_param:kubernetes_contrail_network_controller_repo}/contrail-network-controller:v1.2.0
+ kubernetes_virtlet_image: ${_param:kubernetes_virtlet_repo}/virtlet:v1.4.0
+ kubernetes_criproxy_version: v0.12.0
+ kubernetes_criproxy_checksum: md5=371cacd3d8568eb88425498b48a649dd
+ kubernetes_netchecker_agent_image: ${_param:kubernetes_netchecker_agent_repo}/k8s-netchecker-agent:v1.2.2
+ kubernetes_netchecker_server_image: ${_param:kubernetes_netchecker_server_repo}/k8s-netchecker-server:v1.2.2
+ kubernetes_kubedns_image: ${_param:kubernetes_kubedns_repo}/k8s-dns-kube-dns-amd64:1.14.5
+ kubernetes_dnsmasq_image: ${_param:kubernetes_kubedns_repo}/k8s-dns-dnsmasq-amd64:1.14.5
+ kubernetes_sidecar_image: ${_param:kubernetes_kubedns_repo}/k8s-dns-sidecar-amd64:1.14.5
+ kubernetes_dns_autoscaler_image: ${_param:kubernetes_kubedns_repo}/cluster-proportional-autoscaler-amd64:1.0.0
+ kubernetes_externaldns_image: ${_param:kubernetes_externaldns_repo}/external-dns:v0.5.6-1
+ kubernetes_genie_source: ${_param:kubernetes_genie_repo}/genie_v1.0-138-gbf5dbaa
+ kubernetes_genie_source_hash: md5=b024052ed4ecb1d5354e0cc8f51afaca
+ kubernetes_flannel_image: ${_param:kubernetes_flannel_repo}/flannel:v0.10.0-amd64
+ kubernetes_metallb_controller_image: ${_param:kubernetes_metallb_repo}/controller:v0.7.3-2
+ kubernetes_metallb_speaker_image: ${_param:kubernetes_metallb_repo}/speaker:v0.7.3-2
+ kubernetes_sriov_source: ${_param:kubernetes_sriov_repo}/sriov_v0.3-8-g8b7ed98
+ kubernetes_sriov_source_hash: md5=c0cc33202afd02e4cc44b977a8faf6e7
+ kubernetes_cniplugins_source: ${_param:kubernetes_cniplugins_repo}/cni-plugins_v0.7.1-48-g696b1f9.tar.gz
+ kubernetes_cniplugins_source_hash: md5=5ec1cf5e989097c6127ea5365e277b02
+ kubernetes_dashboard_image: ${_param:kubernetes_dashboard_repo}/kubernetes-dashboard-amd64:v1.10.0-4
+ kubernetes_fluentd_aggregator_image: fluent/fluentd-kubernetes-daemonset:v1.2-debian-elasticsearch
+ kubernetes_fluentd_logger_image: fluent/fluentd-kubernetes-daemonset:v1.2-debian-stackdriver
+ kubernetes_telegraf_image: ${_param:mcp_docker_registry}/openstack-docker/telegraf:2018.8.0
+ kubernetes_coredns_image: ${_param:kubernetes_coredns_repo}/coredns:v1.2.2-12
+
+ kubelet_fail_on_swap: true
+ kubernetes_dashboard_enabled: true
+ kubernetes_kubedns_enabled: false
+ kubernetes_externaldns_enabled: false
+ kubernetes_coredns_enabled: true
+ kubernetes_externaldns_provider: coredns
+ kubernetes_virtlet_enabled: false
+ kubernetes_virtlet_use_apparmor: false
+ kubernetes_flannel_enabled: false
+ kubernetes_genie_enabled: false
+ kubernetes_calico_enabled: false
+ kubernetes_opencontrail_enabled: false
+ kubernetes_contrail_network_controller_enabled: false
+ kubernetes_metallb_enabled: false
+ kubernetes_sriov_enabled: false
+ kubernetes_fluentd_enabled: false
+ kubernetes_telegraf_enabled: false
+
+ # the rest of fluentd related params, the non bools
+ kubernetes_fluentd_namespace: stacklight
+ kubernetes_fluentd_aggregator_resources_limits_memory: 500Mi
+ kubernetes_fluentd_aggregator_resources_requests_memory: 500Mi
+ kubernetes_fluentd_aggregator_config_forward_input_bind_port: 24224
+ kubernetes_fluentd_aggregator_config_general_time_format: '%Y-%m-%dT%H:%M:%S.%N%z'
+ kubernetes_fluentd_aggregator_config_systemd_filter_docker_parse_format: /^time="(?<time>[^)]*)" level=(?<severity>[^ ]*) msg="(?<message>[^"]*)"( err="(?<error>[^"]*)")?( statusCode=($<status_code>\d+))?/
+ kubernetes_fluentd_aggregator_config_output_log_level: 'info'
+ kubernetes_fluentd_aggregator_config_output_logstash_format: true
+ kubernetes_fluentd_aggregator_config_output_logstash_prefix: 'log'
+ kubernetes_fluentd_aggregator_config_output_logstash_dateformat: '%Y.%m.%d'
+ kubernetes_fluentd_aggregator_config_output_num_threads: 8
+ kubernetes_fluentd_aggregator_config_output_max_retry_wait: 30
+ kubernetes_fluentd_aggregator_config_output_flush_interval: '10s'
+ kubernetes_fluentd_aggregator_config_output_buffer_chunk_limit: '2m'
+ kubernetes_fluentd_aggregator_config_output_buffer_queue_limit: 32
+ kubernetes_fluentd_aggregator_config_output_request_timeout: '10s'
+ kubernetes_fluentd_aggregator_config_output_es_host: 127.0.0.1
+ kubernetes_fluentd_aggregator_config_output_es_port: 9200
+ kubernetes_fluentd_aggregator_config_output_es_scheme: http
+
+ kubernetes_fluentd_logger_resources_limits_memory: 500Mi
+ kubernetes_fluentd_logger_resources_requests_memory: 500Mi
+ kubernetes_fluentd_logger_config_kubernetes_input_time_format: '%Y-%m-%dT%H:%M:%S.%NZ'
+ kubernetes_fluentd_logger_config_forward_output_require_ack_response: true
+ kubernetes_fluentd_logger_config_forward_output_ack_response_timeout: 30
+ kubernetes_fluentd_logger_config_forward_output_recover_wait: '10s'
+ kubernetes_fluentd_logger_config_forward_output_heartbeat_interval: '1s'
+ kubernetes_fluentd_logger_config_forward_output_phi_threshold: 16
+ kubernetes_fluentd_logger_config_forward_output_send_timeout: '10s'
+ kubernetes_fluentd_logger_config_forward_output_hard_timeout: '10s'
+ kubernetes_fluentd_logger_config_forward_output_expire_dns_cache: 15
+ kubernetes_fluentd_logger_config_forward_output_heartbeat_type: 'tcp'
+ kubernetes_fluentd_logger_config_forward_output_buffer_chunk_limit: '2M'
+ kubernetes_fluentd_logger_config_forward_output_buffer_queue_limit: 32
+ kubernetes_fluentd_logger_config_forward_output_flush_interval: '5s'
+ kubernetes_fluentd_logger_config_forward_output_max_retry_wait: 15
+ kubernetes_fluentd_logger_config_forward_output_num_threads: 8
+
+ # telegraf stuff
+ kubernetes_telegraf_namespace: stacklight
+ kubernetes_telegraf_resources_limits_memory: 500Mi
+ kubernetes_telegraf_resources_requests_memory: 500Mi
+ kubernetes_telegraf_agent_interval: 15
+ kubernetes_telegraf_agent_round_interval: false
+ kubernetes_telegraf_agent_metric_batch_size: 1000
+ kubernetes_telegraf_agent_metric_buffer_limit: 10000
+ kubernetes_telegraf_agent_collection_jitter: 2
+ kubernetes_telegraf_agent_flush_interval: 10
+ kubernetes_telegraf_agent_flush_jitter: 2
+ kubernetes_telegraf_agent_precision: ms
+ kubernetes_telegraf_agent_logfile: etc/telegraf/log
+ kubernetes_telegraf_agent_debug: false
+ kubernetes_telegraf_agent_quiet: false
+ kubernetes_telegraf_agent_omit_hostname: false
+
+ docker:
+ host:
+ pkgs:
+ - ${_param:kubernetes_docker_package}
+ - python-docker
+ options:
+ bip: 172.31.255.1/24
+ storage-driver: overlay2
+
+ kubernetes:
+ common:
+ hyperkube:
+ image: ${_param:kubernetes_hyperkube_image}
+ pause_image: ${_param:kubernetes_pause_image}
+ cni:
+ plugins:
+ source: ${_param:kubernetes_cniplugins_source}
+ hash: ${_param:kubernetes_cniplugins_source_hash}
+ addons:
+ dashboard:
+ enabled: ${_param:kubernetes_dashboard_enabled}
+ image: ${_param:kubernetes_dashboard_image}
+ dns:
+ enabled: ${_param:kubernetes_kubedns_enabled}
+ kubedns_image: ${_param:kubernetes_kubedns_image}
+ dnsmasq_image: ${_param:kubernetes_dnsmasq_image}
+ sidecar_image: ${_param:kubernetes_sidecar_image}
+ autoscaler:
+ image: ${_param:kubernetes_dns_autoscaler_image}
+ externaldns:
+ enabled: ${_param:kubernetes_externaldns_enabled}
+ namespace: kube-system
+ image: ${_param:kubernetes_externaldns_image}
+ provider: ${_param:kubernetes_externaldns_provider}
+ coredns:
+ enabled: ${_param:kubernetes_coredns_enabled}
+ image: ${_param:kubernetes_coredns_image}
+ contrail_network_controller:
+ enabled: ${_param:kubernetes_contrail_network_controller_enabled}
+ image: ${_param:kubernetes_contrail_network_controller_image}
+ flannel:
+ image: ${_param:kubernetes_flannel_image}
+ fluentd:
+ enabled: ${_param:kubernetes_fluentd_enabled}
+ namespace: ${_param:kubernetes_fluentd_namespace}
+ aggregator:
+ image: ${_param:kubernetes_fluentd_aggregator_image}
+ resources:
+ limits:
+ memory: ${_param:kubernetes_fluentd_aggregator_resources_limits_memory}
+ requests:
+ memory: ${_param:kubernetes_fluentd_aggregator_resources_requests_memory}
+ config:
+ forward_input:
+ bind:
+ port: ${_param:kubernetes_fluentd_aggregator_config_forward_input_bind_port}
+ general:
+ time_format: ${_param:kubernetes_fluentd_aggregator_config_general_time_format}
+ systemd_filter:
+ docker_parse_format: ${_param:kubernetes_fluentd_aggregator_config_systemd_filter_docker_parse_format}
+ output:
+ log_level: ${_param:kubernetes_fluentd_aggregator_config_output_log_level}
+ logstash_format: ${_param:kubernetes_fluentd_aggregator_config_output_logstash_format}
+ logstash_prefix: ${_param:kubernetes_fluentd_aggregator_config_output_logstash_prefix}
+ logstash_dateformat: ${_param:kubernetes_fluentd_aggregator_config_output_logstash_dateformat}
+ request_timeout: ${_param:kubernetes_fluentd_aggregator_config_output_request_timeout}
+ buffer_chunk_limit: ${_param:kubernetes_fluentd_aggregator_config_output_buffer_chunk_limit}
+ buffer_queue_limit: ${_param:kubernetes_fluentd_aggregator_config_output_buffer_queue_limit}
+ flush_interval: ${_param:kubernetes_fluentd_aggregator_config_output_flush_interval}
+ num_threads: ${_param:kubernetes_fluentd_aggregator_config_output_num_threads}
+ max_retry_wait: ${_param:kubernetes_fluentd_aggregator_config_output_max_retry_wait}
+ es:
+ host: ${_param:kubernetes_fluentd_aggregator_config_output_es_host}
+ port: ${_param:kubernetes_fluentd_aggregator_config_output_es_port}
+ scheme: ${_param:kubernetes_fluentd_aggregator_config_output_es_scheme}
+ logger:
+ image: ${_param:kubernetes_fluentd_logger_image}
+ resources:
+ limits:
+ memory: ${_param:kubernetes_fluentd_logger_resources_limits_memory}
+ requests:
+ memory: ${_param:kubernetes_fluentd_logger_resources_requests_memory}
+ config:
+ kubernetes_input:
+ time_format: ${_param:kubernetes_fluentd_logger_config_kubernetes_input_time_format}
+ forward_output:
+ require_ack_response: ${_param:kubernetes_fluentd_logger_config_forward_output_require_ack_response}
+ ack_response_timeout: ${_param:kubernetes_fluentd_logger_config_forward_output_ack_response_timeout}
+ recover_wait: ${_param:kubernetes_fluentd_logger_config_forward_output_recover_wait}
+ heartbeat_interval: ${_param:kubernetes_fluentd_logger_config_forward_output_heartbeat_interval}
+ phi_threshold: ${_param:kubernetes_fluentd_logger_config_forward_output_phi_threshold}
+ send_timeout: ${_param:kubernetes_fluentd_logger_config_forward_output_send_timeout}
+ hard_timeout: ${_param:kubernetes_fluentd_logger_config_forward_output_hard_timeout}
+ expire_dns_cache: ${_param:kubernetes_fluentd_logger_config_forward_output_expire_dns_cache}
+ heartbeat_type: ${_param:kubernetes_fluentd_logger_config_forward_output_heartbeat_type}
+ buffer_chunk_limit: ${_param:kubernetes_fluentd_logger_config_forward_output_buffer_chunk_limit}
+ buffer_queue_limit: ${_param:kubernetes_fluentd_logger_config_forward_output_buffer_queue_limit}
+ flush_interval: ${_param:kubernetes_fluentd_logger_config_forward_output_flush_interval}
+ max_retry_wait: ${_param:kubernetes_fluentd_logger_config_forward_output_max_retry_wait}
+ num_threads: ${_param:kubernetes_fluentd_logger_config_forward_output_num_threads}
+ telegraf:
+ enabled: ${_param:kubernetes_telegraf_enabled}
+ image: ${_param:kubernetes_telegraf_image}
+ resources:
+ limits:
+ memory: ${_param:kubernetes_telegraf_resources_limits_memory}
+ requests:
+ memory: ${_param:kubernetes_telegraf_resources_requests_memory}
+ agent:
+ interval: ${_param:kubernetes_telegraf_agent_interval}
+ round_interval: ${_param:kubernetes_telegraf_agent_round_interval}
+ metric_batch_size: ${_param:kubernetes_telegraf_agent_metric_batch_size}
+ metric_buffer_limit: ${_param:kubernetes_telegraf_agent_metric_buffer_limit}
+ collection_jitter: ${_param:kubernetes_telegraf_agent_collection_jitter}
+ flush_interval: ${_param:kubernetes_telegraf_agent_flush_interval}
+ flush_jitter: ${_param:kubernetes_telegraf_agent_flush_jitter}
+ precision: ${_param:kubernetes_telegraf_agent_precision}
+ logfile: ${_param:kubernetes_telegraf_agent_logfile}
+ debug: ${_param:kubernetes_telegraf_agent_debug}
+ quiet: ${_param:kubernetes_telegraf_agent_quiet}
+ omit_hostname: ${_param:kubernetes_telegraf_agent_omit_hostname}
+ virtlet:
+ enabled: ${_param:kubernetes_virtlet_enabled}
+ namespace: kube-system
+ image: ${_param:kubernetes_virtlet_image}
+ criproxy_version: ${_param:kubernetes_criproxy_version}
+ criproxy_source: ${_param:kubernetes_criproxy_checksum}
+ use_apparmor: ${_param:kubernetes_virtlet_use_apparmor}
+ metallb:
+ enabled: ${_param:kubernetes_metallb_enabled}
+ controller_image: ${_param:kubernetes_metallb_controller_image}
+ speaker_image: ${_param:kubernetes_metallb_speaker_image}
+ pool:
+ enabled: false
+ kubelet:
+ fail_on_swap: ${_param:kubelet_fail_on_swap}
+ container: false
+ network:
+ genie:
+ enabled: ${_param:kubernetes_genie_enabled}
+ source: ${_param:kubernetes_genie_source}
+ source_hash: ${_param:kubernetes_genie_source_hash}
+ calico:
+ enabled: ${_param:kubernetes_calico_enabled}
+ image: ${_param:kubernetes_calico_image}
+ calicoctl_image: ${_param:kubernetes_calico_calicoctl_image}
+ cni_image: ${_param:kubernetes_calico_cni_image}
+ kube_controllers_image: ${_param:kubernetes_calico_kube_controllers_image}
+ opencontrail:
+ enabled: ${_param:kubernetes_opencontrail_enabled}
+ cni_image: ${_param:kubernetes_contrail_cni_image}
+ sriov:
+ enabled: ${_param:kubernetes_sriov_enabled}
+ source: ${_param:kubernetes_sriov_source}
+ source_hash: ${_param:kubernetes_sriov_source_hash}
+ flannel:
+ enabled: ${_param:kubernetes_flannel_enabled}
diff --git a/kubernetes/control/opencontrail.yml b/kubernetes/control/opencontrail.yml
new file mode 100644
index 0000000..2a46d00
--- /dev/null
+++ b/kubernetes/control/opencontrail.yml
@@ -0,0 +1,48 @@
+parameters:
+ _param:
+ opencontrail_identity_user: admin
+ opencontrail_identity_password: contrail123
+ opencontrail_identity_tenant: admin
+ opencontrail_public_ip_range: 172.17.47.128/25
+ opencontrail_public_ip_network: default-domain:default-project:Public
+ opencontrail_private_ip_range: 10.150.0.0/16
+ kubernetes:
+ pool:
+ network:
+ engine: none
+ opencontrail:
+ enabled: false
+ master:
+ network:
+ engine: none
+ opencontrail:
+ version: ${_param:opencontrail_version}
+ public_ip_range: ${_param:opencontrail_public_ip_range}
+ public_network: ${_param:opencontrail_public_ip_network}
+ private_ip_range: ${_param:opencontrail_private_ip_range}
+ cluster_network:
+ project: 'default'
+ domain: 'default-domain'
+ name: 'cluster-network'
+ config:
+ api:
+ host: ${_param:opencontrail_control_address}
+ identity:
+ auth_user: ${_param:opencontrail_identity_user}
+ auth_password: ${_param:opencontrail_identity_password}
+ auth_tenant: ${_param:opencontrail_identity_tenant}
+ message_queue:
+ host: ${_param:single_address}
+ database:
+ members:
+ - host: ${_param:kubernetes_control_node01_address}
+ port: 9161
+ - host: ${_param:kubernetes_control_node02_address}
+ port: 9161
+ - host: ${_param:kubernetes_control_node03_address}
+ port: 9161
+ collector:
+ members:
+ - host: ${_param:kubernetes_control_node01_address}
+ - host: ${_param:kubernetes_control_node02_address}
+ - host: ${_param:kubernetes_control_node03_address}
diff --git a/kubernetes/master/cluster.yml b/kubernetes/master/cluster.yml
index 7cddd21..a283873 100644
--- a/kubernetes/master/cluster.yml
+++ b/kubernetes/master/cluster.yml
@@ -7,6 +7,9 @@
parameters:
kubernetes:
master:
+ network:
calico:
prometheus:
enabled: true
+ policy:
+ enabled: false
diff --git a/kubernetes/master/common.yml b/kubernetes/master/common.yml
index 9e3748d..1c92e00 100644
--- a/kubernetes/master/common.yml
+++ b/kubernetes/master/common.yml
@@ -17,6 +17,7 @@
image: ${_param:kubernetes_calico_image}
calicoctl_image: ${_param:kubernetes_calico_calicoctl_image}
cni_image: ${_param:kubernetes_calico_cni_image}
+ kube_controllers_image: ${_param:kubernetes_calico_kube_controllers_image}
opencontrail:
enabled: ${_param:kubernetes_opencontrail_enabled}
cni_image: ${_param:kubernetes_contrail_cni_image}
diff --git a/kubernetes/pool/cluster.yml b/kubernetes/pool/cluster.yml
index 61ebc3c..a375748 100644
--- a/kubernetes/pool/cluster.yml
+++ b/kubernetes/pool/cluster.yml
@@ -10,6 +10,8 @@
calico:
prometheus:
enabled: true
+ policy:
+ enabled: false
docker:
host:
options:
diff --git a/linux/system/repo/keystorage/cassandra.yml b/linux/system/repo/keystorage/cassandra.yml
new file mode 100644
index 0000000..e2b500b
--- /dev/null
+++ b/linux/system/repo/keystorage/cassandra.yml
@@ -0,0 +1,1014 @@
+parameters:
+ linux:
+ system:
+ repo:
+ mcp_cassandra:
+ # pub 1024D/F2833C93 2004-01-18
+ key: |
+ -----BEGIN PGP PUBLIC KEY BLOCK-----
+ Version: GnuPG v1
+
+ mQGiBEAJzn4RBADGO7JTT1TmQGbNbPBV6Ua5D3U1YbOSlwgv3OYVk6BUdpxmC5wF
+ ndCvgyyw+ZWNa1SsTZxaKiU93e2Eq/QoPvkoRr3WI+b55NtqAqtVJrSI8fdCiwCA
+ TgQa+O2JNKVgA9vYSPRQSsyPIhvE7xatNCqvmGjd9WUSD3lcErXrOK2rpwCg91pT
+ ZKf6udGAvP3RuSzoyrplAR0D/j4AeyZvAY36UHENhoozkf9OvSs1LVczhd2WjZBV
+ ENeeN3kJbLTkSlhclogfRJvy1kviQEz1ITK6nalLkTSvrIl4RMv4elpI6VOW8Gw6
+ HzJJJHqAZInpgpSLELNURTOl40KaFgtAtTH7fF/IsS0hcQGfIdqhrC9/lBZb2GxD
+ 6E13BACA8loQn1o1xkpNVl9usHJD3fBLZ7faHshvc8gnnI+ruFdirGp/a9/4pjvd
+ JLc60kfJEFl1wPVyhIVbh8VX8aslSJaAfwoTphwEDPlUpiibkCXyXlTEXqBO80+M
+ mfOYHDYnraOkNR6xDjrWQU4qN/ntytcu4hRoV0Eg6eZFFoyOarQeRXJpYyBFdmFu
+ cyA8ZWV2YW5zQGRlYmlhbi5vcmc+iEUEEBECAAYFAkMO8qUACgkQ9LSwzHl+v6vk
+ bwCfe2Xjt0qhvbPrwngolu8os9jCtoYAliYR3tbvH1nbqftAqnzZ+CAvK+OIRQQQ
+ EQIABgUCRG6N9gAKCRDXWV03S3KWJUaBAJ96/OxDrqFLTrRLt011C2vDzFgykACY
+ q4H+3Kc2q6MeFVZLw/uzwbTek4hGBBARAgAGBQJC2CQ0AAoJEFykUN5St0h+RM0A
+ oKaGnr6ac7nE5N77Utl1G3klUTSDAKDK6OWCV2rhPq4GRKgXovBzmPkQTohGBBAR
+ AgAGBQJC2DFPAAoJEPYo65NHQyBsZUEAoMcqLHvDS9QUiYep4504WZh4xFznAJ9a
+ xARpzYospJyXYhDQEXvpIcO5E4hGBBARAgAGBQJC2DzPAAoJEEk++45dZPhwNOAA
+ nR6z4gB01HIsq14fakmfcoA9wz47AJ9qCBrc6jdW1PKAZSatrspEd05q/4hGBBAR
+ AgAGBQJC2EAUAAoJEA5ZN6yY+qCt/j4AnA+mCSAz4UK2WPAJTh2w+JkWP9OSAJ9n
+ 88DgdlGQvN3AAW7crwt1kmQVFohGBBARAgAGBQJC2EdfAAoJEJLmCotfbYAVUgkA
+ oKGqS4dhD3eKISQt1VOqFAB8NSLYAJ9mNCdc33HSagcHJiFrm14w/DRWc4hGBBAR
+ AgAGBQJC2FJgAAoJEEIxMEle1xmOvYQAoM1wQKhKUTpIb3l4csnMM677boDwAJ4v
+ S5g9Kttvc0ugYMF4tZXTZ9Ttd4hGBBARAgAGBQJC2Mq2AAoJEK/Cma896afKlbwA
+ n36pSX2k6xHUfLKIPUHXpRKvbOerAJ4lnWbibhUF087DkkmnjOXdMeIXHohGBBAR
+ AgAGBQJC2M/LAAoJECFdj4gPMKfWivoAoKQOW1gFekWfmkNkZyJ+jfQ7libZAKCp
+ VrWz2ck9+7NCqUvb1KhhSmkvZIhGBBARAgAGBQJC2NGZAAoJEOuV2n7o2s9c5V8A
+ n2eBXR1Ne3zmxMlRKwJ091wK7Rs9AKDUE5R3hfVRONHUjy2XR4saJGuAKYhGBBAR
+ AgAGBQJC2NXGAAoJEPhev0YljYeBJfwAn0R0DvKewANTB870vHfMMZSDGjmKAJ9U
+ rTB2wKRzP9E+Xw3JxJqs3tlYW4hGBBARAgAGBQJC2O5GAAoJEFRwPN4SKOt1zKsA
+ oKdekzO8Xa3udG/dup6EoHt+d4a5AJ4gves6tN2H9+co4gsTo7WpoFHV+4hGBBAR
+ AgAGBQJC2Q1kAAoJEB0znGWLjXZjocwAoKWNX55pVp0d7tVSspNSPkqJSVi5AJ0f
+ KMM7UCpV5nPeaF0qxBk17S3LrYhGBBARAgAGBQJC2Rj2AAoJEB7CN9lTRYToHNgA
+ oIJquIsALLyiDBaSo87Q5R4O/cRyAJ9HLRgj3EkJv2RpmR1vx/Be5Hh7s4hGBBAR
+ AgAGBQJC2TqNAAoJEMnNEAuw2QTPvvYAnAqe8g6sqTcA/oXj0YVWRsn/3YgrAJ0Y
+ MGkGkQt1TbKj53HkBDp4xOij14hGBBARAgAGBQJC2VwNAAoJEA3LOUQU1AYLJpQA
+ n1EUi0vsPAAMjbb4wZXhjkJpB3ncAJ0XmBrZ7hoALfGwMXFcmB2mzJ/QK4hGBBAR
+ AgAGBQJC2V5hAAoJEE5L2uI37ak+hJ8AnishKAPNOdqyaCp6L5959CpKXk+dAKCY
+ U18lu0VWbW0I5SpJeVlzpHgk+IhGBBARAgAGBQJC2hO/AAoJEFoKOZrqfPWt0P4A
+ nAzbF7ht5zao6oWkCAMfPNYjIZhxAJ9NBqkLLTQ+4KhZkKuDb8JLMwid4IhGBBAR
+ AgAGBQJC2hw9AAoJEERoUHP5P4E7+kUAoKrR9/oP125HAeElRkpiHmSbtzP0AKCr
+ xIPalWfwj7ijOtX+1tNHT7NPIohGBBARAgAGBQJC2lvfAAoJEHzz9a8pSZ9hDT8A
+ oJjjq9XhKByco7GnLs37OeCwhZEEAKCBMH47wvBX7mqJmNq7DJGrcDxumYhGBBAR
+ AgAGBQJC2ly1AAoJECYMNUiI+I+P5r8AniqgPJlr2/oeYhjWQmN1sIbgvQA7AJ9J
+ daeyQvkf0zrzKsd8ZaRBmD3bU4hGBBARAgAGBQJC2pIHAAoJENTl7azAFD0t9foA
+ mwRUz+FobLawEL9UVN6fXWxPPXI+AJ9/xbM1KXtbZw1zGNRW4cj5+WFj1YhGBBAR
+ AgAGBQJC2rRCAAoJEMCk8R3gaz+Xy30AnjqG1KR7NP5nX4piZz3tPIhnJiwmAKCB
+ ymNwjcpDjykgDyHgLzYdRvpGW4hGBBARAgAGBQJC2sbQAAoJEOrj3DXw19RKV1QA
+ oJiNHxGQ2w2TIo2dlZqTHVfxLTESAKCAD+9cwYNIsJT7Vt+bN06y9L+vxohGBBAR
+ AgAGBQJC24MyAAoJECd4neBzbIVuyqYAoLm+hd9BPEpneQgi6WcAEZSpp5TsAJ4g
+ ZUs3+SQiqc0VnUVbLwdy10S6vIhGBBARAgAGBQJC28spAAoJEIJvysIeiAqEndMA
+ oK8/o0CEA7Zmsr8r6pJz+CAZzTqxAKCquy94meq1TZNobcyEx75zqNYoLohGBBAR
+ AgAGBQJC2+hSAAoJECmguvs5qMziKHIAmQF34jJc3sZGRO804l922Tkhp44eAJ9n
+ 7VGAD2nUSXBRFPu0N6DMQ0uHFIhGBBARAgAGBQJC3BV2AAoJELdWp4yIKmxLPk0A
+ oJK+bJVWaslowyNZkvV+Os/DJQAcAKDNINRQ3uv+0w60hJOMcjMxw56/wohGBBAR
+ AgAGBQJC3CuuAAoJEIKUT2jqLSxB90AAmgJH2RCjSgxtnIyyW/VPXpTBi0MpAJ9q
+ yZENWPXyCEEalNdp9TZHVeMFC4hGBBARAgAGBQJC3O21AAoJEDBIx4t5hKT9u3gA
+ oJny0RUlz1HtLlkc1F6di5gvr/vhAKCCknEczm20BH9R8RAo+WPj0jxtlohGBBAR
+ AgAGBQJC3PnHAAoJEHUIB7VVG+RH4UMAniCFfTec19t5jX0DqFfO2lR0WosdAJ9K
+ 3ggDZ6Y01V8zBZFSBRWQ0DTp6YhGBBARAgAGBQJC3QNnAAoJECILyIMzDEp1d4YA
+ oL6lt7WkFwPT12bpallou3VQcxZNAJ9S8wscLK40BqttvTK/n8dtMN0gLIhGBBAR
+ AgAGBQJC3Q9gAAoJEMN2qNrxvNtz6jkAnj7D8fx22vmqDD4hE349/iOhxk/SAJsG
+ eeQOqKievHfdbNHtg7YGgEVFEohGBBARAgAGBQJC3UYdAAoJEIHAiSKAjQ/QU+YA
+ oORhn8wEM+Ea90TZjsP3kTW64QyEAKD5xJoz7llifsuKDuv8KIunI3fCN4hGBBAR
+ AgAGBQJC3V06AAoJEPZ+Kl0c8tYqH9YAoIzxjNt46P1Mkdn2+Yvef96di4XMAKCj
+ 5eZ6tKzHaOuxivj9n4vmlbukhohGBBARAgAGBQJC3WctAAoJEB0o5L/gL+8RaPcA
+ niS83eWGJwgHIi/Z8TtdtQBoDcG/AJ4h7B2C6C/YpQZv3McmHM1yjfNOfohGBBAR
+ AgAGBQJC3WqnAAoJEMTgC7NzVfr/0IEAoJH8oKVBh+Slqn6DwXUsWH3kst0IAKCj
+ /V4Y0mAHE5G70Lmps/d0UaIwP4hGBBARAgAGBQJC3f2OAAoJEHmJfefdwLcNkmkA
+ nje5F1UEHccVYItgGIJDL2noMaY2AJ9lo8pBbuqRCxblV1gRSVCpnCSS64hGBBAR
+ AgAGBQJC3jBoAAoJEIqQZ3kYgCg87zsAnie1Aw7wSnQyTQwIW4PBIKuFRJ8OAKCi
+ wWHw+z7tjGDZ0tHFxQY+mVBosYhGBBARAgAGBQJC3kEHAAoJEGSnwKfyzwGokKAA
+ n2/pyB2VnXtzQ3EZiIUgZyGNnmMhAJ9xEofafNxivDZ+0WhlS792TMuwaIhGBBAR
+ AgAGBQJC3r7SAAoJEE8amY7aauYhwVkAoMbXXrLlSRd8mBgDIQaK7N/A+D4XAJ49
+ UGcXvhW9OYnOyT2Is9J/aoWhWohGBBARAgAGBQJC38BKAAoJECV4+H4UnN2y5VAA
+ nR196jMV8djXOPlUOdjIUAVQ5om5AJ9D4nwHZSDZfMTABNXheFtH8qQ5T4hGBBAR
+ AgAGBQJC395FAAoJEF7tANvNttvsvG0An2NVHTMhv7oz3HzbvEJQaJ+3i12aAJ9N
+ N9TN+rLNW0o0vxkmKQcPFQKykIhGBBARAgAGBQJC3+xyAAoJEAWHsm5F8/v5F8MA
+ n0HqasPsDsIfGztGB3vWexhzZU/6AJ0bpAnCjiGQRKwl9F2IFq8rcJoJTYhGBBAR
+ AgAGBQJC4AeMAAoJEPfw5w8wfVbt08IAn3lL7FNV5XdqOhfEDOhHgwFBwZGKAJ4j
+ CDbQ6Nm7tpO7jJs04gFlJuNrYYhGBBARAgAGBQJC4KDOAAoJEBVYlEWZ6B2g/HEA
+ oLdeX+lrv+CE8WUs4VzcM9hhFRUWAJ9zCFHRFXVp4qR+l3y83X3Rn1Iz34hGBBAR
+ AgAGBQJC4M5ZAAoJEO+lVDaWQZni/PcAn1vX9Epw2Y0veDXvlz9EC5tHiwPpAJ0a
+ mPFyUicpqqkS9Nl8A2bZpGPIUohGBBARAgAGBQJC4R5sAAoJEJgcX9fGcSV9pzoA
+ niUY2VNVyU3bCaNb4c0ykQQiERETAJ9bLr0l7IbJd1DzjBl0FwU2M5eEY4hGBBAR
+ AgAGBQJC4TB5AAoJEJ9CjJYmz4N8t6IAn0uoItsdj+0RhrBvDFjvs2v3MnAgAJ4+
+ 9UzfakMO1PYJ+Xwe6ej8UoWjzohGBBARAgAGBQJC4WVhAAoJEDMwohVnIJveWmoA
+ oJhht2lgU7Wof6XYQzJiF3mNs84QAJwJYjyLw/DCZGvowHqFNwkRhHDPCYhGBBAR
+ AgAGBQJC4WkLAAoJEEvgWCWQeI4Rb2kAnjB1igFG6iR+5tuAZNMhlcaSlGCsAKCl
+ NFm/hUUJbKFadvzqHREQTcqshYhGBBARAgAGBQJC4oKpAAoJEPQ+cmY8yIwJb80A
+ n0Yz1q0okPKrNq7NsdzpcStGAm23AKCX2arr/MqVyGZJAICz4anu49vXX4hGBBAR
+ AgAGBQJC4u4BAAoJEINRw8JorFdGXJAAnj4+HK3NXXO4M9Gy7xARWaxHgh2pAKC/
+ qGEBgRY6fBVPrXc6K56jMG/+1YhGBBARAgAGBQJC43lWAAoJEDy4klAvo7wti1UA
+ oI2RsAW0FSld2nyXeHkppOkJBiRGAJ9fPEgGvH2XjKc5qSwYSzGUqU6wBIhGBBAR
+ AgAGBQJC4/4ZAAoJEEYGHyFm+FSy42kAn3LcxD7TcNZ92HZi4Na19pZVcJdbAKDQ
+ 09aJ8AHJnLTvg+voRztP/Zv2nIhGBBARAgAGBQJC5i5DAAoJEMv7+1fvqjMxDyMA
+ nAqTHr3bp70gp3y9Gw1/KrmTH5uiAJ9THeYYOl+BION1TIrqHj+bzxWkkYhGBBAR
+ AgAGBQJC5ncVAAoJEHvIg6ApQmD2UNsAnRLZXIytun13CHhYRrRfOwR7Sn9gAKCN
+ +hg5izgxWQ/Se5rPsz0s34m084hGBBARAgAGBQJC5oyUAAoJEEDq/QvhnxiORnYA
+ njBjx5Cv2d9/Gwk4ClXnQLZL0HbeAKCtsrjzNd7V/wgKoydTqHmZqlDIn4hGBBAR
+ AgAGBQJC5rksAAoJEJzVyLNn2OhnADkAn2fClMjzVUL2M+oYQGqweGzSYeuoAJwJ
+ bdXEieS8GYLecPIJuc8YBPZF/IhGBBARAgAGBQJC5950AAoJEHGh/2Ab+N4PwJ8A
+ nj2BXIkDadIWsft3tRpYCps8OyOQAKCiGNke/sE20Nfghhe6gHTZ7jpmBohGBBAR
+ AgAGBQJC6JWgAAoJEDK1M0mR4VPFp5cAnRLgtSoCgbf3JS+jqBSxzmRudcMCAJ9E
+ 10ThafZcx9Vr5whKQhzIfeSOPYhGBBARAgAGBQJC6p0ZAAoJEJdriEsIE1afSHQA
+ n1OTAM1J7Vs7vMMioUoPyWSN/hdhAJ4jAQ61mJdwJSBblZqJf0/NkaAV2ohGBBAR
+ AgAGBQJC6qgTAAoJEEHcHJByRJcL2a4AoMB9hueDTDz0LMVNWaZnMLZncRYKAKCu
+ K4X26uXd2BbJd44U45/5/MDEsohGBBARAgAGBQJC7QN9AAoJEDRQ7VE/zCqQ78oA
+ niQkzBIscj7moaqZy6K40KzQ4h8VAJ9wEyJj9eb6wPoG9RQ0SCuIyB3E54hGBBAR
+ AgAGBQJC7RLfAAoJEDSFugjQ7AcjmwgAoIcNc1RZWTFhM4Gl18ujoJl8EwqnAKDC
+ XEpfWTN9C03stz62zlvsTGkUMohGBBARAgAGBQJC7k02AAoJEIzuslmzwoH0CVcA
+ n0P+gLqOSdRWbPfvTS+hNRGfA3sSAJwMec2M4s8d+/14HrhY5qnkYnHniYhGBBAR
+ AgAGBQJC7r/3AAoJEIkhtdzNFaiDFZ4An0RzyIk1xcZ9FpO/KQlN+1Lo8Iy3AJ48
+ FsIdBy4NyqpBCo2oA+6lAtZHzohGBBARAgAGBQJC7sAAAAoJEAcXdOAA2M0WhN0A
+ oKWBjV5ycgMm79XctsXlYp+mbJEXAJ9x8Ild8nF3UZzQvrIqR7jEsZcQSohGBBAR
+ AgAGBQJC7z2nAAoJEGIDikvdm5kQfKcAn2SBCwolu/H21zgQTitqK5HYZHWiAJ4r
+ LWs0rc2AWX9Y+SxUXrF9Xl4aaIhGBBARAgAGBQJC78UWAAoJEPhZkLAkiutzprIA
+ nj/t8yRcfA9DZ3WAeWZRHqVrDV4JAJ9Ug8rtHZcj/RfpovW2ybU1bcsghIhGBBAR
+ AgAGBQJC9odfAAoJEInNSyFgdVnmnDcAoJMP310fXsBwt10ns/JcD+J52i5SAJ9X
+ LIu+dLmC1c5PJ2+OMTAtecvjw4hGBBARAgAGBQJC9o4BAAoJENVOrkvJmHCxFTMA
+ oNcVg7HJ/gkhuHGfZUpHQIAk4+6eAJ0eGh9r48uNjBlWmuB3558hKa1FuIhGBBAR
+ AgAGBQJC90q9AAoJEAug7gPq8Ztg55cAn0MsDGN0GfJHRfJiX/3nibamZmtqAJ9/
+ TbzSRo/zhvNlAoMj7lPIuQdU8YhGBBARAgAGBQJC/lTHAAoJEJppZcH8T78okOgA
+ nAoK3NSjhW56OWSzVvARKmdCnh6bAJ9ERlP3wRfnC486pmjvHqLxZrX7HohGBBAR
+ AgAGBQJDBY5vAAoJEGAwWzHAn9NaFbkAoLdCMg2BJmFEcEYqF1jHYoDKzEnaAJ49
+ QONxfBnxuMciOTwXPWuyODvijIhGBBARAgAGBQJDClu9AAoJEFOCskvmsbcjIEcA
+ n3KFQHQETAaC+1Y2MjyqqhBHlkYFAKCYcHoFIQZiHltDx4KPE9ynfJfJNIhGBBAR
+ AgAGBQJDEKxcAAoJEISJsU2IB1KbcEcAnjUhqHXPCmWvIAlnRFccJRccdnDJAJ0e
+ I8ElQvWvxAe8q1hUw+tZc9mL7ohGBBARAgAGBQJDEf04AAoJENFOhSbcR8oW+msA
+ oPF+3xbuz87lJhNlKoDAcNgD3D26AKCwU9elJjKQ+8lh9YnqSGU5HCQs+YhGBBAR
+ AgAGBQJDGys1AAoJEGnSph3iY/zUevoAnilkqlJcpoRO+rrHmAhG+RzrBgigAKCG
+ 3vDihU8iaj3fQF+bHyQw//QpjYhGBBARAgAGBQJDG13SAAoJEO/WTQkSBmIH+4gA
+ oIMb/b3u3kFJLxVAkzgJZuViBFw0AKDmcb4ynNObYNlhJ4D2B8OtnpXtb4hGBBAR
+ AgAGBQJDG13TAAoJEO/WTQkSBmIHRVIAn0sTapjwurnHtECvlmH5JVSc+AJ0AJ9C
+ t1KBe6Of8reRYMc3ABQ3ziZs+YhGBBARAgAGBQJDH2JuAAoJEFBy0DasWDUglEIA
+ oLBBLOeslPjfoAT740QO5x2N35JBAJ4iZW4gchaWYMHQGOQdzgxGylYUA4hGBBAR
+ AgAGBQJDH2JyAAoJEFBy0DasWDUg2J0AoMkIUOkLBM94KpxBwDdp5O8iV++TAKCj
+ 4BkzPnWpDPVoEQGpyuFmVSWzEYhGBBARAgAGBQJDIwLuAAoJEHQvKkKOY1perzEA
+ n1T8xHv/yAIfKknRZ9XnZbZfU+gWAJ9thjrHeXwsmwXD6P9p8IxDySUAPYhGBBAR
+ AgAGBQJDIwLwAAoJEHQvKkKOY1pe/Y8An2nlOA/nMePtLaIQ5I/TEj1/0GwRAJ98
+ dUkG9DApBHSZTNQdR8m3Gr2SJ4hGBBARAgAGBQJDk4nbAAoJEOIKmoj9/WgfUosA
+ njnHwhvDF+gFe5/9aAwE+dhgtaAbAJ9FF7CmFv2gjlJW4nqBnPMZiXX85YhGBBAR
+ AgAGBQJDk4nfAAoJEOIKmoj9/Wgfh48An3lUu1p51MV+92tG4GulldXzbD4JAJ93
+ uyxPWWz8wMqxBfywO0YxaL+jmIhGBBARAgAGBQJEJXZiAAoJEHFe1qB+e4rJHaMA
+ n2v6dNT1+mKj1wrrW6hzN7huAcNCAJ9xUG88Na9v+EfMBywKCXkCTPfRXYhGBBAR
+ AgAGBQJEJXZiAAoJEHFe1qB+e4rJ8bIAniEAjvchZae02NNz+K42k1/nacFlAJ9T
+ RGqaEkoEx5BMz0zAWA/wJ+WobohGBBARAgAGBQJEW6UNAAoJEIbgDQwZpC0ZZEQA
+ n2972/UzZE6i5XpDqAreyXv5dmGMAJ9j+oO6xZnGDyMVFUNWnp2vhiYLTYhGBBAR
+ AgAGBQJEZI+SAAoJEJ/PLM0/PmQmC8kAn1RJh1oRI50wIxf3gwoPTQdY431UAJ42
+ mmplz3j08U0MRyhvlhLS5moKWIhGBBARAgAGBQJEbo6aAAoJEGTeY3pzFGvUwl0A
+ n3HD66IRpF/16jf7mOjt01L26X3ZAKCnhL0e0IbeC89FSRQcqVXvZvgDjIhGBBAR
+ AgAGBQJEbpP0AAoJEAAc3mpredQBf0kAoJRnOHYuwTGM5ILcJueZTpE6DeZsAKCn
+ SC2E4QrzEqIZMMgpwxm5O7bXS4hGBBARAgAGBQJEbpTpAAoJEDlNxZEO1wTqKxAA
+ n1+s/2xK22ccTXH+GcMg2+SzprOkAKCYHcIPkBFcJ1yfZwLo63H4C16IvYhGBBAR
+ AgAGBQJEbqjcAAoJEFQKe15tdCZpsYUAnjdPGmqCvxKH3raN96/j6OFyWe82AJ4/
+ XTB4TmGv2h4UibhIFuLMUfoel4hGBBARAgAGBQJEbqvfAAoJEFFgLI0AXDuCT38A
+ n36DHh5xvz8jGpoIznVAeIbwTHegAJ9vBXGhm8+GbxPcpGrGOHpXLWOL5IhGBBAR
+ AgAGBQJEbqxFAAoJEMUUr45LpAHDUNQAoNpMW5ms0ly3JZWPrjNgOvrHiWsqAKDG
+ PHBk8gCtozAQMUy9ZfFsrY8obYhGBBARAgAGBQJEb1zpAAoJEEmCDBzqWQOOVx8A
+ oLzBFbe0TlWDA8d+4HzSpKADD9qBAJ0ajIncJYwMi7XRLdUoR2xsMltFRYhGBBAR
+ AgAGBQJEb3rFAAoJEF0853/VTwhHiOQAnRWsr1wHX4VRriS8QnQKaF+hGucMAJ9S
+ pGA4q714W1nxaarHIbnC3dJ0XYhGBBARAgAGBQJEb/xwAAoJEB7inAyAstEKb7gA
+ n1F/5mwU9hF09cU4lPlMr8DAM5JuAKCxYTLdpWnspNZWccce2YOx0nbNRYhGBBAR
+ AgAGBQJEcAg6AAoJELz2xg9ugWnScScAn0J5TNr8rfKcaQpO7niqSdSnV4AQAJ9+
+ KpSid3HtKsTuPQNWmGTWbqMREohGBBARAgAGBQJEcB0bAAoJEGlkNr9XXQp2288A
+ n0hwPFK2kWE5uOT/ltykA2cXBvLAAKCMpGVOJBN/5ZCmhgLqopS0BMgOIohGBBAR
+ AgAGBQJEcQBRAAoJEAowDtCQ5cpGQ6MAn2h6WrsQP8qkSXnZqeAqk1t5oj73AJ4x
+ OaFfPp0IT3Z2x59VxO4fYF0AdIhGBBARAgAGBQJEfd/gAAoJENgO81qLtSevcOUA
+ n0GNH5mwTDz6BmV+EQY+HgRSuKwlAJ4nXHzPz2smu43Ewk8eZ57CCGiQPYhGBBAR
+ AgAGBQJEimltAAoJEIiheH/D8VnKwWgAnjbP8jch0S2j3QPnq79VNfPUSof2AJ9r
+ vZWoGtJe/wMFqC5dA8dDbV2eh4hGBBARAgAGBQJEyEHgAAoJEAzHCxggbFr9JHUA
+ n2bs0ASTg2p5omPhPtdVx7KEioFcAJ4xcHF49dbzpRfK8LxfMeDNDcfGeYhGBBAR
+ AgAGBQJFaZNlAAoJEN/tuyIlvNW/eecAnRVUlIpfdzyKAVUuJ6ZyMdU6YMixAKCe
+ QSjnljCPDss/bPScnhkxjr9tu4hGBBARAgAGBQJFkYa4AAoJEF5t7xxOLspaLugA
+ oIx+57joEu84QWGygCNWfhqLvOKcAKCZmX1RKRZhDoBvWXcOwrmfqA/4oYhGBBAR
+ AgAGBQJGEHBSAAoJEOpMZh8rRqJ8A4cAn0+JajDp4ZUB9NpZ6BqQmWaLlqEXAJ0S
+ 7tycJE5JSLNBv2iUOiDHHG9KgIhGBBARAgAGBQJGcDbQAAoJEEKfAVsJbE3Ta9gA
+ nRLuoAJOKZMXQkoFfI86klgapPG1AKCn9vo+33qGkIcN5nCblyzHV8mFOYhGBBAR
+ AgAGBQJGnRvaAAoJEDoNiqBg9BIWrw8AnijC0FKnLYi4u9GKrcZX84PXcRlQAJ0d
+ DnhWsAEwrtG54dTEKXJn15JqWohGBBARAgAGBQJGpuq4AAoJEDFPepXsFSlC9BEA
+ n0SiHq3snKnWMhAOkmAjTVW0gEsiAJsEuxemsSmgHFFbZG/pDxszyyh3+YhGBBAR
+ AgAGBQJGpurHAAoJEBC7gPwWvXfGrj4AoKtijDUfKdbeohcHtfNdv+GAhDeyAJ41
+ 0FQZ4sEqDmvKZj1h1Xlj01m+1YhGBBARAgAGBQJHu+dlAAoJEFbcuXfF6VMzcFMA
+ njZI6qSvvjLNyRVewDD9LIrCndKuAJ9VpZr4zRu/5nl2dE+8cAXRj5dBVIhGBBAR
+ AgAGBQJIpPzwAAoJEIBAGfqiCcMFjBoAn357/0SqrdwZQEMG2MH66VG8hC27AJ42
+ mr70txphfCNHZCBKSddymbk654hGBBARAgAGBQJIqf8AAAoJEAzjPJEPnLKPwgIA
+ n1Cjo5+sl2ts1vFpXqMEcm8yJBepAKCezn1/pihTPIK6QzZXkYg6tFeHlYhGBBAR
+ AgAGBQJIrM0OAAoJEDsymJ0A88/kUuEAninPXEQ9ydf6SH7CF8OkQmNzI+4hAJ4q
+ yGFleJlxWguEqCst2dtfk1TK7ohGBBARAgAGBQJIrXuQAAoJELc1pkngugTB2EgA
+ oIa54M94kOW9SJBJr8AqYYoCfPyqAJ47gdv7TdqeFe2NfasPdly08VdAE4hGBBAR
+ AgAGBQJIrsh+AAoJEDUzUMpYCAjESZcAn1roTlqTb5eJBGCYHqVk1pCvL02bAJ9B
+ QNovEGKJmcZRx4DexUeHQqJBSYhGBBARAgAGBQJIsDG+AAoJEJ94+DzoxDRhOH4A
+ njnX1UtpkI7IWGADXaEfmLpVTT1iAJ4tAC5p3e9xsJ3B0RNHJ/yu7WItO4hGBBAR
+ AgAGBQJI8D4eAAoJEMOkKwNuJ9C6Tq8AnRhCrYsc6LC3vpvqpdTGbMHqzgRBAJ4+
+ 5W+K65rH/SeV2nXdUu3DAAQfEYhGBBARAgAGBQJI9AFmAAoJELZltFF4Y+sTgMwA
+ oIN9A2lLxyAT+PBtzxReEdM4GS7QAKCWUaPhrGIZ2aAZAwyvG5LiLOln4ohGBBAR
+ AgAGBQJJugGyAAoJEPsynDDheXvS5+EAniXKjLaPWLtjYmSfOcdEbUpcUVs8AJ0Q
+ HqQZ2bS7YHhQK2pO/wwtCN9pgYhGBBIRAgAGBQJC2DroAAoJENU47AlTgFdGxfsA
+ n3PGmhUur8/DitZPI/NSNHPBLy7EAJ0ZJtPWgieS18T1DGIj6obJPZ61rIhGBBIR
+ AgAGBQJC3XddAAoJEN56r26UwJx/7tsAn0KB3zhxISECnJooRkYL9YIKNIHyAJwN
+ oWLfImh67PYXtddvFA3lS+7waYhGBBIRAgAGBQJC4AiNAAoJEMGHc1Wf6NUEETIA
+ niAqNb9V/U0aygqhvLPPNWg2mFGfAKCX0XOeT4tsFtejQH7LjFTQ9QQNOYhGBBIR
+ AgAGBQJC4G+dAAoJEDe4j810qDkKi/oAnjrw5ePdkJ5iW0sJdgk3QjIOG0VgAJ9s
+ u4G/c6nnpziKTXlBaEzutncScohGBBIRAgAGBQJDA3HvAAoJEM1gO1ouz5hLGx4A
+ n1jM+Qpk6k/KlMclxohPIGqcacLzAJ9ne5CvNaGnpRcC/kp732YT+RfpQIhGBBIR
+ AgAGBQJDGf+fAAoJECdlaNdcYVOtZGMAmwQrPYwnpbzgAQYYGqOQ+ZmRPHHeAKDn
+ fiCBeoW2srCrZJ+Pb4aXzW03fYhGBBIRAgAGBQJDGf+1AAoJECdlaNdcYVOtgzoA
+ n1pxN/9k/0BJlqfZ2UO42TiPw6PRAKCC9F2V8vsjLBJuMw11QmSdmqXY+ohGBBIR
+ AgAGBQJDx+S8AAoJEPG9S+RbQwNn9voAn0L+aX/pMZ2IT3ci4y7mg636EbRDAJ9L
+ 45RF5deGx5CVqtB/iQl7hfsulohGBBIRAgAGBQJDx+TNAAoJEPG9S+RbQwNna/wA
+ oIPl2rLdFo98xHMD7VhrH7ItoIBfAKCVwWgJ4LsnROWySG7NW53LwRbpkYhGBBIR
+ AgAGBQJEcCs1AAoJEBigzI1XBqS0N5kAn1C8gP0HLIwKDNlLHX9+2IZsGFSJAKCh
+ EnCNIBshAGK08H9C+V+e9w46c4hGBBMRAgAGBQJC2FiZAAoJEAQyNusQcxl37iAA
+ oISm6kNgy2NA3fJTBBhBF61WrYK/AJ4jGF8w7nBr4s7/KdneRsXcVUN3lYhGBBMR
+ AgAGBQJC2MLkAAoJEHw7eXCIx8H3vmQAn0WManwE0WnuGSZDdQ/bU9RNEFY5AJ96
+ 763OO58Kc/GyiXgg4gf7EWXtWYhGBBMRAgAGBQJC2Pv6AAoJEBh1EgqjDsIrukIA
+ oKc+KM3o6EASezuXfNgq2xstl4vTAJ4omwUoqL0RqdqfxPTc+reJbnorGYhGBBMR
+ AgAGBQJC27IoAAoJEA3nJ21eBXfyJCMAn3u/tpbRDRxGG+IR4RMFIDi8D5LXAJ9m
+ I58QPvcv3Kj3+8pMP0mW54NgzohGBBMRAgAGBQJC8hkqAAoJEOVE3gebfDKNLF4A
+ oIua6TL3ffLjXKzx91JxBPNOnCxFAJsF5svU/KU4EVWedZxeOf5xHofTLohGBBMR
+ AgAGBQJDEMrrAAoJEO4l3j8c2w/jNUIAoJH+Mihms/6vqYl0srvmeOOfMMaiAJ9q
+ hDjaNHia8WPIDgtO+vE63lneRohGBBMRAgAGBQJIpMrAAAoJEIqDi+TYSA8utDUA
+ njRPCHG3jQCJQkLnz3J5AMRkAAl+AKCLBMknaxFZBYb4/BBp+mqNooSW0ohGBBMR
+ AgAGBQJIpc8uAAoJEHw7eXCIx8H3lyIAni7VZ4KIu/HuHPYU/kiZ2P7xzmdxAJ4j
+ ie88P6ZD8aDve/4dwGhd5jT1boheBBMRAgAeBQJCkIM6AhsDBgsJCAcDAgMVAgMD
+ FgIBAh4BAheAAAoJEPg1j6LygzyTT00Ani3wMbdu4wZOxANKBTIh0Ac09d5JAJ4g
+ xNX7AbGz714c9mMfgSRIKSho0IhhBBMRAgAhAhsDAh4BAheABQJKCeoNBQsJCAcD
+ BRUKCQgLBRYCAwEAAAoJEPg1j6LygzyTooAAoJWnDlEzCtAXTIQQXIlB8ecJ8GOp
+ AJ0feIXR70CDjxr3lwz+V5OcVLS62IhmBBMRAgAeBQJCkIM6AhsDBgsJCAcDAgMV
+ AgMDFgIBAh4BAheAABIJEPg1j6LygzyTB2VHUEcAAQFPTQCeLfAxt27jBk7EA0oF
+ MiHQBzT13kkAniDE1fsBsbPvXhz2Yx+BJEgpKGjQiJwEEAECAAYFAkLvPa8ACgkQ
+ xSga5QRk5+VsiAP+LVsS1fuPjCMfKj3G5il5VV62Jmh61lXCxEkRC8RllAPmad1e
+ Z/E+T/2g4Xq/kFG41yEJnoozxiRh/Vvn+hZXej8ciYd3WPhsVxg1XnHKgotjzfl8
+ 38s71pP7xmTuC+b7qi/GXth7pYwz2zSa6iX5c6S2NYcnQOdMkQ2x3Xv6mwyInAQQ
+ AQIABgUCQv/vLQAKCRBkZnAA/AXaaYDtA/91zm9NCTmH/GF5pPYPB7M267fANEmH
+ biilvF3A/mgr+L8MNTymbTeQJfJ9z7SBDbPKjT43gMTrfQVodUSTvHjF0/ckcDRN
+ AQwRBc5vuoDovvxaWJ9KQZRFyxu5u05QSAZKckI9syb/zRC2C9zycRAJz8Uo8l/l
+ gP9+x1GBhgpfuYicBBIBAgAGBQJDx+S9AAoJEDc6AHX0qLMMO70EAK/20DbDNln4
+ U0dsveQfxV6Cak2gcUkNsp5l8cwhLo+hsNshYGvmvll/s/TUEgY1ofHJTvCt1rUN
+ a7896W8eUFZCKJhR8eRt28GJcTfHOevAsLNXVysl0yjNwWYttH6FdYJQ6QdCMUAU
+ E99mr3qMjZ43U/jBzm8tXQHKC//fvNMbiJwEEgECAAYFAkPH5L0ACgkQuYWYIk3E
+ 5/07vQP/Yxcx1IK66aEwb/n2o7zkCQvDFoxXgBZ55pHYGmylFR3B5yhLnfn5inr3
+ Mo4q/mC1JPoJTVnD3AFoERqOFPD/SBfKtB/eOJ2VD2nUJRsR8z3ujvM9btrhu24d
+ rUB4n7cHnpBra/IpK08vcqDlHCyuYUoPr/VjrwmhZdXWfqJp33aInAQSAQIABgUC
+ Q8fkzQAKCRC5hZgiTcTn/dWfA/92KUc7slG/iOIjNP8z41X50ZPkXQLfanHnszY/
+ Wvb7k5xWyE0fb2hL/tynBmSdXoFf9NUqyUccFZ3Gp7AAALpr24OX92WcJZrYyAXU
+ Og1gJ0O+EjvaeHYFgXW+w6mDzuPK26KKb9Zd/0Oiz8DuYO/TxeBkd1pZaxm6sBxj
+ f2XsyoicBBIBAgAGBQJDx+TOAAoJEDc6AHX0qLMMDBED/A/eXuKH069qShDXgSD5
+ /5iCLC0wVdtcdPvvUJ1jeGHm6jIlXMPwKPc6Sq3Mm+sMJtKeJdxhk1ygiU3gdrPm
+ RBLT4VpI4hjV0pOs0PP3WibuChm2k+fY0JJ8n8QYCE1UA2DkV31JrhSw6vhEcy4j
+ wHzkGOzACGUe8onbp7hs3JSZiPMEEBECALMFAkMar1GFFIAAAAAAEABsc2lnbm90
+ ZXNAZ3JlcC5iZWh0dHA6Ly93d3cuZ3JlcC5iZS9ncGcvNDI2NzEwMTNGOTRBMEFC
+ RUI0Q0U5QjZEM0RGQzJDNjJBRjc5RDI5RS9DRUM4NkJCNEEwQkE5RDBGOTAzOTdD
+ QUVGODM1OEZBMkYyODMzQzkzLmFzYyYaaHR0cDovL3d3dy5ncmVwLmJlL2dwZy9j
+ ZXJ0LXBvbGljeS12MgAKCRA9/Cxir3nSnofCAKCMiYKPk0ZZUR5I4/pA+l+pc16N
+ 5QCgqmmBVCalKy7bVlGZ3FBQqQX/eO+I8wQQEQIAswUCQxqvZoUUgAAAAAAQAGxz
+ aWdub3Rlc0BncmVwLmJlaHR0cDovL3d3dy5ncmVwLmJlL2dwZy80MjY3MTAxM0Y5
+ NEEwQUJFQjRDRTlCNkQzREZDMkM2MkFGNzlEMjlFL0NFQzg2QkI0QTBCQTlEMEY5
+ MDM5N0NBRUY4MzU4RkEyRjI4MzNDOTMuYXNjJhpodHRwOi8vd3d3LmdyZXAuYmUv
+ Z3BnL2NlcnQtcG9saWN5LXYyAAoJED38LGKvedKeKlYAmwWee0CjmYhzN3pcQgXU
+ 5XdQ8Av7AJ9wmEZBQvhTmWum7fxDfRPghlHFbokCHAQQAQIABgUCQtkMDAAKCRCj
+ iC6/eERvJr1+D/961nbVEQ0yu0quLlvXl9Bi7WRwqSdcCKzKziSavLXx+iVCSM+F
+ vA2PZ4sKKr4n38wVf4mYEeze+FjQeou8Ngi6JYn5g4HrPrr+EQn+Ip5NvLJUaEUF
+ G1DQejIZgs/Nd4uM48X77M5QqFaeQFi3lnM8mRb1imDVaAGa2Iw5AOa2qJ7PPC/g
+ sI4kQ+z8YNC8idKLTGfac1Umm8YwGC+yHU1r6M95LIwx0LAc4gXl++y300VGCJ2b
+ GZ08WI/htc14HbpxjPs+yvmtplCLOoCycpI8A9UkDrASz5AwGSBG5QOMr7aUbFpa
+ DZaRbFTyYaEPvHsalvTvHkGzcDedAzUA5rM3z4a7VIhO0Ah4Ga7e1DDKD3b7Y1NU
+ +HRxeJdpxB7mMtjGOxMNKf1pJdVlAJzeTYoDE1xTZlNv5aYgqx+kIjT8QMiiNBrv
+ sWe0WRH+tAevzSs4ag5rgjHxKR5UIfdcFkv1RPfkeMR0+JdUc15Y3niXqln0yKOP
+ 22PNt0BAb1aUlwdgI84F7qn+DokmcJpVkPxDrDjvzwQWFwR5wBhpo+elEo4sdE9I
+ ktr5vpPK8sxBDa1H+lVG2sbUjENlrfyoTSgbyPnilICtaxhs2CgBZAfmx3RnWKGn
+ w3rdpp2UnTeThPjMwKDCHwBYo9lEcZRH4E5p8sY+THaPwW5TxH6yyKgMIYkCHAQQ
+ AQIABgUCQtwj2gAKCRAQ9faUhz8l8aFpD/oChhoMRRfl7S6vDc3JU5xFQe+HD2SK
+ MeeYLsDCxloT4CVkLClYYoViNEwKfVEMVpjdHDp4gD/xI/5h83nmVpZkl4pdi/jA
+ DCG6Up5RcXTEgBy6d2bF8s3x7+Jtgu9558j3nB6acAqANY/hg8JK69uR61YC01L7
+ QFYGsW7CnbzzfFpKmNWEC0zcBtwtYRRpWS39wXRTAwdkia78bWt4Lk5VucJR4AOk
+ lm909zLL+HW1SjCrF1qxFJ56UgmT3pWyyA1bizwbUYKjN/VZGo4v9B/bQ455FgMk
+ iNNjFc1SaTcMAu45iwIXvRpScWJwM41a6M7QvcCIgJioX7ogsE3UWDx3Ser4b5WC
+ ydW5IwDEgyR0D9JLm9egtjFLclzOMTo0x2ArmegRXqCbzqInO2gt4ia0KY4t8YU4
+ 50XpV63f+rb8EWw5qsxeY/VbgsIk07TZ5Y4EzmvG0FoTYeUGFrriN/YLSDuCfKUe
+ jD3RJZc3UxYMENexZyZPbQla095HVWq586zgEtIVimCcuO5Udqi7Imx3sOX6GfiS
+ 2Rtl6h2c6ibYkx4flZav37Y+rvpeqbGkjKO3jw4znHWGxY9/cFiVzIC5qJO27lmi
+ +48j46tkxjWhYvGTSfP22N83409CSmgRYZad9tl96f9lB0Bb9RglI+3wzeRf+fyV
+ zHkwlMhTpF2+sYkCHAQQAQIABgUCTaERNwAKCRBGOA6a/ndkmNBoEACyZa6mCUwj
+ NXgT8UxHNSnAOqvP/TSKNeE3WTMNAqBHQVCrWOisp0UQ+1xBd9YDHHU85sMjiQb1
+ 55wa2rYTWGt90DpR84HT6M4iStOtxPsmMkd/q7JEpjdvCVi2QlHaRuIp3mBTVSce
+ 7WCqdmShCA4qBsWMqnSbFK9c7owui6SnELqYLWcCvWRlKgWWGMJHTgaXlYWvo5Yi
+ DgmAxusmdK1TYx3p4LALqzwrxNKGZx/k+N3U4ad/jdfAL7uiWYWyixqY4B2ovHKH
+ kkN8V4RslqGc4ZnQvMpjf+/S6W3q3hdI1/KxkgauWoiYHqFv8H0yMHvEMzQ7/D3m
+ gp6N68UL4CrEVvYuuv8tjEYerCo+Tc/xO4rfjZ2FrNo/dq/XQMsDXvcFUnau0vxc
+ FuwF9duOa1SdAmfNNtoT0uyDyuaqGRc0bzuzMiYD8IMC6OgMknd0X8tBanI/H5nX
+ /iAV3wLGYYkXoLsEIkXXPcuY1GIx5DZzVIidQM3HmVW58U1a8tYamm0C2arhzszT
+ 8etebQPpqNPFnbPTKAEUP/CT35hYIKDjGgcQFUoVpgoJCXc9gG170xpiuGn467mN
+ qxvr2ffgfx2e+lHcbi0FBq8t9vPXEpewmBN7muepTVOBamJNEJan9BKL3TmWFAGt
+ ah7+xZlsqOR5rehYKr0ozi9vvNyJfB/QGokCHAQQAQIABgUCTkOOBwAKCRC8NyJS
+ yhz5ZAetD/wOGgFBuJkFEOkrCgeEbp+TwzLOvnsMKJEA/hmoQSjIWWQ6f1U8B0i/
+ bpzpQuslPkXXUynGNMIwPE7HN8A1ssk5TCJkC/3Al0f4+9Qe9RtlI/z6QpQfzpGr
+ RDUxDbDYgRrDx85k6sI6pXCTF0RGH0SN5kHDlC3XkXYb8zXcJwg9Bl/XDSy1Q7HW
+ A3SsIP18ZXqN75X+g5HeOIw2rjJogEDstaGKfbPF2C8ZpUyfAnreEx1Ozh4ngO/c
+ 3BUV2ISw1QFT77OO0TFyj8o1ir+WutqHw9FlkLcJknu7WTbtVRAH/uz94ryDiYLN
+ I8ZPyFgydLShIDio6CagE37zDKg3j0mA2jxM4ZjF2raXae0D+N2GYPOSL+AqvzrR
+ dHGvoPrVC8CIea4xLlZJg/JRqZJGN1RmcV2qbyg1Jllcpu5cqAap+TcUR7OXVZ22
+ GBaufNf3KQnstJyuT6i+IAYN6jaNiY5HW3GWUnu65YxN3c+gbQ1jOsGrhsffT263
+ dSPov0VYfREE5X5WGhFUNzP42oI/OBtkGD0dXOiGs1iCaurCrN2QfVz0KcI084Gn
+ Sx+nzu+el6Du5ggQCfXYmtTb93MksGNvqT7MszY4l1keLdl/fDUfAGVTauSpzwnb
+ /AhwBcRV+QVQ2XjYuUPkmGISmWx1EC9JrAE8tYaKN6Z8XuhPW2imP4kCHAQTAQIA
+ BgUCSKTmTAAKCRC79o8D6PN5QS7/D/4tIXQK2DHlSXEjLtwh0agdkmUeda6IDc+Y
+ Eye4TGVrt3zT/REBVQxQFDUi0rJVUyi37kLQWmH9/YK03NdhzDluhUlIF9frcNHT
+ C2mUxZp0wJ9/XuI81mnGJ68+qg0RzAWphJ+a5bkSwcK6kHF25l96qHbYyIZT8g9S
+ uRVRu8uqtwt4CGurATNt+2OwAt4992zoOHxYFi1oZsEIBy2ZO1B8tQM+4A9KLd2e
+ gTolgVdtfxNf9/aAFUYWXkL6Pky/uFI9Qt+BF/M7v6V1IFpCgxNt5EFSUmg6wne3
+ aU8TjzXjU4an+V3HjZC0JsLwnbWumn2ccLHtadR93Y7cV7e3eTeQyGl6iy2Gv9rB
+ TqiOqhdO+ES4KRjeReyfr5NL8HN+lLgrn0lHeNZBgCGCWKjKbFcWTBFfqIfTt3YD
+ 34NX20HoAKxaQf69vOzk94RtP+TKcqfZrVyKjwlvHI1Amv2DVUXUPJhzOLvAKRfl
+ 5jQCjv045ntdnL35gvJibnOLorTKiKXFo6jklv5qgYl9YB6jyoNiVcFu8JY623Lw
+ ITbnK+KdOub0s2YkJNhazLWOlD7BpuM0jCV1FRE/sbmPzCGsAbpgiysoOXDQxh4u
+ 8TncfJWxXRQWmZdUKvaYCk46MyaWk+LcKx0zW45G0Nwbpo7E7v+KNJJw7+xu6oG0
+ bc6RXp0ciIkCHAQTAQIABgUCTaEUlgAKCRDrMEJZDwkgnvnnD/4r/NNT4n4/q1MC
+ 7mlBprx41qakyfjAAKmtczDOmS7Ft+ABKaCkhNTHBkXgktOkHW9eW1NKdQQkIoXt
+ RdD4heB7iDObdeIkebe1GDvgDlEeSC/qAKEhaa4cOMfW9MDrhVyRfDLGectETYMZ
+ 8d5KibGHEGM5/Rlpw42otySSuJJ9qlsrIeN5kQmaeh5LGoj9ILgClU7b/msNZm2Z
+ XZV/B7HY/qdKyEHsXToKYjMx1oWB6hWSyQeGyD/jPpCQvBxh+OaTIkrDnLT++0x2
+ TVXrmc6mgxNivROEkXuNPcgx1PDTUHvQCWb+N86fKNZKsDEv8x9QCbeX6RNDJDDs
+ bqcDqRdTOsZvkmL7XgnbVvM2oiKmKmumd5DENw5thdanKSqE1RMZzVu0ZRqAF4R6
+ nBYJ7Y0S/L9e5QHD8ITzWS4hI3zSGlw/VRBAJ5Rj78/ZgrcQ6124WDmX96i9zJcY
+ hs+Q4ZhsH7xqgt1kzyeGVyzWrLLziHCeLpQe33CwulCb11oYM00tmq1PgfUyp9oe
+ lu/uI5KO2tCyg81lm/iDiKpXgpm1npXl0CsAmZz9QiBBI45aOO3tPCS+871j5+Ap
+ vhqKSv8QnZLmGH6UR0UU28bjlbYScDLgG//su+hEn5RjxkMDPWLbV8O6JW9+2v/6
+ XmcnrrmQ3qCSCVtB5h1DHwFvzLPS9okCHAQTAQgABgUCTaEGZgAKCRDnUZyNdH8A
+ 3I3GD/93YzpRQurlKUjZtR3pYKC1HjhQtj6h3z+jxPaTf6qdLeNiclLbAW3fvQqH
+ ZHAsUtoCq80b4PSFxEc9kE52BCTjLCvQ88Ts0MLnrQCn3hYGWe3SEbtzfCGRbu1P
+ +2HxvzMI0mWmwCgHPAAFXQ22H95+o0eKgpqzQnRuLb5uVKoUWRijfLPis/Ta9cGm
+ WIfxo+s80c8/b4C9ecIG6y4ssGOP5mv//A657UBJgo08ASWWqw6JuvykFDrlHvw6
+ 6yXzlCbdW90DQkpGQQZAYgBV76/dINhNPqQmbnw9t+iCP7TH415LzcXawM3ohCwk
+ WXynKAMJ0M9OZWPsY84XnpoNfr7p+arCAA5uJluvWVoHFZzsUWxhvoU34MvG+sRx
+ FRYLTihg6SOOOKi1h6isrJaLUKKgiYHma42WMEnuyq5CieXIOns7UjzEkFhXTuP0
+ ACsfYkxANw8Iy9eQxSYlLMapJRcp0tqWDh+teru+oTOvIc2SvkALcJUWFOo6y4j9
+ KsMASyasyh5Oj4+4qtbWuC+llYPb5zhI+3Kz06Y03jZjyoKQLnl8DtglY71zR9iZ
+ 9IaYofBIHhdEpzwuXt/Uv9j1uNAgq4SavozZZ1ajlQdhT5DfR6w/VTSH1ApGNmTc
+ eOzwJFLyJOHf1rufgAcCxTO9sUG8brWdQD4ZN8lLibLprNeKkokCVwQSAQIAQQUC
+ SKnN9joaaHR0cDovL3d3dy5nb256MC5jb20uYXIvZ3BnL2NlcnRpZmljYXRpb24t
+ cG9saWN5LTJfMC5odG1sAAoJEDHl/mPi/EglMAQQALk3RGCeQtMpzjlBI4HDEgvM
+ Czw8dFV5t5g1kqWDNkAuSoo5Q7LiL08PcuMTgSYDh3h9ygDKKFrQ6ynYB0sa3qVy
+ c3h1sEtPPW8CkQTzAZbmmXC3RdcFyo86iCvNQr2PErkzv4dgeidVHzjsNaJ+bkVS
+ E8cCVqEq4lM3x9wFOOfCz/VpSN+XWYpH7QoR9AKb7Rgr+yBF0AGiVdK6DxypYSfc
+ 7zXlW4nYqdmkonqPqHYaykIFENun3gBkibztgcc4bpA1AoF8b+Ugr4KgVpAoTejA
+ NrkFpZ/5RcGj6+Xsuz3u0VtQ0oJG6VXzRfym0m5YPlxRo1zaVuoFoKl4PIeF08+a
+ KvKe90TP6kfC1i+xCFUftcYvuAOOt6yOt9wHY+qu676HFtMCnizfUltyfaZKee5B
+ 9RjkZnAi5ERUHMx94D8hkOMTMaP6n5u28aL8OJkrWLnFbxc2lHeRgR5EIP96Cw4W
+ +gYQnNhhQf4S+4g/aJKUwqUf1P/fvIqNnOYr8AbiuatPtu6pGeT6qzYsiUGE2TF1
+ UoXhXFhMRp1VExZLKWp4ZW5S70hM7lKnp3LzM4XpYGUIjtIINQkChdZULGCrh/sU
+ pGq6kLP8gN9OMHU016onojRiTeEJ6/7v9WSzSeQG6ldj0xkb6rQI6Eh7E0MquYAw
+ Ad3pM80+j47GxNyJEVimtB9FcmljIEV2YW5zIDxlZXZhbnNAb3Blbm5tcy5vcmc+
+ iEYEEBECAAYFAkLYJDQACgkQXKRQ3lK3SH4sggCgq7dDk0jVF3HWE0L0SVtQoWNB
+ 6rcAoM/5d0eEXo2fIsHt2pvqwJfJ+40XiEYEEBECAAYFAkLYMVAACgkQ9ijrk0dD
+ IGxX+gCeJoMRQTQcE/vTdTWehCLgAldGeoYAnRr0zxgzCzYepYinpAOTEthTEC7E
+ iEYEEBECAAYFAkLYPM8ACgkQST77jl1k+HCZigCfbUO/WavrpmmOfHWP/gusBb+R
+ XoEAnjdp8MP3FHFJANtongvmNL9+Biz0iEYEEBECAAYFAkLYR18ACgkQkuYKi19t
+ gBUlJQCfUm0W2rNO4+X6l7I0xqxcaITR5qcAnis7Jc1g56g70f3+E1oXIoGsZlpV
+ iEYEEBECAAYFAkLYUmIACgkQQjEwSV7XGY42uACguZmCCrxfyIh6mdM5j1GE8/zU
+ itUAnjbBCo3KCsfuQNDATFZJAxAeulrUiEYEEBECAAYFAkLYyrwACgkQr8KZrz3p
+ p8oQ2QCff0EkB/GoLAbWdfZvOj/f3u2N6cYAn2OFXExTRtcG/1collZeGVTLP5/V
+ iEYEEBECAAYFAkLYz8sACgkQIV2PiA8wp9am7gCghf+AVJokYgrWyXjH7mxdpsK8
+ G6IAn1GVVYk4yfW/Kyjw0SRbI5vaMKGhiEYEEBECAAYFAkLY0ZkACgkQ65Xafuja
+ z1yV4ACaAtM6mrxauohyB5Qszos1giDfBgAAn0fkOo78uiyoB2AObKpMZjUBhnee
+ iEYEEBECAAYFAkLY1cYACgkQ+F6/RiWNh4EJYQCfamfbZU5mk/VdmcG2ddoEr5Mj
+ JKkAnAj+g1oKRQu7NxYQ3PGwt/4hUjc6iEYEEBECAAYFAkLY7kYACgkQVHA83hIo
+ 63XOQgCg0eIqjJqjO51DjIthixikMRwk9EAAoK/qjufFavj5/rLKBBJWVHQzYq1K
+ iEYEEBECAAYFAkLZDWQACgkQHTOcZYuNdmOeGwCeKQIdDvdqbi7SKAx9zirzXaA/
+ HTsAnRW87dpbhHTLbjMjJgybYD7osZCWiEYEEBECAAYFAkLZGPYACgkQHsI32VNF
+ hOilIgCcDBx8EIYPqsv0dVXcPluBDiojoFkAoImBiRycxirRT+7/f7Dao27v95sC
+ iEYEEBECAAYFAkLZOo0ACgkQyc0QC7DZBM8/SgCeKvOsMrAsNs4iPet8JwzR07Jh
+ lEEAoKILRHXcRzYrYAERbQGzn3li1DNWiEYEEBECAAYFAkLZXA0ACgkQDcs5RBTU
+ BgsXwwCfWf5jAWgfHuG+uKsBa+mqn+Ag0JQAnR9IyNB3F2LQexXQwNC/a8XodZrB
+ iEYEEBECAAYFAkLZXmUACgkQTkva4jftqT539ACghwjJULTSCGzBELlbbgl4/6Rh
+ Sb0AoLipWwp9S3nqYg0SmuWTl2fUzCduiEYEEBECAAYFAkLaE8YACgkQWgo5mup8
+ 9a1uTwCdH1dWLonhzifTsJXMyrL0DOsV92UAn0wL/IAQuezNsKB0Vef5Nv9IxCOY
+ iEYEEBECAAYFAkLaHEEACgkQRGhQc/k/gTsNqgCffWdZK1R/rPElpf496BVfdf6N
+ AA4AnRFiLiVhFoLix8X/OV5PL0tRmGpMiEYEEBECAAYFAkLaW98ACgkQfPP1rylJ
+ n2FZbACghCOyD0+gHnAA13aFonPsYE+Z2Y8An1XVl1NCJkalViuxgn2VU+DdvvvW
+ iEYEEBECAAYFAkLaXLUACgkQJgw1SIj4j4935gCggZkJi5LpWC23lFDfYyC/Kx0h
+ H+kAmwYhKg8st9y+sZrkyb+TybzpxVYgiEYEEBECAAYFAkLakgsACgkQ1OXtrMAU
+ PS2jLQCgiT7pkbEaeXN3/bnv2sJkgI8ZpQQAoJ5pxyPwgQnD1lwOKqNRiu/pKAy1
+ iEYEEBECAAYFAkLatEQACgkQwKTxHeBrP5dhQwCfYOjVqSW/nBJPY41mnoH4tUyQ
+ OuUAn0w9KKrAG2Vp7mYl8Ot9q6Z7kjFViEYEEBECAAYFAkLaxtAACgkQ6uPcNfDX
+ 1ErmgACfX/3UhnDt664zjGeht/pgZxEOtuYAoO0OxYVLaMGZqsqiPSDg6cP7GiYQ
+ iEYEEBECAAYFAkLbgzMACgkQJ3id4HNshW7FGACguXONr4Gwg/3LFraSQv79w8HL
+ n2IAoOW8WilX7j12wdHl3j8r4li2biPFiEYEEBECAAYFAkLbyykACgkQgm/Kwh6I
+ CoTitACgtTEHfQsZI6iJGG5EiGDgrK8MnvcAoI6PtAGkQntpxmHDiuIqZmqaTYvZ
+ iEYEEBECAAYFAkLb6FUACgkQKaC6+zmozOKwQQCfXzQ7sTP/u5pilXH5Tw4V5K2t
+ 4A8An0oB5mZZe5JH8HxCCoOVkg8If24OiEYEEBECAAYFAkLcFXYACgkQt1anjIgq
+ bEuIqgCg0UT0W/hgh4evPOqSOdBucspaK5QAoN66GbpmV7OZOSZ7s3A8erXZH3At
+ iEYEEBECAAYFAkLcK7AACgkQgpRPaOotLEHhdQCdGDlXdFPe3OTd+vUsj0kpDr+6
+ YGYAnimbY0TKZ9oYyx6YvIbD5VlKI7KjiEYEEBECAAYFAkLc7bUACgkQMEjHi3mE
+ pP1xcACgj09N55qTHhua5DrG8zoV8eZVyfMAni5xIBHOa4ZA+8/buoYBA1g+tiuK
+ iEYEEBECAAYFAkLc+ccACgkQdQgHtVUb5EcO2wCfZ2cZfuu6kKeutl1YwQQD1OZ0
+ rqwAn2LOZwWgDdAsR3MNSpWe0Dr/S5jviEYEEBECAAYFAkLdA2cACgkQIgvIgzMM
+ SnVfIQCeM5n6O3OpqirxcYVePvDdozvYBvwAoLIH2dS/f2VzIUgN9QEEk5zerZmQ
+ iEYEEBECAAYFAkLdD2MACgkQw3ao2vG823NdaACgj2z/xzqVOIaPnOH/n9T1gLFX
+ LmQAnRjGc7T+3w4FFgkpz/Ox3P/3NgZAiEYEEBECAAYFAkLdRh0ACgkQgcCJIoCN
+ D9BMAwCgkD+BC+mGK4898p70UHXpQs9RM34AoN8zU1Di0uQBJFg3SWfftPJzaOp0
+ iEYEEBECAAYFAkLdXToACgkQ9n4qXRzy1irshwCfYZldGddJrj4pf956eWteueTJ
+ 2O4An2OAx9imVNVuFw22RXiX2gy2O4BFiEYEEBECAAYFAkLdZy0ACgkQHSjkv+Av
+ 7xFDCQCcCsxrLSrrvIkeP6ShQPp+adC23AwAn3hbXYQwf6kAYvigLu/cDF/iyrpW
+ iEYEEBECAAYFAkLdaqcACgkQxOALs3NV+v+JAgCcCrpjgmGRJCd+QMSosrGP9hPz
+ emMAnA0ijavYrNPBqPrWk7BihObULXObiEYEEBECAAYFAkLd/ZQACgkQeYl9593A
+ tw3jxQCbBVyLFAr1ypY9KD9LobpQN2qUywoAoJXhFu0CwJRWyZmoAw0GIQgwhVsH
+ iEYEEBECAAYFAkLeMG4ACgkQipBneRiAKDzGVwCffmhS3GIsDcmFtqGyNdHrqCB7
+ wRUAoJW8OtVGslooEHgRNmkZ1W8xXv8jiEYEEBECAAYFAkLeQQwACgkQZKfAp/LP
+ Aaj6cQCdEFXkGgQAVDWUPVn5ht21PPWb1WsAnjMJJ0rV7NOJBnciepKAb3PXrwjk
+ iEYEEBECAAYFAkLevtIACgkQTxqZjtpq5iEJLACfRKQ647Wfayb2+BE0aGjJnaXK
+ xM0AniE8C9KaiIkuBAIek0iGuOlcRAbwiEYEEBECAAYFAkLfwE4ACgkQJXj4fhSc
+ 3bIrCQCfVxacLsPVLnuc7pQPD+5ICjjLr6YAoNf/3CZEktSSeI+ZI0lTRKDpzYhM
+ iEYEEBECAAYFAkLf3kcACgkQXu0A28222+w1PwCeIw11qPfEX0neyP8QNCbLEDiM
+ yu4Ani5C+MGVkX02qwWzdsg7q+JwlBF0iEYEEBECAAYFAkLf7H8ACgkQBYeybkXz
+ +/mqfwCfXX2dE2LdKyJ18sazvnDUrSYlGiYAnAhZ33w+ugxMp3W2Btbqsc+s8Ng2
+ iEYEEBECAAYFAkLgB48ACgkQ9/DnDzB9Vu1SVACeOSno9s8rfez6vd0I1OtytK7e
+ wKIAoI8k+KmIUkQrv6k7CL4sUopJYqCFiEYEEBECAAYFAkLgoNQACgkQFViURZno
+ HaDNwACgovjMlWh92C0LzX5L4uFDpUPIym0An1RHdTzrQyT4V7Zk/h8glKok/xn0
+ iEYEEBECAAYFAkLgzlsACgkQ76VUNpZBmeJONwCfS7E1gsybR713noL3cp5C7YsW
+ t60AniH0MfL/nM0Dks1Cedxm+MXWUgiFiEYEEBECAAYFAkLhHm4ACgkQmBxf18Zx
+ JX30UwCfQr7sImA56juE6tvrHrIKmpyfJEwAoLaTmkF6W2Y6rrkNLmUlhrZx0Yod
+ iEYEEBECAAYFAkLhMH0ACgkQn0KMlibPg3yPYwCgjhJkmx5C4cUOcuJcGrceDf67
+ 3NkAnjs8d9uuqwqL6F5N/2WaHQQUDEe/iEYEEBECAAYFAkLhZWEACgkQMzCiFWcg
+ m97QcgCgoWonNkqvyAxzghsAyriJDsgNPgEAoL2W6lt+Jpdl16fW8gaG5tY5obWy
+ iEYEEBECAAYFAkLhaQwACgkQS+BYJZB4jhE1SgCeJhdX6f9+5YeIgp5mvLMW7OiM
+ AvkAn161JOCU9ueJJpXqovLoTMmnB1OyiEYEEBECAAYFAkLigqoACgkQ9D5yZjzI
+ jAm/zACcC9tj3O7nOgGzunA4cERq2j3M7GQAoKQ5HgElJNjR7o0zeA/EQsj90hwG
+ iEYEEBECAAYFAkLjeVgACgkQPLiSUC+jvC0UfwCeK5HeYauifehHFCNx02dmZVCM
+ Gk4AnjVjD/15fASf4lT7ldCSO96TSZ3niEYEEBECAAYFAkLj/hkACgkQRgYfIWb4
+ VLKCggCfSbius0FWYfaz7B25NitDUpHxWBoAoJBL6UpoBZP6nJTMkhJJBXt/j5hn
+ iEYEEBECAAYFAkLmLkYACgkQy/v7V++qMzHYWACgrGlLIZbJ6Knk+bh/w44yqQey
+ cIoAoKR94IuxhCXut4g5Shjlf1p66+pziEYEEBECAAYFAkLmdxsACgkQe8iDoClC
+ YPZmmQCfQfBiiYa2YrXoFKCkHEJjDZZ3QUsAni6xL3DHlZI5WkHsb7gcpVbUpEFV
+ iEYEEBECAAYFAkLmjJYACgkQQOr9C+GfGI54pwCfa5Xp4traKfj9HpuGXK7H/y+P
+ 9gEAn05pS+TMnI8b9keBsw5hF4hF+vCjiEYEEBECAAYFAkLmuTUACgkQnNXIs2fY
+ 6GfLBgCbBRP3sDhzynfb1tiqt8XhcCJMc/YAnRipCnx6lPmvGLwvUfkk8y84cn+v
+ iEYEEBECAAYFAkLn3ngACgkQcaH/YBv43g+scwCfVhvYAui47YJHwRv7wb42PrUR
+ 8SoAn24egCD8nD7yJ46/796kyGmbOX8fiEYEEBECAAYFAkLolaIACgkQMrUzSZHh
+ U8Wp+QCfeIAILtnxed6/zvmp7y7B35YMo8QAoJkLg9b9RTzBzbktZZwmCt36Nnje
+ iEYEEBECAAYFAkLqnRkACgkQl2uISwgTVp8rKwCdHr0afETvoCivWzRgYuxvgvUV
+ VMkAn010n+uOMq0hv/3X/uhiW+RyKo+YiEYEEBECAAYFAkLqqBMACgkQQdwckHJE
+ lwvZZACgk8Qv2+zsE7wheCR34wCUCdeixgkAoInJ+Rvu5NosySv8rpHao3A0W0KQ
+ iEYEEBECAAYFAkLtA30ACgkQNFDtUT/MKpBPaACeKN4DUl8XmTelIAiUHHOZdzGx
+ Ln4AnjjucYHtiwCu7Eoj3O3Z7I9GIFEtiEYEEBECAAYFAkLtEt8ACgkQNIW6CNDs
+ ByO3eQCguUHjyXBsZnHL5IyAzX7Hk8gIP0QAnRy3K1+JIq4tFqkBBJRRTJsqt4S8
+ iEYEEBECAAYFAkLuTTwACgkQjO6yWbPCgfSyfwCgg9OTdFUe5vE08rj3o6ybePEr
+ 46sAnA9QNuz5bHX6rlBT8EwgDi8lHPD5iEYEEBECAAYFAkLuv/oACgkQiSG13M0V
+ qIMM7wCeJW8HLClenVrMeZ5f25CZ4CtJUh4AnjfAC+czYe4jObk/mhMb+b/9b6lV
+ iEYEEBECAAYFAkLuwAIACgkQBxd04ADYzRYKagCcC1OnmNqHDx2dUc4zXtrfacnb
+ 7ZIAoLT1QpvVIiqCYHrr7vMIEQR+HlmpiEYEEBECAAYFAkLvPacACgkQYgOKS92b
+ mRAUvwCgqmX+GRPAJxFZOqnoXtu/dPCh/usAniXTD5mY3i2LYINtZg6sG0qO7QP3
+ iEYEEBECAAYFAkLvxRYACgkQ+FmQsCSK63OXtgCdHVjeTQEiRq5a7oAC3eEBvbV8
+ kuAAn2++bBwmVxF4Wrms4kbcG2aPIeFJiEYEEBECAAYFAkL2h18ACgkQic1LIWB1
+ WebErgCeNDwxuYNmZCyFDwYqhClq0FJod+sAnjlv+CDxkz6vjynQvDr8+MSqVtec
+ iEYEEBECAAYFAkL2jgEACgkQ1U6uS8mYcLGoSACfSHQdW5s0ii8mL65Ql2Yvpso2
+ 28QAnAx/WsKo/ROIsIofEPttWa1uK7G6iEYEEBECAAYFAkL3Sr8ACgkQC6DuA+rx
+ m2DotgCfczAFsbJBXnB7xhyTxBRjcF+dVK4AnA9+Wig5ri6vfIDc9JXl1+7JtvGZ
+ iEYEEBECAAYFAkL+VOMACgkQmmllwfxPvyhu+QCgmXDb0vDGwN15uHHrTaQm4u9Y
+ ttkAn1Js5k1odVYX4XwKG0sYturGeZvuiEYEEBECAAYFAkMFjm8ACgkQYDBbMcCf
+ 01qQKgCfSKLOs1HiTLhUgIRvMPngygIl6iEAoJkPqoRUkAMg+x1uTh9Ismp1qVUl
+ iEYEEBECAAYFAkMKW8MACgkQU4KyS+axtyObpwCggaCmySHDJ8Wy5wuuY4OhiEu+
+ c+MAn02qHebhmhrHGBzJlMAg+GZljg4liEYEEBECAAYFAkMO8qUACgkQ9LSwzHl+
+ v6svWACfZ+oA1o4ug6TYLmNqchFEJxlvwUoAn1rwISEjxob4NJCAHeWNk/TfFIrj
+ iEYEEBECAAYFAkMQrFwACgkQhImxTYgHUpv03ACeJVLxNlRpZsuU20mWZ4vJydKe
+ 7HAAn1LKYImqMMiB0GYa5UUc/N5aZULSiEYEEBECAAYFAkMR/ToACgkQ0U6FJtxH
+ yhbq9gCfdBmwKdV9ZBdUU8ggYJVyy0okC4YAn0DKAZkkyAtugsOa7YrNWw97YgGA
+ iEYEEBECAAYFAkMbKzUACgkQadKmHeJj/NTlHACePyZoyeBpOVAqiRsj/8QqXvuH
+ LmgAnA4YlDjQCjUA/ooWTeVAIAlpphgPiEYEEBECAAYFAkMbXdMACgkQ79ZNCRIG
+ YgdFUgCfSxNqmPC6uce0QK+WYfklVJz4AnQAn0K3UoF7o5/yt5FgxzcAFDfOJmz5
+ iEYEEBECAAYFAkMfYnIACgkQUHLQNqxYNSDYnQCgyQhQ6QsEz3gqnEHAN2nk7yJX
+ 75MAoKPgGTM+dakM9WgRAanK4WZVJbMRiEYEEBECAAYFAkMjAvAACgkQdC8qQo5j
+ Wl79jwCfaeU4D+cx4+0tohDkj9MSPX/QbBEAn3x1SQb0MCkEdJlM1B1HybcavZIn
+ iEYEEBECAAYFAkOTid8ACgkQ4gqaiP39aB+HjwCfeVS7WnnUxX73a0bga6WV1fNs
+ PgkAn3e7LE9ZbPzAyrEF/LA7RjFov6OYiEYEEBECAAYFAkQldmIACgkQcV7WoH57
+ iskdowCfa/p01PX6YqPXCutbqHM3uG4Bw0IAn3FQbzw1r2/4R8wHLAoJeQJM99Fd
+ iEYEEBECAAYFAkRbpRIACgkQhuANDBmkLRlRiQCeIoQLoTvF4L20HizgGDM0i1lL
+ 8oEAn2c7tkdgSoNcELzOXmAvoKSSEs35iEYEEBECAAYFAkRkj5IACgkQn88szT8+
+ ZCaicACfaE3FZE0QTBo+cM5W2RgNEtQWIkIAnjlC4Ns306F/HOFQGNZqvJSFGRre
+ iEYEEBECAAYFAkRujfcACgkQ11ldN0tyliXvYACgmXENtILjkPnbBcxEf71UCvhY
+ HpQAn2LydUM71LvQctq6iOw0P8XtM1AwiEYEEBECAAYFAkRujpoACgkQZN5jenMU
+ a9SV7gCfZYFxgXu28LF9FxWBmpjb3hzeSBIAnijYUdAns2h1g1W6RNBpEhmWu/Rp
+ iEYEEBECAAYFAkRuk/QACgkQABzeamt51AFUSACfVoaWLMtgcP1TLi1hj0RWIaDG
+ 3NsAoJ5ryedNrn4JxiizK33xIBdIUP9JiEYEEBECAAYFAkRulOkACgkQOU3FkQ7X
+ BOrJCACggIT4jC8WOMUWLymZvEDEsDQOEHQAn19Oh51oz+YAWOj6pxtw1xXNWXg6
+ iEYEEBECAAYFAkRuqNwACgkQVAp7Xm10JmlwDACdErOrath8sdbJtMSo2bAh4Guq
+ fn8An2+DMyARmmOS9i9zsSkyHJIlweHuiEYEEBECAAYFAkRurAwACgkQUWAsjQBc
+ O4LingCfZGMIpimaaY4aw+VqPaj9pA2ekd0An3AoGEuOtzxDg+1gC6hKYjafQdgy
+ iEYEEBECAAYFAkRurEUACgkQxRSvjkukAcOqiACeOtG11V8TLjn1Cnp/NyYf0GSr
+ puMAnidW/Jd49eCK6QOsuQszhQNNrIpEiEYEEBECAAYFAkRuvrgACgkQQUuEI2/s
+ zeCaHACfU0Enh0ZPvKey0DIIBZJCKwdQXM4Amwb9uUW7ARURUTlnOJn9xIpoayq0
+ iEYEEBECAAYFAkRuyOwACgkQoby7LzBs3/O4gwCePE9ePxhpHyNNJGOnTi5uM4Ci
+ c7YAoKncMwQXJyoIq0wN0XYWRrCQn8SKiEYEEBECAAYFAkRvXOkACgkQSYIMHOpZ
+ A44b/wCfVc6d7Zlmy+xvmxMEV6T6CjJ/GJkAnRHRRGTTgTrVopAy9xovjQOYcCxq
+ iEYEEBECAAYFAkRveskACgkQXTznf9VPCEfIyQCfcVZKmrSs4LLzLBiLc2UV7Qmp
+ bTYAn2uamDELaWKTvY9xckvocBpINynEiEYEEBECAAYFAkRv/HcACgkQHuKcDICy
+ 0QqzBwCgkC9DFomQ0jl/LGKrCyWk3KSJFDgAoJM4psoxV3XzxdjFt/PsWmFLvlSP
+ iEYEEBECAAYFAkRwCDwACgkQvPbGD26BadJAJgCfZRwZE0D+caSm+hDFycBwhdaa
+ KtkAnRVAyrHO0Rh+BFSdESscDzKdccl2iEYEEBECAAYFAkRwHRsACgkQaWQ2v1dd
+ CnYgQwCeKJS4sj8L++bxA5TfuJ94r+of8qcAoJhVkzDNd7Gx95zwQ/FahQBVBJXs
+ iEYEEBECAAYFAkRxAFEACgkQCjAO0JDlykZF+ACgzhAMg6YJr1Nt3wY7UHed51+8
+ kLEAn19V6gGiEZMUAlrvYyYzhWTs9/tLiEYEEBECAAYFAkR93+MACgkQ2A7zWou1
+ J68P7ACfZGTnmfTmUwDcWxCs+5mNDgOMfZcAn3h7dfBKY9koILlo8LJ9gXEBvjoG
+ iEYEEBECAAYFAkSKaW4ACgkQiKF4f8PxWco4/QCfa+GHB4EqTcMNRcBQFQ6TDFy/
+ pmIAniQVjo/eT9GudLLRXie/rgGRlC16iEYEEBECAAYFAkTIQeQACgkQDMcLGCBs
+ Wv2iugCcCAy7lL6lq/lbNT9Se9OBmbFbHxQAnRTz4rEUReJTkM1pm+1t5HEuGrTb
+ iEYEEBECAAYFAkVpk2gACgkQ3+27IiW81b+ffQCfRxfrl4u9VsFOF4v8AgI9ey97
+ bRUAnj7Z35REVh3UubzEma3PdVA4FAGKiEYEEBECAAYFAkWRhrgACgkQXm3vHE4u
+ ylp4lwCeJNLzNDc/5DwWRFd3gr7gcoloG3gAoJApH7GUDFIfBYWh8i4NDyWTGYvx
+ iEYEEBECAAYFAkYQcFIACgkQ6kxmHytGonxt7QCfXDpLzqpGNPpWlUoFBdFgSChE
+ Li4AoIZaAwi+kpGLs0a7/KVcrE2jbTs4iEYEEBECAAYFAkZwNtIACgkQQp8BWwls
+ TdPaJwCdEEqverBkGzghwx9HjTXaXi5D430AoLlwfwUZKMqAkXDEFa7/356OK/Sf
+ iEYEEBECAAYFAkadG9oACgkQOg2KoGD0EhatTACfQ7X/8f06NrM7iTwuzG093m+2
+ xlEAnApLLeEvByEtiEV2sJPoLN+RtxdbiEYEEBECAAYFAkam6sMACgkQMU96lewV
+ KUK+SwCfcTLuGHMSkv5aT0wuOaJMMoqrHisAni9E9a1IYQU+gy8aA9Q/ughQb1F7
+ iEYEEBECAAYFAkam6s4ACgkQELuA/Ba9d8ZwygCcCh0zDfDGeCdnxbsguvjSV7AK
+ oJ8An361O2uwdZl5w1Ria0oAJZbGfvfniEYEEBECAAYFAke752UACgkQVty5d8Xp
+ UzMonACdGhEMLIbII8mbd1qr5gxv/IqE/1MAn2iG1u4evpgSqE1uu6ycg6UHZrk/
+ iEYEEBECAAYFAkik/PMACgkQgEAZ+qIJwwX8ewCgmxMNJZ0V6ay3NtoGwYnh+m5q
+ saQAmwVdpdmD2rK/AR+VLbOKIEOZSI/qiEYEEBECAAYFAkip/wAACgkQDOM8kQ+c
+ so+YnwCfWkEO0JcuqIvkt28Hyk05mqZhZYsAn1IB/shtrPA3wTotEHBhu/v+8cVa
+ iEYEEBECAAYFAkiszQ4ACgkQOzKYnQDzz+QVKgCffsFJ4i8QTH18vF8k+/1jVR+h
+ FGMAoKTCJobtfzIKHwjOOGHxPHvstxYWiEYEEBECAAYFAkite5AACgkQtzWmSeC6
+ BMEB0QCdHDl3/mn0CJRex6tYqst993Dc85gAn2uYOeRdGNHXetKVA8OGrkDwCtYK
+ iEYEEBECAAYFAkiuyH4ACgkQNTNQylgICMSbyACfc/sVEDWyc3x6SjC3xwaPSvpE
+ AbYAoMXx/vRnGM8dzHSqHCcUIZnBGEOqiEYEEBECAAYFAkiwMb4ACgkQn3j4POjE
+ NGGBKACeLA7O1e7LL3BEQ9suMnudmLCtcG4An1583w4NkvX9hkV8elxKCNmR9QeM
+ iEYEEBECAAYFAkjwPh4ACgkQw6QrA24n0LpiYQCfWUucVmzC4deNa6F/YrwNXgDc
+ uo8An28251FljbM6wbePAkW8O/Ox2ZN+iEYEEBECAAYFAkj0AWYACgkQtmW0UXhj
+ 6xNMeACg0DYMiThxlGFFCkWTqTwnRxFriMcAn1qNfYWW5MIomFZRZpzYHn/Ho/AH
+ iEYEEBECAAYFAkm6AbIACgkQ+zKcMOF5e9LmhQCgpO7X8+9tEfECuqGXOmp99oVS
+ NHYAoITZ+89G4TKra9vYgX2HHnoREvrpiEYEEhECAAYFAkLYOugACgkQ1TjsCVOA
+ V0aDJACcCyRUOy1hEtk/h/K2NfMpwekb2loAoJ4gyO+2LZkLd34UklGEPbBogUfX
+ iEYEEhECAAYFAkLdd2AACgkQ3nqvbpTAnH9D4ACeKctgSPeL9b0EbPgpoL+SXhAr
+ cEQAn3tYgO068gA/Eq9HVQanAEZywEQgiEYEEhECAAYFAkLgCI0ACgkQwYdzVZ/o
+ 1QT3yACdGZEfposTfamLWnezvVzukvuNbwQAmQEts07JfPG+PzmvbiPd4LbPu9+7
+ iEYEEhECAAYFAkLgb6IACgkQN7iPzXSoOQpM/gCfT/6t86FtPGwiC2dCrRnqzCcs
+ Vq4An3S7ukI/hg64L5qAUZby57rGhXFwiEYEEhECAAYFAkMDce8ACgkQzWA7Wi7P
+ mEtjywCgtR/afZzmJeMhs996IL7Ey1eF5iUAn3HITbP2fW2P+aE/z7WMT0Ce5FEI
+ iEYEEhECAAYFAkMZ/7UACgkQJ2Vo11xhU62DOgCfWnE3/2T/QEmWp9nZQ7jZOI/D
+ o9EAoIL0XZXy+yMsEm4zDXVCZJ2apdj6iEYEEhECAAYFAkPH5M0ACgkQ8b1L5FtD
+ A2dr/ACgg+Xast0Wj3zEcwPtWGsfsi2ggF8AoJXBaAnguydE5bJIbs1bncvBFumR
+ iEYEEhECAAYFAkRwKzYACgkQGKDMjVcGpLRAdwCgpJ3yEZMy/Y3QwSp1Th8xvtd5
+ o2cAoIYsOM9xSAu0MYP0FQetd067+6MtiEYEExECAAYFAkLYWJ0ACgkQBDI26xBz
+ GXdUiwCdFat7y7b+tLom4NP0RfNANZ9SMzAAn1cirpITRxtRVyRBxub6Sw6a5o+7
+ iEYEExECAAYFAkLYwusACgkQfDt5cIjHwfdljgCfdMqXfNqYsVrxp3FiPmAHFuVQ
+ Gh8AnRmvZ/NxLoazrPupnKGJPNTKW7fviEYEExECAAYFAkLY+/wACgkQGHUSCqMO
+ wiujhQCeKqE0SVbIex+cRugbBVCtZt6Yi0oAnRP6Tlq/lwITsIkhVQNvtZfJbXZX
+ iEYEExECAAYFAkLbsisACgkQDecnbV4Fd/LSfQCgyysWlOALfeFNoCQhTh6I3C36
+ tD0AoOYemIQIFhQgZPlu8M5fFggLDu8PiEYEExECAAYFAkLyGSwACgkQ5UTeB5t8
+ Mo2gxQCgxtaifkFc2gyYtRulMNCbioxm5ywAn2MxBkQD3ejjLSqUwK15wF3k/RUt
+ iEYEExECAAYFAkMQyusACgkQ7iXePxzbD+N6iQCeKgvXPGk4j+PdAc2QZo+4oUbD
+ PlsAniaccjDQF9EC6VkI+MzTqrLmzqphiEYEExECAAYFAkikysAACgkQioOL5NhI
+ Dy7qOACgkxA4W3A30vJxJEpjRunF2ih2zHoAn3xlvZ9NAKNm6ZUsQT1OEauJjD4C
+ iEYEExECAAYFAkilzzAACgkQfDt5cIjHwfc9FgCgkEMgpZGlby2127VDfekRfBAj
+ h+QAnAq+N66+AlKDYHk6CwFVTyGNygfziF4EExECAB4FAkAJztACGwMGCwkIBwMC
+ AxUCAwMWAgECHgECF4AACgkQ+DWPovKDPJN63ACfZhWR5ygKDbHTZwOTq72wIxO7
+ Z5EAnjcvV/1Jaklrah1w+4i+tb2eT6K4iGEEExECACECGwMCHgECF4AFAkoJ6hgF
+ CwkIBwMFFQoJCAsFFgIDAQAACgkQ+DWPovKDPJNmYQCeO70J58eZCA3SFaSpj7r2
+ IwL7PnYAoMi8o7yOGcX8G47KbIViynw9BenriQCVAwUQQCJ3VQTik7Gjt1YpAQE5
+ uwP9F1eFuFDPWfr9Sv8732DfsrInYeak8o8jbyCnlsS33Nz2+bj6zHIvhm7ejKQA
+ +rH8PIUji7/Xo/ITJS7lf5AHs2uftWMNiWClrzoi+BFmtMKZld9QI6lhHZWFi+6r
+ OM0vFo2Bfo7Mt1WUZxx7Q6fX9HXsww20kURE9JRbkKAeSnaInAQQAQIABgUCQu89
+ sAAKCRDFKBrlBGTn5eXGA/9H1cTr6y9vFF7J2WOH699+1hkVz4/Cql+tttm9ldTo
+ UhjkGX9Ad4on7Qu8Ip1qcBMOhlUUdOD8wR14xw6rbmHWyEl+jPjVnlU9Ig3dpRev
+ edxkCiXSeKCaC1+Mg5DZ/v2pTlMfgJkoyinlenTVrKy3I6o0ckGC/QP4BwbUWTsm
+ gYicBBABAgAGBQJC/+8tAAoJEGRmcAD8Bdpp7D8EAK1U67aC9c4616CHjEzjD9FQ
+ 9qJDUTEZYjENyCM7qBargJ+veuzLvObRSsg7LJN+CpcAIwUG9oo+099uk11Xyoc2
+ GF6J7mBNITL0DDK8saxSG4OTZlMW6p0JHS+2g+/BCLFHfMpTcRjOIZOmCWHtQQQO
+ R0wQLqx7QqSL/ncCHr5eiJwEEgECAAYFAkPH5M0ACgkQuYWYIk3E5/3VnwP/dilH
+ O7JRv4jiIzT/M+NV+dGT5F0C32px57M2P1r2+5OcVshNH29oS/7cpwZknV6BX/TV
+ KslHHBWdxqewAAC6a9uDl/dlnCWa2MgF1DoNYCdDvhI72nh2BYF1vsOpg87jytui
+ im/WXf9Dos/A7mDv08XgZHdaWWsZurAcY39l7MqInAQSAQIABgUCQ8fkzgAKCRA3
+ OgB19KizDAwRA/wP3l7ih9OvakoQ14Eg+f+YgiwtMFXbXHT771CdY3hh5uoyJVzD
+ 8Cj3OkqtzJvrDCbSniXcYZNcoIlN4Haz5kQS0+FaSOIY1dKTrNDz91om7goZtpPn
+ 2NCSfJ/EGAhNVANg5Fd9Sa4UsOr4RHMuI8B85BjswAhlHvKJ26e4bNyUmYjzBBAR
+ AgCzBQJDGq9mhRSAAAAAABAAbHNpZ25vdGVzQGdyZXAuYmVodHRwOi8vd3d3Lmdy
+ ZXAuYmUvZ3BnLzQyNjcxMDEzRjk0QTBBQkVCNENFOUI2RDNERkMyQzYyQUY3OUQy
+ OUUvQ0VDODZCQjRBMEJBOUQwRjkwMzk3Q0FFRjgzNThGQTJGMjgzM0M5My5hc2Mm
+ Gmh0dHA6Ly93d3cuZ3JlcC5iZS9ncGcvY2VydC1wb2xpY3ktdjIACgkQPfwsYq95
+ 0p4qVgCbBZ57QKOZiHM3elxCBdTld1DwC/sAn3CYRkFC+FOZa6bt/EN9E+CGUcVu
+ iQIcBBABAgAGBQJC2QwMAAoJEKOILr94RG8m2boQALmUBiDoEyLmGdLedzULQUp1
+ CaskLnSQ0ccPN3M7zywhbpeuY90ZI2AtInOkFMYya3II12YUk2VgwZDW/MpU6kKS
+ oRdZt9verBOBGnXBk3lxIg/RceruxT38ihRjK5xxHeDegOI0RmbTxk0TeEsnZ3GF
+ b5pZIrtDL7FXJSp5x19J4cet9jhJuC7cSnhs76egQmHocv+BghRGOAZHHaGof2ln
+ yPbIDzTusaPm8/NA+0DbQWzpNRTblEYXTncMmIiMRUqvJ2pSi+Pd+Gxv9zYi88VG
+ dDYoVYWKYGohSOsjO6nu/4B00G28DFZRA4on03cEMRl44N3HZ8Ni21TeO86e2t1y
+ P/qwraSDkfzhch+YinnDEH1KyGDzgp45Mq4OG4RlDx/OXdnD5XIdsDkgMN9RX+Bz
+ dVcayumYwoPglKMqSpSl6fpfnGxfFYhBCpYbtx79GpGVIXKEZIxhx5MBVJbJXuk/
+ mEEaiyPSTrVhk8//Okr2tRSaONjMpSwVwSltLHQN2W4TziMOxoyYRQhqx2ZOMY5p
+ oGyX1/KPPZXpCp30i3g8eYPjIy4+RXTiMt0e5t7LleYEay7vIKo3PdVZefepF/Wf
+ ZU03S+eaguWHBJ83Tbu6i+QUe97s5mAUFKWlIS0NOvdUtMNK2lHjpS01iAygoDiY
+ 3BnpG+1lK64jfv6mPRkjiQIcBBABAgAGBQJC3CPbAAoJEBD19pSHPyXxtoEP/2jx
+ DF/+Z6utT5x2svAm46B8z+PU3m9uslPURxgq9YYn0uUMmih7Aq4xZmOJRmSWA78x
+ 15l8WttZU77kWWh366gnWwGgKJUw1ej2ov3KTt+rqTzFA0S0GD6ymVPF8tDP1MfV
+ d49eAKvqGPZlKFasLSSgOB0tCfquYjqRRItkLWaNmP0Ui0dSaoTNCvLJqFgdH6CC
+ rpRb8liZens/jVZ5pfW2kQ1rv+wgXyOazNr+chUfXBg1kBJsP2piEp+f22S9fXqa
+ N85RchdU/TWUXbexwy7lTTpm9frHiSYQVQE40wrKIgsNUMCmAW47M5vOW5Syja+K
+ 8xQu9YJnGUojBFddoiR904jwebflstfzzae27E431hpULMeGZuJOsaxdgNBsjRFn
+ lElnaH36b6XLqDdJyZCzjt649GMpOFW/enU2RL2PtIO+8uF0rwPDYAKMwBFIfUPj
+ X9kGwp2j1t5OTPCWHVFzhaHzZN87rylCTNFCyWPSKFJEHtv0vGY443IUnoXwntnA
+ QDveSpvFFmNLuGOxhFJqnU4YfJheMhpE9E/RVyU2SkNcoBbreZXfxeRIVq+VzZZi
+ aDJwEv2IyCQyZSrOhD3i9vkAPdu9S5YWc2gnajXBAcNx59Vft0dPOaf+iBABcaxi
+ 1FuHHWNk+WWYZF6upqQuspSWUnwVPzspnqepCM5FiQIcBBABAgAGBQJNoRE3AAoJ
+ EEY4Dpr+d2SYN1kP/3FLvpCHYXIxxI4uZDSwtYhlPzTLS8XKPY9si16dk7Jex0us
+ rmK33P9WvMDqcfrZaNr2Mjs0WwQl0T7df0DuJ0Biy7c/rqZsp4JMI84oQ4RE9k9+
+ UwoU8XEOaHjXzEDFBNW/kTEM5l89eFGoxJIrLHxQgp/ubp/if3Vos069Atzk9Y7b
+ 7Ep8Jp1TabporSxquh/DF6tt3IqfeWb5zFPe8BmyE1L8ibg3ihn8nRatPfcdJgn3
+ Qqm4l2up7PC7pPUujXcM+ckP02fNIxdBB8PNMGgbtdO6DlAUljsHjyBuhF9ycQ4C
+ TKZqKt7ykorWdnQKTCqjLhreQxyw5vogqAVRsanDuH7iSs1w585GTzf6SxG6Ihyz
+ yqDw75/FxgxFe9yfY9w4/trfAMDtX6sJCujLVEXlXQqCxBg2+WemGgXIP1V6wmtr
+ 0q7uIpem99JD1KD2L8xEP+0+hz8QDmIH0GhhuJfelcGMPgYynsaEdrgW5idjC1py
+ hTXjERHAHAvyrhDvGwg849SXCZe5YN22XMLvEzkj8mWTahMcryITm8422W0CZnhq
+ apcxiR8YU4kH2Hn4r06W64lPAIVQOCPvL/A0cdVrDbXFmMyhJe4IztITOrHxRPzK
+ Tqw+G6rxDl2gF84HwUvDgmXly5vsBOOefRUamQIIJcJCufpO0N6sH4cPRc3QiQIc
+ BBABAgAGBQJOQ44HAAoJELw3IlLKHPlkiK0QAIJTVxf8N3mN1vSWN6kJ9kUNEMoX
+ kVMNYcFJQwBuRoQYVRC3DymenUZYMDH4L5QKugMizqladTgnq0ruxSiBZqQEL3gK
+ xiK9K7aCcxXGMH4sIss9EUYbdRmRwpscbJIsDtptJnsr4Jcr4RfGBp8jTCp95oem
+ GBc4unIIFl0KUPSWBZQZ3hqAClXwqkaObZ1RCEL+RxBnvUol2kvxwHJ+ynTqQqFI
+ UeHykDuhKFsYUASELRdNEoPfuHzKujaSRoTg0B/yqi4IeTop6SKI+8vn60NtZQR7
+ pqvmj8UfsQAH3C4otc3W5HKU646v4Uts50TzVxe+NVU7D+V/xj4GZ+ul2Cz9gu/J
+ InC5+b7RcdmQlBfO4sRKkT8YCC+/2vT9PJzmWM5zxIZBVjYP1drCe/iSzO0dT76P
+ mxIYsqCFvdJC5ZezQ+XW7nzMzMoe+7ZwICQj1/GOA2VuILmPn+uTb7bDGxe6tDmJ
+ tbkWf1puiwGd2RwbdUFGKqcCFSXaXuD8pxMud4oXWiOV6APdgWjF6p1ML1NbYZme
+ g87d1NLdBlm+RC6OtRhPq5eFMwOipQizcbvXJ+jMwd7gogYndKmtkiH4OHHMaqIy
+ 047NjNXvKqBsK6j/ekBQYIsrl6gJxO5HmWu85OQz9VsRDhLLTwbpVSVxuuzc0iQC
+ +AHcg8Zvd7FA6GUXiQIcBBMBAgAGBQJIpOZMAAoJELv2jwPo83lBucsQAKdgyYFL
+ Bqe7gebD1db1Krg7Do0lAlIOnPI2Ay6G2JvHL+fg0EUWzYj8h/X9XDNiCpmqMsq7
+ +/AltYJCOQlC0vu3XTNE8xjpAB5bba6N77QJiovBULtPNmbJP5DPwyCS+86GHkHL
+ XAyUjAwz118b1CHfYzke7dH/6xNSv/KMPNqyNjt2MqPecq8Ux71imQjQcjih/jRh
+ DsXWsIeF2vdSxxg8GQH8eGPmRpJJCYD0bgyvDXDzPbeNdPQGUx5rYXtiplfOe2CB
+ oQa+nHYyDKhb5v/4gG5vN7VnNugBF7jkjV70S6KLPHx3EwHAmT+U7eV4Op7KkMPd
+ YzJnpOpEjtD813OiireHANEgQhscG1z4Zi/ze7TY+Z/fadhWkUb2Nby7i/EOS4ae
+ 6SYCYn7VJrWHBMw+rAoaeMDJaskt4tA1ovffub71SloXS/eAedGOPrmJJ6/WJASa
+ gT6ZQcfWggsRUdvbJGhsg8gEfazDbTAbZoFjjPHnTSbXvaFKTHQkAAXh7qselGqU
+ khhh0K9LCCDuy7v0+b+bn1mnMoe7E3KNVEh0CVJaCpFbJ7hSzCJL7rZMbPlGdBgO
+ KApbAOKgA+q1pPNv0p+DPt9d1LAdeiYm+WzU4otYw50dNdNzTudVsjUQpDFFuO4i
+ 2o/RGBnsGN/dPuK+brsshY6K0u5nWqCFSwUOiQIcBBMBAgAGBQJNoRSWAAoJEOsw
+ QlkPCSCeRSAP/jF5E+49G2o6wWcVyK55+106iywY8twbTWVAv4VBMtf+l+/2PnIC
+ iP8lxnqp9WdEf8wvBcHZFXot9M3dNQPKXC2vx6pkJjjxwRh72m36NRSTCMfo4lTa
+ zgUn/WpNuhpE+C/4Z05XadsN0sC5yaxxf2aAIQlM2yOst5nXDylo9Cjb+1E40rca
+ 6HAlWvFPwgvl9NPJB38SonvdmaJmXTvdppXBeNCdkGN0DEdL4c+wuBLiBvkAf29K
+ DEcJDL6oypi44Q8fu2pYgcYRVKgt0w+TV3scKpHePOKzUeYyOdmnv00d/JMuw6Y2
+ t5TScrfAbQ3up+HJLBiIcn74tnE6nBaz3wbKX2fd/WzTxg+kNuT20FfV5Z57Cwou
+ p9xCd5icU/SkS7d9ISnAojOuiGMazUVuzHT0GsJxt2/JrdXyo5Cp9NSAzB4fQfSl
+ 5rL2XnsRUTVcq9lNKkUmDmocDTlwK2O4cm0hacBdAJjb8W2mE8S157sNYk3pUbq5
+ mmo4cY4SuySQ0oAW5E3AUaDvqni7L9xGMZR/d0PXcbCKIgw/pNjCI0Pbwh0p0VSV
+ f6J1qWeA8IOg6X32QcB5gWeDtHBo5XE3Fmn6S/56sGVELuwEjdUimfolhqc9fjsR
+ N4sOlFyBHqkDcI2ORMZrBLipgoxt+IoYE25RyGSHS6RZFEWEN2wabypfiQIcBBMB
+ CAAGBQJNoQZmAAoJEOdRnI10fwDc0VcP/0QnoF2DcmX8BR4wcYc6N6SYEIP2rUF9
+ JSDIRNBU9miO5BO/X6jwfMtSQui/fKyQ76gLGhv2C+yZVvnL9Euhz+3FusLVtP6+
+ HXP9sXICeZMeF/SGPNnzk6Iq/9arvAxBFiKS6BW0/EITFJULtuHzr4vTNpTuSxJx
+ 1fC2L1/WzACg9P0YsaBx1iIJnQVMf3V2GpeeEbw/tRq5QRouQvramIdcYOlYGcfJ
+ 89e+C4guVNatQsrCXyKM94S48AkTltOitQN9TZHh6JQXSV41DIbNOqVzByUutEXu
+ KRZnmZOXcq18LEi4e+rrOGyYD9Y39NJ5DirCwS8Oyr9eZc/lDppN6zfhOIJgIPLR
+ FM26bOKJsG6UOJCuGUExc5DMmG2vXSBjS1Tm0Jmwv3HLRfIc+qDUZ67v1UAU/ebC
+ DkRBWLkf2VBM9yb7saOa0evhJkhqDrV6U2TBMH2LgD/sjJibLyKzCXX/rA6+ejnP
+ ba6BkLzHrc7+uM8ZK1w17bkWYTNSR+U0vaXfLogHSb4rcdO0GzLX9bVmhRmKbYrS
+ 2O/bY4RFvHVl4nuI1AcOAV4qwYvASw6t2iw+ek3U4cvag29veaj1ca4axHjiZY72
+ Hqm4kXF/dfnPUA6690S41Kg9VdACHcf2ydtxl+t2jRWM7DE162zVvqfSYRsPgLF3
+ dEO4ZNDqp7uNiQJXBBIBAgBBBQJIqc32OhpodHRwOi8vd3d3LmdvbnowLmNvbS5h
+ ci9ncGcvY2VydGlmaWNhdGlvbi1wb2xpY3ktMl8wLmh0bWwACgkQMeX+Y+L8SCVK
+ MQ/+PubYHJRLOVWJuZqn1WMZAq8Y9m27tbXDvhujZeDJeJKdbe2pXHJIwgTAmgAQ
+ kU64So/wEcPwSN0kdABFnw2cd4cmOQdlQ4qh29wUQxOvQvusY8+Ed7J3Fx2+sJm2
+ QJK1uSEUfwJyN+DYRdXytb4iUqW/AFS2IczseK54JUnPz1DqJg049Vc6TAVta7ZU
+ 4CMDm4clme03ZAPWlap4QjpWpnshhnjSbuSvCE1sXJ59lQ4Swc/xS3j9oepRFtWj
+ crSdLROs6Iyz0tWRn/2Xrnso4a9aQXG+DjHpomCD7DJUifIZMB4M6jn/cL9CvwAh
+ jDrmwK/GaFn6g4TQ//mt23e5h2i+omVXKTEvFlBhI9nSTtwyRxqHWAFPbczOlD4E
+ nagr04Rpn3RZtwzMi2b81Ckwil2iRR2cFsH9m940GpzMTaQV9s1btXQAjI3AD5er
+ bV7qyiDcXsiBzZLZOUy0m01anSygNEgNqQE23z5qKXdXZLDlkTDXIsvsLfQ4tw/i
+ eRz17j0tBfjKvj7GVyFHPPp6vwp5rot+xS2xk75I9InapNF0PiSZ3MvuicCcMjOu
+ 8rvMtRPtVp2RGduZmm1JeAFliPfFMa+tTBWfDbDgYjJUAJ1DwvQIGwLFw687PUWE
+ g2tGaQIjEuxJDZdrhI9MYTrI5SIJIg1WIsnzjNCMzux00LG0IEVyaWMgRXZhbnMg
+ PGVldmFuc0BzeW0tbGluay5jb20+iEUEEBECAAYFAkLYPM8ACgkQST77jl1k+HCF
+ fACdGVowSyEnDEB47qFGBXym+CUWZngAlRhnlXObg2MhI+Gu2BwCMDO+o26IRQQQ
+ EQIABgUCSKT88wAKCRCAQBn6ognDBekDAJdDHvjTaP6h7jP9rzV/XD8PT80ZAKCP
+ TMhg/qYmctcytYCbGd8Tum/sW4hGBBARAgAGBQJC2CQ0AAoJEFykUN5St0h+nmgA
+ oITtL03Tj8QHhtcl/UeEoOrroSkMAJ0VFbcnaqnuO1U7fPXCZ1rLmHmG3IhGBBAR
+ AgAGBQJC2DFQAAoJEPYo65NHQyBsivYAn05yNZH5lqRKXcDTQIA9yeHuZ/KgAJ9I
+ HRUy/m9plVhWMGf2Eq5tXu9wpYhGBBARAgAGBQJC2EdfAAoJEJLmCotfbYAV36sA
+ oKFiAtLfzy+fnvdzyCddsTcRRjZsAJwMmW/sf8B44NnSpklI2lUsOQ12/IhGBBAR
+ AgAGBQJC2FJiAAoJEEIxMEle1xmOUb8AoI21TZeGdEEgznjJQDP4UjXtkdXMAKCo
+ yftBXVBPHzbqculm66dtAKCzDIhGBBARAgAGBQJC2Mq8AAoJEK/Cma896afKmEAA
+ n0XRzf3XQsQvPcK/c/6Pc76cm3IdAJsHhaXN5mhuSl/D81jMXfqkBeXfgIhGBBAR
+ AgAGBQJC2M/LAAoJECFdj4gPMKfWtosAoLSdWjbNozu0ZVOMjQsio3Uzo+bSAJ45
+ XqWOlO1eGNvxy1oMekXqwHBqmYhGBBARAgAGBQJC2NGZAAoJEOuV2n7o2s9cl1EA
+ oMPUCEWP2E1SrVu6GvLRLYAEI6KfAKCIb1IHPDEJI/Rpq7XU8GPpgIKZ/YhGBBAR
+ AgAGBQJC2NXGAAoJEPhev0YljYeBzsUAoJ2DhXQdtQZeVlbBseE2BHT2Dn9kAJ94
+ EC9YPQqwEE6KLuW/ojHz/lntSYhGBBARAgAGBQJC2O5GAAoJEFRwPN4SKOt1SgMA
+ n32VSmS7fvXBOrEshPEgeMgiSpq5AJ0VV10oJugVp39MCMy5eQ0EXhkU6IhGBBAR
+ AgAGBQJC2Q1kAAoJEB0znGWLjXZjiRcAn1eUq4I7xHOogrb4uPiQ4FfLy/1NAJ4v
+ QkLXV2E9EauTfsQZfivWxhrmoIhGBBARAgAGBQJC2Rj2AAoJEB7CN9lTRYTo3FAA
+ nj3FrzEvYZtO8h1FRe2NrIiI8kitAJ9H9zN8aejRBDOHNykUNvvd2ceTPohGBBAR
+ AgAGBQJC2TqNAAoJEMnNEAuw2QTPsUwAn0ubY1EIIGzfEJIcqJHtNv9kmDlWAKDx
+ FwxnUYVUpY1Mq6GupG9mahja74hGBBARAgAGBQJC2VwNAAoJEA3LOUQU1AYLgngA
+ oM4/ANswJKcuHUcugIpXyPD/jlGbAJ9Ybmd+uqXD5aaMX2+0kOEQAFFK8YhGBBAR
+ AgAGBQJC2V5lAAoJEE5L2uI37ak+OXUAoLDafLbEsYNJfTwhEFuT/YmZbsmWAJ9G
+ rqDzq2fZYcirvHwwuCgy5T0ZBohGBBARAgAGBQJC2hPGAAoJEFoKOZrqfPWtTF8A
+ mwaBl2eYcGAgcPb4O5a48Stm6DEEAJ9F/boRyr1gYFZu7E3QNxQo9GlvM4hGBBAR
+ AgAGBQJC2hxBAAoJEERoUHP5P4E7no8AmwTF3lB2tSyzV6U+6FgIWyEBwKt5AJ9i
+ dGaQEwcIwmTIzH4iuO51g/1kxYhGBBARAgAGBQJC2lvfAAoJEHzz9a8pSZ9hBUgA
+ oIodB4BFo69snnTzEouqREmDj/6ZAKCtzjEjI+nI0Ay5uk/KLSl0uTyxD4hGBBAR
+ AgAGBQJC2ly1AAoJECYMNUiI+I+PEqEAnivb34I9Z+//cOMGkPRUaioiCAsDAJ4l
+ piFaHB/T4SAednThjxOhFDAD/YhGBBARAgAGBQJC2pILAAoJENTl7azAFD0t4n4A
+ n3u7WxVz9vuN0sZfrwsJJW6/8kMOAKCIQXm7WpiE6u8cWClpkOsUofUDl4hGBBAR
+ AgAGBQJC2rREAAoJEMCk8R3gaz+XgigAoInpXLBKP1IrAilYTl62WYgFZHHmAKCq
+ Kgkj14Fp0hrStUHikw8k3gSlfYhGBBARAgAGBQJC2sbQAAoJEOrj3DXw19RKEHQA
+ nivd3zCuWQPGc4iGCM1gjdY3xpmmAKDEHI9v9ugczt3MFln87iWQ8iCXCohGBBAR
+ AgAGBQJC24MzAAoJECd4neBzbIVuddcAnRqso08CYIDvV2lx0ulX6M4/Xo0/AJ4u
+ OsBQAeyZ8JXZLWRMSlruAWb62ohGBBARAgAGBQJC28spAAoJEIJvysIeiAqEdYMA
+ oKxnwQHbhP9C63rz8lUBZgBpTwy8AKCnwvZFXbrdWGx/cypggOGfFENmoIhGBBAR
+ AgAGBQJC2+hVAAoJECmguvs5qMzijb4AnRwnN9kw1t8y7facREkD+vcDu45RAJ46
+ 4PEDs3l734OBSwxCkHN/NOcfeIhGBBARAgAGBQJC3BV2AAoJELdWp4yIKmxLG9YA
+ oNkPGtlVgorRzPl/81qkhNaQH3pLAJ9XugEEGJTFzzvh5gAHubOIOLItZYhGBBAR
+ AgAGBQJC3CuwAAoJEIKUT2jqLSxB/l0An1w3aGefce0jRO5Vc4is+e6z6hdgAJ9s
+ 4xlwn1/J42AIwQ5I6xTwOK0JLohGBBARAgAGBQJC3O21AAoJEDBIx4t5hKT9BbwA
+ njvZFCB70KENOEeZLvQFygONwF25AJ4iJBbIVhr1YLOXnNTXA3wdJsZX3YhGBBAR
+ AgAGBQJC3PnHAAoJEHUIB7VVG+RHhREAn09xeSlsROTwmaKM+dkV1EmvuPo7AJ9t
+ Q8e6iKmI02/4NzLpLNxleLYLP4hGBBARAgAGBQJC3QNnAAoJECILyIMzDEp1vNAA
+ n1Hg3xbWOFBOo0SslqFAotdiB2pDAJ436jwsSaeWalhiaEse3OHSqJg2bohGBBAR
+ AgAGBQJC3Q9jAAoJEMN2qNrxvNtzHLAAniM81Osr40c5Q97Pg/tessysolGMAJ9X
+ zcCBLVtyDYRuhfILJIt8ZsO7zYhGBBARAgAGBQJC3UYdAAoJEIHAiSKAjQ/QWTQA
+ n15Gj2m9pOf+Jm1bnYlnxvJ7YLu/AJ96Hv/lh30nmnYBOZx+LIbzYtRob4hGBBAR
+ AgAGBQJC3V06AAoJEPZ+Kl0c8tYqkT0AniSbHEMY3ss6gl4LmAJ6DMGQ510WAJ9q
+ Z8VsKVg/ZWFLbnxfod7YU2CFpohGBBARAgAGBQJC3WctAAoJEB0o5L/gL+8RldMA
+ n1nKDpjxeppNq2ZSQgk5D2/kpPQ4AJ9PvAApDgxajrvDI3brVMTJgjCEjIhGBBAR
+ AgAGBQJC3WqnAAoJEMTgC7NzVfr/2MAAnRUOKmiV8AitGcHbbEKsm822THWpAJ9+
+ C6iUtf/Kwud0eBLePDsVI4P07ohGBBARAgAGBQJC3f2UAAoJEHmJfefdwLcNhakA
+ n2+LGEH9rpJ1d4raR+MNa3QwZKzJAKCvNZiS11XEuMwfHthxK8wAARELp4hGBBAR
+ AgAGBQJC3jBuAAoJEIqQZ3kYgCg8HzYAnA6PQ9xD8qxaFXo2WFJqCLwVbsW1AKC1
+ v85RtxsQAZ1050UXFV8Z56h+qYhGBBARAgAGBQJC3kEMAAoJEGSnwKfyzwGoRm4A
+ niD1lPFygzn82xKwLFWAu6apR24iAJ4vez+5CnsR9fOw81zMix9TCwC2eIhGBBAR
+ AgAGBQJC3r7SAAoJEE8amY7aauYhkS0Ani7brtR6FXEdeVcmcoiD7/zVwLMeAJ49
+ csH4H9sIulmrzcqISA5uMUcaKohGBBARAgAGBQJC38BOAAoJECV4+H4UnN2ylqkA
+ njMJ2/YV4JJrdybZyB3tQsH0hAaUAKDJAQoYROJ/T1keCIInQv/39FYwbYhGBBAR
+ AgAGBQJC395HAAoJEF7tANvNttvsuuEAn1+t/KdsEq/S+K2X3Q9Czk62AWQUAJ0V
+ I977Y+NnUg0CtqL18HGBTL9oB4hGBBARAgAGBQJC3+x/AAoJEAWHsm5F8/v5Q4AA
+ oM7v3gPCKTOpfmvEF7oniBtNRKQBAKDQUFZjdeO+uljpFFHNeUYZTPQ3l4hGBBAR
+ AgAGBQJC4AePAAoJEPfw5w8wfVbt2rAAnivvv/TOCBvzRMGsMp5Vc2lyNqwOAJ4n
+ gYWWqAWFLB3wUmaqESiT9rUvj4hGBBARAgAGBQJC4KDUAAoJEBVYlEWZ6B2gH9kA
+ nRXYcT/E0ZgGSCu115QUGvNHGV3ZAJ95DdT4TtrkinSw66PrGDousKWHX4hGBBAR
+ AgAGBQJC4M5bAAoJEO+lVDaWQZnikcoAniATISt8cP2MbrWp9WufUHtuM3u1AJ9x
+ vG0KGueXk2rqOJYa0fzFLJBLuIhGBBARAgAGBQJC4R5uAAoJEJgcX9fGcSV9N7gA
+ oKPnGwg3ktYlpbMIcbBg73Br/wl1AJwLMLKDu7h8RF53tZtNIKxor7sH+4hGBBAR
+ AgAGBQJC4TB9AAoJEJ9CjJYmz4N8O0YAoKpFuU9npuxFxulUj6/6RRE4JDruAKCG
+ nkwPHsZ2encJ4+9r2ibNrp+yDYhGBBARAgAGBQJC4WVhAAoJEDMwohVnIJveIg0A
+ nRykgpCZzznyXW/LTOsWnQrxqcRSAJ0cQVXDkEGiJCDIXIfIoXoA/ap57IhGBBAR
+ AgAGBQJC4WkMAAoJEEvgWCWQeI4Rma8AnRkYZX/qEbymgKWASba/53rMOUuHAJ46
+ s6iZavJykShx6VVq/3QVMgjHxohGBBARAgAGBQJC4oKqAAoJEPQ+cmY8yIwJNaYA
+ nA17pPOamjaHg5tOTE+8e3JyObPmAKCWAWxIBHt2vfDxNwbmkdGI/MCgiohGBBAR
+ AgAGBQJC43lYAAoJEDy4klAvo7wtax0An23oGYuf5M1mCH5ah3nJ7hSYCr4xAJwK
+ KYPUi/ampD0fF1JVlBFK1bLc/ohGBBARAgAGBQJC4/4ZAAoJEEYGHyFm+FSyD5gA
+ n2XYueMRLzc35tqOgSVrtcYUkICGAJ4ySKxs2MnhSThtVaDT0tc14RzmLIhGBBAR
+ AgAGBQJC5i5GAAoJEMv7+1fvqjMxje4AniyS/A8czL5ZgERfGZ1bj0KCajQXAKDA
+ 9iEW1R3BL/q040L4SJTAMscX6IhGBBARAgAGBQJC5ncbAAoJEHvIg6ApQmD26ncA
+ nRE6u7IsXP1aoYP2j5sIfOzDpyIgAJ9WPIgMEmfZmhXF0r4yzC8IWjC+1ohGBBAR
+ AgAGBQJC5oyWAAoJEEDq/QvhnxiOB00An2D8Fhy42HVEvzB1wUhmTt6jmNUhAJ9a
+ hbqf0Jh/3nxIhU6dBbnE8o7w2ohGBBARAgAGBQJC5rk1AAoJEJzVyLNn2Ohn6WkA
+ n0IMvqqjf+FQjc/vfrOCm684ElYYAJ9F5RKFDcM/DklKPgstRIKfgb4kTIhGBBAR
+ AgAGBQJC5954AAoJEHGh/2Ab+N4PwIAAoM5wOhlGg/7Uc++zXTFttrQRMDgXAKDg
+ 0WVpIz5ieiL0djTZKE3cmja8i4hGBBARAgAGBQJC6JWiAAoJEDK1M0mR4VPFhrIA
+ n3SO80YAc0vNwE/l0mIF/h6jovcmAJ9IKzHRRefwy/C1d51QyyneSvZaCYhGBBAR
+ AgAGBQJC6p0ZAAoJEJdriEsIE1afmp8An0yZBkwI5S0cKfFOPJWBX2ojWIsaAKCG
+ Dbpn2oOJ3zPRHj7htmC9CThX94hGBBARAgAGBQJC6qgTAAoJEEHcHJByRJcLGJYA
+ oKOcAdwVQsHORvS0vTeTpka8UxoGAJ0dveik1nyBLWGFebHmyajlrE/79IhGBBAR
+ AgAGBQJC7QN9AAoJEDRQ7VE/zCqQ6w8AoIDnlLPqM16kMUtq4L6/CW3cT6BcAKDP
+ 8ztA0WgWkSeh8RlVi45XVkld7YhGBBARAgAGBQJC7RLfAAoJEDSFugjQ7Acjzy8A
+ n25MGSPymerapEfIeS/dfBH0TJl5AJ9MmFc1YTFl/7EZkOhqsxN3Sdu7x4hGBBAR
+ AgAGBQJC7k08AAoJEIzuslmzwoH0KLQAoIP+TVttZEarzaRPDUaBmV4xR5IQAJ97
+ R47FcADfzuUbJn5QBAl1wpgOI4hGBBARAgAGBQJC7r/6AAoJEIkhtdzNFaiD+aUA
+ njA3Z0ubER/hbHe1yVQkg0P27eldAJ4v0drSOo53UAk8VfbzMK2J1gOzzYhGBBAR
+ AgAGBQJC7sACAAoJEAcXdOAA2M0WvGoAoIysDM0OMlaV9/cnRrM0v/7U+m/JAJ43
+ 8I2eRwOS5c+npUpDLWqjOpKqaIhGBBARAgAGBQJC7z2nAAoJEGIDikvdm5kQZzAA
+ oJUeFrm+Gu1iWOgSQWubyTraSzHxAKCnpXARCj3Q1N4ENOBUasqeE3TLoohGBBAR
+ AgAGBQJC78UWAAoJEPhZkLAkiutzEhEAn1DPhDej6fzf+qvCeEOe0U4IjPriAJwI
+ 1J/yJzcEy6PYIrQ0nT1BUm1xCYhGBBARAgAGBQJC9odfAAoJEInNSyFgdVnmSWsA
+ oOUZybOcy2X32E1GK/eXTJhwDUB4AJ4tkeXF6azB8YV2UoKtuhTy1O9KxYhGBBAR
+ AgAGBQJC9o4BAAoJENVOrkvJmHCx0jAAn1QQATC4eAXK6rHF5bco8idA1aOEAJ9+
+ QRvONHek128WtnaT21r5JK6kKIhGBBARAgAGBQJC90q/AAoJEAug7gPq8ZtgT3EA
+ nAl5t1dmwgkkB11Qs7axySqgr3SVAJ9xbJmlpmckl5+j4PF7DJ4K2iclhYhGBBAR
+ AgAGBQJC/lTkAAoJEJppZcH8T78ovJIAn23VcfcA196vbZky9RK0qlo18uguAJ9F
+ WpzX2hjNt6r5+kHmPFaFn4ykUohGBBARAgAGBQJDBY5vAAoJEGAwWzHAn9Na5ksA
+ n1GJ0tsUKMhtok8b8Z4MUVelCU2VAJ9zwNHnnpp7o+ZYMpDbQJSHrPesE4hGBBAR
+ AgAGBQJDClvDAAoJEFOCskvmsbcj4yEAnREQINLCZzopjP9gt1cdwnYqPEnDAJ9e
+ ZBwMeggIpKQeOCUqqiKivH8yMYhGBBARAgAGBQJDDvKlAAoJEPS0sMx5fr+rXzgA
+ n0Zg41sDVkVkblvzCK+3JvLtpgRMAJ4ggaXAqtvxRNyBqIfRn+DFXMt3qIhGBBAR
+ AgAGBQJDEKxcAAoJEISJsU2IB1Kb/TcAn3z5LWGelqJR3BlX1GXegQkdEJgoAJ4r
+ 0Ue6ZK27wbcpY6m6dfkQXqDRdIhGBBARAgAGBQJDEf06AAoJENFOhSbcR8oWXX0A
+ oM64YGw954JZJqSPQkhsPpZNapn0AJ4kU8ud4WrtH6ikWE5B52oZ387miYhGBBAR
+ AgAGBQJDGys1AAoJEGnSph3iY/zUNX0An3+WmOArhuNpl3jqW0NWKx0vtDNaAJ9O
+ qYWctOxkvHnRbjgUGTg1+U0L4IhGBBARAgAGBQJDG13TAAoJEO/WTQkSBmIHvUAA
+ mwYDhEynUqDDftBjDGgnxUwRiu2GAJ40S4ZkFjD1aGV7jdPlishnIabZkYhGBBAR
+ AgAGBQJDH2J2AAoJEFBy0DasWDUggJMAoM4eBo1QJlPjzXFcou6JY1MF3Jt1AKCF
+ sD9XFd8VyDPE7wtIsPo1W0pw5YhGBBARAgAGBQJDIwLwAAoJEHQvKkKOY1peERUA
+ n1n2/A5cCSMfJBC9Wxi2/5+QeIG4AJ9ambwK+7RZF7fRqPgjaAMwfzwmUohGBBAR
+ AgAGBQJDk4nfAAoJEOIKmoj9/WgfRl0AnRK723CXXdai5tRVoh0My4dzsnSyAKCH
+ I8XTeFr+aFlLFpqjM/OEDNBZ3IhGBBARAgAGBQJEJXZiAAoJEHFe1qB+e4rJ2qMA
+ nRHrk2Uwl5frzPTFsJmKJRbFgdo/AJ0XaR+u97M3kDijxZ1QPiCvEW6FkYhGBBAR
+ AgAGBQJEW6USAAoJEIbgDQwZpC0ZhtcAn3vQ2zMSrPF0Xrpawla6LYBv+QAGAJ43
+ qkMr4z08BiB9SGfwzLJKhVWPb4hGBBARAgAGBQJEZI+SAAoJEJ/PLM0/PmQmjkUA
+ mwcOJtCHrBRZpdPh70FZYRFeRNlfAJ9bymLVdGT+XOBTRBeVj7xsdPdPX4hGBBAR
+ AgAGBQJEbo33AAoJENdZXTdLcpYlAvgAoLGTPIP782TpjfyK1QsNlfoEc3IbAJ9S
+ i7277B13jjHnd/CNus3IBjbYOYhGBBARAgAGBQJEbo6aAAoJEGTeY3pzFGvU3DkA
+ n3cBegzdR/xJZvjy8eVfTibsYNzSAJwP7nhSzFqRfHKxSpyJG7BJwa1cZYhGBBAR
+ AgAGBQJEbpP0AAoJEAAc3mpredQBtzsAoIfvdNWfEj4za3glwhpYNTQirtj1AJ4p
+ 5+OhWim22gQqmULdjvZpPrr//4hGBBARAgAGBQJEbpTqAAoJEDlNxZEO1wTqOPsA
+ oLhpvvF2onxnz6o3cfxsJD8DgqrqAKDkO6vNq3r21racaYnNTIXWxNDQrYhGBBAR
+ AgAGBQJEbqjcAAoJEFQKe15tdCZp1x4AoIpoWMcn/zUNbB0xzXnlShabbAe+AJ9J
+ 7QQpWNT+BrcK1kX4mJ0e616uxIhGBBARAgAGBQJEbqwMAAoJEFFgLI0AXDuCU80A
+ nR6cPtO8Mm9+fJ5mLjlsfqzx0C+aAKCGx8/Jfsw1ptA9LuVKoYgeD2ijSohGBBAR
+ AgAGBQJEbqxFAAoJEMUUr45LpAHDd+8An29WzdZccVCH4BF8ZFaNiaYTJTa2AKCN
+ fTuWTz68Hz3d00f1cSgP9akmMohGBBARAgAGBQJEbr64AAoJEEFLhCNv7M3g3tkA
+ n0L3a79p1ORCpAKK2WgmGCo7GTl2AJ437ly+ixPZaFmM3ffZmD1uJAv2k4hGBBAR
+ AgAGBQJEbsjsAAoJEKG8uy8wbN/zW38AoLfwdqoVGMSPo5uRDzYj0OYHifspAKDT
+ 4o/+EuLW6UMFuIZkLObUMNVmqohGBBARAgAGBQJEb1zpAAoJEEmCDBzqWQOOJqEA
+ n0SedaPfrSjJyH4/Vr67CIua7f6VAJ0X9Q6TQqMYe1mRSJKGZKdx3EuECIhGBBAR
+ AgAGBQJEb3rJAAoJEF0853/VTwhHPfIAnA6yLIHvuyNGbaDolvRLez4e6dAxAJ4h
+ ospxd/vQgd5MDq59DLEsHsD0TIhGBBARAgAGBQJEb/x3AAoJEB7inAyAstEKoOsA
+ nAvKyudZ8lE5pby5B8+2lX5xczXkAJ9sk0NbdhzNmnrHhizYLmdaPT75U4hGBBAR
+ AgAGBQJEcAg8AAoJELz2xg9ugWnSUpAAn0N0A6zh4j7VYCacs4MWAPArvsUBAJ9V
+ MaIyxEvVUI8DDpexhEYT+DuCcYhGBBARAgAGBQJEcB0bAAoJEGlkNr9XXQp2I8kA
+ n0fRiIH7Hjim0AiuOg5iWqzkBdqmAJ4/+QJAY4J5Yvbzg/1Q0aLeIvjB2ohGBBAR
+ AgAGBQJEcQBRAAoJEAowDtCQ5cpGiOEAoKJSWdLElqhcsSQIFxiWCzr8Ss6pAJoC
+ G1G9mMZKNoRCQbNUyJkcp20OzYhGBBARAgAGBQJEfd/jAAoJENgO81qLtSevStIA
+ n3qz8rezobGxK5CdjQYDTLyKp5PVAKCx+J4jCigJ8sNYvOTOAZcT6vtw0IhGBBAR
+ AgAGBQJEimluAAoJEIiheH/D8VnK1LgAnR3LBICYAFN6t8BHEbaQfxQ590acAJ9G
+ xq41x32MHvritJTrJvqC8iMMiohGBBARAgAGBQJEyEHkAAoJEAzHCxggbFr92X0A
+ mQFoBVHe7QMT3nbYWv5TmZqFdWUEAJ9JTFZYrzTjL0c5OB7DkS4h4E4qBohGBBAR
+ AgAGBQJFaZNoAAoJEN/tuyIlvNW/IyoAmgKA6Iev5Si+0bJk4EzGcmwmbrxCAJ4s
+ m0clyNBWPlF+9/kLCA04D+89PohGBBARAgAGBQJFkYa4AAoJEF5t7xxOLspaS/IA
+ oOJayLRBC4EKcsudCk4AKa+6Duw0AJ9SoqmnW1+tBDwfi2wyTxOHDiwoPIhGBBAR
+ AgAGBQJGEHBSAAoJEOpMZh8rRqJ8jbMAoKOsk00slqFtTMCFAYsZHRDolNsMAKCF
+ 0W07lH5+OyTQrGNgyyz7usnMT4hGBBARAgAGBQJGcDbSAAoJEEKfAVsJbE3TWFQA
+ n3RZ3Eahx/idVxo5BApARPYx7X/9AKDLCEkTuk/f1hydOGvd03OE8Q4sb4hGBBAR
+ AgAGBQJGnRvaAAoJEDoNiqBg9BIW/zQAn3E2obr5tjZvkL0Ej/ZkE487E/WWAJ9J
+ aRzRhGxeXVXJEHFaZJOnx8M0SYhGBBARAgAGBQJGpurDAAoJEDFPepXsFSlCiu4A
+ mwfK5ug+KMCFd/BayIODHr86lUwDAJ96D0sRnNtqjbzOQFFM9KyG9A3mPohGBBAR
+ AgAGBQJGpurOAAoJEBC7gPwWvXfG7WwAnAyuLKmOx8vDIrAV/69IbN0rB2djAJ9J
+ kTbjJh/he9GSiYwTqpe682e33ohGBBARAgAGBQJHu+dlAAoJEFbcuXfF6VMzfOcA
+ njw609Pf2jzQ+H+PN7XpHR1wF/P+AJ9O/BHZqWDwj4Gq7UIezgvEh3m6fIhGBBAR
+ AgAGBQJIqf8AAAoJEAzjPJEPnLKPDmYAoIm/YqVVlHsdtRbyx7ZEJaZo9H/HAJ45
+ IDiAnbS77molHjhA5gafwbvdK4hGBBARAgAGBQJIrM0OAAoJEDsymJ0A88/kXXUA
+ oOLVT8EcNGMs7NjEnxjLDh+BuqCnAJ4g7Enw6L7dKGE4ZQ486Q2Hwy2oaohGBBAR
+ AgAGBQJIrXuQAAoJELc1pkngugTBx/gAnj37BmjKyAjqgfGN6Cr+zQestJTDAKDx
+ 3ZE08qfWqCbsrYTc08pazcv8m4hGBBARAgAGBQJIrsh+AAoJEDUzUMpYCAjEtBUA
+ oLfSxMj8bpQPk4gvGjA9pkXKKuKoAJwJQREYgp9+H+O78uVptYbviArGkohGBBAR
+ AgAGBQJIsDG+AAoJEJ94+DzoxDRhPSUAn04Gj59eJwfnrxb7p+q0fGobUuTgAJ9a
+ fYhEEsGo+ypR5F1aJ5YQuRv7SohGBBARAgAGBQJI8D4eAAoJEMOkKwNuJ9C6ZrsA
+ n3v4NcNLfHqI28wWvwTuGRObnrHfAJ9suIa4CMvgRyXZH+IypvsL3a6ULIhGBBAR
+ AgAGBQJI9AFmAAoJELZltFF4Y+sTa0UAn0TCzudPsrDUX3Gi9ftspIN/EumIAJ9/
+ nGaj6s2/jf4S6OSd2K6pjOER/4hGBBARAgAGBQJJugGyAAoJEPsynDDheXvS0AQA
+ niYRNwjzMXdjv2jxoo6WmmkTaOqqAKCEe0DQkzYXmIf+Cg9LijiMUz8QxIhGBBIR
+ AgAGBQJC2DroAAoJENU47AlTgFdG06YAn19wkDRAB+Ugf7ikgIQxsWAdr6w9AJ9t
+ Y2CPDQv5uWnSPUSJL2innCfHk4hGBBIRAgAGBQJC3XdgAAoJEN56r26UwJx/MqwA
+ oMCxuca8KPZNyuBMlrUHt6OEOqqFAJ9VsOO7VUDrM0HamLWuEZqGQD8o+IhGBBIR
+ AgAGBQJC4AiOAAoJEMGHc1Wf6NUEWeoAn0Z3MFAJ/VCLtMHDw4ZPkJgfei2sAJ93
+ T65YObPm+s5Bahx6q4+aRQu+A4hGBBIRAgAGBQJC4G+iAAoJEDe4j810qDkKwj8A
+ n0qjunM5zMo1SwLtCYzlyAfIIAtAAJ9BkaQIi9cJG9uxHJvRQS13rhYduohGBBIR
+ AgAGBQJDA3HvAAoJEM1gO1ouz5hL614AniFumsOIQElhKGwRqvP8SsDP1crpAJ9q
+ oW4llSUwqmbx1ywn59Jj9FqYgYhGBBIRAgAGBQJDGf/AAAoJECdlaNdcYVOtwcUA
+ n1OthEJWYbaZHe3B/lpUnA6kQEI+AJ0cqKB8XQwCbYoqvRBMIhVXWNIj44hGBBIR
+ AgAGBQJDx+TEAAoJEPG9S+RbQwNn5EUAn0eOTnjVFkR3VZXQcvXhza/2K0VfAKCC
+ SrJF7Cw1B1LmHkCXCRWHT3+bHohGBBIRAgAGBQJEcCs2AAoJEBigzI1XBqS0bHIA
+ oN8GPy/85VeN+U1pqRzV9ulKQbJGAKD0ijrjHkoZ6jOdL3iT1kuDQ5LctYhGBBMR
+ AgAGBQJC2FihAAoJEAQyNusQcxl33XsAn1XG6ST3llGOflzkAyP96asrEALYAJ41
+ GQjL0uGr54AjD194c9qJns2Mu4hGBBMRAgAGBQJC2MLvAAoJEHw7eXCIx8H31P0A
+ ni+rMGQI/cwXJOrXc4/H8qN7fqblAJ4so0I5JVPbO7Gdtl+SUqKkE29474hGBBMR
+ AgAGBQJC2Pv9AAoJEBh1EgqjDsIrEYYAoMGZJDP/kYG/Knh2NiGtRiDNrGerAKCZ
+ kua5Nga+2PzeVqu0p7f47hMYTYhGBBMRAgAGBQJC27IsAAoJEA3nJ21eBXfycCEA
+ njicHq+4d3PUdYA/nhxlZ+xLcoFfAJ9kdT4CPZ6fXPof41obPmnrcBK1uohGBBMR
+ AgAGBQJC8hksAAoJEOVE3gebfDKNj6sAnAxNhrOeZj4ruPzqXciaNgf+ffCIAJ0R
+ qU0hAbyWXidxd5R00lGY/EPFLYhGBBMRAgAGBQJDEMrrAAoJEO4l3j8c2w/joQsA
+ nA3DR0VwFWos6oRwuVL2kvKl4dUXAJ4zHhVLazAOw1XInh1GAV4E/RWbKIhGBBMR
+ AgAGBQJIpMrAAAoJEIqDi+TYSA8uqhIAoOA7s4cUpAGVKiHNYm4I2N0VQmR2AJ9E
+ yDdzGmu2lSJzeM4qxOg+JkVWt4hGBBMRAgAGBQJIpc8zAAoJEHw7eXCIx8H3w7MA
+ oII7LFhxHrDPkF/qJTnzRULdAp+jAJ9h7sklav9HDlMXb1mnCe+CF0GL6YhbBBMR
+ AgAbBQJACc5+BgsJCAcDAgMVAgMDFgIBAh4BAheAAAoJEPg1j6LygzyTatcAnRb8
+ jsuhIWvESuKJ48hUsesGwgSZAJoCpAo776vzLor62iG6G9fh8tNl6oheBBMRAgAe
+ Ah4BAheABQJKCeoYBQsJCAcDBRUKCQgLBRYCAwEAAAoJEPg1j6LygzyTthAAni2s
+ ZxE9O3pf/EbcsGCe+Sk8LWxjAJ0V4Me5kjrwGubBSYzUji9FPk9HRYicBBABAgAG
+ BQJC7z2wAAoJEMUoGuUEZOfl+OsD/3O0voS48+40uKlR210Qk6MGMqr77TsvmAB3
+ U5i8/QN7dE66lTitorm1V5ynQOoJCnxq95h18ZrHdepWf4trihJwutfHoYYBuYVa
+ 0YSjvZx1rhG3AetAh3jN11G9as8BsBV5r+66yDkA34At71kIfcfdMYPKfQYYTiCf
+ tMexw2joiJwEEAECAAYFAkL/7y0ACgkQZGZwAPwF2mn+GQP+L12qyS8imtZnU1R+
+ nYloiduNWa1p53T2ha9fzxP7OPOZYM/B7q/4ziCYWvZyYf+2OaYPP63fZInD2Sra
+ 5KsxZTYle2v/6ZqXopel1RAGuSFiNicbGkzhGn781ctlj4nRy3udYy0bE87AOhaG
+ ERbwK6fwyx2plZZinFeqteNFs2+InAQSAQIABgUCQ8fkxQAKCRA3OgB19KizDJEv
+ A/oDEDvIm6NRLZvZIAXlTp3vgVySSnm0ED/i1ThNotBHYcxUEGtSCB2RwsZA8CgO
+ qavDo68jB7U6L/lhAnEdhKXKlap4Fm1kiJ0V0OqN/CFPLmaGGWV+sGD5cQGKWugv
+ gh5BZy9ydchLkvRuhzrNDVl238MVnCveGfeuUSRUDZVYhIicBBIBAgAGBQJDx+TF
+ AAoJELmFmCJNxOf9kS8EAIi/NRwpF2qzepvA6rEZ8I801G3rqn5+/JjbGIzs9AgE
+ vAsSbIbUOxXzPxM8Kkwg1nLgPmgEuDQ48T6Q2M/1zTS415y2VzV59+ahvhamCzyb
+ 1G4rhlfWnFZNSHHjlurR7KH0HmAKSzGLVTa0ow79Dou8kXOPgW4wKb5YuwuTTMl+
+ iPIEEBECALMFAkMar3mFFIAAAAAAEABsc2lnbm90ZXNAZ3JlcC5iZWh0dHA6Ly93
+ d3cuZ3JlcC5iZS9ncGcvNDI2NzEwMTNGOTRBMEFCRUI0Q0U5QjZEM0RGQzJDNjJB
+ Rjc5RDI5RS9DRUM4NkJCNEEwQkE5RDBGOTAzOTdDQUVGODM1OEZBMkYyODMzQzkz
+ LmFzYyYaaHR0cDovL3d3dy5ncmVwLmJlL2dwZy9jZXJ0LXBvbGljeS12MgAKCRA9
+ /Cxir3nSnvM1AJ9azJ0BDPUl/yncYcQ6YPskJI+vxQCXZp08c6QPxnXjRQ5gVfbh
+ wDgt1okCHAQQAQIABgUCQtkMDAAKCRCjiC6/eERvJgTxD/0fMqMfdYTcwiIX45fU
+ qAP5LDEKO5zcO+vAWzPPHMGemici51jxKHHP6MOi6j7CjcMG0FQd9RvOOTltXd4D
+ 3IjmNkHRAshPiJVSvmTw5C60fERFtQchPp/aH07VpFgCcqThW0T6t8n/TZvb9aSR
+ F2v/jmAmlmAtZyQte0krsXN3xWSgXEdq/VSCeesf2k9qx23IG/2tCEg0/oD6C7i0
+ d/rBL4/CvnP5Jukxy7dlY6E/rmZzBTvCHyyiceA89/atbjSWonIDmhNI8UaEZuqY
+ YjNl5vCuPgle3TVPjtqP/bpz/MKLcO1JajBMK9ykyRDqo9e5HK5BUeXbIw824shR
+ 1gPx688kGQ7stVJyGYv/cTiUUSJPeuA/2DbmsH68p0lls5ewnph5D4q2gGPSjYvI
+ R9jrR2dPqrbRxYgIStSIetzCq97ZmAPMcfQhg61QUhXHClEDTdjr0VjL1Bkmd1l3
+ eVxBSSod8P7rr+g8F50Xg/YGtOX5iGnnCOwOaEQK3qSgKm0bd4C07G4AQqmHicKK
+ PC4Pw9Zv7qE5xrKl+9f6KMhjRFCmH5laFbMpaq7oH/3URpVPnxn7oh1AwIz1/Guj
+ 2AuQZTKRiOws36qMOG12fMQ5TZcb9WmjgdA/TZb6NNJsMO+UZvQOmaxOcVQiQMZg
+ zbupXph+nce3yQrz4ltAeUdMkYkCHAQQAQIABgUCQtwj2wAKCRAQ9faUhz8l8R1Q
+ EACSUn5luLTASgv8FP92YZjI0MTk+tsiAKLarDqonwoXaAtAopwwEz5ze0pdrmje
+ 1GrueoeOW4kDk0AiZf1KS9DvwB06lxWi95aHN13NDqCSwJ1vODZM12iGyNCH3iMT
+ Pjm94D1jvVCzIPzxnmJJCOr0QB9iy5RY8m84lUPMDl/i4FPBQue+dUD8d+YzDHkC
+ hQNbXTfHCdW/qWaVOjxTOE275WkNO2rFlXKL9avdGwUPp0hFXKVdhqJpJR8YuJs1
+ DSiEOMuYPyqMHT25nQvnk/TrezR4I0SVhdSCG7nnk87+zwILS0Nmkzfnl7dmn4Op
+ moc3mnE9NS8tR4mH/4qUgVR6kaY+4on1cyiBV6jBJgz7h3X/NYmNWZDy44rIlY8F
+ iqosBkgwBG9MJuuHy3C4IpsEr+0F0gbbXquF+mJ2jh1QvgwA78sbF7iN0FoAR47z
+ 3CbfwHd7IcNyM8lYgBhvl3cOcSrvZltUhrKg2idlv4VPc19IzuB49NiHW6hccXvD
+ T71qqTiK7dWRnsG3hV+eVJL1fz4o1C5Onf7DNhMy6V1hH+wvmlC/1896BjBzPcuy
+ 2PfUbVGm9Gsy1l5RGkL2tjGzKqYqzi8e1pCO28cW/3SrjU29BWDuOr/ZSvwkM5kP
+ 0T7XPP5uVePxfd3IgtVHE0wmI5FO5P0DNYiyL6rJu5v6/IkCHAQQAQIABgUCTaER
+ NwAKCRBGOA6a/ndkmDTgD/9/e39GYn5q9KdHG5u/LnjowqHhRNWa1Pk9GpS/yqGe
+ ZNn2Nhl5nIoDl8N1acK0lPFg4Z+ZO3u12/x0gqVqwDnJdA9wpWvvaOygvNAYyIYG
+ FLU/b5K+4fmgZqxmY6wgYRMoVVRKgzz8KdeM51Dko15Q3MX3UsGen4Y0I39xKRSY
+ Snq0Bkz6i4fURoSmT0f6hwq2MCHZD2crJNkhyQM821FikYLrPrZcTlHmIeLh2/C/
+ RyBOrkAFkgwErgPYqtc6gGEwZaIdXSRTnmRCwZRT7TpJfZ3xFBkIe7I8pXJUwGoV
+ OKNdoQ1MgtJQpJ5CPaf2gXnMk6EPEfIBPIsJLYxjt8g0NYN9k2fo4nXsEMAjMREs
+ F/uxFtmZAGWyBk9XBq1/x80Z0soRiF1qXaHt9Y8UUnwfIKJzmRIUDATDbn/pvvYb
+ k4XICpP/hni5i6ehBFvCZ9OrJy3Tw7n/12KHr+wjJxvT3jxYNeuZHtylw1UW5NzM
+ Sv2Klq0Y4B/ZhlLfPKXG+ARDf5KfbgYQOrvaQca62qNtv6xZCpZlhkVGuFdc4+W3
+ JNT14zVn4kBUUqkDJv0iHxnUxdqwBauW3Ft9t2oPBibLDyr7WHKWeuGt81I0XE+4
+ F7bo0DANr4ykTX7BrVJ7yZQsHMJDA10498ERqkz0pMczzFMYiPi9Ubjhn2uYBErk
+ iYkCHAQQAQIABgUCTkOOBwAKCRC8NyJSyhz5ZAIkEACTURePLv+BNE0ZJGXsOVh2
+ AqBn/Jwhs5dq5Vhy8nEuuu97ta5X/NUAzWmc1Yh2m0AAicLcVYAz55HMmS7vpwaE
+ RzIutDDAnUtEmQFaQWHxUruU7UXmOshdghR/ZVxNhUpvDrkr4ry4HQs5R8sVNk5+
+ VdF2fRLP5DovOzW0mRfkcuZtaTXAI9RRfFR1ZWk8Y3mTNa8VdeBlaHczkLBsmGvH
+ z4Uq23bRwWCIeUN46vn8bNyvSj/A8OnTVP6u6sItb8Fo/zEDRZanqPQEhHtAFEB8
+ j5bu2uw2AOP14l9/YAWZZlzjv7eravfHQM2z+1RjH131Ac3K0JjsFIkDGk40HSFy
+ 37C5VKWSGJQUpUVrzuPIV9R0aQKHbP4/ETi8tRnMJ84bcoA9H1fHnVoptVJrd2wN
+ Lfobxg8An5nV79U69dXK0uUvpMJeUfKDaLEPI9IRk38VjNzr6G9ohapAjLoGqIjr
+ ugbD5ARfPHTXq+WCIcAU1x+mahH8pLnBz5X9iPX2gwS+AB4//XYjEy+WINe9gUy7
+ 6ccu/8HUON/nS0iLhTyN1YqKtIzHLpVNBIvXiYKAzk2o+FACGs8zRzJzfbmHwWzw
+ N7jV/QE/b5G1qEhPinRm2dyaQIyQKRqM7UqDiDeiMx7Fqx9iy7UXjEbFE/5pBKNa
+ iArpNqCgrr0K9rBUXegNvYkCHAQTAQIABgUCSKTmTAAKCRC79o8D6PN5QYbCEACU
+ ba14uOpSRDgnyDJL+w6lGcRtt/UmRpgzuasvNEKiOpLruTildDmpHOgVX2Qt/xDM
+ 8Qx4c0ainuF9I86TKgzl8XtYddh7KjXDLr6WH4Uvnfh2Huy+b9mGatXlcmwbcMqe
+ MDYlH1lkCirGx/UouKvTui14p1QEySCSa6EYdqO2KEK0ayfTzWezTz4qr/FvpNCk
+ hOeb62k7AJARoCEAEgtvUzfMYKF1QzbrMDW50Pl41O8FNa7vidMIIx5c62o2aLJT
+ GniAkjlMdN4k1E6nmqq7hGNmhCv5LqfZ9LBwoWatVNOVyaOlx0UJzj9Yfrq5Tbdk
+ b9XF4mC+uPvkMYnKnFCUT8DBzty0b1N3A8z2mjQMiYdhAYKUWGl7CCvT64Q5jToG
+ IivDVpM7l6jSTCLoDYww0WqVAv+57fIR/oCGPdE1607lEvxzurwZsI0oYmrst4Ma
+ 9tAvu88qjDmIsen3ksBLld2r+V1HCFzhm1tRXV2iVHo107rIfY+oXHyE7tOtPID0
+ FeME05B+V5jb60LQ4fpMqV6GbF7mFMpdDjkQUPPUK2RmTbScJvDcjXZ17PvGFKEG
+ 0SY95W3+rq8hiWGsoFZOI+ck0A78LOqFvKT3vHew8pt1lBOaiw2WP560CSERq3o0
+ WXyhxYYrPTLtOv3ncYM58iyjlrHlHdBdKiXrE2axMYkCHAQTAQIABgUCTaEUlgAK
+ CRDrMEJZDwkgnlz+D/9n1KrhDaO/Hnr0mUStBBPdeAzu5VrEhWXQPAwAzBenDSbe
+ P23qh6yl/fkdTVMtYyQYd4fVMvt9hRebtNlThXQofdNU5ffG1lYqKidwfI6bqM40
+ jccabCPohma5A8m6/pGzjcNoz0cL6tMj74tC1JIwt7vUJld4YS2dVLPJ//6Lv5oJ
+ pQ1KSy6+YcaP1E2VNFisFFsGyn2HtrZfAzDE+RTA2TwaSX5NOwzixchBJRJ/2R8L
+ vEARmNIMMiFszchCWQMZCe1UtDtRSLEuwcyX6s2ByCbOJa/5qApVAt1Vp4aaPkPE
+ aHd1iZjm1Y/nVe1lrTxrSWTtG/i4r9q9Zp+PB+boM6gnipJZemUB4T6v6DUVbAzw
+ aUnDQbA8wf6wC/XKPqCYx2hmKbUWTXPc1rv3UCXu6PYdo6G9bb98WXmWFLea3Kd8
+ XcslgMu37gEItQj64sNxWQcCW50AnbeusKJT3w76ypF4mi4xRwkZQCmFvwY4zoHd
+ F1oigiMSWSymWMruOrwE0Lswg84BTLUi2RT7hhH2+Idmkogn4VIEt4/J28v7ilSB
+ pnF2kgN/P8qg0NNkjBDV0+FDXmmtTvmdCaxvKUS8HxAEC09C2vBMTIepTWP1vEAG
+ EzCt0mi4CDcLNHcpoFdOimgrBtH2whh0/jhvsq2L55i+GMfpAxEBeebO8BoYAIkC
+ HAQTAQgABgUCTaEGZgAKCRDnUZyNdH8A3NNED/4taqfozYu4fG2ns3pqiXGztusN
+ U5fMqGl+lV4Gegg5Z7VGQY83OHacXJ0Ry5jDwFkTWvtxfP62XEooB20nJVAJEf8n
+ 3hQxkRITr9HoTkJHEq+39ojOUhGCbXx1FEkudu/RdtBbBidWPMmzk+MswMc8FFb9
+ 3tVOvau8YWKC6jXhCh2TdsmdYgjLfoOPMLDo9DUgLebEbx6JCHvQWrDqodOc+6/o
+ 3Dffk5ao96Fhi2u4oT1YGwv6rRqUtvDpMjEZDMAQUAWJ91jVIIG8HM5EwYr+Y1TA
+ P4OHuPPFJozcrkZKdej4/HB2GBlumfxkbkBZST5Y3ocq5Tj5m2pyRQVNt+28jjUQ
+ WHRADlB2Ya3Qd8wVvm3Pntw7q9wwlO8+28Q8USPqh4O9mgvimTY0HQGbjguNfsoW
+ 03DxlnfKt1FYMbYVCOyI531PmBvMtsn98BI2htAggUwbwSpCnz+EfpweCGaX1Ps8
+ AW9sK0XJ9cwfXHOYbrJfCvvcmTZNrdJeKw9NfkNWyhX1Ek3joeAEBQrllNdolwmV
+ /drpXjBarT0t3U4kS7v9u/OV2cSft4f7QHupflvHDSv8oTcnIkpAS1+c8yiW1DqW
+ A6tN2NbGVzOhJSQlQZpMLRxH2WvB5hBGPoKcgDacJcs+OoHcy7KtrCP66RgRa0gW
+ q09hi31OnxchiS7ScIkCVwQSAQIAQQUCSKnN9joaaHR0cDovL3d3dy5nb256MC5j
+ b20uYXIvZ3BnL2NlcnRpZmljYXRpb24tcG9saWN5LTJfMC5odG1sAAoJEDHl/mPi
+ /EglDZ4QAKCFTie8P1gXNxq9V/l4i81wKlGJoxNf/CaCYnW5t+Lah+nNgdYmnIQZ
+ 6hF5+jscinSaOcuNI5ZFIXVe1vJDWthgbrVDq/tAj6Yqnime2UlIIc1SmhArVXpN
+ CfcjBBA3FnX0klsnUAmTfzCI3fvBH0R5+TYK2L7DMi7BRux0zQdgB6YQfGkOt280
+ eJYz3SAc+JBM3Z2D+uGD0aC+6Oib8m0JU8Ejz0dzu0b2/umuOS8qrwj3gNasxEuH
+ QOkPIxkPkRScW5cblZDREaWdizSEhs4pA/rRE7B/Ueiib8egC7syK2HLeuhsU4tD
+ eTsgU0aNYN0tX/yGT4+ZSg8Se6vo1uLQ+IPGoQu1lDUdp9ghiR7MDoJrT0HmOXbq
+ NcQzckeqiQbwZxOfcsv+17PTtfbmiHbvNMDbepPjE15qby3NmyJgI9hjmq5kms/j
+ 6w+gSSqNMUbl1cuZBI11ABcYyxzGjsWCGEAHF1IZG965dQ5tb+oS1o3LLFa8FIWH
+ wjzpH+eXzd8Uw3fPA9M3n87AE9j8dsCqJ9nJ/Wb5jz7dmGBfev3COm4bmn2WfSmN
+ AFHcvKDsqbRUCI3nnqGwIw3xfYYnWHtuK1/YhCavq61yGRryoVCK39ZB26YoikWL
+ 7fGboYKy5AtvKKqB+Llv9F+Jho0ghXsJ2qy+q0kmxi7+97FtUREuuQINBEAJzp0Q
+ CADJVEOUPMJJIbVPaUnh54D88CxPNPjM3J5bW+DAF51t5iudOtYsImDb7uOlObo2
+ LAVddexLieYgsPHO5Kdui3Zsgqb8BdOCFPPNSySNHGPDuih7suvhPDgmNJoEOGsq
+ FqkiwaOa/DyIEGUb9ln7yc4TMym1xSksSG3O08iAEuJrcvPTmgimGy4q3b3h5EvD
+ Fee6Hq30qg+RxRWuhIDvnnqbhrNMmsmdy9tPkz/SsTQfjT2A4azDp4M33RNmPbz9
+ L4JIX/ZYnSS0zY7BfqrLehe8ar2KHhlik2eVSNFJOW7tzMkXvv7SULurtJaZtr4P
+ q4MBPJ+NZqFracfyiVq6aH/rAAMFCACQ3C5T7e1QRsstLGWWd62N9cvg569D43VG
+ Ky8+j2Vx0CyCDQ8S51uN7TGnd1g0TBt4570JcjXtwb8HDWQG9jZc0QgFwdAHSh8h
+ HNzT2ipSC+/GtEaaz6ozNSip/QThxhLCBawYD5iJaKoa5vEIr3x97HhSmYEV2CzT
+ sIE3/md67O4XrVgsXIhuu2BjW6wiOoD1clPj0IB1Qq2GkD9Tmm6xk/iMKkuJ80Ed
+ tjx0RAgl9v7tCySnJI4otBlUzO09/KMAj+WVDctv9puLfwyoXYs8tBjCqe5ps+th
+ Wz40+5q0Ox1yIwxQpv3U1IlQ7ta9667nI728cgVag0aPo8MBB04/iEYEGBECAAYF
+ AkAJzp0ACgkQ+DWPovKDPJNsFACguV+6mezDf4K/uioKq9PmyRSOyWEAnjMoXNVy
+ 2X92tDp1JgK8ONdgkbG1
+ =Ylze
+ -----END PGP PUBLIC KEY BLOCK-----
+
diff --git a/linux/system/repo/keystorage/mirantis_com/init.yml b/linux/system/repo/keystorage/mirantis_com/init.yml
new file mode 100644
index 0000000..b6c9a86
--- /dev/null
+++ b/linux/system/repo/keystorage/mirantis_com/init.yml
@@ -0,0 +1,2 @@
+classes:
+- system.linux.system.repo.keystorage.mirantis_com.openstack
diff --git a/linux/system/repo/keystorage/mirantis_com/openstack.yml b/linux/system/repo/keystorage/mirantis_com/openstack.yml
new file mode 100644
index 0000000..12d5e73
--- /dev/null
+++ b/linux/system/repo/keystorage/mirantis_com/openstack.yml
@@ -0,0 +1,26 @@
+parameters:
+ linux:
+ system:
+ repo:
+ mirantis_openstack:
+ # pub 2048R/4C5289EF 2018-07-25
+ key: |
+ -----BEGIN PGP PUBLIC KEY BLOCK-----
+ Version: GnuPG v1
+
+ mQENBFtYVY8BCAC3oli93husG0ZVtv/L8I4/bcW60LFCyB0DuwEznGlSaj1fjOQu
+ C7QX9wvGRq8mRZ8mfZ6sbxGmgs0LnV5QIBle1l5I3B+AMGksf6UGEWgoN/vq86g+
+ 0Jg6kJP/D0sjGXvdlfy+bgAqjsx2bWOLjQGtHSIxhe4cE9HPBfMiYsFwGQua3XN3
+ tiGKcifszvDA6uqdjS6DuTEPCzyKiSyUevnWtBh0oUtUt//X4lG2Mx0lU91uUQGj
+ KeZ+fYXOLqgZm/FxLVT5w3g/UGK9Cbz5h4kGCJOfk0EwIZp0IRRs1phOC6gVMwoV
+ yWKCtdHmg7Ob8I4AZ8OW5HJn1UPHTprxcHBnABEBAAG0LEF1dG9idWlsZGVyIDxp
+ bmZyYSthdXRpYnVpbGRlckBtaXJhbnRpcy5jb20+iQE4BBMBAgAiBQJbWFWPAhsD
+ BgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRCRZVp5TFKJ70cJB/9ArWrSFyEx
+ qs7Tyo9M5WCPjqw7y2F7jd4Et3hqwc5jx6KlxGpg17SHt4oWcmtML3VBx+ziBAi0
+ 5Ry4Z4w0QqFW6gAqQepeW76Yq/OP5SoqEI9sUwzLfUY7raK/P1buvXB1eZh4mMw4
+ TFf4Hgo8yUQ3geYNnUBBfaSfkmiyBJGsMXBfW2zhlpVIyB6Cye5R823FxGNJe+li
+ hggNCQnKYqrGtr55RO6xYI1v89cgGrO2EVwPkFLA/MUnQEb433Ck+sjp1NZDUfuJ
+ U3gg8S0hT+Cf5XiknT/xqIhhTY/KzlNmynZt/51DzZzsbM+RO6JZFYJL2LuC69gB
+ +R5jrmaGu9fG
+ =sqIn
+ -----END PGP PUBLIC KEY BLOCK-----
diff --git a/linux/system/repo/mcp/apt_mirantis/cassandra.yml b/linux/system/repo/mcp/apt_mirantis/cassandra.yml
index 8bf3583..e29a220 100644
--- a/linux/system/repo/mcp/apt_mirantis/cassandra.yml
+++ b/linux/system/repo/mcp/apt_mirantis/cassandra.yml
@@ -1,14 +1,19 @@
+classes:
+- system.linux.system.repo.keystorage.cassandra
parameters:
_param:
apt_mk_version: stable
- linux_system_repo_mcp_cassandra_version: ${_param:apt_mk_version}
- linux_system_repo_mcp_cassandra_version_number: "21x"
+ linux_system_repo_mcp_cassandra_version: '21x'
+ linux_system_repo_url: http://mirror.mirantis.com/${_param:apt_mk_version}/
+ linux_system_repo_mcp_cassandra_url: ${_param:linux_system_repo_url}/cassandra/
linux:
system:
repo:
mcp_cassandra:
- source: "deb [arch=amd64] http://mirror.mirantis.com/${_param:linux_system_repo_mcp_cassandra_version}/cassandra/${_param:linux_system_codename}/ ${_param:linux_system_repo_mcp_cassandra_version_number} main"
+ source: "deb [arch=amd64] ${_param:linux_system_repo_mcp_cassandra_url}/${_param:linux_system_codename}/ ${_param:linux_system_repo_mcp_cassandra_version} main"
architectures: amd64
- key_id: F8358FA2F2833C93
- key_server: keyserver.ubuntu.com
clean_file: true
+ pin:
+ - pin: 'release o=Apache Cassandra Packages'
+ priority: 1100
+ package: '*'
diff --git a/linux/system/repo/mcp/apt_mirantis/hotfix/init.yml b/linux/system/repo/mcp/apt_mirantis/hotfix/init.yml
new file mode 100644
index 0000000..e9e45e6
--- /dev/null
+++ b/linux/system/repo/mcp/apt_mirantis/hotfix/init.yml
@@ -0,0 +1,2 @@
+classes:
+- system.linux.system.repo.mcp.apt_mirantis.hotfix.ubuntu
diff --git a/linux/system/repo/mcp/apt_mirantis/hotfix/ubuntu.yml b/linux/system/repo/mcp/apt_mirantis/hotfix/ubuntu.yml
new file mode 100644
index 0000000..77d5202
--- /dev/null
+++ b/linux/system/repo/mcp/apt_mirantis/hotfix/ubuntu.yml
@@ -0,0 +1,22 @@
+parameters:
+ _param:
+ linux_system_repo_hotfix_url: http://mirror.mirantis.com/hotfix/${_param:apt_mk_version}/
+ linux_system_repo_hotfix_ubuntu_url: ${_param:linux_system_repo_hotfix_url}/ubuntu/
+ linux:
+ system:
+ repo:
+# ubuntu_hotfix:
+# refresh_db: ${_param:linux_repo_refresh_db}
+# source: "deb [arch=amd64] ${_param:linux_system_repo_hotfix_ubuntu_url} ${_param:linux_system_codename} main restricted universe"
+# architectures: amd64
+# default: true
+# ubuntu_updates_hotfix:
+# refresh_db: ${_param:linux_repo_refresh_db}
+# source: "deb [arch=amd64] ${_param:linux_system_repo_hotfix_ubuntu_url} ${_param:linux_system_codename}-updates main restricted universe"
+# architectures: amd64
+# default: true
+ ubuntu_security_hotfix:
+ refresh_db: ${_param:linux_repo_refresh_db}
+ source: "deb [arch=amd64] ${_param:linux_system_repo_hotfix_ubuntu_url} ${_param:linux_system_codename}-security main restricted universe"
+ architectures: amd64
+ default: true
diff --git a/linux/system/repo/mcp/apt_mirantis/saltstack.yml b/linux/system/repo/mcp/apt_mirantis/saltstack.yml
index 22b3bb8..5ba85c0 100644
--- a/linux/system/repo/mcp/apt_mirantis/saltstack.yml
+++ b/linux/system/repo/mcp/apt_mirantis/saltstack.yml
@@ -13,7 +13,16 @@
source: "deb [arch=amd64] ${_param:linux_system_repo_mcp_saltstack_url}/${_param:linux_system_codename}/ ${_param:linux_system_codename} main"
architectures: amd64
clean_file: true
- pin:
- - pin: 'release o=SaltStack'
- priority: 1100
- package: '*'
+ pinning:
+ 10:
+ enabled: true
+ pin: 'release o=SaltStack'
+ # WA for https://github.com/saltstack/salt/issues/49653
+ # Should be removed with new version\fix in upstream.
+ priority: 50
+ package: 'libsodium18'
+ 20:
+ enabled: true
+ pin: 'release o=SaltStack'
+ priority: 1100
+ package: '*'
diff --git a/linux/system/repo/mcp/apt_mirantis/saltstack_2016_3.yml b/linux/system/repo/mcp/apt_mirantis/saltstack_2016_3.yml
index 26f1a02..978d9a4 100644
--- a/linux/system/repo/mcp/apt_mirantis/saltstack_2016_3.yml
+++ b/linux/system/repo/mcp/apt_mirantis/saltstack_2016_3.yml
@@ -1,3 +1,6 @@
+# DEPRECATED since 2018.7+ release.
+# Please use system/repo/mcp/apt_mirantis/saltstack
+
classes:
- system.linux.system.repo.keystorage.saltstack
- system.linux.system.repo.mcp.apt_mirantis.saltstack
diff --git a/linux/system/repo/mcp/apt_mirantis/update/init.yml b/linux/system/repo/mcp/apt_mirantis/update/init.yml
new file mode 100644
index 0000000..167f896
--- /dev/null
+++ b/linux/system/repo/mcp/apt_mirantis/update/init.yml
@@ -0,0 +1,2 @@
+classes:
+- system.linux.system.repo.mcp.apt_mirantis.update.ubuntu
diff --git a/linux/system/repo/mcp/apt_mirantis/update/ubuntu.yml b/linux/system/repo/mcp/apt_mirantis/update/ubuntu.yml
new file mode 100644
index 0000000..d58ff85
--- /dev/null
+++ b/linux/system/repo/mcp/apt_mirantis/update/ubuntu.yml
@@ -0,0 +1,22 @@
+parameters:
+ _param:
+ linux_system_repo_update_url: http://mirror.mirantis.com/update/${_param:apt_mk_version}/
+ linux_system_repo_update_ubuntu_url: ${_param:linux_system_repo_update_url}/ubuntu/
+ linux:
+ system:
+ repo:
+# ubuntu_update:
+# refresh_db: ${_param:linux_repo_refresh_db}
+# source: "deb [arch=amd64] ${_param:linux_system_repo_update_ubuntu_url} ${_param:linux_system_codename} main restricted universe"
+# architectures: amd64
+# default: true
+# ubuntu_updates_update:
+# refresh_db: ${_param:linux_repo_refresh_db}
+# source: "deb [arch=amd64] ${_param:linux_system_repo_update_ubuntu_url} ${_param:linux_system_codename}-updates main restricted universe"
+# architectures: amd64
+# default: true
+ ubuntu_security_update:
+ refresh_db: ${_param:linux_repo_refresh_db}
+ source: "deb [arch=amd64] ${_param:linux_system_repo_update_ubuntu_url} ${_param:linux_system_codename}-security main restricted universe"
+ architectures: amd64
+ default: true
diff --git a/linux/system/repo/mcp/mirror/v1/openstack.yml b/linux/system/repo/mcp/mirror/v1/openstack.yml
index a4a369b..37482da 100644
--- a/linux/system/repo/mcp/mirror/v1/openstack.yml
+++ b/linux/system/repo/mcp/mirror/v1/openstack.yml
@@ -1,15 +1,17 @@
+classes:
+- system.linux.system.repo.keystorage.mirantis_com
parameters:
_param:
- apt_mk_version: stable
linux_system_architecture: 'amd64'
+ linux_system_repo_url: http://mirror.mirantis.com/${_param:apt_mk_version}/
+ linux_system_repo_mirantis_openstack_url: ${_param:linux_system_repo_url}/openstack-${_param:openstack_version}/
linux:
system:
repo:
mirantis_openstack:
- source: "deb http://mirror.mirantis.com/${_param:apt_mk_version}/openstack-${_param:openstack_version}/${_param:linux_system_codename} ${_param:linux_system_codename} main"
+ source: "deb ${_param:linux_system_repo_mirantis_openstack_url}/${_param:linux_system_codename} ${_param:linux_system_codename} main"
architectures: ${_param:linux_system_architecture}
clean_file: true
- key_url: https://mirror.mirantis.com/${_param:apt_mk_version}/openstack-${_param:openstack_version}/${_param:linux_system_codename}/archive-${_param:openstack_version}.key
pin:
- pin: 'release o=Mirantis'
priority: 1100
diff --git a/linux/system/repo_local/docker.yml b/linux/system/repo_local/docker.yml
index cd3b514..6254dec 100644
--- a/linux/system/repo_local/docker.yml
+++ b/linux/system/repo_local/docker.yml
@@ -1,3 +1,5 @@
+# DEPRECATED since 2018.7+ release.
+# Please use system/repo/mcp/apt_mirantis
parameters:
linux:
system:
diff --git a/linux/system/repo_local/docker_legacy.yml b/linux/system/repo_local/docker_legacy.yml
index d12cc0d..3df198f 100644
--- a/linux/system/repo_local/docker_legacy.yml
+++ b/linux/system/repo_local/docker_legacy.yml
@@ -1,3 +1,5 @@
+# DEPRECATED since 2018.7+ release.
+# Please use system/repo/mcp/apt_mirantis
parameters:
linux:
system:
@@ -6,4 +8,4 @@
refresh_db: ${_param:linux_repo_refresh_db}
source: "deb [arch=amd64] http://${_param:local_repo_url}/ubuntu-${_param:linux_system_codename}/ ${_param:apt_mk_version} docker-legacy"
architectures: amd64
- key_url: "http://${_param:local_repo_url}/public.gpg"
\ No newline at end of file
+ key_url: "http://${_param:local_repo_url}/public.gpg"
diff --git a/linux/system/repo_local/glusterfs.yml b/linux/system/repo_local/glusterfs.yml
index cb298c4..63a306b 100644
--- a/linux/system/repo_local/glusterfs.yml
+++ b/linux/system/repo_local/glusterfs.yml
@@ -1,3 +1,5 @@
+# DEPRECATED since 2018.7+ release.
+# Please use system/repo/mcp/apt_mirantis
parameters:
_param:
apt_mk_version: stable
diff --git a/linux/system/repo_local/maas.yml b/linux/system/repo_local/maas.yml
index ca65a79..d703044 100644
--- a/linux/system/repo_local/maas.yml
+++ b/linux/system/repo_local/maas.yml
@@ -1,3 +1,5 @@
+# DEPRECATED since 2018.7+ release.
+# Please use system/repo/mcp/apt_mirantis
parameters:
_param:
apt_mk_version: stable
@@ -8,4 +10,4 @@
refresh_db: ${_param:linux_repo_refresh_db}
source: "deb [arch=amd64] http://${_param:local_repo_url}/${_param:linux_system_codename}/ ${_param:apt_mk_version} maas"
architectures: amd64
- key_url: "http://${_param:local_repo_url}/public.gpg"
\ No newline at end of file
+ key_url: "http://${_param:local_repo_url}/public.gpg"
diff --git a/linux/system/repo_local/mcp/apt_mirantis/cassandra.yml b/linux/system/repo_local/mcp/apt_mirantis/cassandra.yml
index ed767ab..b53eb06 100644
--- a/linux/system/repo_local/mcp/apt_mirantis/cassandra.yml
+++ b/linux/system/repo_local/mcp/apt_mirantis/cassandra.yml
@@ -1,3 +1,5 @@
+# DEPRECATED since 2018.7+ release.
+# Please use system/repo/mcp/apt_mirantis
parameters:
_param:
apt_mk_version: stable
diff --git a/linux/system/repo_local/mcp/apt_mirantis/docker.yml b/linux/system/repo_local/mcp/apt_mirantis/docker.yml
index 84fed9f..8afe4dc 100644
--- a/linux/system/repo_local/mcp/apt_mirantis/docker.yml
+++ b/linux/system/repo_local/mcp/apt_mirantis/docker.yml
@@ -1,3 +1,5 @@
+# DEPRECATED since 2018.7+ release.
+# Please use system/repo/mcp/apt_mirantis
parameters:
_param:
apt_mk_version: stable
diff --git a/linux/system/repo_local/mcp/apt_mirantis/docker_legacy.yml b/linux/system/repo_local/mcp/apt_mirantis/docker_legacy.yml
index 9b85ea2..bd67693 100644
--- a/linux/system/repo_local/mcp/apt_mirantis/docker_legacy.yml
+++ b/linux/system/repo_local/mcp/apt_mirantis/docker_legacy.yml
@@ -1,3 +1,5 @@
+# DEPRECATED since 2018.7+ release.
+# Please use system/repo/mcp/apt_mirantis
parameters:
_param:
apt_mk_version: stable
diff --git a/linux/system/repo_local/mcp/apt_mirantis/saltstack_2016_3.yml b/linux/system/repo_local/mcp/apt_mirantis/saltstack_2016_3.yml
index 1cd567a..6e20a4c 100644
--- a/linux/system/repo_local/mcp/apt_mirantis/saltstack_2016_3.yml
+++ b/linux/system/repo_local/mcp/apt_mirantis/saltstack_2016_3.yml
@@ -1,3 +1,5 @@
+# DEPRECATED since 2018.7+ release.
+# Please use system/repo/mcp/apt_mirantis
parameters:
_param:
apt_mk_version: stable
@@ -13,4 +15,4 @@
pin:
- pin: 'release a=${_param:linux_system_repo_mcp_saltstack_version}'
priority: 1100
- package: '*'
\ No newline at end of file
+ package: '*'
diff --git a/linux/system/repo_local/mcp/apt_mirantis/ubuntu.yml b/linux/system/repo_local/mcp/apt_mirantis/ubuntu.yml
index 79c002f..12b37e4 100644
--- a/linux/system/repo_local/mcp/apt_mirantis/ubuntu.yml
+++ b/linux/system/repo_local/mcp/apt_mirantis/ubuntu.yml
@@ -1,3 +1,5 @@
+# DEPRECATED since 2018.7+ release.
+# Please use system/repo/mcp/apt_mirantis
classes:
- system.linux.system.repo.keystorage.ubuntu
parameters:
diff --git a/linux/system/repo_local/ubuntu.yml b/linux/system/repo_local/ubuntu.yml
index e93a4b3..e5b940a 100644
--- a/linux/system/repo_local/ubuntu.yml
+++ b/linux/system/repo_local/ubuntu.yml
@@ -1,3 +1,5 @@
+# DEPRECATED since 2018.7+ release.
+# Please use system/repo/mcp/apt_mirantis
parameters:
linux:
system:
diff --git a/linux/system/single/simple.yml b/linux/system/single/simple.yml
index 2b4e919..45be219 100644
--- a/linux/system/single/simple.yml
+++ b/linux/system/single/simple.yml
@@ -8,6 +8,16 @@
local_package_repos: false
linux:
system:
+ at:
+ enabled: true
+ user:
+ root:
+ enabled: true
+ cron:
+ enabled: true
+ user:
+ root:
+ enabled: true
local_package_repos: ${_param:local_package_repos}
timezone: UTC
locale:
diff --git a/linux/system/users/keystone.yml b/linux/system/users/keystone.yml
index 14e38dd..cda4c36 100644
--- a/linux/system/users/keystone.yml
+++ b/linux/system/users/keystone.yml
@@ -8,7 +8,7 @@
home: /var/lib/keystone
uid: 301
gid: 301
- shell: /bin/false
+ shell: /bin/bash
system: True
group:
keystone:
diff --git a/maas/region/single.yml b/maas/region/single.yml
index 7c57d9e..3569fff 100644
--- a/maas/region/single.yml
+++ b/maas/region/single.yml
@@ -42,4 +42,5 @@
ntp_external_only: true
upstream_dns: ${_param:dns_server01}
enable_http_proxy: false
- default_min_hwe_kernel: ''
+ # linux-signed-image-generic-hwe-16.04
+ default_min_hwe_kernel: 'hwe-16.04'
diff --git a/manila/common/cluster.yml b/manila/common/cluster.yml
index d71364e..9ea811e 100644
--- a/manila/common/cluster.yml
+++ b/manila/common/cluster.yml
@@ -1,18 +1,34 @@
classes:
- - service.manila.common.cluster
- - service.haproxy.proxy.single
- - system.haproxy.proxy.listen.openstack.manila
+- service.manila.common.cluster
+- service.haproxy.proxy.single
+- system.haproxy.proxy.listen.openstack.manila
+- system.salt.minion.cert.mysql.clients.openstack.manila
+- system.salt.minion.cert.rabbitmq.clients.openstack.manila
parameters:
+ _param:
+ openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
+ manila_cluster_vip_address: ${_param:cluster_vip_address}
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
manila:
common:
version: ${_param:openstack_version}
message_queue:
engine: rabbitmq
- port: 5672
+ port: ${_param:openstack_rabbitmq_port}
user: openstack
password: ${_param:rabbitmq_openstack_password}
virtual_host: '/openstack'
host: ${_param:openstack_message_queue_address}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_manila_ssl_ca_file}
+ key_file: ${_param:rabbitmq_manila_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_manila_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
database:
engine: mysql
host: ${_param:openstack_database_address}
@@ -20,10 +36,17 @@
name: manila
user: manila
password: ${_param:mysql_manila_password}
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_manila_ssl_ca_file}
+ key_file: ${_param:mysql_manila_client_ssl_key_file}
+ cert_file: ${_param:mysql_manila_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
identity:
engine: keystone
region: ${_param:openstack_region}
- host: ${_param:cluster_vip_address}
+ host: ${_param:manila_cluster_vip_address}
port: 35357
user: manila
password: ${_param:keystone_manila_password}
diff --git a/manila/common/single.yml b/manila/common/single.yml
index 1b139c2..f984ab7 100644
--- a/manila/common/single.yml
+++ b/manila/common/single.yml
@@ -1,16 +1,31 @@
classes:
- - service.manila.common.single
+- service.manila.common.single
+- system.salt.minion.cert.mysql.clients.openstack.manila
+- system.salt.minion.cert.rabbitmq.clients.openstack.manila
parameters:
+ _param:
+ openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
manila:
common:
version: ${_param:openstack_version}
message_queue:
engine: rabbitmq
- port: 5672
+ port: ${_param:openstack_rabbitmq_port}
user: openstack
password: ${_param:rabbitmq_openstack_password}
virtual_host: '/openstack'
host: ${_param:single_address}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_manila_ssl_ca_file}
+ key_file: ${_param:rabbitmq_manila_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_manila_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
database:
engine: mysql
host: ${_param:single_address}
@@ -18,6 +33,13 @@
name: manila
user: manila
password: ${_param:mysql_manila_password}
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_manila_ssl_ca_file}
+ key_file: ${_param:mysql_manila_client_ssl_key_file}
+ cert_file: ${_param:mysql_manila_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
identity:
engine: keystone
region: ${_param:openstack_region}
diff --git a/manila/control/single.yml b/manila/control/single.yml
index 262a158..9d5f9f6 100644
--- a/manila/control/single.yml
+++ b/manila/control/single.yml
@@ -1,15 +1,18 @@
classes:
- - system.manila.common.cluster
+ - system.manila.common.single
- system.apache.server.site.manila
parameters:
+ _param:
+ openstack_node_role: primary
manila:
common:
dhss: false
+ default_share_type: default
version: ${_param:openstack_version}
api:
+ role: ${_param:openstack_node_role}
enabled: true
version: ${_param:openstack_version}
- role: ${_param:openstack_node_role}
scheduler:
enabled: true
version: ${_param:openstack_version}
diff --git a/manila/share/backend/lvm.yml b/manila/share/backend/lvm.yml
index fe709da..9f5c660 100644
--- a/manila/share/backend/lvm.yml
+++ b/manila/share/backend/lvm.yml
@@ -1,12 +1,13 @@
parameters:
_param:
manila_share_address: ${_param:single_address}
+ manila_lvm_volume_name: manila-volume
linux:
storage:
lvm:
manila-vg:
enabled: true
- name: manila-volume
+ name: ${_param:manila_lvm_volume_name}
devices: ${_param:manila_lvm_devices}
system:
package:
@@ -25,4 +26,4 @@
- "${_param:manila_share_address}"
dhss: false
share_driver: manila.share.drivers.lvm.LVMShareDriver
- lvm_share_volume_group: manila-volume
+ lvm_share_volume_group: ${_param:manila_lvm_volume_name}
diff --git a/neutron/client/service/public_v2.yml b/neutron/client/service/public_v2.yml
new file mode 100644
index 0000000..1cef167
--- /dev/null
+++ b/neutron/client/service/public_v2.yml
@@ -0,0 +1,24 @@
+classes:
+- service.neutron.client
+parameters:
+ neutron:
+ client:
+ resources:
+ v2:
+ admin_identity:
+ network:
+ public:
+ shared: False
+ router_external: True
+ default: True
+ provider_network_type: flat
+ provider_physical_network: physnet1
+ subnet:
+ public-subnet:
+ cidr: ${_param:openstack_public_neutron_subnet_cidr}
+ gateway_ip: ${_param:openstack_public_neutron_subnet_gateway}
+ allocation_pools:
+ - start: ${_param:openstack_public_neutron_subnet_allocation_start}
+ end: ${_param:openstack_public_neutron_subnet_allocation_end}
+ enable_dhcp: False
+ ip_version: 4
diff --git a/neutron/compute/cluster.yml b/neutron/compute/cluster.yml
index e348a93..92e3a2e 100644
--- a/neutron/compute/cluster.yml
+++ b/neutron/compute/cluster.yml
@@ -1,11 +1,15 @@
classes:
- service.neutron.compute.single
+- system.salt.minion.cert.rabbitmq.clients.openstack.neutron
parameters:
_param:
neutron_enable_qos: False
neutron_enable_vlan_aware_vms: False
neutron_enable_bgp_vpn: False
neutron_bgp_vpn_driver: bagpipe
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
package:
@@ -25,7 +29,15 @@
backend:
tenant_network_types: ${_param:neutron_tenant_network_types}"
message_queue:
+ port: ${_param:openstack_rabbitmq_port}
members:
- host: ${_param:openstack_message_queue_node01_address}
- host: ${_param:openstack_message_queue_node02_address}
- host: ${_param:openstack_message_queue_node03_address}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_neutron_ssl_ca_file}
+ key_file: ${_param:rabbitmq_neutron_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_neutron_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
diff --git a/neutron/control/cluster.yml b/neutron/control/cluster.yml
index 703f196..ceaed1d 100644
--- a/neutron/control/cluster.yml
+++ b/neutron/control/cluster.yml
@@ -4,40 +4,45 @@
- service.neutron.control.cluster
- system.haproxy.proxy.listen.openstack.neutron
- system.galera.server.database.neutron
+- system.salt.minion.cert.mysql.clients.openstack.neutron
+- system.salt.minion.cert.rabbitmq.clients.openstack.neutron
parameters:
_param:
cluster_internal_protocol: 'http'
+ openstack_mysql_x509_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ galera_ssl_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
package:
python-pymysql:
fromrepo: ${_param:openstack_version}
version: latest
- haproxy:
- proxy:
- listen:
- neutron_api:
- type: openstack-service
- service_name: neutron
- binds:
- - address: ${_param:cluster_vip_address}
- port: 9696
- servers:
- - name: ${_param:cluster_node01_hostname}
- host: ${_param:cluster_node01_address}
- port: 9696
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
- - name: ${_param:cluster_node02_hostname}
- host: ${_param:cluster_node02_address}
- port: 9696
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
- - name: ${_param:cluster_node03_hostname}
- host: ${_param:cluster_node03_address}
- port: 9696
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
neutron:
server:
+ message_queue:
+ port: ${_param:openstack_rabbitmq_port}
+ members:
+ - host: ${_param:openstack_message_queue_node01_address}
+ - host: ${_param:openstack_message_queue_node02_address}
+ - host: ${_param:openstack_message_queue_node03_address}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_neutron_ssl_ca_file}
+ key_file: ${_param:rabbitmq_neutron_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_neutron_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
+ database:
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_neutron_ssl_ca_file}
+ key_file: ${_param:mysql_neutron_client_ssl_key_file}
+ cert_file: ${_param:mysql_neutron_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
role: ${_param:openstack_node_role}
- plugin: contrail
identity:
protocol: ${_param:cluster_internal_protocol}
diff --git a/neutron/control/opencontrail/cluster.yml b/neutron/control/opencontrail/cluster.yml
index d85e554..4bc0e71 100644
--- a/neutron/control/opencontrail/cluster.yml
+++ b/neutron/control/opencontrail/cluster.yml
@@ -1,9 +1,5 @@
classes:
-- service.keepalived.cluster.single
-- service.haproxy.proxy.single
-- service.neutron.control.cluster
-- system.haproxy.proxy.listen.openstack.neutron
-- system.galera.server.database.neutron
+- system.neutron.control.cluster
parameters:
neutron:
server:
@@ -13,11 +9,6 @@
identity:
region: ${_param:openstack_region}
host: ${_param:openstack_control_address}
- message_queue:
- members:
- - host: ${_param:openstack_message_queue_node01_address}
- - host: ${_param:openstack_message_queue_node02_address}
- - host: ${_param:openstack_message_queue_node03_address}
compute:
host: ${_param:openstack_control_address}
region: ${_param:openstack_region}
@@ -28,4 +19,4 @@
user: admin
password: ${_param:keystone_admin_password}
tenant: admin
- token: ${_param:keystone_service_token}
\ No newline at end of file
+ token: ${_param:keystone_service_token}
diff --git a/neutron/control/opencontrail/single.yml b/neutron/control/opencontrail/single.yml
index 4bbd8f8..5cf06bf 100644
--- a/neutron/control/opencontrail/single.yml
+++ b/neutron/control/opencontrail/single.yml
@@ -1,5 +1,5 @@
classes:
-- service.neutron.control.single
+- system.neutron.control.single
- system.galera.server.database.neutron
parameters:
neutron:
@@ -12,7 +12,7 @@
host: ${_param:openstack_control_address}
message_queue:
members:
- - host: ${_param:openstack_message_queue_node01_address}
+ - host: ${_param:single_address}
compute:
host: ${_param:openstack_control_address}
region: ${_param:openstack_region}
@@ -23,4 +23,4 @@
user: admin
password: ${_param:keystone_admin_password}
tenant: admin
- token: ${_param:keystone_service_token}
\ No newline at end of file
+ token: ${_param:keystone_service_token}
diff --git a/neutron/control/opendaylight/cluster.yml b/neutron/control/opendaylight/cluster.yml
index 1f8142e..2f22403 100644
--- a/neutron/control/opendaylight/cluster.yml
+++ b/neutron/control/opendaylight/cluster.yml
@@ -1,7 +1,4 @@
classes:
-- service.keepalived.cluster.single
-- service.haproxy.proxy.single
-- service.neutron.control.cluster
- system.neutron.control.openvswitch.cluster
parameters:
_param:
diff --git a/neutron/control/opendaylight/single.yml b/neutron/control/opendaylight/single.yml
index 297cfa0..c12d04a 100644
--- a/neutron/control/opendaylight/single.yml
+++ b/neutron/control/opendaylight/single.yml
@@ -1,5 +1,4 @@
classes:
-- service.neutron.control.single
- system.neutron.control.openvswitch.single
parameters:
_param:
diff --git a/neutron/control/openvswitch/cluster.yml b/neutron/control/openvswitch/cluster.yml
index 3f80a55..094449e 100644
--- a/neutron/control/openvswitch/cluster.yml
+++ b/neutron/control/openvswitch/cluster.yml
@@ -1,8 +1,5 @@
classes:
-- service.keepalived.cluster.single
-- service.haproxy.proxy.single
-- service.neutron.control.cluster
-- system.galera.server.database.neutron
+- system.neutron.control.cluster
parameters:
_param:
neutron_control_dvr: True
@@ -17,6 +14,7 @@
cluster_internal_protocol: 'http'
neutron:
server:
+ role: ${_param:openstack_node_role}
global_physnet_mtu: ${_param:neutron_global_physnet_mtu}
l3_ha: ${_param:neutron_l3_ha}
dvr: ${_param:neutron_control_dvr}
@@ -39,30 +37,3 @@
identity:
region: ${_param:openstack_region}
protocol: ${_param:cluster_internal_protocol}
- message_queue:
- members:
- - host: ${_param:openstack_message_queue_node01_address}
- - host: ${_param:openstack_message_queue_node02_address}
- - host: ${_param:openstack_message_queue_node03_address}
- haproxy:
- proxy:
- listen:
- neutron_api:
- type: openstack-service
- service_name: neutron
- binds:
- - address: ${_param:cluster_vip_address}
- port: 9696
- servers:
- - name: ${_param:cluster_node01_hostname}
- host: ${_param:cluster_node01_address}
- port: 9696
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
- - name: ${_param:cluster_node02_hostname}
- host: ${_param:cluster_node02_address}
- port: 9696
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
- - name: ${_param:cluster_node03_hostname}
- host: ${_param:cluster_node03_address}
- port: 9696
- params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
diff --git a/neutron/control/openvswitch/single.yml b/neutron/control/openvswitch/single.yml
index baa710e..5beb0ca 100644
--- a/neutron/control/openvswitch/single.yml
+++ b/neutron/control/openvswitch/single.yml
@@ -1,6 +1,5 @@
classes:
-- service.neutron.control.single
-- system.galera.server.database.neutron
+- system.neutron.control.single
parameters:
_param:
neutron_control_dvr: True
@@ -13,8 +12,10 @@
neutron_enable_bgp_vpn: False
neutron_bgp_vpn_driver: bagpipe
internal_protocol: 'http'
+ openstack_node_role: primary
neutron:
server:
+ role: ${_param:openstack_node_role}
global_physnet_mtu: ${_param:neutron_global_physnet_mtu}
l3_ha: ${_param:neutron_l3_ha}
dvr: ${_param:neutron_control_dvr}
@@ -39,4 +40,4 @@
protocol: ${_param:internal_protocol}
message_queue:
members:
- - host: ${_param:openstack_message_queue_node01_address}
+ - host: ${_param:single_address}
diff --git a/neutron/control/single.yml b/neutron/control/single.yml
index 6196c0a..27d16e1 100644
--- a/neutron/control/single.yml
+++ b/neutron/control/single.yml
@@ -1,9 +1,16 @@
classes:
- service.neutron.control.single
- system.galera.server.database.neutron
+- system.salt.minion.cert.mysql.clients.openstack.neutron
+- system.salt.minion.cert.rabbitmq.clients.openstack.neutron
parameters:
_param:
internal_protocol: 'http'
+ openstack_mysql_x509_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ galera_ssl_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
package:
@@ -14,6 +21,21 @@
server:
role: ${_param:openstack_node_role}
database:
- host: ${_param:single_address}
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_neutron_ssl_ca_file}
+ key_file: ${_param:mysql_neutron_client_ssl_key_file}
+ cert_file: ${_param:mysql_neutron_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
+ message_queue:
+ port: ${_param:openstack_rabbitmq_port}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_neutron_ssl_ca_file}
+ key_file: ${_param:rabbitmq_neutron_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_neutron_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
identity:
protocol: ${_param:internal_protocol}
diff --git a/neutron/gateway/cluster.yml b/neutron/gateway/cluster.yml
index 558a814..03ab583 100644
--- a/neutron/gateway/cluster.yml
+++ b/neutron/gateway/cluster.yml
@@ -1,9 +1,13 @@
classes:
- service.neutron.gateway.single
+- system.salt.minion.cert.rabbitmq.clients.openstack.neutron
parameters:
_param:
neutron_enable_qos: False
neutron_enable_vlan_aware_vms: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
kernel:
@@ -18,7 +22,15 @@
backend:
tenant_network_types: ${_param:neutron_tenant_network_types}"
message_queue:
+ port: ${_param:openstack_rabbitmq_port}
members:
- host: ${_param:openstack_message_queue_node01_address}
- host: ${_param:openstack_message_queue_node02_address}
- host: ${_param:openstack_message_queue_node03_address}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_neutron_ssl_ca_file}
+ key_file: ${_param:rabbitmq_neutron_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_neutron_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
diff --git a/nova/compute/cluster.yml b/nova/compute/cluster.yml
index c88dcc7..b281f4d 100644
--- a/nova/compute/cluster.yml
+++ b/nova/compute/cluster.yml
@@ -1,5 +1,6 @@
classes:
- service.nova.compute.kvm
+- system.salt.minion.cert.rabbitmq.clients.openstack.nova
parameters:
_param:
nova_vncproxy_url: https://${_param:cluster_public_host}:6080
@@ -36,6 +37,9 @@
SG9MrLHCd5l60aCUQg0UA5ed7Hd6SA314k+HwxJno9/wJ+voBeacMg==
-----END RSA PRIVATE KEY-----
cluster_internal_protocol: 'http'
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
openssh:
client:
enabled: True
@@ -72,7 +76,7 @@
protocol: ${_param:cluster_internal_protocol}
message_queue:
engine: rabbitmq
- port: 5672
+ port: ${_param:openstack_rabbitmq_port}
user: openstack
password: ${_param:rabbitmq_openstack_password}
virtual_host: '/openstack'
@@ -80,6 +84,13 @@
- host: ${_param:openstack_message_queue_node01_address}
- host: ${_param:openstack_message_queue_node02_address}
- host: ${_param:openstack_message_queue_node03_address}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_nova_ssl_ca_file}
+ key_file: ${_param:rabbitmq_nova_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_nova_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
image:
engine: glance
host: ${_param:cluster_vip_address}
diff --git a/nova/compute/single.yml b/nova/compute/single.yml
index 67c329d..32d5087 100644
--- a/nova/compute/single.yml
+++ b/nova/compute/single.yml
@@ -2,6 +2,7 @@
- nova
classes:
- service.nova.compute.kvm
+- system.salt.minion.cert.rabbitmq.clients.openstack.nova
parameters:
_param:
nova_vncproxy_url: https://${_param:cluster_public_host}:6080
@@ -36,6 +37,9 @@
SG9MrLHCd5l60aCUQg0UA5ed7Hd6SA314k+HwxJno9/wJ+voBeacMg==
-----END RSA PRIVATE KEY-----
cluster_internal_protocol: 'http'
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
openssh:
client:
enabled: True
@@ -72,10 +76,17 @@
message_queue:
engine: rabbitmq
host: ${_param:control_address}
- port: 5672
+ port: ${_param:openstack_rabbitmq_port}
user: openstack
password: ${_param:rabbitmq_openstack_password}
virtual_host: '/openstack'
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_nova_ssl_ca_file}
+ key_file: ${_param:rabbitmq_nova_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_nova_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
image:
engine: glance
host: ${_param:control_address}
diff --git a/nova/control/cluster.yml b/nova/control/cluster.yml
index d202987..3f0a644 100644
--- a/nova/control/cluster.yml
+++ b/nova/control/cluster.yml
@@ -5,6 +5,7 @@
- system.haproxy.proxy.listen.openstack.nova
- system.haproxy.proxy.listen.openstack.novnc
- system.salt.minion.cert.mysql.clients.openstack.nova
+- system.salt.minion.cert.rabbitmq.clients.openstack.nova
parameters:
_param:
nova_vncproxy_url: http://${_param:cluster_vip_address}:6080
@@ -14,6 +15,10 @@
metadata_password: metadataPass
cluster_internal_protocol: 'http'
openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
package:
@@ -48,6 +53,11 @@
password: ${_param:mysql_nova_password}
x509:
enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_nova_ssl_ca_file}
+ key_file: ${_param:mysql_nova_client_ssl_key_file}
+ cert_file: ${_param:mysql_nova_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
identity:
engine: keystone
region: ${_param:openstack_region}
@@ -59,7 +69,7 @@
protocol: ${_param:cluster_internal_protocol}
message_queue:
engine: rabbitmq
- port: 5672
+ port: ${_param:openstack_rabbitmq_port}
user: openstack
password: ${_param:rabbitmq_openstack_password}
virtual_host: '/openstack'
@@ -67,6 +77,13 @@
- host: ${_param:openstack_message_queue_node01_address}
- host: ${_param:openstack_message_queue_node02_address}
- host: ${_param:openstack_message_queue_node03_address}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_nova_ssl_ca_file}
+ key_file: ${_param:rabbitmq_nova_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_nova_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
glance:
host: ${_param:cluster_vip_address}
port: 9292
diff --git a/nova/control/single.yml b/nova/control/single.yml
index 4cc165d..2a28cc7 100644
--- a/nova/control/single.yml
+++ b/nova/control/single.yml
@@ -1,10 +1,15 @@
classes:
- system.salt.minion.cert.mysql.clients.openstack.nova
+- system.salt.minion.cert.rabbitmq.clients.openstack.nova
- service.nova.control.single
parameters:
_param:
cluster_internal_protocol: 'http'
openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
+ openstack_rabbitmq_x509_enabled: False
+ rabbitmq_ssl_enabled: False
+ openstack_rabbitmq_port: 5672
linux:
system:
package:
@@ -18,6 +23,11 @@
host: ${_param:single_address}
x509:
enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_nova_ssl_ca_file}
+ key_file: ${_param:mysql_nova_client_ssl_key_file}
+ cert_file: ${_param:mysql_nova_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
identity:
protocol: ${_param:cluster_internal_protocol}
region: ${_param:openstack_region}
@@ -26,3 +36,13 @@
region: ${_param:openstack_region}
glance:
protocol: ${_param:cluster_internal_protocol}
+ message_queue:
+ port: ${_param:openstack_rabbitmq_port}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
+ ca_file: ${_param:rabbitmq_nova_ssl_ca_file}
+ key_file: ${_param:rabbitmq_nova_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_nova_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
+
diff --git a/octavia/client/init.yml b/octavia/client/init.yml
new file mode 100644
index 0000000..f114e3d
--- /dev/null
+++ b/octavia/client/init.yml
@@ -0,0 +1,2 @@
+classes:
+- service.octavia.client
diff --git a/opencontrail/control/cluster4_0.yml b/opencontrail/control/cluster4_0.yml
index 4f1127f..c97196f 100644
--- a/opencontrail/control/cluster4_0.yml
+++ b/opencontrail/control/cluster4_0.yml
@@ -22,6 +22,7 @@
opencontrail_controller_container_name: opencontrail_controller_1
opencontrail_analytics_container_name: opencontrail_analytics_1
opencontrail_analyticsdb_container_name: opencontrail_analyticsdb_1
+ opencontrail_api_workers_count: 6
analytics_vip_address: ${_param:opencontrail_analytics_address}
# Temprorary fix for MOS9 packages to pin old version of kafka
linux:
@@ -81,6 +82,7 @@
host: None
api:
host: ${_param:opencontrail_control_address}
+ workers_count: ${_param:opencontrail_api_workers_count}
analytics:
members:
- host: ${_param:cluster_node01_address}
diff --git a/opencontrail/control/control4_0.yml b/opencontrail/control/control4_0.yml
index 207e9da..123392c 100644
--- a/opencontrail/control/control4_0.yml
+++ b/opencontrail/control/control4_0.yml
@@ -14,6 +14,7 @@
opencontrail_message_queue_node03_address: ${_param:openstack_message_queue_node03_address}
opencontrail_controller_image: ${_param:mcp_docker_registry}/opencontrail-${_param:linux_repo_contrail_component}/opencontrail-controller:${_param:opencontrail_image_tag}
opencontrail_controller_container_name: opencontrail_controller_1
+ opencontrail_api_workers_count: 6
analytics_vip_address: ${_param:opencontrail_analytics_address}
opencontrail:
common:
@@ -32,6 +33,7 @@
host: None
api:
host: ${_param:opencontrail_control_address}
+ workers_count: ${_param:opencontrail_api_workers_count}
analytics:
members:
- host: ${_param:opencontrail_analytics_node01_address}
diff --git a/openscap/server/init.yml b/openscap/server/init.yml
new file mode 100644
index 0000000..0f2a76f
--- /dev/null
+++ b/openscap/server/init.yml
@@ -0,0 +1,2 @@
+classes:
+- service.openscap.cis
diff --git a/openssh/server/team/drivetrain.yml b/openssh/server/team/drivetrain.yml
new file mode 100644
index 0000000..65117cd
--- /dev/null
+++ b/openssh/server/team/drivetrain.yml
@@ -0,0 +1,10 @@
+classes:
+- system.openssh.server.team.members.azvyagintsev
+- system.openssh.server.team.members.degorenko
+- system.openssh.server.team.members.iberezovskiy
+parameters:
+ _param:
+ linux_system_user_sudo: true
+ openssh:
+ server:
+ enabled: true
diff --git a/openssh/server/team/maintenance.yml b/openssh/server/team/maintenance.yml
index 33cc697..0bceaad 100644
--- a/openssh/server/team/maintenance.yml
+++ b/openssh/server/team/maintenance.yml
@@ -2,10 +2,9 @@
- system.linux.system.sudo
- system.openssh.server.team.members.dmeltsaykin
- system.openssh.server.team.members.omolchanov
-- system.openssh.server.team.members.ibumarskov
- system.openssh.server.team.members.vkhlyunev
-- system.openssh.server.team.members.vjigulin
- system.openssh.server.team.members.dtsapikov
+- system.openssh.server.team.members.rlubianyi
parameters:
_param:
linux_system_user_sudo: true
diff --git a/openssh/server/team/mcp_qa.yml b/openssh/server/team/mcp_qa.yml
index 38e19c3..e97e755 100644
--- a/openssh/server/team/mcp_qa.yml
+++ b/openssh/server/team/mcp_qa.yml
@@ -1,3 +1,9 @@
+classes:
+- system.linux.system.sudo
+- system.openssh.server.team.members.mshalamov
+- system.openssh.server.team.members.sandriichenko
+- system.openssh.server.team.members.aminasyan
+- system.openssh.server.team.members.imenkov
parameters:
_param:
linux_system_user_sudo: true
@@ -70,12 +76,6 @@
sudo: true
full_name: Sergey Sokolov
home: /home/ssokolov
- mshalamov:
- enabled: true
- name: mshalamov
- sudo: true
- full_name: Maksym Shalamov
- home: /home/mshalamov
schipiga:
enabled: true
name: schipiga
@@ -149,20 +149,6 @@
full_name: Sergey Novikov
home: /home/snovikov
email: snovikov@mirantis.com
- aminasyan:
- enabled: true
- name: aminasyan
- sudo: true
- full_name: Artem Minasyan
- home: /home/aminasyan
- email: aminasyan@mirantis.com
- imenkov:
- enabled: true
- name: imenkov
- sudo: true
- full_name: Ilya Menkov
- home: /home/imenkov
- email: imenkov@mirantis.com
group:
libvirtd:
enabled: true
@@ -226,11 +212,6 @@
public_keys:
- ${public_keys:ssokolov}
user: ${linux:system:user:ssokolov}
- mshalamov:
- enabled: true
- public_keys:
- - ${public_keys:mshalamov}
- user: ${linux:system:user:mshalamov}
schipiga:
enabled: true
public_keys:
@@ -286,16 +267,6 @@
public_keys:
- ${public_keys:snovikov}
user: ${linux:system:user:snovikov}
- aminasyan:
- enable: true
- public_keys:
- - ${public_keys:aminasyan}
- user: ${linux:system:user:aminasyan}
- imenkov:
- enable: true
- public_keys:
- - ${public_keys:imenkov}
- user: ${linux:system:user:imenkov}
public_keys:
ddmitriev:
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDuD4wJ8hzkchQ0pfgdwWukQyps1xYRfHOsjosmDu/mmgaXVud5mnpwb2q35E2YYTox2mx+ulJqyS+099gz6MPg4P8D5qdMuRbAsJqbceLaaIGQhdT8qgSo7ESrl5pwvYnfWzKLKF0z5s7nrW0nvArC40zhV9o9XpvzzzSFByepWfkwA8ReldGUYVvTKp8YXaCrqEdMZrU42adPM2nl+fYBbGF+h4/Ka247aVjPeER0blV3znFXbv2Kf38G+i/TEGaktgpBdtGGDi1tX2loMypmTJeqZRJnM0Eoly0BnynB7CSxn11eoIXBUe1mVYNqmQd1hw6uh59iymhK5j939v9J ddmitriev@dis_xcom
@@ -319,8 +290,6 @@
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGGRD/zStceB/CAJu8bnsWs9VPWY8W1F6fz2AvX2BiyEXCE2W4uMY11In+qHQtIaWeyWVR/XmoCw0mZxk7emTz91Y1FioinEgumkhpNPLY0fPdDHzwu3atCjAc7B3ZCCXusiUC6k99aCa9YXIZ0/0/75kqilRmIcxGeneL9S2+iuFn/HSpNR7IZN03AEzWgIfXEhB4lyNs9n3RHf+XXy2wxAKkcKpMyocEO9gc3uLY5OdUhGFHRKhEZwgz3K6ysDOCIOTkiiJ8KXMM07FIDLjs5pjUjnVkZ1kWq+virLMbhhyCbMR8zrPvWMjP5oYGm9U9aEeUMA5iMCa7K+qs2AM3 adamheczko@Adams-MacBook-Pro.local
ssokolov:
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDHuIo/dLh5qt+8jV4UUPqDo6ktJc12HVFg10S3hinjJUlAOxq8554l0LMvxmiZSrIjxGE/qUr8PlRgjLi4x4zQDggBdNGC/S4zcYNEiTQ7HaOFOjEJ0si6ODZfssQsr/A/bXdNOZE/nIZTUhTddJG+3nKUvuPnTeOQLqEOp4IFJwwvwnD2Wo4I1nc6+yDSJLuG8ANLtLlStzpMKr8wHvPWCUcB9B1oeeOVtw9+vEKxuUBkheXnXMh7shiyt4vmaFVbcgcHGPg8DjP8alKeAbIk0AYhiuNHV/rFzL+/kfImS94gU93A8vt0U2vCj8golqt2huxJblKDr4Abq1lDXLwn ssm@n104309
- mshalamov:
- key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCzGhXA8t3nWeeM8+L3drG+4ACt9pOS1CVAAsW634Q6EtbxSzpsdp3NEJ3X8jKmfiwGZmqUiJ0G0lzS+vHdQ4vJ58M9f7YpXYYah8/557YLvIgg+F/3cltS7PHSE3jqNZgQBHG0f4SRwiBq4zhWhDOCXtzHmsT4EUj+9K6EOlPk7SjrOQAZA0XcPl//lw8g5zHAAC6phNa+WzHLzQSyWAZZhIKyvbXTHpSAUAww5rIlquucxVMbnbqlSOD4FTikSOLQa9iq4Nx10c3ZZTD3xTMuissSj5XJU5LaO7qlraOBsKTlkO0T+VS1aMnfJ943QSI2wu6epKWWHAFXV7Z2nsTL mshalamov@mirantis.com
schipiga:
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDamKTbqCQCGW1JLo+4PgntC1TkRrwbDOELyRVHxAlc56CcJE9QjrNnCOTqvgRoAmIC+P86nzUQxwSREMd0qgVCefAxKQVFVQ38oym9G90TF0nx4fFT3hUhEQwjMBjHhR2Vo+uUwbT2Hg51U1gBPx/WFa0U5Cf7V6+XNJ3r22W4XG8OrbuAoapwl4WN1346HEj3d0U6Z8Unsqjx9pRpZ1eYCeng4emLZ1UOhvLBfw22vSTkujjjRdfY6g52Gv4hRsgsS+JWulO+z/qd1GFcUp9j+yIvur+eeTWHelAbXq4kRNQfQjAs6nMM8Hp8gPa5jLYqMz2GgD96p8wOQCdK2nyL schipiga@mirantis.com
obutenko:
@@ -343,8 +312,3 @@
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDEaWwPVtsj39s0A2efRQ1ejL5B7ZetFPmXJDi/8W/gTWIIII3xP750H8QWZfvbjiJ+KBCxOndDL8aL3SHC/iRCvmzrVkgXBgf5J9vTu8uas7BNGf7oiDBuB75fryDtkg57Pam/A47IlgxJTCwYz+ofUGHb6WrWwQ+MUTEWAk9PB+RPyxjwNC4XxEwtULkKQMgFmg52kauESpx0R0ni8/LLKUJucdse7NCcUTvEcafppnXsxdZ640G0K82ADS1neg1CDwdtCPKLG57GZYs4iL3sPcOhQxnVUoONXsRpBD8kQTKOMl5R6hTDJHBd3oimUPEXlPqeb/XeGKatVraRA6nJ ekhomyakova@ekhomyakova
snovikov:
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDYj97WGfiL550eVPyQmFyrgpTw61tfins1CpgrZewWqAWJMgYklRdMYl4OReE5UO2po7ag0f/QsOtGU8aQbnxnWUYPZyS3Qk+Bg8OOSBmewPxmT7WH97KdGKBdC9b3xUNFOUXEUOMmOe3jq9YET+xebUnfsA5qwYU5dL9Cb5UAPzVxYI8z5RiaNTo8dtwZr7lbJJRy8YfSWCtiD59vewc6BE2NTUyDjsfmKd9K/IkyKboGU9AC5mLYDsjvWwiGcNdfigRyaYWKmoo7Xhe1W2Og4dpI5pozOwVg7hISW9NRgLXrZP/9me1rFBH7EQjpjO3+Pto1//R3Nx9QLsB59yuj snovikov@snovikov
- aminasyan:
- key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCo9BHw8WdIFOEuY10XvUqHPl1jCqtA8TYntt5Aee2rR8X8pLG9lWjHPFkNArD5upCRvv6f88Xs4QLoEGWMWcbfMkJE4gMNkOWL4As5iNgagw+DybQrA6nXyassHi8le+quwICfJ1v16IXxPgMBCcrRcSYvHKv+n8KsuBH1csRnJ8aHvIZJTL43Eq0F+aj2S0/9D+m2dyRwcmamn6EqX61NfL5UP3422i4JykTXY6I8iwEHs7Er+jPBD7rtJ/q4Kn/bIyT/Vz0tGHiWyVt7B8GBoPb3PgDuzXKvU7OtOxFb3uhANeecjzIz5G5rAsAQcizf+MGCOoBwFLFJTPAharWN artem@Artem
- imenkov:
- key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSWoSuHV1FNRuooS3d0nVkTRCwC+Tc585Z1cPcMQns7H1ogLIya//T3gMfxINxCjlF1eek18vI9B5QszZZUL2P7prFxe5EJlt6iM8jD61umkncaTbx6oc8r8xu5ufH9RDxfKHvQX1mhhID5JK+/GoRDIW5Zs7wFSHCrANYV2dtmOfmRSc/qpgh87Z9X10UDymp5MLjpQZzjM+qZCtz6yV14m835j4eiEN7+QZ2XZ/Wtzer7VVdhtjbw8gESSyuPIVf66keuLVUixk0CXosQYrqWDPWpT0Rhh63lnUacgplh74TU+bb+vYRjIHxCgOY2Ex6Pk5jrsroi0YoWtI4SErD imenkov@atopilin-nb-wifi.srt.mirantis.net
-
diff --git a/openssh/server/team/members/akiseleva.yml b/openssh/server/team/members/akiseleva.yml
new file mode 100644
index 0000000..d7e8db0
--- /dev/null
+++ b/openssh/server/team/members/akiseleva.yml
@@ -0,0 +1,20 @@
+parameters:
+ linux:
+ system:
+ user:
+ akiseleva:
+ enabled: true
+ name: akiseleva
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: Alena Kiseleva
+ home: /home/akiseleva
+ email: akiseleva@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ akiseleva:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCyxzlFKlCcfwagnnmCg1r9SUVfAgy/IdPSxsnpELjCRaz3FI66sYa1F1RdZngoXmYxe5qlmkiRQ0rCjIYk12I08du5FJGYQvMttJEgmVeHtFKW0o3uGBIKNJ5nCni3lR8idPTRXqhwdXYeA4A9+COQO4MGcaJZrqHgEviZt4jQrYy90WdqbKTD4meBRy4MC9+TOUs719kTxK54tmMHBq2l/ukmv3FwgtLz2xMeNW7htiS/1rzA9CEerjkvpc0mOxc4DCY4bH8sR2Ts3Y33Rx6aUN8shTij2aX2v8UvUay2JPqQTJicY+IsYl4D8w/XPx00Oj/3b54f6kTLlzzoNDq5 alena@alena-Lenovo-V580c
+ user: ${linux:system:user:akiseleva}
diff --git a/openssh/server/team/members/alis.yml b/openssh/server/team/members/alis.yml
new file mode 100644
index 0000000..2714198
--- /dev/null
+++ b/openssh/server/team/members/alis.yml
@@ -0,0 +1,19 @@
+parameters:
+ linux:
+ system:
+ user:
+ alis:
+ enabled: true
+ name: alis
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: Adam Lis
+ home: /home/alis
+ email: alis@mirantis.com
+ openssh:
+ server:
+ user:
+ alis:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDW3VR61NPwpwW0PGAaIuimtOtQjXIp3zAE15KphEejPEciceE/AJeKTsBpvKmP23pCJYhoCJOSQxxxWIiLHPoUEr2aGgy8+wLnResqEOtobpbtGHYzvsAUY/Uc+1Vk6S6Ho9ysrhlpY+Ih4yuSzTaZKqMFXx47/L0HZLNZmCbPD/siki0X3tnCS09RS8KSaTJdZ/Sd/PnUEb6JGg5taid9VNkUUOcgYoudNWPJS3Pjrtijiczq9IZ0cArueEVx4NCkKEb+dDUls4BRVGfNUt3iZY2LrGTd4FeyrWV7IGoPTxyiaJdtpcjDHe4omqsY705LRvBQs6de6enG0PMpQ9KR adamlis@tuchiegu
+ user: ${linux:system:user:alis}
diff --git a/openssh/server/team/members/aminasyan.yml b/openssh/server/team/members/aminasyan.yml
new file mode 100644
index 0000000..9664442
--- /dev/null
+++ b/openssh/server/team/members/aminasyan.yml
@@ -0,0 +1,21 @@
+parameters:
+ linux:
+ system:
+ user:
+ aminasyan:
+ enabled: true
+ name: aminasyan
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: Artem Minasyan
+ home: /home/aminasyan
+ email: aminasyan@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ aminasyan:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCo9BHw8WdIFOEuY10XvUqHPl1jCqtA8TYntt5Aee2rR8X8pLG9lWjHPFkNArD5upCRvv6f88Xs4QLoEGWMWcbfMkJE4gMNkOWL4As5iNgagw+DybQrA6nXyassHi8le+quwICfJ1v16IXxPgMBCcrRcSYvHKv+n8KsuBH1csRnJ8aHvIZJTL43Eq0F+aj2S0/9D+m2dyRwcmamn6EqX61NfL5UP3422i4JykTXY6I8iwEHs7Er+jPBD7rtJ/q4Kn/bIyT/Vz0tGHiWyVt7B8GBoPb3PgDuzXKvU7OtOxFb3uhANeecjzIz5G5rAsAQcizf+MGCOoBwFLFJTPAharWN artem@Artem
+ user: ${linux:system:user:aminasyan}
+
\ No newline at end of file
diff --git a/openssh/server/team/members/asamoylov.yml b/openssh/server/team/members/asamoylov.yml
new file mode 100644
index 0000000..63bfdd3
--- /dev/null
+++ b/openssh/server/team/members/asamoylov.yml
@@ -0,0 +1,20 @@
+parameters:
+ linux:
+ system:
+ user:
+ asamoylov:
+ enabled: true
+ name: asamoylov
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: Anton Samoylov
+ home: /home/asamoylov
+ email: asamoylov@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ asamoylov:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCwNiivTQ04f2ckhd6Zku7SFav6vAnVhGas3E9JbqIa222YhZdIqeCp7Su1jDmyuMsCe+ibRWNh9z+TnGb40qr2mbR+XyAeXv2kkUy1hc61Si1SWc2n0mrx7xh8aiGqMifra+WojBVVMHnknmdVFqGtq2hJSWrNYikdxKKI241EQ9Grta/iIjzlXmSSetcf54amsMJS8qMWOU7nW65EhSXNH3gUBdUV/85PJaTAChAKeOI3K7/jjogJ9hwYcpTVZCcCxEST6R6Q8Xhm5FXx1Fa6+nuGQYF8j9DF+tqWtoIuwlpNF5jn7ddr4qhVQkNpVEnMORT+2qhtOsvRPySqHbGb
+ user: ${linux:system:user:asamoylov}
diff --git a/openssh/server/team/members/azvyagintsev.yml b/openssh/server/team/members/azvyagintsev.yml
new file mode 100644
index 0000000..c6c62a0
--- /dev/null
+++ b/openssh/server/team/members/azvyagintsev.yml
@@ -0,0 +1,20 @@
+parameters:
+ linux:
+ system:
+ user:
+ azvyagintsev:
+ enabled: true
+ name: azvyagintsev
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: Aleksey Zvyagintsev
+ home: /home/azvyagintsev
+ email: azvyagintsev@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ azvyagintsev:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGmNI+xV2sgIZX6tr5i4eQcxM4rkNoMiFbUuxtZYw5rKci9cSp9C/NC11VnJzpLG3lf11vLwTztlaM7hjdYlKoynpfDhfRhg1p5w/Pd/uoh6bO7KP/r2QuSpVsc6NGAHD2f0qxmrFX81xMG6zq0MCHXc+BGMZTKWAW7dMGsjJUnIa/wv24J25DOILoEBhclGQHx5r7R5ysqSOTdBEgN304KL8XPP+bAwDFTNJIwtfBdNt8jSv6yR2CyfB7t8pqXf93DvwaGBJfuu1r4gljj5ozCyvGExEtRTzvAC+oLq2NIfDOCC3iRWXrls3iDLZYxwm7VLcQSre4Yp6jfp+WuRI7 azvyagintsev@mirantis.com
+ user: ${linux:system:user:azvyagintsev}
diff --git a/openssh/server/team/members/degorenko.yml b/openssh/server/team/members/degorenko.yml
new file mode 100644
index 0000000..2f0d09e
--- /dev/null
+++ b/openssh/server/team/members/degorenko.yml
@@ -0,0 +1,20 @@
+parameters:
+ linux:
+ system:
+ user:
+ degorenko:
+ enabled: true
+ name: degorenko
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: Denis Egorenko
+ home: /home/degorenko
+ email: degorenko@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ degorenko:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDBUclrfSgL1AGw8gjjAcfD2XP9beQVRcP+FMTsuro/2UXjNN7fQ9oXm0TbIk5u+hgILrgjOkbxb1K7bYzdS7+zF3cFoK5B8GKaQog/frEZ2Y4NdkyK3nm5RX1NfxguND3pzEhr5tar/gi+C59uNWA70FF6lqi2yzqA6cWsBM4lP8ZVCOoKJpJNbXe8HXNDmHbVLP+kXzG7k0j/ifAHaF4Rsp+r9B7NupA28N0VhOaXooDRt8TrbqVPZRKuk2XIvitiw73b7ZoiErfOarkkAR6vI2pMrJLFiXm1J2kZHf1CLCl2EdVuS2ba7LtQo77Qw++YeYM4zdGQ5Xr+yjztgxXX degorenko
+ user: ${linux:system:user:degorenko}
diff --git a/openssh/server/team/members/iberezovskiy.yml b/openssh/server/team/members/iberezovskiy.yml
new file mode 100644
index 0000000..14e868f
--- /dev/null
+++ b/openssh/server/team/members/iberezovskiy.yml
@@ -0,0 +1,20 @@
+parameters:
+ linux:
+ system:
+ user:
+ iberezovskiy:
+ enabled: true
+ name: iberezovskiy
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: Ivan Berezovskiy
+ home: /home/iberezovskiy
+ email: iberezovskiy@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ iberezovskiy:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDnn18VJ7z3CIBaQmIRfYltyh/BogwBq4B9KVUZ0Gl1EWd5AutuR00xCOYdFeU7okaURYILC+8W2A7a9qkML9G99sX+KD+7CDsKm33XeCP4YJ9QhOwA+OYPS84lLExvK+9AoVPnB06sEK8CvPdU6byQE/EX1VA9gFFCraOH1D0eABaC01csHI+GaiIA5qSjDMH+ieii1Rv5Zb6NHyYRktaCSHB2asu5Y7VxmL2srweFJonpk4Z80+TWlc2ESRLc9EFMefRt/MixIyFjBgvcsE++eCO6MModCAoP5V1Tmgd+cztcvm/tlQqJirve/64SFLvDbjYLE9QxQ8bY4/d4MjcX iberezovskiy@tests-MacBook-Pro.local
+ user: ${linux:system:user:iberezovskiy}
diff --git a/openssh/server/team/members/imenkov.yml b/openssh/server/team/members/imenkov.yml
new file mode 100644
index 0000000..b2ae055
--- /dev/null
+++ b/openssh/server/team/members/imenkov.yml
@@ -0,0 +1,20 @@
+parameters:
+ linux:
+ system:
+ user:
+ imenkov:
+ enabled: true
+ name: imenkov
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: Ilya Menkov
+ home: /home/imenkov
+ email: imenkov@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ imenkov:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSWoSuHV1FNRuooS3d0nVkTRCwC+Tc585Z1cPcMQns7H1ogLIya//T3gMfxINxCjlF1eek18vI9B5QszZZUL2P7prFxe5EJlt6iM8jD61umkncaTbx6oc8r8xu5ufH9RDxfKHvQX1mhhID5JK+/GoRDIW5Zs7wFSHCrANYV2dtmOfmRSc/qpgh87Z9X10UDymp5MLjpQZzjM+qZCtz6yV14m835j4eiEN7+QZ2XZ/Wtzer7VVdhtjbw8gESSyuPIVf66keuLVUixk0CXosQYrqWDPWpT0Rhh63lnUacgplh74TU+bb+vYRjIHxCgOY2Ex6Pk5jrsroi0YoWtI4SErD imenkov@atopilin-nb-wifi.srt.mirantis.net
+ user: ${linux:system:user:imenkov}
diff --git a/openssh/server/team/members/mrasskazov.yml b/openssh/server/team/members/mrasskazov.yml
new file mode 100644
index 0000000..23926e8
--- /dev/null
+++ b/openssh/server/team/members/mrasskazov.yml
@@ -0,0 +1,20 @@
+parameters:
+ linux:
+ system:
+ user:
+ mrasskazov:
+ enabled: true
+ name: mrasskazov
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: Maxim Rasskazov
+ home: /home/mrasskazov
+ email: mrasskazov@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ mrasskazov:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCysPXCuMbUjqjtO/n0jVZK13/uMA/TI6Qsdyciih6jWJLbd6FCL/GWvkykngLHGH9lVGFYsOPRiAmlh8gXfYohCZFYuHxE88GoiycvJGRGoBDdxd/beDca6nP4Peqlg3TUUum9PefULDiv3eVHKwX4BC9mGIR6bWB41O003OxJMwEN9lLGmWqxAlAdCUwRIm9TlgTu6Fq3ZIkjSwGsZg4E+saBLnUiOjwYWSwmTiB8WTR2b19lZhXFEovdVY3/gF8Td84WT1TDXeWBAvwmAcFLRPEx/AI1Nt4AhM1toMMoq64pYbGCOYSgI7DZR/2vtxGa0IjQclLZ+M8YktyNErc9
+ user: ${linux:system:user:mrasskazov}
diff --git a/openssh/server/team/members/mshalamov.yml b/openssh/server/team/members/mshalamov.yml
new file mode 100644
index 0000000..dff804d
--- /dev/null
+++ b/openssh/server/team/members/mshalamov.yml
@@ -0,0 +1,20 @@
+parameters:
+ linux:
+ system:
+ user:
+ mshalamov:
+ enabled: true
+ name: mshalamov
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: Maksym Shalamov
+ home: /home/mshalamov
+ email: mshalamov@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ mshalamov:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCzGhXA8t3nWeeM8+L3drG+4ACt9pOS1CVAAsW634Q6EtbxSzpsdp3NEJ3X8jKmfiwGZmqUiJ0G0lzS+vHdQ4vJ58M9f7YpXYYah8/557YLvIgg+F/3cltS7PHSE3jqNZgQBHG0f4SRwiBq4zhWhDOCXtzHmsT4EUj+9K6EOlPk7SjrOQAZA0XcPl//lw8g5zHAAC6phNa+WzHLzQSyWAZZhIKyvbXTHpSAUAww5rIlquucxVMbnbqlSOD4FTikSOLQa9iq4Nx10c3ZZTD3xTMuissSj5XJU5LaO7qlraOBsKTlkO0T+VS1aMnfJ943QSI2wu6epKWWHAFXV7Z2nsTL mshalamov@mirantis.com
+ user: ${linux:system:user:mshalamov}
diff --git a/openssh/server/team/members/obryndzii.yml b/openssh/server/team/members/obryndzii.yml
index 9f7498c..911bdd8 100644
--- a/openssh/server/team/members/obryndzii.yml
+++ b/openssh/server/team/members/obryndzii.yml
@@ -16,6 +16,5 @@
obryndzii:
enabled: true
public_keys:
- - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCdHeeCZb+4YOBC925Byc0JkdFiNHnxl1DikrJlvza66n+URnfpTvtYhy70oT4jWruWf5dGAh81LK6SJfcLKqDvSNwAU4utQp1t71VllPB482oUhFSBAPOhWHElFakWcgnayOFVtMKhUZ4d5i+C7vXr+JpporBk6le7LuHD0/vNEG6SywexV3/lDZV1kahPSHblBxaED6nNeAODXXRMAOzgV25+UcDINaVTSzzQtCfUHydkVmw+TmxYc5wbdac1AtUkFmFbC6XTsv4VyZsH563jHNRf4UYPN6MP4SWv8axPiGUU5jr4laaIpDQ0TF/b+0Z+QidDxxTIsQxR0r/auUJp obryndzii@obryndzii-pc
- - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDD+5Ykrt46voaBAZ4BnYCB7EjRWNd6R+IqLaoQJzHh0joXVyZj/MsV0LcegxVV21Qnecp3qSw9XQiyJ9cghJbN3/AhEFpx7yZzf7sHez7FxRFefBSCO2IYSDBabO4eyv1X8UXtJrZ88lJBmWQr8nVy3E78za1cq0jRKNlGyvTrRtwY69WDhhc6k8CxIGAUrT6uAFeNCfroRKuw3zDm0FIxoq0eExNwBNw0rIXXUowDoCafTYSVpqSQ+Sby/wfRMc12ISmUnOQ2d9A1+YWoZgdHs+G/OK1ADQu/6edaSOWhX0BGLNRig5lWfgbOmAlzIqNqcLDMaBrcwcpi2LN5pIQf obryndzii@obryndzii-pc
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDCHoSxtdURZfgjJbbcKDA4TUUTixKVcRkGfgISYu55IF3scjoFRynaFP4zjBIitcTzxuvo7ZlE5ymxMHC0UNm5HU8tjmVscKcQs73lrjTr7jT24dZ8mr27nEbuTOa73FotPoIH5ao0wSSDc7PDXRUvJNI3xoZAd2KW1NZVRFFJ5jo/byuIfqIJLIAvOBTyUDoIrbL+3/WFIjdZ8MPlfyC8Bi09KfrM4hmzGDja4Mcfm4M7kMcw+B2DCpTtYUFCqjuYgTNC6EbTch21Afe9MCtdVqBBddFKFDU0WZtKfcHTuOVfiSrK47jA0ljU6HdHxFGmh3cz1ajux58T6/RHfXID obryndzii@obryndzii-pc
user: ${linux:system:user:obryndzii}
diff --git a/openssh/server/team/members/pshchelo.yaml b/openssh/server/team/members/pshchelo.yml
similarity index 100%
rename from openssh/server/team/members/pshchelo.yaml
rename to openssh/server/team/members/pshchelo.yml
diff --git a/openssh/server/team/members/rlubianyi.yml b/openssh/server/team/members/rlubianyi.yml
new file mode 100644
index 0000000..63f3397
--- /dev/null
+++ b/openssh/server/team/members/rlubianyi.yml
@@ -0,0 +1,20 @@
+parameters:
+ linux:
+ system:
+ user:
+ rlubianyi:
+ enabled: true
+ name: rlubianyi
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: Roman Lubianyi
+ home: /home/rlubianyi
+ email: rlubianyi@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ rlubianyi:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCXWwy6p3t4AGvaCtFDJxqKZiPDotJnbu2IKg2p7sl7YXQw+APLKk9maHyUehQQuGzidgBZpmBOMAXENcO1FGFj56cnp4W9tldTiRq1bWcUMq42wfNwIToP6dAXj5ZyhL+UZj1GsCThSasDhFe4Xife0cn69KHJqtmahApQK6D7tpZr2UNDYNWh/2JIrUOcJXZU+BqNg7zm1KNb6e9lKXL6KLDeaCiQ0bj+L/unqepLdg26eO7AQSZ/rt2qAnbfcquozECtDhT4cbK8q9xJODlJQ3eQGOgTH3m8jGijL+3UdPFUzbo4KwSK4V9FmB711HVBCQM4nlH9zumIUSxutnkd rlubianyi@rlubianyi-pc
+ user: ${linux:system:user:rlubianyi}
diff --git a/openssh/server/team/members/sandriichenko.yml b/openssh/server/team/members/sandriichenko.yml
new file mode 100644
index 0000000..adc8fc9
--- /dev/null
+++ b/openssh/server/team/members/sandriichenko.yml
@@ -0,0 +1,20 @@
+parameters:
+ linux:
+ system:
+ user:
+ sandriichenko:
+ enabled: true
+ name: sandriichenko
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: Sofiia Andriichenko
+ home: /home/sandriichenko
+ email: sandriichenko@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ sandriichenko:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC36ZGwGD7WgfEwCDfSkQjiNI3cfgitrRcY+QzXP1+HNLwGoRFiZwmOp2vuYE2JiwvZfxVGXfmFmlDqypFA+H+gNobizGM2S/w7Hz8S5Qja75YBWty9KqdwcRVo7+/cPi4IHsWDxb1xpsiiFMfW2RRvrA3rE131xhwwnfKdZBj5HTlDO+qLIJD0FbJVYehKhJwIJuVGKQyVgj3hepaO17UTbG6IqtZeDz6nb9Sl+3eX5zS+8xS86cHf868M09zmxwrA3uI/eyYT49kMZN+HUezqvrZSG7v3ociOh9P1TI+4TIJN7JaRUAen7hTV2ufgZtNUrOzqXZTuUTmJQmRapAi9 sandriichenko@sandriichenko-pc
+ user: ${linux:system:user:sandriichenko}
diff --git a/openssh/server/team/networking.yml b/openssh/server/team/networking.yml
index 9921b5b..d89b227 100644
--- a/openssh/server/team/networking.yml
+++ b/openssh/server/team/networking.yml
@@ -8,6 +8,9 @@
- system.openssh.server.team.members.psvimbersky
- system.openssh.server.team.members.gzimin
- system.openssh.server.team.members.dpyzhov
+- system.openssh.server.team.members.asamoylov
+- system.openssh.server.team.members.mrasskazov
+- system.openssh.server.team.members.ibumarskov
parameters:
_param:
linux_system_user_sudo: true
diff --git a/openssh/server/team/oscore_devops.yml b/openssh/server/team/oscore_devops.yml
index f629d9e..5ba280a 100644
--- a/openssh/server/team/oscore_devops.yml
+++ b/openssh/server/team/oscore_devops.yml
@@ -11,6 +11,8 @@
- system.openssh.server.team.members.kkushaev
- system.openssh.server.team.members.sgarbuz
- system.openssh.server.team.members.oshyshko
+- system.openssh.server.team.members.pshchelo
+- system.openssh.server.team.members.obryndzii
parameters:
_param:
linux_system_user_sudo: true
diff --git a/openssh/server/team/services.yml b/openssh/server/team/services.yml
index 3116d90..21ccba7 100644
--- a/openssh/server/team/services.yml
+++ b/openssh/server/team/services.yml
@@ -20,6 +20,7 @@
- system.openssh.server.team.members.mchernik
- system.openssh.server.team.members.hkraemer
- system.openssh.server.team.members.pbasov
+- system.openssh.server.team.members.alis
parameters:
_param:
linux_system_user_sudo: true
diff --git a/openssh/server/team/stacklight.yml b/openssh/server/team/stacklight.yml
index 032466b..4736b4a 100644
--- a/openssh/server/team/stacklight.yml
+++ b/openssh/server/team/stacklight.yml
@@ -1,3 +1,5 @@
+classes:
+- system.openssh.server.team.members.akiseleva
parameters:
_param:
linux_system_user_sudo: true
@@ -123,6 +125,13 @@
full_name: Michal Kobus
home: /home/mkobus
email: mkobus@mirantis.com
+ akiseleva:
+ enabled: true
+ name: akiseleva
+ sudo: true
+ full_name: Alena Kiseleva
+ home: /home/akiseleva
+ email: akiseleva@mirantis.com
openssh:
client:
enabled: true
@@ -214,6 +223,11 @@
public_keys:
- ${public_keys:mkobus}
user: ${linux:system:user:mkobus}
+ akiseleva:
+ enabled: true
+ public_keys:
+ - ${public_keys:akiseleva}
+ user: ${linux:system:user:akiseleva}
public_keys:
newt:
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC3odU+3V2uDA2ptAFL9hrJRPNEEdAyztWOZFQ5Oyd9oerTGOU3p4xmrgWWjfKFKbYGhiiIUcYAol5PkTfKukGEkkjCHYA1t023soCaaAj85wCZCnw2zQNAziwxTYmAzTqgxiSvtZNMMrtJvFHRIRDzJ3M1lV0prWNWkMM1/3FAd4W49y6VT3fkMCo8uqG7CfGdgR2DgBCxf9KaNPfW5eDEPOgmE5lK8tVSEI6T+Cg7hbcTf4lFYnlFBnlQgp/0JstsM4Vbwb4B34LOpOsf2S8rrWk2xQMjwaMHXkc2s/E8iW3F5nVFuyEXYISFQIiAHw8dzC6CHgLcyHUVWwznKawZ newt@newt-dev1
@@ -249,3 +263,5 @@
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDC6TGCQAH3FGNSOhSbovhwODabOAsgVqG71rEDdXvDSShwyNB3RIICefas3mdSLsG7+1K9mZ1jicWzNbotvePwzrM/MESzntzp4QZ5J/9L3BMiqWWKL2u6BQ65LGe0YMzMmdSkqMAj0uxt3+OiFDPDrwqH6qN0hwxAJM+byeUlQW8uWQYm/pmWMD60GUrnjYUfKfEa/S3symaZBHQvjtp26De8D6u/jr4TWi5VJpKqVREqU7Z4IKwn8JvHMmUbRO4endW3cRiv35Qb7s66rO6TD0KlDFnnTxOtFvLhL51j58X4MrV9FHUI6czoqjAgEDe9CW7DzZ1xMj03d6IAipgL
mkobus:
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCBqe3X+LrneiuieWGjlw5wRtgixBu2Q8LZjH6W+8nsOkB7iN6qRdKom3jac1Cdd5wSJ0NFAhDNcTLK4Etz/3YACglsTxk09TzXlqs1V0Y7U5a2eqn3KTOgMNsJ1aOhFq/LnmUwTdN8NXac6TIkwZZBj5KhHSvIoO+mfsascct5FIVU/+p32d3o/4NqMDDdTg/qxIMKQsh5sw5Y9Tz9h28LGbDh+QF2lW+b5YJhnCG21Uw17xcyxf3/53EpJwTXfElonSR7HMVLxrq7oDzmqKFZ2z8i9do6EgODKlZpSkxiAFOBw5oA2hPtEeqtXqvddu2FcNGuSNhx/6O8ZHIKq3Xh/tTOYnoc+qYDMRCzDwzeyivfr5Ci3n64giUaZl+KUr6D1CKeL2s8j9+kod/1JJDEeoYR+V93MTiTD/39N8eQAGv+6r9HBapXIkvr3iNuTH1+5eN36Vc90jXXRmGMZkF5P9ivNGDZGcy2pBwwPg/bRn2xb0zx1fsxd4qOi+Cd7mBCF4+SfnVCqUd2H9R0O3S7WgfLr+wOXpFq6/WwgjzI9RVhLJ5cZmePJKvYZYYhkAxsVwWSE639zFFuU1zhFXr49wa0njK9DdYWiQEhOki0ki3huABmVbWKg/zP1Rlllmtk0S4mwggJ57JYbuhEV3a1x1KOtWMzODW5cb3HlPTQw==
+ akiseleva:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCyxzlFKlCcfwagnnmCg1r9SUVfAgy/IdPSxsnpELjCRaz3FI66sYa1F1RdZngoXmYxe5qlmkiRQ0rCjIYk12I08du5FJGYQvMttJEgmVeHtFKW0o3uGBIKNJ5nCni3lR8idPTRXqhwdXYeA4A9+COQO4MGcaJZrqHgEviZt4jQrYy90WdqbKTD4meBRy4MC9+TOUs719kTxK54tmMHBq2l/ukmv3FwgtLz2xMeNW7htiS/1rzA9CEerjkvpc0mOxc4DCY4bH8sR2Ts3Y33Rx6aUN8shTij2aX2v8UvUay2JPqQTJicY+IsYl4D8w/XPx00Oj/3b54f6kTLlzzoNDq5 alena@alena-Lenovo-V580c
diff --git a/panko/server/cluster.yml b/panko/server/cluster.yml
index d641f36..7954944 100644
--- a/panko/server/cluster.yml
+++ b/panko/server/cluster.yml
@@ -4,6 +4,7 @@
- system.apache.server.site.panko
- system.haproxy.proxy.listen.openstack.panko
- system.keepalived.cluster.instance.openstack_telemetry_vip
+- system.salt.minion.cert.mysql.clients.openstack.panko
parameters:
_param:
panko_memcached_node01_address: ${_param:cluster_node01_address}
@@ -11,14 +12,30 @@
panko_memcached_node03_address: ${_param:cluster_node03_address}
# Keep events in database for 30 days
panko_event_time_to_live: 2592000
+ openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
+ linux:
+ system:
+ cron:
+ user:
+ panko:
+ enabled: true
panko:
server:
role: ${_param:openstack_node_role}
event_time_to_live: ${_param:panko_event_time_to_live}
identity:
host: ${_param:openstack_control_address}
+ protocol: ${_param:cluster_internal_protocol}
database:
host: ${_param:openstack_database_address}
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_panko_ssl_ca_file}
+ key_file: ${_param:mysql_panko_client_ssl_key_file}
+ cert_file: ${_param:mysql_panko_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
cache:
engine: memcached
members:
@@ -32,4 +49,4 @@
expirer:
cron:
minute: 0
- hour: 2
\ No newline at end of file
+ hour: 2
diff --git a/panko/server/single.yml b/panko/server/single.yml
index 497b21e..968267c 100644
--- a/panko/server/single.yml
+++ b/panko/server/single.yml
@@ -1,16 +1,35 @@
classes:
- service.panko.server.single
- system.apache.server.site.panko
+- system.salt.minion.cert.mysql.clients.openstack.panko
parameters:
_param:
# Keep events in database for 30 days
panko_event_time_to_live: 2592000
+ openstack_mysql_x509_enabled: False
+ galera_ssl_enabled: False
+ linux:
+ system:
+ cron:
+ user:
+ panko:
+ enabled: true
panko:
server:
+ identity:
+ protocol: ${_param:internal_protocol}
+ database:
+ x509:
+ enabled: ${_param:openstack_mysql_x509_enabled}
+ ca_file: ${_param:mysql_panko_ssl_ca_file}
+ key_file: ${_param:mysql_panko_client_ssl_key_file}
+ cert_file: ${_param:mysql_panko_client_ssl_cert_file}
+ ssl:
+ enabled: ${_param:galera_ssl_enabled}
role: ${_param:openstack_node_role}
event_time_to_live: ${_param:panko_event_time_to_live}
# Check for expired events every day at 2 AM
expirer:
cron:
minute: 0
- hour: 2
\ No newline at end of file
+ hour: 2
diff --git a/powerdns/server/cluster.yml b/powerdns/server/cluster.yml
new file mode 100644
index 0000000..b4a5625
--- /dev/null
+++ b/powerdns/server/cluster.yml
@@ -0,0 +1,43 @@
+classes:
+ - service.powerdns.server.single
+parameters:
+ _param:
+ powerdns_axfr_ips_address01: ${_param:openstack_control_node01_address}
+ powerdns_axfr_ips_address02: ${_param:openstack_control_node02_address}
+ powerdns_axfr_ips_address03: ${_param:openstack_control_node03_address}
+ powerdns_supermaster_node01_address: ${_param:openstack_control_node01_address}
+ powerdns_supermaster_node02_address: ${_param:openstack_control_node02_address}
+ powerdns_supermaster_node03_address: ${_param:openstack_control_node03_address}
+ powerdns_supermaster_node01_name: ${_param:openstack_control_node01_hostname}.${_param:cluster_domain}
+ powerdns_supermaster_node02_name: ${_param:openstack_control_node02_hostname}.${_param:cluster_domain}
+ powerdns_supermaster_node03_name: ${_param:openstack_control_node03_hostname}.${_param:cluster_domain}
+ powerdns_webserver_port: 8081
+ powerdns:
+ server:
+ enabled: true
+ api:
+ enabled: true
+ key: ${_param:designate_pdns_api_key}
+ axfr_ips:
+ - ${_param:powerdns_axfr_ips_address01}
+ - ${_param:powerdns_axfr_ips_address02}
+ - ${_param:powerdns_axfr_ips_address03}
+ - 127.0.0.1
+ bind:
+ address: ${_param:single_address}
+ overwrite_supermasters: true
+ supermasters:
+ - ip: ${_param:powerdns_supermaster_node01_address}
+ nameserver: ${_param:powerdns_supermaster_node01_name}
+ account: master
+ - ip: ${_param:powerdns_supermaster_node02_address}
+ nameserver: ${_param:powerdns_supermaster_node02_name}
+ account: master
+ - ip: ${_param:powerdns_supermaster_node03_address}
+ nameserver: ${_param:powerdns_supermaster_node03_name}
+ account: master
+ webserver:
+ enabled: true
+ address: ${_param:single_address}
+ password: ${_param:powerdns_webserver_password}
+ port: ${_param:powerdns_webserver_port}
\ No newline at end of file
diff --git a/prometheus/server/alertmanager/kubernetes.yml b/prometheus/server/alertmanager/kubernetes.yml
new file mode 100644
index 0000000..3b1ff1c
--- /dev/null
+++ b/prometheus/server/alertmanager/kubernetes.yml
@@ -0,0 +1,11 @@
+parameters:
+ prometheus:
+ server:
+ config:
+ alertmanager:
+ kubernetes_alertmanager:
+ enabled: true
+ kubernetes_sd_configs:
+ role: pod
+ namespace: ${_param:kubernetes_alertmanager_namespace}
+ pod_name_regex: ^alertmanager.*
diff --git a/prometheus/server/init.yml b/prometheus/server/init.yml
index 5d115ac..cd511d4 100644
--- a/prometheus/server/init.yml
+++ b/prometheus/server/init.yml
@@ -2,10 +2,12 @@
_param:
prometheus_server_config_directory: /srv/prometheus
prometheus_server_data_directory: /data
+ prometheus_server_host_config_directory: /srv/volumes/local/prometheus/config
+ prometheus_server_host_data_directory: /srv/volumes/local/prometheus/data
prometheus:
server:
version: 2.0
dir:
- data: /srv/volumes/local/prometheus/data
- config: /srv/volumes/local/prometheus/config
+ data: ${_param:prometheus_server_host_data_directory}
+ config: ${_param:prometheus_server_host_config_directory}
config_in_container: ${_param:prometheus_server_config_directory}
diff --git a/rabbitmq/server/ssl/init.yml b/rabbitmq/server/ssl/init.yml
new file mode 100644
index 0000000..961d28d
--- /dev/null
+++ b/rabbitmq/server/ssl/init.yml
@@ -0,0 +1,14 @@
+classes:
+- system.salt.minion.cert.rabbitmq_server
+- service.rabbitmq.server.ssl
+parameters:
+ _param:
+ rabbitmq_ssl_enabled: true
+ openstack_rabbitmq_x509_enabled: false
+ openstack_rabbitmq_port: 5671 # for non-ssl use 5672 / for ssl 5671
+ rabbitmq:
+ server:
+ ssl:
+ enabled: ${_param:rabbitmq_ssl_enabled}
+ x509:
+ enabled: ${_param:openstack_rabbitmq_x509_enabled}
diff --git a/reclass/storage/salt.yml b/reclass/storage/salt.yml
index 0a21cdb..b2025c4 100644
--- a/reclass/storage/salt.yml
+++ b/reclass/storage/salt.yml
@@ -8,6 +8,8 @@
engine: git
address: '${_param:reclass_data_repository}'
branch: ${_param:reclass_data_revision}
+
+ # TODO, remove this once not required for backward compatibility
salt:
master:
pillar:
diff --git a/reclass/storage/system/cicd_control_cluster.yml b/reclass/storage/system/cicd_control_cluster.yml
index bc31944..34f0de1 100644
--- a/reclass/storage/system/cicd_control_cluster.yml
+++ b/reclass/storage/system/cicd_control_cluster.yml
@@ -18,6 +18,7 @@
single_address: ${_param:cicd_control_node01_address}
keepalived_vip_priority: 103
cicd_database_id: 1
+ glusterfs_node_role: primary
cicd_control_node02:
name: ${_param:cicd_control_node02_hostname}
domain: ${_param:cluster_domain}
@@ -29,6 +30,7 @@
single_address: ${_param:cicd_control_node02_address}
keepalived_vip_priority: 102
cicd_database_id: 2
+ glusterfs_node_role: secondary
cicd_control_node03:
name: ${_param:cicd_control_node03_hostname}
domain: ${_param:cluster_domain}
@@ -40,3 +42,4 @@
single_address: ${_param:cicd_control_node03_address}
keepalived_vip_priority: 101
cicd_database_id: 3
+ glusterfs_node_role: secondary
diff --git a/reclass/storage/system/kubernetes_contrail_cluster.yml b/reclass/storage/system/kubernetes_contrail_cluster.yml
index 49a70e2..c85f6f0 100644
--- a/reclass/storage/system/kubernetes_contrail_cluster.yml
+++ b/reclass/storage/system/kubernetes_contrail_cluster.yml
@@ -15,7 +15,6 @@
domain: ${_param:cluster_domain}
classes:
- cluster.${_param:cluster_name}.kubernetes.control
- - cluster.${_param:cluster_name}.opencontrail.control
params:
salt_master_host: ${_param:reclass_config_master}
linux_system_codename: ${_param:kubernetes_control_system_codename}
@@ -29,7 +28,6 @@
domain: ${_param:cluster_domain}
classes:
- cluster.${_param:cluster_name}.kubernetes.control
- - cluster.${_param:cluster_name}.opencontrail.control
params:
salt_master_host: ${_param:reclass_config_master}
linux_system_codename: ${_param:kubernetes_control_system_codename}
@@ -43,7 +41,6 @@
domain: ${_param:cluster_domain}
classes:
- cluster.${_param:cluster_name}.kubernetes.control
- - cluster.${_param:cluster_name}.opencontrail.control
params:
salt_master_host: ${_param:reclass_config_master}
linux_system_codename: ${_param:kubernetes_control_system_codename}
diff --git a/reclass/storage/system/openstack_barbican_cluster.yml b/reclass/storage/system/openstack_barbican_cluster.yml
new file mode 100644
index 0000000..1b47ee6
--- /dev/null
+++ b/reclass/storage/system/openstack_barbican_cluster.yml
@@ -0,0 +1,42 @@
+parameters:
+ _param:
+ openstack_barbican_node01_hostname: kmn01
+ openstack_barbican_node02_hostname: kmn02
+ openstack_barbican_node03_hostname: kmn03
+ openstack_barbican_system_codename: xenial
+ reclass:
+ storage:
+ node:
+ openstack_barbican_node01:
+ name: ${_param:openstack_barbican_node01_hostname}
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.openstack.barbican
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: ${_param:openstack_barbican_system_codename}
+ single_address: ${_param:openstack_barbican_node01_address}
+ keepalived_vip_priority: 103
+ openstack_node_role: primary
+ openstack_barbican_node02:
+ name: ${_param:openstack_barbican_node02_hostname}
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.openstack.barbican
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: ${_param:openstack_barbican_system_codename}
+ single_address: ${_param:openstack_barbican_node02_address}
+ keepalived_vip_priority: 102
+ openstack_node_role: secondary
+ openstack_barbican_node03:
+ name: ${_param:openstack_barbican_node03_hostname}
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.openstack.barbican
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: ${_param:openstack_barbican_system_codename}
+ single_address: ${_param:openstack_barbican_node03_address}
+ keepalived_vip_priority: 101
+ openstack_node_role: secondary
diff --git a/reclass/storage/system/openstack_control_cluster.yml b/reclass/storage/system/openstack_control_cluster.yml
index e05b3e9..cf21437 100644
--- a/reclass/storage/system/openstack_control_cluster.yml
+++ b/reclass/storage/system/openstack_control_cluster.yml
@@ -20,6 +20,7 @@
opencontrail_database_id: 1
rabbitmq_cluster_role: master
openstack_node_role: primary
+ glusterfs_node_role: primary
openstack_control_node02:
name: ${_param:openstack_control_node02_hostname}
domain: ${_param:cluster_domain}
@@ -33,6 +34,7 @@
opencontrail_database_id: 2
rabbitmq_cluster_role: slave
openstack_node_role: secondary
+ glusterfs_node_role: secondary
openstack_control_node03:
name: ${_param:openstack_control_node03_hostname}
domain: ${_param:cluster_domain}
@@ -46,3 +48,4 @@
opencontrail_database_id: 3
rabbitmq_cluster_role: slave
openstack_node_role: secondary
+ glusterfs_node_role: secondary
diff --git a/reclass/storage/system/openstack_control_large.yml b/reclass/storage/system/openstack_control_large.yml
index 4ad2e90..f02b24c 100644
--- a/reclass/storage/system/openstack_control_large.yml
+++ b/reclass/storage/system/openstack_control_large.yml
@@ -20,6 +20,7 @@
single_address: ${_param:openstack_control_node01_address}
keepalived_vip_priority: 105
openstack_node_role: primary
+ glusterfs_node_role: primary
openstack_control_node02:
name: ${_param:openstack_control_node02_hostname}
domain: ${_param:cluster_domain}
@@ -31,6 +32,7 @@
single_address: ${_param:openstack_control_node02_address}
keepalived_vip_priority: 104
openstack_node_role: secondary
+ glusterfs_node_role: secondary
openstack_control_node03:
name: ${_param:openstack_control_node03_hostname}
domain: ${_param:cluster_domain}
@@ -42,6 +44,7 @@
single_address: ${_param:openstack_control_node03_address}
keepalived_vip_priority: 103
openstack_node_role: secondary
+ glusterfs_node_role: secondary
openstack_control_node04:
name: ${_param:openstack_control_node04_hostname}
domain: ${_param:cluster_domain}
@@ -53,6 +56,7 @@
single_address: ${_param:openstack_control_node04_address}
keepalived_vip_priority: 102
openstack_node_role: secondary
+ glusterfs_node_role: secondary
openstack_control_node05:
name: ${_param:openstack_control_node05_hostname}
domain: ${_param:cluster_domain}
@@ -64,3 +68,4 @@
single_address: ${_param:openstack_control_node05_address}
keepalived_vip_priority: 101
openstack_node_role: secondary
+ glusterfs_node_role: secondary
diff --git a/reclass/storage/system/openstack_control_upgrade_single.yml b/reclass/storage/system/openstack_control_upgrade_single.yml
index b00cc81..a48c9a3 100644
--- a/reclass/storage/system/openstack_control_upgrade_single.yml
+++ b/reclass/storage/system/openstack_control_upgrade_single.yml
@@ -15,3 +15,4 @@
linux_system_codename: ${_param:openstack_upgrade_system_codename}
single_address: ${_param:openstack_upgrade_node01_address}
openstack_node_role: primary
+ glusterfs_node_role: primary
diff --git a/reclass/storage/system/openstack_share_multi.yml b/reclass/storage/system/openstack_share_multi.yml
index a70af28..abc52ce 100644
--- a/reclass/storage/system/openstack_share_multi.yml
+++ b/reclass/storage/system/openstack_share_multi.yml
@@ -20,6 +20,8 @@
linux_system_codename: ${_param:linux_system_codename}
single_address: ${_param:openstack_share_node01_address}
manila_share_address: ${_param:openstack_share_node01_share_address}
+ keepalived_vip_priority: 103
+ openstack_node_role: primary
openstack_share_node02:
name: ${_param:openstack_share_node02_hostname}
domain: ${_param:cluster_domain}
@@ -30,6 +32,8 @@
linux_system_codename: ${_param:linux_system_codename}
single_address: ${_param:openstack_share_node02_address}
manila_share_address: ${_param:openstack_share_node02_share_address}
+ keepalived_vip_priority: 102
+ openstack_node_role: secondary
openstack_share_node03:
name: ${_param:openstack_share_node03_hostname}
domain: ${_param:cluster_domain}
@@ -40,3 +44,5 @@
linux_system_codename: ${_param:linux_system_codename}
single_address: ${_param:openstack_share_node03_address}
manila_share_address: ${_param:openstack_share_node03_share_address}
+ keepalived_vip_priority: 101
+ openstack_node_role: secondary
diff --git a/reclass/storage/system/openstack_telemetry_cluster.yml b/reclass/storage/system/openstack_telemetry_cluster.yml
index 4c688a8..198c356 100644
--- a/reclass/storage/system/openstack_telemetry_cluster.yml
+++ b/reclass/storage/system/openstack_telemetry_cluster.yml
@@ -18,6 +18,7 @@
single_address: ${_param:openstack_telemetry_node01_address}
keepalived_vip_priority: 103
openstack_node_role: primary
+ glusterfs_node_role: primary
ceilometer_create_gnocchi_resources: true
redis_cluster_role: 'master'
openstack_telemetry_node02:
@@ -31,6 +32,7 @@
single_address: ${_param:openstack_telemetry_node02_address}
keepalived_vip_priority: 102
openstack_node_role: secondary
+ glusterfs_node_role: secondary
redis_cluster_role: 'slave'
openstack_telemetry_node03:
name: ${_param:openstack_telemetry_node03_hostname}
@@ -43,4 +45,5 @@
single_address: ${_param:openstack_telemetry_node03_address}
keepalived_vip_priority: 101
openstack_node_role: secondary
+ glusterfs_node_role: secondary
redis_cluster_role: 'slave'
diff --git a/reclass/storage/system/oss_cluster.yml b/reclass/storage/system/oss_cluster.yml
index 71d42ce..784d8a7 100644
--- a/reclass/storage/system/oss_cluster.yml
+++ b/reclass/storage/system/oss_cluster.yml
@@ -19,6 +19,7 @@
linux_system_codename: ${_param:oss_system_codename}
single_address: ${_param:oss_node01_address}
keepalived_vip_priority: 103
+ glusterfs_node_role: primary
stacklight_server_node02:
name: ${_param:oss_node02_hostname}
domain: ${_param:cluster_domain}
@@ -30,6 +31,7 @@
linux_system_codename: ${_param:oss_system_codename}
single_address: ${_param:oss_node02_address}
keepalived_vip_priority: 102
+ glusterfs_node_role: secondary
stacklight_server_node03:
name: ${_param:oss_node03_hostname}
domain: ${_param:cluster_domain}
@@ -41,3 +43,4 @@
linux_system_codename: ${_param:oss_system_codename}
single_address: ${_param:oss_node03_address}
keepalived_vip_priority: 101
+ glusterfs_node_role: secondary
diff --git a/reclass/storage/system/physical_control_cluster.yml b/reclass/storage/system/physical_control_cluster.yml
index ebd0eb0..1621a4c 100644
--- a/reclass/storage/system/physical_control_cluster.yml
+++ b/reclass/storage/system/physical_control_cluster.yml
@@ -32,6 +32,7 @@
deploy_address: ${_param:infra_kvm_node01_deploy_address}
public_address: ${_param:infra_kvm_node01_public_address}
storage_address: ${_param:infra_kvm_node01_storage_address}
+ glusterfs_node_role: primary
infra_kvm_node02:
name: ${_param:infra_kvm_node02_hostname}
domain: ${_param:cluster_domain}
@@ -44,6 +45,7 @@
deploy_address: ${_param:infra_kvm_node02_deploy_address}
public_address: ${_param:infra_kvm_node02_public_address}
storage_address: ${_param:infra_kvm_node02_storage_address}
+ glusterfs_node_role: secondary
infra_kvm_node03:
name: ${_param:infra_kvm_node03_hostname}
domain: ${_param:cluster_domain}
@@ -56,3 +58,4 @@
deploy_address: ${_param:infra_kvm_node03_deploy_address}
public_address: ${_param:infra_kvm_node03_public_address}
storage_address: ${_param:infra_kvm_node03_storage_address}
+ glusterfs_node_role: secondary
diff --git a/reclass/storage/system/physical_control_full.yml b/reclass/storage/system/physical_control_full.yml
index 1bdd345..7c3b030 100644
--- a/reclass/storage/system/physical_control_full.yml
+++ b/reclass/storage/system/physical_control_full.yml
@@ -57,6 +57,7 @@
deploy_address: ${_param:infra_kvm_node01_deploy_address}
public_address: ${_param:infra_kvm_node01_public_address}
storage_address: ${_param:infra_kvm_node01_storage_address}
+ glusterfs_node_role: primary
infra_kvm_node02:
name: ${_param:infra_kvm_node02_hostname}
domain: ${_param:cluster_domain}
@@ -69,6 +70,7 @@
deploy_address: ${_param:infra_kvm_node02_deploy_address}
public_address: ${_param:infra_kvm_node02_public_address}
storage_address: ${_param:infra_kvm_node02_storage_address}
+ glusterfs_node_role: secondary
infra_kvm_node03:
name: ${_param:infra_kvm_node03_hostname}
domain: ${_param:cluster_domain}
@@ -81,6 +83,7 @@
deploy_address: ${_param:infra_kvm_node03_deploy_address}
public_address: ${_param:infra_kvm_node03_public_address}
storage_address: ${_param:infra_kvm_node03_storage_address}
+ glusterfs_node_role: secondary
infra_kvm_node04:
name: ${_param:infra_kvm_node04_hostname}
domain: ${_param:cluster_domain}
diff --git a/reclass/storage/system/physical_control_large.yml b/reclass/storage/system/physical_control_large.yml
index 1070f47..93cc565 100644
--- a/reclass/storage/system/physical_control_large.yml
+++ b/reclass/storage/system/physical_control_large.yml
@@ -81,6 +81,7 @@
deploy_address: ${_param:infra_kvm_node01_deploy_address}
public_address: ${_param:infra_kvm_node01_public_address}
storage_address: ${_param:infra_kvm_node01_storage_address}
+ glusterfs_node_role: primary
infra_kvm_node02:
name: ${_param:infra_kvm_node02_hostname}
domain: ${_param:cluster_domain}
@@ -93,6 +94,7 @@
deploy_address: ${_param:infra_kvm_node02_deploy_address}
public_address: ${_param:infra_kvm_node02_public_address}
storage_address: ${_param:infra_kvm_node02_storage_address}
+ glusterfs_node_role: secondary
infra_kvm_node03:
name: ${_param:infra_kvm_node03_hostname}
domain: ${_param:cluster_domain}
@@ -105,6 +107,7 @@
deploy_address: ${_param:infra_kvm_node03_deploy_address}
public_address: ${_param:infra_kvm_node03_public_address}
storage_address: ${_param:infra_kvm_node03_storage_address}
+ glusterfs_node_role: secondary
infra_kvm_node04:
name: ${_param:infra_kvm_node04_hostname}
domain: ${_param:cluster_domain}
diff --git a/reclass/storage/system/physical_control_medium.yml b/reclass/storage/system/physical_control_medium.yml
index 5ad7d24..70d7313 100644
--- a/reclass/storage/system/physical_control_medium.yml
+++ b/reclass/storage/system/physical_control_medium.yml
@@ -69,6 +69,7 @@
deploy_address: ${_param:infra_kvm_node01_deploy_address}
public_address: ${_param:infra_kvm_node01_public_address}
storage_address: ${_param:infra_kvm_node01_storage_address}
+ glusterfs_node_role: primary
infra_kvm_node02:
name: ${_param:infra_kvm_node02_hostname}
domain: ${_param:cluster_domain}
@@ -81,6 +82,7 @@
deploy_address: ${_param:infra_kvm_node02_deploy_address}
public_address: ${_param:infra_kvm_node02_public_address}
storage_address: ${_param:infra_kvm_node02_storage_address}
+ glusterfs_node_role: secondary
infra_kvm_node03:
name: ${_param:infra_kvm_node03_hostname}
domain: ${_param:cluster_domain}
@@ -93,6 +95,7 @@
deploy_address: ${_param:infra_kvm_node03_deploy_address}
public_address: ${_param:infra_kvm_node03_public_address}
storage_address: ${_param:infra_kvm_node03_storage_address}
+ glusterfs_node_role: secondary
infra_kvm_node04:
name: ${_param:infra_kvm_node04_hostname}
domain: ${_param:cluster_domain}
diff --git a/reclass/storage/system/physical_control_small.yml b/reclass/storage/system/physical_control_small.yml
index 4ce3759..5727dd6 100644
--- a/reclass/storage/system/physical_control_small.yml
+++ b/reclass/storage/system/physical_control_small.yml
@@ -45,6 +45,7 @@
deploy_address: ${_param:infra_kvm_node01_deploy_address}
public_address: ${_param:infra_kvm_node01_public_address}
storage_address: ${_param:infra_kvm_node01_storage_address}
+ glusterfs_node_role: primary
infra_kvm_node02:
name: ${_param:infra_kvm_node02_hostname}
domain: ${_param:cluster_domain}
@@ -57,6 +58,7 @@
deploy_address: ${_param:infra_kvm_node02_deploy_address}
public_address: ${_param:infra_kvm_node02_public_address}
storage_address: ${_param:infra_kvm_node02_storage_address}
+ glusterfs_node_role: secondary
infra_kvm_node03:
name: ${_param:infra_kvm_node03_hostname}
domain: ${_param:cluster_domain}
@@ -69,6 +71,7 @@
deploy_address: ${_param:infra_kvm_node03_deploy_address}
public_address: ${_param:infra_kvm_node03_public_address}
storage_address: ${_param:infra_kvm_node03_storage_address}
+ glusterfs_node_role: secondary
infra_kvm_node04:
name: ${_param:infra_kvm_node04_hostname}
domain: ${_param:cluster_domain}
diff --git a/salt/control/cluster/ceph_mon_cluster.yml b/salt/control/cluster/ceph_mon_cluster.yml
index bccec01..39cee29 100644
--- a/salt/control/cluster/ceph_mon_cluster.yml
+++ b/salt/control/cluster/ceph_mon_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ ceph_mon_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -16,14 +19,17 @@
name: ${_param:ceph_mon_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:ceph_mon_backend_image}
size: ceph.mon
cmn02:
name: ${_param:ceph_mon_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:ceph_mon_backend_image}
size: ceph.mon
cmn03:
name: ${_param:ceph_mon_node03_hostname}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
- size: ceph.mon
\ No newline at end of file
+ backend: ${_param:ceph_mon_backend_image}
+ size: ceph.mon
diff --git a/salt/control/cluster/ceph_rgw_cluster.yml b/salt/control/cluster/ceph_rgw_cluster.yml
index 6f24819..e0109db 100644
--- a/salt/control/cluster/ceph_rgw_cluster.yml
+++ b/salt/control/cluster/ceph_rgw_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ ceph_rgw_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -16,14 +19,17 @@
name: ${_param:ceph_rgw_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:ceph_rgw_backend_image}
size: ceph.rgw
rgw02:
name: ${_param:ceph_rgw_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:ceph_rgw_backend_image}
size: ceph.rgw
rgw03:
name: ${_param:ceph_rgw_node03_hostname}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
- size: ceph.rgw
\ No newline at end of file
+ backend: ${_param:ceph_rgw_backend_image}
+ size: ceph.rgw
diff --git a/salt/control/cluster/cicd_control_cluster.yml b/salt/control/cluster/cicd_control_cluster.yml
index 82366a8..33945e2 100644
--- a/salt/control/cluster/cicd_control_cluster.yml
+++ b/salt/control/cluster/cicd_control_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ cicd_control_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -16,14 +19,17 @@
name: ${_param:cicd_control_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:cicd_control_backend_image}
size: cicd.control
cid02:
name: ${_param:cicd_control_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:cicd_control_backend_image}
size: cicd.control
cid03:
name: ${_param:cicd_control_node03_hostname}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:cicd_control_backend_image}
size: cicd.control
diff --git a/salt/control/cluster/infra_idm_cluster.yml b/salt/control/cluster/infra_idm_cluster.yml
index ff135a1..f322910 100644
--- a/salt/control/cluster/infra_idm_cluster.yml
+++ b/salt/control/cluster/infra_idm_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_centos7_image_backend: /var/lib/libvirt/images/backends/centos7.qcow2
+ infra_idm_backend_image: ${_param:salt_control_centos7_image_backend}
salt:
control:
size:
@@ -16,14 +19,17 @@
name: ${_param:infra_idm_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_centos7_image}
+ backend: ${_param:infra_idm_backend_image}
size: infra.idm
idm02:
name: ${_param:infra_idm_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_centos7_image}
+ backend: ${_param:infra_idm_backend_image}
size: infra.idm
idm03:
name: ${_param:infra_idm_node03_hostname}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_centos7_image}
+ backend: ${_param:infra_idm_backend_image}
size: infra.idm
diff --git a/salt/control/cluster/infra_integration_single.yml b/salt/control/cluster/infra_integration_single.yml
index 66de895..0c774ab 100644
--- a/salt/control/cluster/infra_integration_single.yml
+++ b/salt/control/cluster/infra_integration_single.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ infra_integration_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -16,4 +19,5 @@
name: ${_param:cicd_control_node01_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:infra_integration_backend_image}
size: infra.integration
diff --git a/salt/control/cluster/infra_maas_single.yml b/salt/control/cluster/infra_maas_single.yml
index d8675e8..9bd4fe2 100644
--- a/salt/control/cluster/infra_maas_single.yml
+++ b/salt/control/cluster/infra_maas_single.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ infra_maas_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -16,5 +19,6 @@
name: ${_param:infra_maas_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:infra_maas_backend_image}
size: infra.maas
diff --git a/salt/control/cluster/infra_proxy_cluster.yml b/salt/control/cluster/infra_proxy_cluster.yml
index f3453ff..00c9679 100644
--- a/salt/control/cluster/infra_proxy_cluster.yml
+++ b/salt/control/cluster/infra_proxy_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_trusty_image_backend: /var/lib/libvirt/images/backends/trusty.qcow2
+ infra_proxy_backend_image: ${_param:salt_control_trusty_image_backend}
salt:
control:
size:
@@ -16,9 +19,11 @@
name: ${_param:openstack_proxy_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:infra_proxy_backend_image}
size: infra.proxy
prx02:
name: ${_param:openstack_proxy_node01_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:infra_proxy_backend_image}
size: infra.proxy
diff --git a/salt/control/cluster/infra_proxy_single.yml b/salt/control/cluster/infra_proxy_single.yml
index 7d092fa..483b2d4 100644
--- a/salt/control/cluster/infra_proxy_single.yml
+++ b/salt/control/cluster/infra_proxy_single.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_trusty_image_backend: /var/lib/libvirt/images/backends/trusty.qcow2
+ infra_proxy_backend_image: ${_param:salt_control_trusty_image_backend}
salt:
control:
size:
@@ -16,4 +19,5 @@
name: ${_param:openstack_proxy_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:infra_proxy_backend_image}
size: infra.proxy
diff --git a/salt/control/cluster/infra_storage_single.yml b/salt/control/cluster/infra_storage_single.yml
index ca8ce26..b6c0a85 100644
--- a/salt/control/cluster/infra_storage_single.yml
+++ b/salt/control/cluster/infra_storage_single.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ infra_storage_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -15,4 +18,5 @@
sto01:
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:infra_storage_backend_image}
size: infra.storage
diff --git a/salt/control/cluster/infra_version_control_single.yml b/salt/control/cluster/infra_version_control_single.yml
index 10e01ab..d7e02d5 100644
--- a/salt/control/cluster/infra_version_control_single.yml
+++ b/salt/control/cluster/infra_version_control_single.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ infra_version_control_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -15,4 +18,5 @@
git01:
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:infra_version_control_backend_image}
size: infra.version_control
diff --git a/salt/control/cluster/kubernetes_control_cluster.yml b/salt/control/cluster/kubernetes_control_cluster.yml
index c3049ec..252ccbf 100644
--- a/salt/control/cluster/kubernetes_control_cluster.yml
+++ b/salt/control/cluster/kubernetes_control_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ kubernetes_control_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -16,14 +19,17 @@
name: ${_param:kubernetes_control_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:kubernetes_control_backend_image}
size: kubernetes.control
ctl02:
name: ${_param:kubernetes_control_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:kubernetes_control_backend_image}
size: kubernetes.control
ctl03:
name: ${_param:kubernetes_control_node03_hostname}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:kubernetes_control_backend_image}
size: kubernetes.control
diff --git a/salt/control/cluster/kubernetes_proxy_cluster.yml b/salt/control/cluster/kubernetes_proxy_cluster.yml
index 379a333..0a47f39 100644
--- a/salt/control/cluster/kubernetes_proxy_cluster.yml
+++ b/salt/control/cluster/kubernetes_proxy_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ kubernetes_proxy_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -16,10 +19,12 @@
name: ${_param:kubernetes_proxy_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:kubernetes_proxy_backend_image}
size: kubernetes.proxy
prx02:
name: ${_param:kubernetes_proxy_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:kubernetes_proxy_backend_image}
size: kubernetes.proxy
diff --git a/salt/control/cluster/opencontrail_analytics_cluster.yml b/salt/control/cluster/opencontrail_analytics_cluster.yml
index 37fb60a..b4e7b75 100644
--- a/salt/control/cluster/opencontrail_analytics_cluster.yml
+++ b/salt/control/cluster/opencontrail_analytics_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_trusty_image_backend: /var/lib/libvirt/images/backends/trusty.qcow2
+ opencontrail_analytics_backend_image: ${_param:salt_control_trusty_image_backend}
salt:
control:
size:
@@ -16,14 +19,17 @@
name: ${_param:opencontrail_analytics_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:opencontrail_analytics_backend_image}
size: opencontrail.analytics
nal02:
name: ${_param:opencontrail_analytics_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:opencontrail_analytics_backend_image}
size: opencontrail.analytics
nal03:
name: ${_param:opencontrail_analytics_node03_hostname}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:opencontrail_analytics_backend_image}
size: opencontrail.analytics
diff --git a/salt/control/cluster/opencontrail_control_cluster.yml b/salt/control/cluster/opencontrail_control_cluster.yml
index 10ddf5e..9d2fbb9 100644
--- a/salt/control/cluster/opencontrail_control_cluster.yml
+++ b/salt/control/cluster/opencontrail_control_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_trusty_image_backend: /var/lib/libvirt/images/backends/trusty.qcow2
+ opencontrail_control_backend_image: ${_param:salt_control_trusty_image_backend}
salt:
control:
size:
@@ -16,14 +19,17 @@
name: ${_param:opencontrail_control_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:opencontrail_control_backend_image}
size: opencontrail.control
ntw02:
name: ${_param:opencontrail_control_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:opencontrail_control_backend_image}
size: opencontrail.control
ntw03:
name: ${_param:opencontrail_control_node03_hostname}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:opencontrail_control_backend_image}
size: opencontrail.control
diff --git a/salt/control/cluster/openstack_barbican_cluster.yml b/salt/control/cluster/openstack_barbican_cluster.yml
new file mode 100644
index 0000000..b24c0fa
--- /dev/null
+++ b/salt/control/cluster/openstack_barbican_cluster.yml
@@ -0,0 +1,35 @@
+parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ openstack_barbican_backend_image: ${_param:salt_control_xenial_image_backend}
+ salt:
+ control:
+ size:
+ openstack.barbican:
+ cpu: 4
+ ram: 8192
+ disk_profile: large
+ net_profile: default
+ cluster:
+ internal:
+ domain: ${_param:cluster_domain}
+ engine: virt
+ node:
+ kmn01:
+ name: ${_param:openstack_barbican_node01_hostname}
+ provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
+ image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_barbican_backend_image}
+ size: openstack.barbican
+ kmn02:
+ name: ${_param:openstack_barbican_node02_hostname}
+ provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
+ image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_barbican_backend_image}
+ size: openstack.barbican
+ kmn03:
+ name: ${_param:openstack_barbican_node03_hostname}
+ provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
+ image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_barbican_backend_image}
+ size: openstack.barbican
diff --git a/salt/control/cluster/openstack_baremetal_cluster.yml b/salt/control/cluster/openstack_baremetal_cluster.yml
index 4dd62e4..f166484 100644
--- a/salt/control/cluster/openstack_baremetal_cluster.yml
+++ b/salt/control/cluster/openstack_baremetal_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ openstack_baremetal_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -16,14 +19,17 @@
name: ${_param:openstack_baremetal_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_baremetal_backend_image}
size: openstack.baremetal
bmt02:
name: ${_param:openstack_baremetal_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_baremetal_backend_image}
size: openstack.baremetal
bmt03:
name: ${_param:openstack_baremetal_node03_hostname}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_baremetal_backend_image}
size: openstack.baremetal
diff --git a/salt/control/cluster/openstack_baremetal_single.yml b/salt/control/cluster/openstack_baremetal_single.yml
index f0aa319..853f45e 100644
--- a/salt/control/cluster/openstack_baremetal_single.yml
+++ b/salt/control/cluster/openstack_baremetal_single.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ openstack_baremetal_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -16,4 +19,5 @@
name: ${_param:openstack_baremetal_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_baremetal_backend_image}
size: openstack.baremetal
diff --git a/salt/control/cluster/openstack_benchmark_single.yml b/salt/control/cluster/openstack_benchmark_single.yml
index ea10fc3..83c18f5 100644
--- a/salt/control/cluster/openstack_benchmark_single.yml
+++ b/salt/control/cluster/openstack_benchmark_single.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_trusty_image_backend: /var/lib/libvirt/images/backends/trusty.qcow2
+ openstack_benchmark_backend_image: ${_param:salt_control_trusty_image_backend}
salt:
control:
size:
@@ -16,4 +19,5 @@
name: ${_param:openstack_benchmark_node01_hostname}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:openstack_benchmark_backend_image}
size: openstack.benchmark
diff --git a/salt/control/cluster/openstack_billing_single.yml b/salt/control/cluster/openstack_billing_single.yml
index f8dacf7..36f9824 100644
--- a/salt/control/cluster/openstack_billing_single.yml
+++ b/salt/control/cluster/openstack_billing_single.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_trusty_image_backend: /var/lib/libvirt/images/backends/trusty.qcow2
+ openstack_billing_backend_image: ${_param:salt_control_trusty_image_backend}
salt:
control:
size:
@@ -15,4 +18,5 @@
bil01:
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:openstack_billing_backend_image}
size: openstack.control
diff --git a/salt/control/cluster/openstack_control_cluster.yml b/salt/control/cluster/openstack_control_cluster.yml
index f28a7d0..328cfd0 100644
--- a/salt/control/cluster/openstack_control_cluster.yml
+++ b/salt/control/cluster/openstack_control_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_trusty_image_backend: /var/lib/libvirt/images/backends/trusty.qcow2
+ openstack_control_backend_image: ${_param:salt_control_trusty_image_backend}
salt:
control:
size:
@@ -16,14 +19,17 @@
name: ${_param:openstack_control_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:openstack_control_backend_image}
size: openstack.control
ctl02:
name: ${_param:openstack_control_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:openstack_control_backend_image}
size: openstack.control
ctl03:
name: ${_param:openstack_control_node03_hostname}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:openstack_control_backend_image}
size: openstack.control
diff --git a/salt/control/cluster/openstack_database_cluster.yml b/salt/control/cluster/openstack_database_cluster.yml
index 2a00308..acbcc36 100644
--- a/salt/control/cluster/openstack_database_cluster.yml
+++ b/salt/control/cluster/openstack_database_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_trusty_image_backend: /var/lib/libvirt/images/backends/trusty.qcow2
+ openstack_database_backend_image: ${_param:salt_control_trusty_image_backend}
salt:
control:
size:
@@ -16,14 +19,17 @@
name: ${_param:openstack_database_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:openstack_database_backend_image}
size: openstack.database
dbs02:
name: ${_param:openstack_database_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:openstack_database_backend_image}
size: openstack.database
dbs03:
name: ${_param:openstack_database_node03_hostname}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:openstack_database_backend_image}
size: openstack.database
diff --git a/salt/control/cluster/openstack_dns_cluster.yml b/salt/control/cluster/openstack_dns_cluster.yml
index 7f1dbb8..6fcc546 100644
--- a/salt/control/cluster/openstack_dns_cluster.yml
+++ b/salt/control/cluster/openstack_dns_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ openstack_dns_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -16,9 +19,11 @@
name: ${_param:openstack_dns_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_dns_backend_image}
size: openstack.dns
dns02:
name: ${_param:openstack_dns_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_dns_backend_image}
size: openstack.dns
diff --git a/salt/control/cluster/openstack_gateway_cluster.yml b/salt/control/cluster/openstack_gateway_cluster.yml
index 1a7e06b..8475004 100644
--- a/salt/control/cluster/openstack_gateway_cluster.yml
+++ b/salt/control/cluster/openstack_gateway_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ openstack_gateway_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -16,14 +19,17 @@
name: ${_param:openstack_gateway_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_gateway_backend_image}
size: openstack.gateway
gtw02:
name: ${_param:openstack_gateway_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_gateway_backend_image}
size: openstack.gateway
gtw03:
name: ${_param:openstack_gateway_node03_hostname}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_gateway_backend_image}
size: openstack.gateway
diff --git a/salt/control/cluster/openstack_gateway_single.yml b/salt/control/cluster/openstack_gateway_single.yml
index 801ee0c..e240d12 100644
--- a/salt/control/cluster/openstack_gateway_single.yml
+++ b/salt/control/cluster/openstack_gateway_single.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ openstack_gateway_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -16,4 +19,5 @@
name: ${_param:openstack_gateway_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_gateway_backend_image}
size: openstack.gateway
diff --git a/salt/control/cluster/openstack_manila_cluster.yml b/salt/control/cluster/openstack_manila_cluster.yml
new file mode 100644
index 0000000..477d6ca
--- /dev/null
+++ b/salt/control/cluster/openstack_manila_cluster.yml
@@ -0,0 +1,35 @@
+parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ openstack_manila_backend_image: ${_param:salt_control_xenial_image_backend}
+ salt:
+ control:
+ size:
+ openstack.manila:
+ cpu: 1
+ ram: 2048
+ disk_profile: large
+ net_profile: default
+ cluster:
+ internal:
+ domain: ${_param:cluster_domain}
+ engine: virt
+ node:
+ share01:
+ name: ${_param:openstack_share_node01_hostname}
+ provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
+ image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_manila_backend_image}
+ size: openstack.manila
+ share02:
+ name: ${_param:openstack_share_node02_hostname}
+ provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
+ image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_manila_backend_image}
+ size: openstack.manila
+ share03:
+ name: ${_param:openstack_share_node03_hostname}
+ provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
+ image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_manila_backend_image}
+ size: openstack.manila
diff --git a/salt/control/cluster/openstack_message_queue_cluster.yml b/salt/control/cluster/openstack_message_queue_cluster.yml
index cab5adb..f91faf6 100644
--- a/salt/control/cluster/openstack_message_queue_cluster.yml
+++ b/salt/control/cluster/openstack_message_queue_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_trusty_image_backend: /var/lib/libvirt/images/backends/trusty.qcow2
+ openstack_message_queue_backend_image: ${_param:salt_control_trusty_image_backend}
salt:
control:
size:
@@ -16,14 +19,17 @@
name: ${_param:openstack_message_queue_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:openstack_message_queue_backend_image}
size: openstack.message_queue
msg02:
name: ${_param:openstack_message_queue_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:openstack_message_queue_backend_image}
size: openstack.message_queue
msg03:
name: ${_param:openstack_message_queue_node03_hostname}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:openstack_message_queue_backend_image}
size: openstack.message_queue
diff --git a/salt/control/cluster/openstack_proxy_cluster.yml b/salt/control/cluster/openstack_proxy_cluster.yml
index 628dcd8..87a5176 100644
--- a/salt/control/cluster/openstack_proxy_cluster.yml
+++ b/salt/control/cluster/openstack_proxy_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_trusty_image_backend: /var/lib/libvirt/images/backends/trusty.qcow2
+ openstack_proxy_backend_image: ${_param:salt_control_trusty_image_backend}
salt:
control:
size:
@@ -16,10 +19,12 @@
name: ${_param:openstack_proxy_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:openstack_proxy_backend_image}
size: openstack.proxy
prx02:
name: ${_param:openstack_proxy_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:openstack_proxy_backend_image}
size: openstack.proxy
diff --git a/salt/control/cluster/openstack_proxy_single.yml b/salt/control/cluster/openstack_proxy_single.yml
index 8ad0baf..ca5c751 100644
--- a/salt/control/cluster/openstack_proxy_single.yml
+++ b/salt/control/cluster/openstack_proxy_single.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_trusty_image_backend: /var/lib/libvirt/images/backends/trusty.qcow2
+ openstack_proxy_backend_image: ${_param:salt_control_trusty_image_backend}
salt:
control:
size:
@@ -16,4 +19,5 @@
name: ${_param:openstack_proxy_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:openstack_proxy_backend_image}
size: openstack.proxy
diff --git a/salt/control/cluster/openstack_telemetry_cluster.yml b/salt/control/cluster/openstack_telemetry_cluster.yml
index 633b984..bbf6fd1 100644
--- a/salt/control/cluster/openstack_telemetry_cluster.yml
+++ b/salt/control/cluster/openstack_telemetry_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_trusty_image_backend: /var/lib/libvirt/images/backends/trusty.qcow2
+ openstack_telemetry_backend_image: ${_param:salt_control_trusty_image_backend}
salt:
control:
size:
@@ -16,14 +19,17 @@
name: ${_param:openstack_telemetry_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:openstack_telemetry_backend_image}
size: openstack.telemetry
mdb02:
name: ${_param:openstack_telemetry_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:openstack_telemetry_backend_image}
size: openstack.telemetry
mdb03:
name: ${_param:openstack_telemetry_node03_hostname}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
+ backend: ${_param:openstack_telemetry_backend_image}
size: openstack.telemetry
diff --git a/salt/control/cluster/openstack_upgrade_single.yml b/salt/control/cluster/openstack_upgrade_single.yml
index 3189f3e..0b5e0fb 100644
--- a/salt/control/cluster/openstack_upgrade_single.yml
+++ b/salt/control/cluster/openstack_upgrade_single.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ openstack_upgrade_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -15,4 +18,5 @@
upg01:
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_upgrade_backend_image}
size: openstack.upgrade
diff --git a/salt/control/cluster/rsyslog_single.yml b/salt/control/cluster/rsyslog_single.yml
index 72e6c86..dd64869 100644
--- a/salt/control/cluster/rsyslog_single.yml
+++ b/salt/control/cluster/rsyslog_single.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ rsyslog_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -16,4 +19,5 @@
name: ${_param:rsyslog_node01_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:rsyslog_backend_image}
size: infra.rsyslog
diff --git a/salt/control/cluster/stacklight_log_cluster.yml b/salt/control/cluster/stacklight_log_cluster.yml
index e4c08b6..6d3dba9 100644
--- a/salt/control/cluster/stacklight_log_cluster.yml
+++ b/salt/control/cluster/stacklight_log_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ stacklight_log_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -16,14 +19,17 @@
name: ${_param:stacklight_log_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_log_backend_image}
size: stacklight.log
log02:
name: ${_param:stacklight_log_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_log_backend_image}
size: stacklight.log
log03:
name: ${_param:stacklight_log_node03_hostname}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_log_backend_image}
size: stacklight.log
diff --git a/salt/control/cluster/stacklight_server_cluster.yml b/salt/control/cluster/stacklight_server_cluster.yml
index 6e7da61..8ab6a9d 100644
--- a/salt/control/cluster/stacklight_server_cluster.yml
+++ b/salt/control/cluster/stacklight_server_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ stacklight_server_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -16,14 +19,17 @@
name: ${_param:stacklight_monitor_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_server_backend_image}
size: stacklight.server
mon02:
name: ${_param:stacklight_monitor_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_server_backend_image}
size: stacklight.server
mon03:
name: ${_param:stacklight_monitor_node03_hostname}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_server_backend_image}
size: stacklight.server
diff --git a/salt/control/cluster/stacklight_telemetry_cluster.yml b/salt/control/cluster/stacklight_telemetry_cluster.yml
index 1b39b61..4a58a23 100644
--- a/salt/control/cluster/stacklight_telemetry_cluster.yml
+++ b/salt/control/cluster/stacklight_telemetry_cluster.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ stacklight_telemetry_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -16,14 +19,17 @@
name: ${_param:stacklight_telemetry_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_telemetry_backend_image}
size: stacklight.telemetry
mtr02:
name: ${_param:stacklight_telemetry_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_telemetry_backend_image}
size: stacklight.telemetry
mtr03:
name: ${_param:stacklight_telemetry_node03_hostname}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_telemetry_backend_image}
size: stacklight.telemetry
diff --git a/salt/control/cluster/stacklight_telemetry_single.yml b/salt/control/cluster/stacklight_telemetry_single.yml
index 81fd6fb..3012dc6 100644
--- a/salt/control/cluster/stacklight_telemetry_single.yml
+++ b/salt/control/cluster/stacklight_telemetry_single.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ stacklight_telemetry_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
size:
@@ -16,4 +19,5 @@
name: ${_param:stacklight_telemetry_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_telemetry_backend_image}
size: stacklight.telemetry
diff --git a/salt/control/placement/cicd/compact.yml b/salt/control/placement/cicd/compact.yml
index 9bdf4a4..9f700f1 100644
--- a/salt/control/placement/cicd/compact.yml
+++ b/salt/control/placement/cicd/compact.yml
@@ -6,6 +6,8 @@
cicd_control_node01_hostname: cid01
cicd_control_node02_hostname: cid02
cicd_control_node03_hostname: cid03
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ cicd_control_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -14,15 +16,18 @@
cid01:
name: ${_param:cicd_control_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:cicd_control_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: cicd.control
cid02:
name: ${_param:cicd_control_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:cicd_control_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: cicd.control
cid03:
name: ${_param:cicd_control_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:cicd_control_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
- size: cicd.control
\ No newline at end of file
+ size: cicd.control
diff --git a/salt/control/placement/cicd/large.yml b/salt/control/placement/cicd/large.yml
index 9bdf4a4..9f700f1 100644
--- a/salt/control/placement/cicd/large.yml
+++ b/salt/control/placement/cicd/large.yml
@@ -6,6 +6,8 @@
cicd_control_node01_hostname: cid01
cicd_control_node02_hostname: cid02
cicd_control_node03_hostname: cid03
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ cicd_control_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -14,15 +16,18 @@
cid01:
name: ${_param:cicd_control_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:cicd_control_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: cicd.control
cid02:
name: ${_param:cicd_control_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:cicd_control_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: cicd.control
cid03:
name: ${_param:cicd_control_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:cicd_control_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
- size: cicd.control
\ No newline at end of file
+ size: cicd.control
diff --git a/salt/control/placement/cicd/medium.yml b/salt/control/placement/cicd/medium.yml
index 9bdf4a4..9f700f1 100644
--- a/salt/control/placement/cicd/medium.yml
+++ b/salt/control/placement/cicd/medium.yml
@@ -6,6 +6,8 @@
cicd_control_node01_hostname: cid01
cicd_control_node02_hostname: cid02
cicd_control_node03_hostname: cid03
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ cicd_control_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -14,15 +16,18 @@
cid01:
name: ${_param:cicd_control_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:cicd_control_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: cicd.control
cid02:
name: ${_param:cicd_control_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:cicd_control_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: cicd.control
cid03:
name: ${_param:cicd_control_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:cicd_control_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
- size: cicd.control
\ No newline at end of file
+ size: cicd.control
diff --git a/salt/control/placement/cicd/minimal.yml b/salt/control/placement/cicd/minimal.yml
index 9bdf4a4..9f700f1 100644
--- a/salt/control/placement/cicd/minimal.yml
+++ b/salt/control/placement/cicd/minimal.yml
@@ -6,6 +6,8 @@
cicd_control_node01_hostname: cid01
cicd_control_node02_hostname: cid02
cicd_control_node03_hostname: cid03
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ cicd_control_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -14,15 +16,18 @@
cid01:
name: ${_param:cicd_control_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:cicd_control_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: cicd.control
cid02:
name: ${_param:cicd_control_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:cicd_control_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: cicd.control
cid03:
name: ${_param:cicd_control_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:cicd_control_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
- size: cicd.control
\ No newline at end of file
+ size: cicd.control
diff --git a/salt/control/placement/cicd/small.yml b/salt/control/placement/cicd/small.yml
index 9bdf4a4..9f700f1 100644
--- a/salt/control/placement/cicd/small.yml
+++ b/salt/control/placement/cicd/small.yml
@@ -6,6 +6,8 @@
cicd_control_node01_hostname: cid01
cicd_control_node02_hostname: cid02
cicd_control_node03_hostname: cid03
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ cicd_control_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -14,15 +16,18 @@
cid01:
name: ${_param:cicd_control_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:cicd_control_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: cicd.control
cid02:
name: ${_param:cicd_control_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:cicd_control_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: cicd.control
cid03:
name: ${_param:cicd_control_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:cicd_control_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
- size: cicd.control
\ No newline at end of file
+ size: cicd.control
diff --git a/salt/control/placement/opencontrail/compact.yml b/salt/control/placement/opencontrail/compact.yml
index a619956..584b65e 100644
--- a/salt/control/placement/opencontrail/compact.yml
+++ b/salt/control/placement/opencontrail/compact.yml
@@ -9,6 +9,9 @@
opencontrail_analytics_node01_hostname: nal01
opencontrail_analytics_node02_hostname: nal02
opencontrail_analytics_node03_hostname: nal03
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ opencontrail_control_backend_image: ${_param:salt_control_xenial_image_backend}
+ opencontrail_analytics_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -17,30 +20,36 @@
ntw01:
name: ${_param:opencontrail_control_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_control_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: opencontrail.control
ntw02:
name: ${_param:opencontrail_control_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_control_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: opencontrail.control
ntw03:
name: ${_param:opencontrail_control_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_control_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: opencontrail.control
nal01:
name: ${_param:opencontrail_analytics_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_analytics_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: opencontrail.analytics
nal02:
name: ${_param:opencontrail_analytics_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_analytics_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: opencontrail.analytics
nal03:
name: ${_param:opencontrail_analytics_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_analytics_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
- size: opencontrail.analytics
\ No newline at end of file
+ size: opencontrail.analytics
diff --git a/salt/control/placement/opencontrail/large.yml b/salt/control/placement/opencontrail/large.yml
index 1aabd0d..d7e662c 100644
--- a/salt/control/placement/opencontrail/large.yml
+++ b/salt/control/placement/opencontrail/large.yml
@@ -9,6 +9,9 @@
opencontrail_analytics_node01_hostname: nal01
opencontrail_analytics_node02_hostname: nal02
opencontrail_analytics_node03_hostname: nal03
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ opencontrail_control_backend_image: ${_param:salt_control_xenial_image_backend}
+ opencontrail_analytics_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -17,30 +20,36 @@
ntw01:
name: ${_param:opencontrail_control_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_control_backend_image}
provider: ${_param:infra_kvm_node10_hostname}.${_param:cluster_domain}
size: opencontrail.control
ntw02:
name: ${_param:opencontrail_control_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_control_backend_image}
provider: ${_param:infra_kvm_node11_hostname}.${_param:cluster_domain}
size: opencontrail.control
ntw03:
name: ${_param:opencontrail_control_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_control_backend_image}
provider: ${_param:infra_kvm_node12_hostname}.${_param:cluster_domain}
size: opencontrail.control
nal01:
name: ${_param:opencontrail_analytics_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_analytics_backend_image}
provider: ${_param:infra_kvm_node10_hostname}.${_param:cluster_domain}
size: opencontrail.analytics
nal02:
name: ${_param:opencontrail_analytics_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_analytics_backend_image}
provider: ${_param:infra_kvm_node11_hostname}.${_param:cluster_domain}
size: opencontrail.analytics
nal03:
name: ${_param:opencontrail_analytics_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_analytics_backend_image}
provider: ${_param:infra_kvm_node12_hostname}.${_param:cluster_domain}
- size: opencontrail.analytics
\ No newline at end of file
+ size: opencontrail.analytics
diff --git a/salt/control/placement/opencontrail/medium.yml b/salt/control/placement/opencontrail/medium.yml
index dfc32f3..448cd23 100644
--- a/salt/control/placement/opencontrail/medium.yml
+++ b/salt/control/placement/opencontrail/medium.yml
@@ -9,6 +9,9 @@
opencontrail_analytics_node01_hostname: nal01
opencontrail_analytics_node02_hostname: nal02
opencontrail_analytics_node03_hostname: nal03
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ opencontrail_control_backend_image: ${_param:salt_control_xenial_image_backend}
+ opencontrail_analytics_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -17,30 +20,36 @@
ntw01:
name: ${_param:opencontrail_control_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_control_backend_image}
provider: ${_param:infra_kvm_node07_hostname}.${_param:cluster_domain}
size: opencontrail.control
ntw02:
name: ${_param:opencontrail_control_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_control_backend_image}
provider: ${_param:infra_kvm_node08_hostname}.${_param:cluster_domain}
size: opencontrail.control
ntw03:
name: ${_param:opencontrail_control_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_control_backend_image}
provider: ${_param:infra_kvm_node09_hostname}.${_param:cluster_domain}
size: opencontrail.control
nal01:
name: ${_param:opencontrail_analytics_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_analytics_backend_image}
provider: ${_param:infra_kvm_node07_hostname}.${_param:cluster_domain}
size: opencontrail.analytics
nal02:
name: ${_param:opencontrail_analytics_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_analytics_backend_image}
provider: ${_param:infra_kvm_node08_hostname}.${_param:cluster_domain}
size: opencontrail.analytics
nal03:
name: ${_param:opencontrail_analytics_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_analytics_backend_image}
provider: ${_param:infra_kvm_node09_hostname}.${_param:cluster_domain}
- size: opencontrail.analytics
\ No newline at end of file
+ size: opencontrail.analytics
diff --git a/salt/control/placement/opencontrail/minimal.yml b/salt/control/placement/opencontrail/minimal.yml
index a619956..584b65e 100644
--- a/salt/control/placement/opencontrail/minimal.yml
+++ b/salt/control/placement/opencontrail/minimal.yml
@@ -9,6 +9,9 @@
opencontrail_analytics_node01_hostname: nal01
opencontrail_analytics_node02_hostname: nal02
opencontrail_analytics_node03_hostname: nal03
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ opencontrail_control_backend_image: ${_param:salt_control_xenial_image_backend}
+ opencontrail_analytics_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -17,30 +20,36 @@
ntw01:
name: ${_param:opencontrail_control_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_control_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: opencontrail.control
ntw02:
name: ${_param:opencontrail_control_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_control_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: opencontrail.control
ntw03:
name: ${_param:opencontrail_control_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_control_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: opencontrail.control
nal01:
name: ${_param:opencontrail_analytics_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_analytics_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: opencontrail.analytics
nal02:
name: ${_param:opencontrail_analytics_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_analytics_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: opencontrail.analytics
nal03:
name: ${_param:opencontrail_analytics_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_analytics_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
- size: opencontrail.analytics
\ No newline at end of file
+ size: opencontrail.analytics
diff --git a/salt/control/placement/opencontrail/small.yml b/salt/control/placement/opencontrail/small.yml
index a619956..584b65e 100644
--- a/salt/control/placement/opencontrail/small.yml
+++ b/salt/control/placement/opencontrail/small.yml
@@ -9,6 +9,9 @@
opencontrail_analytics_node01_hostname: nal01
opencontrail_analytics_node02_hostname: nal02
opencontrail_analytics_node03_hostname: nal03
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ opencontrail_control_backend_image: ${_param:salt_control_xenial_image_backend}
+ opencontrail_analytics_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -17,30 +20,36 @@
ntw01:
name: ${_param:opencontrail_control_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_control_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: opencontrail.control
ntw02:
name: ${_param:opencontrail_control_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_control_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: opencontrail.control
ntw03:
name: ${_param:opencontrail_control_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_control_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: opencontrail.control
nal01:
name: ${_param:opencontrail_analytics_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_analytics_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: opencontrail.analytics
nal02:
name: ${_param:opencontrail_analytics_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_analytics_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: opencontrail.analytics
nal03:
name: ${_param:opencontrail_analytics_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:opencontrail_analytics_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
- size: opencontrail.analytics
\ No newline at end of file
+ size: opencontrail.analytics
diff --git a/salt/control/placement/openstack/compact.yml b/salt/control/placement/openstack/compact.yml
index 8c62e28..83f2254 100644
--- a/salt/control/placement/openstack/compact.yml
+++ b/salt/control/placement/openstack/compact.yml
@@ -14,6 +14,11 @@
openstack_message_queue_node03_hostname: msg03
openstack_proxy_node01_hostname: prx01
openstack_proxy_node02_hostname: prx02
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ openstack_control_backend_image: ${_param:salt_control_xenial_image_backend}
+ openstack_database_backend_image: ${_param:salt_control_xenial_image_backend}
+ openstack_message_queue_backend_image: ${_param:salt_control_xenial_image_backend}
+ openstack_proxy_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -22,55 +27,66 @@
ctl01:
name: ${_param:openstack_control_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_control_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: openstack.control
ctl02:
name: ${_param:openstack_control_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_control_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: openstack.control
ctl03:
name: ${_param:openstack_control_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_control_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: openstack.control
dbs01:
name: ${_param:openstack_database_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_database_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: openstack.database
dbs02:
name: ${_param:openstack_database_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_database_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: openstack.database
dbs03:
name: ${_param:openstack_database_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_database_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: openstack.database
msg01:
name: ${_param:openstack_message_queue_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_message_queue_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: openstack.message_queue
msg02:
name: ${_param:openstack_message_queue_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_message_queue_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: openstack.message_queue
msg03:
name: ${_param:openstack_message_queue_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_message_queue_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: openstack.message_queue
prx01:
name: ${_param:openstack_proxy_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_proxy_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: openstack.proxy
prx02:
name: ${_param:openstack_proxy_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_proxy_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: openstack.proxy
diff --git a/salt/control/placement/openstack/large.yml b/salt/control/placement/openstack/large.yml
index cb056dd..f09d3f6 100644
--- a/salt/control/placement/openstack/large.yml
+++ b/salt/control/placement/openstack/large.yml
@@ -21,6 +21,11 @@
openstack_message_queue_node03_hostname: msg03
openstack_proxy_node01_hostname: prx01
openstack_proxy_node02_hostname: prx02
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ openstack_control_backend_image: ${_param:salt_control_xenial_image_backend}
+ openstack_database_backend_image: ${_param:salt_control_xenial_image_backend}
+ openstack_message_queue_backend_image: ${_param:salt_control_xenial_image_backend}
+ openstack_proxy_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -29,65 +34,78 @@
ctl01:
name: ${_param:openstack_control_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_control_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: openstack.control
ctl02:
name: ${_param:openstack_control_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_control_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: openstack.control
ctl03:
name: ${_param:openstack_control_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_control_backend_image}
provider: ${_param:infra_kvm_node04_hostname}.${_param:cluster_domain}
size: openstack.control
ctl04:
name: ${_param:openstack_control_node04_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_control_backend_image}
provider: ${_param:infra_kvm_node05_hostname}.${_param:cluster_domain}
size: openstack.control
ctl05:
name: ${_param:openstack_control_node05_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_control_backend_image}
provider: ${_param:infra_kvm_node06_hostname}.${_param:cluster_domain}
size: openstack.control
dbs01:
name: ${_param:openstack_database_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_database_backend_image}
provider: ${_param:infra_kvm_node04_hostname}.${_param:cluster_domain}
size: openstack.database
dbs02:
name: ${_param:openstack_database_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_database_backend_image}
provider: ${_param:infra_kvm_node05_hostname}.${_param:cluster_domain}
size: openstack.database
dbs03:
name: ${_param:openstack_database_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_database_backend_image}
provider: ${_param:infra_kvm_node06_hostname}.${_param:cluster_domain}
size: openstack.database
msg01:
name: ${_param:openstack_message_queue_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_message_queue_backend_image}
provider: ${_param:infra_kvm_node07_hostname}.${_param:cluster_domain}
size: openstack.message_queue
msg02:
name: ${_param:openstack_message_queue_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_message_queue_backend_image}
provider: ${_param:infra_kvm_node08_hostname}.${_param:cluster_domain}
size: openstack.message_queue
msg03:
name: ${_param:openstack_message_queue_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_message_queue_backend_image}
provider: ${_param:infra_kvm_node09_hostname}.${_param:cluster_domain}
size: openstack.message_queue
prx01:
name: ${_param:openstack_proxy_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_proxy_backend_image}
provider: ${_param:infra_kvm_node07_hostname}.${_param:cluster_domain}
size: openstack.proxy
prx02:
name: ${_param:openstack_proxy_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_proxy_backend_image}
provider: ${_param:infra_kvm_node08_hostname}.${_param:cluster_domain}
size: openstack.proxy
diff --git a/salt/control/placement/openstack/medium.yml b/salt/control/placement/openstack/medium.yml
index 7d0e166..2419c74 100644
--- a/salt/control/placement/openstack/medium.yml
+++ b/salt/control/placement/openstack/medium.yml
@@ -17,6 +17,11 @@
openstack_message_queue_node03_hostname: msg03
openstack_proxy_node01_hostname: prx01
openstack_proxy_node02_hostname: prx02
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ openstack_control_backend_image: ${_param:salt_control_xenial_image_backend}
+ openstack_database_backend_image: ${_param:salt_control_xenial_image_backend}
+ openstack_message_queue_backend_image: ${_param:salt_control_xenial_image_backend}
+ openstack_proxy_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -25,55 +30,66 @@
ctl01:
name: ${_param:openstack_control_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_control_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: openstack.control
ctl02:
name: ${_param:openstack_control_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_control_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: openstack.control
ctl03:
name: ${_param:openstack_control_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_control_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: openstack.control
dbs01:
name: ${_param:openstack_database_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_database_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: openstack.database
dbs02:
name: ${_param:openstack_database_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_database_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: openstack.database
dbs03:
name: ${_param:openstack_database_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_database_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: openstack.database
msg01:
name: ${_param:openstack_message_queue_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_message_queue_backend_image}
provider: ${_param:infra_kvm_node04_hostname}.${_param:cluster_domain}
size: openstack.message_queue
msg02:
name: ${_param:openstack_message_queue_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_message_queue_backend_image}
provider: ${_param:infra_kvm_node05_hostname}.${_param:cluster_domain}
size: openstack.message_queue
msg03:
name: ${_param:openstack_message_queue_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_message_queue_backend_image}
provider: ${_param:infra_kvm_node06_hostname}.${_param:cluster_domain}
size: openstack.message_queue
prx01:
name: ${_param:openstack_proxy_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_proxy_backend_image}
provider: ${_param:infra_kvm_node04_hostname}.${_param:cluster_domain}
size: openstack.proxy
prx02:
name: ${_param:openstack_proxy_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_proxy_backend_image}
provider: ${_param:infra_kvm_node05_hostname}.${_param:cluster_domain}
size: openstack.proxy
diff --git a/salt/control/placement/openstack/minimal.yml b/salt/control/placement/openstack/minimal.yml
index 8c62e28..83f2254 100644
--- a/salt/control/placement/openstack/minimal.yml
+++ b/salt/control/placement/openstack/minimal.yml
@@ -14,6 +14,11 @@
openstack_message_queue_node03_hostname: msg03
openstack_proxy_node01_hostname: prx01
openstack_proxy_node02_hostname: prx02
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ openstack_control_backend_image: ${_param:salt_control_xenial_image_backend}
+ openstack_database_backend_image: ${_param:salt_control_xenial_image_backend}
+ openstack_message_queue_backend_image: ${_param:salt_control_xenial_image_backend}
+ openstack_proxy_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -22,55 +27,66 @@
ctl01:
name: ${_param:openstack_control_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_control_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: openstack.control
ctl02:
name: ${_param:openstack_control_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_control_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: openstack.control
ctl03:
name: ${_param:openstack_control_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_control_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: openstack.control
dbs01:
name: ${_param:openstack_database_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_database_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: openstack.database
dbs02:
name: ${_param:openstack_database_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_database_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: openstack.database
dbs03:
name: ${_param:openstack_database_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_database_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: openstack.database
msg01:
name: ${_param:openstack_message_queue_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_message_queue_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: openstack.message_queue
msg02:
name: ${_param:openstack_message_queue_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_message_queue_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: openstack.message_queue
msg03:
name: ${_param:openstack_message_queue_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_message_queue_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: openstack.message_queue
prx01:
name: ${_param:openstack_proxy_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_proxy_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: openstack.proxy
prx02:
name: ${_param:openstack_proxy_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_proxy_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: openstack.proxy
diff --git a/salt/control/placement/openstack/small.yml b/salt/control/placement/openstack/small.yml
index 8c62e28..83f2254 100644
--- a/salt/control/placement/openstack/small.yml
+++ b/salt/control/placement/openstack/small.yml
@@ -14,6 +14,11 @@
openstack_message_queue_node03_hostname: msg03
openstack_proxy_node01_hostname: prx01
openstack_proxy_node02_hostname: prx02
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ openstack_control_backend_image: ${_param:salt_control_xenial_image_backend}
+ openstack_database_backend_image: ${_param:salt_control_xenial_image_backend}
+ openstack_message_queue_backend_image: ${_param:salt_control_xenial_image_backend}
+ openstack_proxy_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -22,55 +27,66 @@
ctl01:
name: ${_param:openstack_control_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_control_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: openstack.control
ctl02:
name: ${_param:openstack_control_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_control_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: openstack.control
ctl03:
name: ${_param:openstack_control_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_control_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: openstack.control
dbs01:
name: ${_param:openstack_database_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_database_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: openstack.database
dbs02:
name: ${_param:openstack_database_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_database_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: openstack.database
dbs03:
name: ${_param:openstack_database_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_database_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: openstack.database
msg01:
name: ${_param:openstack_message_queue_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_message_queue_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: openstack.message_queue
msg02:
name: ${_param:openstack_message_queue_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_message_queue_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: openstack.message_queue
msg03:
name: ${_param:openstack_message_queue_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_message_queue_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: openstack.message_queue
prx01:
name: ${_param:openstack_proxy_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_proxy_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: openstack.proxy
prx02:
name: ${_param:openstack_proxy_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_proxy_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: openstack.proxy
diff --git a/salt/control/placement/ovs/compact.yml b/salt/control/placement/ovs/compact.yml
index 3102b3e..de0569c 100644
--- a/salt/control/placement/ovs/compact.yml
+++ b/salt/control/placement/ovs/compact.yml
@@ -6,6 +6,8 @@
openstack_gateway_node01_hostname: gtw01
openstack_gateway_node02_hostname: gtw02
openstack_gateway_node03_hostname: gtw03
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ openstack_gateway_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -14,15 +16,18 @@
gtw01:
name: ${_param:openstack_gateway_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_gateway_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: openstack.gateway
gtw02:
name: ${_param:openstack_gateway_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_gateway_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: openstack.gateway
gtw03:
name: ${_param:openstack_gateway_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_gateway_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
- size: openstack.gateway
\ No newline at end of file
+ size: openstack.gateway
diff --git a/salt/control/placement/ovs/minimal.yml b/salt/control/placement/ovs/minimal.yml
index 3102b3e..de0569c 100644
--- a/salt/control/placement/ovs/minimal.yml
+++ b/salt/control/placement/ovs/minimal.yml
@@ -6,6 +6,8 @@
openstack_gateway_node01_hostname: gtw01
openstack_gateway_node02_hostname: gtw02
openstack_gateway_node03_hostname: gtw03
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ openstack_gateway_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -14,15 +16,18 @@
gtw01:
name: ${_param:openstack_gateway_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_gateway_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: openstack.gateway
gtw02:
name: ${_param:openstack_gateway_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_gateway_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: openstack.gateway
gtw03:
name: ${_param:openstack_gateway_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_gateway_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
- size: openstack.gateway
\ No newline at end of file
+ size: openstack.gateway
diff --git a/salt/control/placement/ovs/small.yml b/salt/control/placement/ovs/small.yml
index 3102b3e..de0569c 100644
--- a/salt/control/placement/ovs/small.yml
+++ b/salt/control/placement/ovs/small.yml
@@ -6,6 +6,8 @@
openstack_gateway_node01_hostname: gtw01
openstack_gateway_node02_hostname: gtw02
openstack_gateway_node03_hostname: gtw03
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ openstack_gateway_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -14,15 +16,18 @@
gtw01:
name: ${_param:openstack_gateway_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_gateway_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: openstack.gateway
gtw02:
name: ${_param:openstack_gateway_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_gateway_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: openstack.gateway
gtw03:
name: ${_param:openstack_gateway_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:openstack_gateway_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
- size: openstack.gateway
\ No newline at end of file
+ size: openstack.gateway
diff --git a/salt/control/placement/stacklight/compact.yml b/salt/control/placement/stacklight/compact.yml
index 2cde570..e03ea85 100644
--- a/salt/control/placement/stacklight/compact.yml
+++ b/salt/control/placement/stacklight/compact.yml
@@ -12,6 +12,10 @@
stacklight_telemetry_node01_hostname: mtr01
stacklight_telemetry_node02_hostname: mtr02
stacklight_telemetry_node03_hostname: mtr03
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ stacklight_log_backend_image: ${_param:salt_control_xenial_image_backend}
+ stacklight_monitor_backend_image: ${_param:salt_control_xenial_image_backend}
+ stacklight_telemetry_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -20,45 +24,54 @@
mtr01:
name: ${_param:stacklight_telemetry_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_telemetry_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: stacklight.telemetry
mtr02:
name: ${_param:stacklight_telemetry_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_telemetry_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: stacklight.telemetry
mtr03:
name: ${_param:stacklight_telemetry_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_telemetry_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: stacklight.telemetry
log01:
name: ${_param:stacklight_log_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_log_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: stacklight.log
log02:
name: ${_param:stacklight_log_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_log_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: stacklight.log
log03:
name: ${_param:stacklight_log_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_log_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: stacklight.log
mon01:
name: ${_param:stacklight_monitor_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_monitor_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: stacklight.server
mon02:
name: ${_param:stacklight_monitor_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_monitor_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: stacklight.server
mon03:
name: ${_param:stacklight_monitor_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_monitor_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
- size: stacklight.server
\ No newline at end of file
+ size: stacklight.server
diff --git a/salt/control/placement/stacklight/large.yml b/salt/control/placement/stacklight/large.yml
index 7b380d8..7b1f716 100644
--- a/salt/control/placement/stacklight/large.yml
+++ b/salt/control/placement/stacklight/large.yml
@@ -12,6 +12,10 @@
stacklight_telemetry_node01_hostname: mtr01
stacklight_telemetry_node02_hostname: mtr02
stacklight_telemetry_node03_hostname: mtr03
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ stacklight_log_backend_image: ${_param:salt_control_xenial_image_backend}
+ stacklight_monitor_backend_image: ${_param:salt_control_xenial_image_backend}
+ stacklight_telemetry_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -20,45 +24,54 @@
mtr01:
name: ${_param:stacklight_telemetry_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_telemetry_backend_image}
provider: ${_param:infra_kvm_node13_hostname}.${_param:cluster_domain}
size: stacklight.telemetry
mtr02:
name: ${_param:stacklight_telemetry_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_telemetry_backend_image}
provider: ${_param:infra_kvm_node14_hostname}.${_param:cluster_domain}
size: stacklight.telemetry
mtr03:
name: ${_param:stacklight_telemetry_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_telemetry_backend_image}
provider: ${_param:infra_kvm_node15_hostname}.${_param:cluster_domain}
size: stacklight.telemetry
log01:
name: ${_param:stacklight_log_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_log_backend_image}
provider: ${_param:infra_kvm_node13_hostname}.${_param:cluster_domain}
size: stacklight.log
log02:
name: ${_param:stacklight_log_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_log_backend_image}
provider: ${_param:infra_kvm_node14_hostname}.${_param:cluster_domain}
size: stacklight.log
log03:
name: ${_param:stacklight_log_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_log_backend_image}
provider: ${_param:infra_kvm_node15_hostname}.${_param:cluster_domain}
size: stacklight.log
mon01:
name: ${_param:stacklight_monitor_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_monitor_backend_image}
provider: ${_param:infra_kvm_node13_hostname}.${_param:cluster_domain}
size: stacklight.server
mon02:
name: ${_param:stacklight_monitor_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_monitor_backend_image}
provider: ${_param:infra_kvm_node14_hostname}.${_param:cluster_domain}
size: stacklight.server
mon03:
name: ${_param:stacklight_monitor_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_monitor_backend_image}
provider: ${_param:infra_kvm_node15_hostname}.${_param:cluster_domain}
- size: stacklight.server
\ No newline at end of file
+ size: stacklight.server
diff --git a/salt/control/placement/stacklight/medium.yml b/salt/control/placement/stacklight/medium.yml
index 7f54f4d..a9643fe 100644
--- a/salt/control/placement/stacklight/medium.yml
+++ b/salt/control/placement/stacklight/medium.yml
@@ -12,6 +12,10 @@
stacklight_telemetry_node01_hostname: mtr01
stacklight_telemetry_node02_hostname: mtr02
stacklight_telemetry_node03_hostname: mtr03
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ stacklight_log_backend_image: ${_param:salt_control_xenial_image_backend}
+ stacklight_monitor_backend_image: ${_param:salt_control_xenial_image_backend}
+ stacklight_telemetry_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -20,45 +24,54 @@
mtr01:
name: ${_param:stacklight_telemetry_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_telemetry_backend_image}
provider: ${_param:infra_kvm_node10_hostname}.${_param:cluster_domain}
size: stacklight.telemetry
mtr02:
name: ${_param:stacklight_telemetry_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_telemetry_backend_image}
provider: ${_param:infra_kvm_node11_hostname}.${_param:cluster_domain}
size: stacklight.telemetry
mtr03:
name: ${_param:stacklight_telemetry_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_telemetry_backend_image}
provider: ${_param:infra_kvm_node12_hostname}.${_param:cluster_domain}
size: stacklight.telemetry
log01:
name: ${_param:stacklight_log_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_log_backend_image}
provider: ${_param:infra_kvm_node10_hostname}.${_param:cluster_domain}
size: stacklight.log
- lop02:
+ log02:
name: ${_param:stacklight_log_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_log_backend_image}
provider: ${_param:infra_kvm_node11_hostname}.${_param:cluster_domain}
size: stacklight.log
log03:
name: ${_param:stacklight_log_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_log_backend_image}
provider: ${_param:infra_kvm_node12_hostname}.${_param:cluster_domain}
size: stacklight.log
mon01:
name: ${_param:stacklight_monitor_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_monitor_backend_image}
provider: ${_param:infra_kvm_node10_hostname}.${_param:cluster_domain}
size: stacklight.server
mon02:
name: ${_param:stacklight_monitor_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_monitor_backend_image}
provider: ${_param:infra_kvm_node11_hostname}.${_param:cluster_domain}
size: stacklight.server
mon03:
name: ${_param:stacklight_monitor_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_monitor_backend_image}
provider: ${_param:infra_kvm_node12_hostname}.${_param:cluster_domain}
- size: stacklight.server
\ No newline at end of file
+ size: stacklight.server
diff --git a/salt/control/placement/stacklight/minimal.yml b/salt/control/placement/stacklight/minimal.yml
index 2cde570..e03ea85 100644
--- a/salt/control/placement/stacklight/minimal.yml
+++ b/salt/control/placement/stacklight/minimal.yml
@@ -12,6 +12,10 @@
stacklight_telemetry_node01_hostname: mtr01
stacklight_telemetry_node02_hostname: mtr02
stacklight_telemetry_node03_hostname: mtr03
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ stacklight_log_backend_image: ${_param:salt_control_xenial_image_backend}
+ stacklight_monitor_backend_image: ${_param:salt_control_xenial_image_backend}
+ stacklight_telemetry_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -20,45 +24,54 @@
mtr01:
name: ${_param:stacklight_telemetry_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_telemetry_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: stacklight.telemetry
mtr02:
name: ${_param:stacklight_telemetry_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_telemetry_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: stacklight.telemetry
mtr03:
name: ${_param:stacklight_telemetry_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_telemetry_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: stacklight.telemetry
log01:
name: ${_param:stacklight_log_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_log_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: stacklight.log
log02:
name: ${_param:stacklight_log_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_log_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: stacklight.log
log03:
name: ${_param:stacklight_log_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_log_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
size: stacklight.log
mon01:
name: ${_param:stacklight_monitor_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_monitor_backend_image}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
size: stacklight.server
mon02:
name: ${_param:stacklight_monitor_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_monitor_backend_image}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
size: stacklight.server
mon03:
name: ${_param:stacklight_monitor_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_monitor_backend_image}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
- size: stacklight.server
\ No newline at end of file
+ size: stacklight.server
diff --git a/salt/control/placement/stacklight/small.yml b/salt/control/placement/stacklight/small.yml
index e16a7cb..fec0fbf 100644
--- a/salt/control/placement/stacklight/small.yml
+++ b/salt/control/placement/stacklight/small.yml
@@ -12,6 +12,10 @@
stacklight_telemetry_node01_hostname: mtr01
stacklight_telemetry_node02_hostname: mtr02
stacklight_telemetry_node03_hostname: mtr03
+ salt_control_xenial_image_backend: /var/lib/libvirt/images/backends/xenial.qcow2
+ stacklight_log_backend_image: ${_param:salt_control_xenial_image_backend}
+ stacklight_monitor_backend_image: ${_param:salt_control_xenial_image_backend}
+ stacklight_telemetry_backend_image: ${_param:salt_control_xenial_image_backend}
salt:
control:
cluster:
@@ -20,45 +24,54 @@
mtr01:
name: ${_param:stacklight_telemetry_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_telemetry_backend_image}
provider: ${_param:infra_kvm_node04_hostname}.${_param:cluster_domain}
size: stacklight.telemetry
mtr02:
name: ${_param:stacklight_telemetry_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_telemetry_backend_image}
provider: ${_param:infra_kvm_node05_hostname}.${_param:cluster_domain}
size: stacklight.telemetry
mtr03:
name: ${_param:stacklight_telemetry_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_telemetry_backend_image}
provider: ${_param:infra_kvm_node06_hostname}.${_param:cluster_domain}
size: stacklight.telemetry
log01:
name: ${_param:stacklight_log_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_log_backend_image}
provider: ${_param:infra_kvm_node04_hostname}.${_param:cluster_domain}
size: stacklight.log
log02:
name: ${_param:stacklight_log_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_log_backend_image}
provider: ${_param:infra_kvm_node05_hostname}.${_param:cluster_domain}
size: stacklight.log
log03:
name: ${_param:stacklight_log_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_log_backend_image}
provider: ${_param:infra_kvm_node06_hostname}.${_param:cluster_domain}
size: stacklight.log
mon01:
name: ${_param:stacklight_monitor_node01_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_monitor_backend_image}
provider: ${_param:infra_kvm_node04_hostname}.${_param:cluster_domain}
size: stacklight.server
mon02:
name: ${_param:stacklight_monitor_node02_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_monitor_backend_image}
provider: ${_param:infra_kvm_node05_hostname}.${_param:cluster_domain}
size: stacklight.server
mon03:
name: ${_param:stacklight_monitor_node03_hostname}
image: ${_param:salt_control_xenial_image}
+ backend: ${_param:stacklight_monitor_backend_image}
provider: ${_param:infra_kvm_node06_hostname}.${_param:cluster_domain}
- size: stacklight.server
\ No newline at end of file
+ size: stacklight.server
diff --git a/salt/master/formula/git/openscap.yml b/salt/master/formula/git/openscap.yml
new file mode 100644
index 0000000..a091ffe
--- /dev/null
+++ b/salt/master/formula/git/openscap.yml
@@ -0,0 +1,10 @@
+parameters:
+ salt:
+ master:
+ environment:
+ dev:
+ formula:
+ openscap:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-openscap.git'
+ revision: ${_param:salt_master_environment_revision}
diff --git a/salt/master/formula/pkg/openscap.yml b/salt/master/formula/pkg/openscap.yml
new file mode 100644
index 0000000..ebb6e86
--- /dev/null
+++ b/salt/master/formula/pkg/openscap.yml
@@ -0,0 +1,9 @@
+parameters:
+ salt:
+ master:
+ environment:
+ prd:
+ formula:
+ openscap:
+ source: pkg
+ name: salt-formula-openscap
diff --git a/salt/master/pillar/composite/reclass.yml b/salt/master/pillar/composite/reclass.yml
index 0b5443b..601f3bf 100644
--- a/salt/master/pillar/composite/reclass.yml
+++ b/salt/master/pillar/composite/reclass.yml
@@ -1,2 +1,15 @@
classes:
- service.salt.master.pillar.composite.reclass
+
+parameters:
+ salt:
+ master:
+ pillar:
+ reclass:
+ allow_none_override: True
+
+ # NOTE, it's not good practice to combine formula pillars here
+ # exception: in this case is required to sync the same options
+ reclass:
+ storage:
+ allow_none_override: True
diff --git a/salt/master/pillar/reclass.yml b/salt/master/pillar/reclass.yml
index cfeca33..8b88bf4 100644
--- a/salt/master/pillar/reclass.yml
+++ b/salt/master/pillar/reclass.yml
@@ -1,2 +1,9 @@
classes:
- service.salt.master.pillar.reclass
+
+parameters:
+ salt:
+ master:
+ pillar:
+ engine: reclass
+ data_dir: /srv/salt/reclass
diff --git a/salt/minion/cert/barbican.yml b/salt/minion/cert/barbican.yml
new file mode 100644
index 0000000..f499732
--- /dev/null
+++ b/salt/minion/cert/barbican.yml
@@ -0,0 +1,20 @@
+parameters:
+ _param:
+ salt_minion_ca_host: kmn01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ barbican_cert_alternative_names: IP:127.0.0.1,IP:${_param:cluster_local_address},IP:${_param:cluster_vip_address},DNS:${linux:system:name},DNS:${linux:network:fqdn}
+ salt:
+ minion:
+ cert:
+ barbican_server:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: barbican_server
+ signing_policy: cert_server
+ alternative_names: ${_param:barbican_cert_alternative_names}
+ key_file: ${barbican:server:ssl:key_file}
+ cert_file: ${barbican:server:ssl:cert_file}
+ all_file: ${barbican:server:ssl:all_file}
+ ca_file: ${barbican:server:ssl:ca_file}
+ enabled: true
+ engine: salt
diff --git a/salt/minion/cert/mysql/clients/openstack/aodh.yml b/salt/minion/cert/mysql/clients/openstack/aodh.yml
new file mode 100644
index 0000000..ba5ef52
--- /dev/null
+++ b/salt/minion/cert/mysql/clients/openstack/aodh.yml
@@ -0,0 +1,27 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ mysql_aodh_client_ssl_key_file: /etc/aodh/ssl/mysql/client-key.pem
+ mysql_aodh_client_ssl_cert_file: /etc/aodh/ssl/mysql/client-cert.pem
+ mysql_aodh_ssl_ca_file: /etc/aodh/ssl/mysql/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ mysql-aodh-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: mysql-aodh-client
+ signing_policy: cert_client
+ alternative_names: >
+ IP:${_param:cluster_local_address},
+ DNS:${_param:cluster_local_address},
+ DNS:${linux:system:name},
+ DNS:${linux:network:fqdn}
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:mysql_aodh_client_ssl_key_file}
+ cert_file: ${_param:mysql_aodh_client_ssl_cert_file}
+ ca_file: ${_param:mysql_aodh_ssl_ca_file}
+ user: aodh
+ group: aodh
+ mode: 640
diff --git a/salt/minion/cert/mysql/clients/openstack/barbican.yml b/salt/minion/cert/mysql/clients/openstack/barbican.yml
new file mode 100644
index 0000000..8d158ee
--- /dev/null
+++ b/salt/minion/cert/mysql/clients/openstack/barbican.yml
@@ -0,0 +1,27 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ mysql_barbican_client_ssl_key_file: /etc/barbican/ssl/mysql/client-key.pem
+ mysql_barbican_client_ssl_cert_file: /etc/barbican/ssl/mysql/client-cert.pem
+ mysql_barbican_ssl_ca_file: /etc/barbican/ssl/mysql/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ mysql-barbican-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: mysql-barbican-client
+ signing_policy: cert_client
+ alternative_names: >
+ IP:${_param:cluster_local_address},
+ DNS:${_param:cluster_local_address},
+ DNS:${linux:system:name},
+ DNS:${linux:network:fqdn}
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:mysql_barbican_client_ssl_key_file}
+ cert_file: ${_param:mysql_barbican_client_ssl_cert_file}
+ ca_file: ${_param:mysql_barbican_ssl_ca_file}
+ user: barbican
+ group: barbican
+ mode: 640
diff --git a/salt/minion/cert/mysql/clients/openstack/cinder.yml b/salt/minion/cert/mysql/clients/openstack/cinder.yml
new file mode 100644
index 0000000..1ff053f
--- /dev/null
+++ b/salt/minion/cert/mysql/clients/openstack/cinder.yml
@@ -0,0 +1,27 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ mysql_cinder_client_ssl_key_file: /etc/cinder/ssl/mysql/client-key.pem
+ mysql_cinder_client_ssl_cert_file: /etc/cinder/ssl/mysql/client-cert.pem
+ mysql_cinder_ssl_ca_file: /etc/cinder/ssl/mysql/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ mysql-cinder-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: mysql-cinder-client
+ signing_policy: cert_client
+ alternative_names: >
+ IP:${_param:cluster_local_address},
+ DNS:${_param:cluster_local_address},
+ DNS:${linux:system:name},
+ DNS:${linux:network:fqdn}
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:mysql_cinder_client_ssl_key_file}
+ cert_file: ${_param:mysql_cinder_client_ssl_cert_file}
+ ca_file: ${_param:mysql_cinder_ssl_ca_file}
+ user: cinder
+ group: cinder
+ mode: 640
diff --git a/salt/minion/cert/mysql/clients/openstack/designate.yml b/salt/minion/cert/mysql/clients/openstack/designate.yml
new file mode 100644
index 0000000..f66c59f
--- /dev/null
+++ b/salt/minion/cert/mysql/clients/openstack/designate.yml
@@ -0,0 +1,27 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ mysql_designate_client_ssl_key_file: /etc/designate/ssl/mysql/client-key.pem
+ mysql_designate_client_ssl_cert_file: /etc/designate/ssl/mysql/client-cert.pem
+ mysql_designate_ssl_ca_file: /etc/designate/ssl/mysql/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ mysql-designate-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: mysql-designate-client
+ signing_policy: cert_client
+ alternative_names: >
+ IP:${_param:cluster_local_address},
+ DNS:${_param:cluster_local_address},
+ DNS:${linux:system:name},
+ DNS:${linux:network:fqdn}
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:mysql_designate_client_ssl_key_file}
+ cert_file: ${_param:mysql_designate_client_ssl_cert_file}
+ ca_file: ${_param:mysql_designate_ssl_ca_file}
+ user: designate
+ group: designate
+ mode: 640
diff --git a/salt/minion/cert/mysql/clients/openstack/glance.yml b/salt/minion/cert/mysql/clients/openstack/glance.yml
new file mode 100644
index 0000000..ab71174
--- /dev/null
+++ b/salt/minion/cert/mysql/clients/openstack/glance.yml
@@ -0,0 +1,27 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ mysql_glance_client_ssl_key_file: /etc/glance/ssl/mysql/client-key.pem
+ mysql_glance_client_ssl_cert_file: /etc/glance/ssl/mysql/client-cert.pem
+ mysql_glance_ssl_ca_file: /etc/glance/ssl/mysql/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ mysql-glance-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: mysql-glance-client
+ signing_policy: cert_client
+ alternative_names: >
+ IP:${_param:cluster_local_address},
+ DNS:${_param:cluster_local_address},
+ DNS:${linux:system:name},
+ DNS:${linux:network:fqdn}
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:mysql_glance_client_ssl_key_file}
+ cert_file: ${_param:mysql_glance_client_ssl_cert_file}
+ ca_file: ${_param:mysql_glance_ssl_ca_file}
+ user: glance
+ group: glance
+ mode: 640
diff --git a/salt/minion/cert/mysql/clients/openstack/gnocchi.yml b/salt/minion/cert/mysql/clients/openstack/gnocchi.yml
new file mode 100644
index 0000000..1aa31c9
--- /dev/null
+++ b/salt/minion/cert/mysql/clients/openstack/gnocchi.yml
@@ -0,0 +1,27 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ mysql_gnocchi_client_ssl_key_file: /etc/gnocchi/ssl/mysql/client-key.pem
+ mysql_gnocchi_client_ssl_cert_file: /etc/gnocchi/ssl/mysql/client-cert.pem
+ mysql_gnocchi_ssl_ca_file: /etc/gnocchi/ssl/mysql/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ mysql-gnocchi-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: mysql-gnocchi-client
+ signing_policy: cert_client
+ alternative_names: >
+ IP:${_param:cluster_local_address},
+ DNS:${_param:cluster_local_address},
+ DNS:${linux:system:name},
+ DNS:${linux:network:fqdn}
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:mysql_gnocchi_client_ssl_key_file}
+ cert_file: ${_param:mysql_gnocchi_client_ssl_cert_file}
+ ca_file: ${_param:mysql_gnocchi_ssl_ca_file}
+ user: gnocchi
+ group: gnocchi
+ mode: 640
diff --git a/salt/minion/cert/mysql/clients/openstack/heat.yml b/salt/minion/cert/mysql/clients/openstack/heat.yml
new file mode 100644
index 0000000..1246dae
--- /dev/null
+++ b/salt/minion/cert/mysql/clients/openstack/heat.yml
@@ -0,0 +1,27 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ mysql_heat_client_ssl_key_file: /etc/heat/ssl/mysql/client-key.pem
+ mysql_heat_client_ssl_cert_file: /etc/heat/ssl/mysql/client-cert.pem
+ mysql_heat_ssl_ca_file: /etc/heat/ssl/mysql/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ mysql-heat-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: mysql-heat-client
+ signing_policy: cert_client
+ alternative_names: >
+ IP:${_param:cluster_local_address},
+ DNS:${_param:cluster_local_address},
+ DNS:${linux:system:name},
+ DNS:${linux:network:fqdn}
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:mysql_heat_client_ssl_key_file}
+ cert_file: ${_param:mysql_heat_client_ssl_cert_file}
+ ca_file: ${_param:mysql_heat_ssl_ca_file}
+ user: heat
+ group: heat
+ mode: 640
diff --git a/salt/minion/cert/mysql/clients/openstack/ironic.yml b/salt/minion/cert/mysql/clients/openstack/ironic.yml
new file mode 100644
index 0000000..fe4aa19
--- /dev/null
+++ b/salt/minion/cert/mysql/clients/openstack/ironic.yml
@@ -0,0 +1,27 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ mysql_ironic_client_ssl_key_file: /etc/ironic/ssl/mysql/client-key.pem
+ mysql_ironic_client_ssl_cert_file: /etc/ironic/ssl/mysql/client-cert.pem
+ mysql_ironic_ssl_ca_file: /etc/ironic/ssl/mysql/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ mysql-ironic-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: mysql-ironic-client
+ signing_policy: cert_client
+ alternative_names: >
+ IP:${_param:cluster_local_address},
+ DNS:${_param:cluster_local_address},
+ DNS:${linux:system:name},
+ DNS:${linux:network:fqdn}
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:mysql_ironic_client_ssl_key_file}
+ cert_file: ${_param:mysql_ironic_client_ssl_cert_file}
+ ca_file: ${_param:mysql_ironic_ssl_ca_file}
+ user: ironic
+ group: ironic
+ mode: 640
diff --git a/salt/minion/cert/mysql/clients/openstack/keystone.yml b/salt/minion/cert/mysql/clients/openstack/keystone.yml
new file mode 100644
index 0000000..c0fe71d
--- /dev/null
+++ b/salt/minion/cert/mysql/clients/openstack/keystone.yml
@@ -0,0 +1,27 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ mysql_keystone_client_ssl_key_file: /etc/keystone/ssl/mysql/client-key.pem
+ mysql_keystone_client_ssl_cert_file: /etc/keystone/ssl/mysql/client-cert.pem
+ mysql_keystone_ssl_ca_file: /etc/keystone/ssl/mysql/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ mysql-keystone-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: mysql-keystone-client
+ signing_policy: cert_client
+ alternative_names: >
+ IP:${_param:cluster_local_address},
+ DNS:${_param:cluster_local_address},
+ DNS:${linux:system:name},
+ DNS:${linux:network:fqdn}
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:mysql_keystone_client_ssl_key_file}
+ cert_file: ${_param:mysql_keystone_client_ssl_cert_file}
+ ca_file: ${_param:mysql_keystone_ssl_ca_file}
+ user: keystone
+ group: keystone
+ mode: 640
diff --git a/salt/minion/cert/mysql/clients/openstack/manila.yml b/salt/minion/cert/mysql/clients/openstack/manila.yml
new file mode 100644
index 0000000..a1ca797
--- /dev/null
+++ b/salt/minion/cert/mysql/clients/openstack/manila.yml
@@ -0,0 +1,27 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ mysql_manila_client_ssl_key_file: /etc/manila/ssl/mysql/client-key.pem
+ mysql_manila_client_ssl_cert_file: /etc/manila/ssl/mysql/client-cert.pem
+ mysql_manila_ssl_ca_file: /etc/manila/ssl/mysql/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ mysql-manila-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: mysql-manila-client
+ signing_policy: cert_client
+ alternative_names: >
+ IP:${_param:cluster_local_address},
+ DNS:${_param:cluster_local_address},
+ DNS:${linux:system:name},
+ DNS:${linux:network:fqdn}
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:mysql_manila_client_ssl_key_file}
+ cert_file: ${_param:mysql_manila_client_ssl_cert_file}
+ ca_file: ${_param:mysql_manila_ssl_ca_file}
+ user: manila
+ group: manila
+ mode: 640
diff --git a/salt/minion/cert/mysql/clients/openstack/neutron.yml b/salt/minion/cert/mysql/clients/openstack/neutron.yml
new file mode 100644
index 0000000..d5b1cd8
--- /dev/null
+++ b/salt/minion/cert/mysql/clients/openstack/neutron.yml
@@ -0,0 +1,27 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ mysql_neutron_client_ssl_key_file: /etc/neutron/ssl/mysql/client-key.pem
+ mysql_neutron_client_ssl_cert_file: /etc/neutron/ssl/mysql/client-cert.pem
+ mysql_neutron_ssl_ca_file: /etc/neutron/ssl/mysql/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ mysql-neutron-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: mysql-neutron-client
+ signing_policy: cert_client
+ alternative_names: >
+ IP:${_param:cluster_local_address},
+ DNS:${_param:cluster_local_address},
+ DNS:${linux:system:name},
+ DNS:${linux:network:fqdn}
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:mysql_neutron_client_ssl_key_file}
+ cert_file: ${_param:mysql_neutron_client_ssl_cert_file}
+ ca_file: ${_param:mysql_neutron_ssl_ca_file}
+ user: neutron
+ group: neutron
+ mode: 640
diff --git a/salt/minion/cert/mysql/clients/openstack/nova.yml b/salt/minion/cert/mysql/clients/openstack/nova.yml
index 154a553..955d6eb 100644
--- a/salt/minion/cert/mysql/clients/openstack/nova.yml
+++ b/salt/minion/cert/mysql/clients/openstack/nova.yml
@@ -2,9 +2,9 @@
_param:
salt_minion_ca_host: cfg01.${_param:cluster_domain}
salt_minion_ca_authority: salt_master_ca
- mysql_nova_client_ssl_key_file: /etc/pki/mysql-nova-client/client-key.pem
- mysql_nova_client_ssl_cert_file: /etc/pki/mysql-nova-client/client-cert.pem
- mysql_nova_ssl_ca_file: /etc/pki/mysql-nova-client/ca-cert.pem
+ mysql_nova_client_ssl_key_file: /etc/nova/ssl/mysql/client-key.pem
+ mysql_nova_client_ssl_cert_file: /etc/nova/ssl/mysql/client-cert.pem
+ mysql_nova_ssl_ca_file: /etc/nova/ssl/mysql/ca-cert.pem
salt:
minion:
cert:
@@ -24,4 +24,4 @@
ca_file: ${_param:mysql_nova_ssl_ca_file}
user: nova
group: nova
- mode: 640
\ No newline at end of file
+ mode: 640
diff --git a/salt/minion/cert/mysql/clients/openstack/panko.yml b/salt/minion/cert/mysql/clients/openstack/panko.yml
new file mode 100644
index 0000000..0593ae2
--- /dev/null
+++ b/salt/minion/cert/mysql/clients/openstack/panko.yml
@@ -0,0 +1,27 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ mysql_panko_client_ssl_key_file: /etc/panko/ssl/mysql/client-key.pem
+ mysql_panko_client_ssl_cert_file: /etc/panko/ssl/mysql/client-cert.pem
+ mysql_panko_ssl_ca_file: /etc/panko/ssl/mysql/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ mysql-panko-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: mysql-panko-client
+ signing_policy: cert_client
+ alternative_names: >
+ IP:${_param:cluster_local_address},
+ DNS:${_param:cluster_local_address},
+ DNS:${linux:system:name},
+ DNS:${linux:network:fqdn}
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:mysql_panko_client_ssl_key_file}
+ cert_file: ${_param:mysql_panko_client_ssl_cert_file}
+ ca_file: ${_param:mysql_panko_ssl_ca_file}
+ user: panko
+ group: panko
+ mode: 640
diff --git a/salt/minion/cert/openstack_api.yml b/salt/minion/cert/openstack_api.yml
new file mode 100644
index 0000000..1095f7e
--- /dev/null
+++ b/salt/minion/cert/openstack_api.yml
@@ -0,0 +1,22 @@
+parameters:
+ _param:
+ salt_minion_ca_host: ${linux:network:fqdn}
+ salt_minion_ca_authority: salt_master_ca
+ openstack_api_cert_alternative_names: IP:127.0.0.1,IP:${_param:cluster_local_address},IP:${_param:cluster_vip_address},DNS:${linux:system:name},DNS:${linux:network:fqdn}
+ openstack_api_cert_key_file: "/etc/ssl/private/openstack_api.key"
+ openstack_api_cert_cert_file: "/etc/ssl/certs/openstack_api.crt"
+ openstack_api_cert_all_file: "/etc/ssl/certs/openstack_api_with_chain.crt"
+ salt:
+ minion:
+ cert:
+ openstack_api:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: openstack_api
+ signing_policy: cert_server
+ alternative_names: ${_param:openstack_api_cert_alternative_names}
+ key_file: ${_param:openstack_api_cert_key_file}
+ cert_file: ${_param:openstack_api_cert_cert_file}
+ all_file: ${_param:openstack_api_cert_all_file}
+ enabled: true
+ engine: salt
diff --git a/salt/minion/cert/rabbitmq/clients/openstack/aodh.yml b/salt/minion/cert/rabbitmq/clients/openstack/aodh.yml
new file mode 100644
index 0000000..537a3a4
--- /dev/null
+++ b/salt/minion/cert/rabbitmq/clients/openstack/aodh.yml
@@ -0,0 +1,27 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ rabbitmq_aodh_client_ssl_key_file: /etc/aodh/ssl/rabbitmq/client-key.pem
+ rabbitmq_aodh_client_ssl_cert_file: /etc/aodh/ssl/rabbitmq/client-cert.pem
+ rabbitmq_aodh_ssl_ca_file: /etc/aodh/ssl/rabbitmq/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ rabbitmq-aodh-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: rabbitmq-aodh-client
+ signing_policy: cert_client
+ alternative_names: >
+ IP:${_param:cluster_local_address},
+ DNS:${_param:cluster_local_address},
+ DNS:${linux:system:name},
+ DNS:${linux:network:fqdn}
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:rabbitmq_aodh_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_aodh_client_ssl_cert_file}
+ ca_file: ${_param:rabbitmq_aodh_ssl_ca_file}
+ user: aodh
+ group: aodh
+ mode: 640
diff --git a/salt/minion/cert/rabbitmq/clients/openstack/barbican.yml b/salt/minion/cert/rabbitmq/clients/openstack/barbican.yml
new file mode 100644
index 0000000..9fa04ef
--- /dev/null
+++ b/salt/minion/cert/rabbitmq/clients/openstack/barbican.yml
@@ -0,0 +1,22 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ rabbitmq_barbican_client_ssl_key_file: /etc/barbican/ssl/rabbitmq/client-key.pem
+ rabbitmq_barbican_client_ssl_cert_file: /etc/barbican/ssl/rabbitmq/client-cert.pem
+ rabbitmq_barbican_ssl_ca_file: /etc/barbican/ssl/rabbitmq/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ rabbitmq-barbican-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: rabbitmq-barbican-client
+ signing_policy: cert_client
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:rabbitmq_barbican_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_barbican_client_ssl_cert_file}
+ ca_file: ${_param:rabbitmq_barbican_ssl_ca_file}
+ user: barbican
+ group: barbican
+ mode: 640
diff --git a/salt/minion/cert/rabbitmq/clients/openstack/ceilometer.yml b/salt/minion/cert/rabbitmq/clients/openstack/ceilometer.yml
new file mode 100644
index 0000000..a2b91fd
--- /dev/null
+++ b/salt/minion/cert/rabbitmq/clients/openstack/ceilometer.yml
@@ -0,0 +1,22 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ rabbitmq_ceilometer_client_ssl_key_file: /etc/ceilometer/ssl/rabbitmq/client-key.pem
+ rabbitmq_ceilometer_client_ssl_cert_file: /etc/ceilometer/ssl/rabbitmq/client-cert.pem
+ rabbitmq_ceilometer_ssl_ca_file: /etc/ceilometer/ssl/rabbitmq/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ rabbitmq-ceilometer-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: rabbitmq-ceilometer-client
+ signing_policy: cert_client
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:rabbitmq_ceilometer_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_ceilometer_client_ssl_cert_file}
+ ca_file: ${_param:rabbitmq_ceilometer_ssl_ca_file}
+ user: ceilometer
+ group: ceilometer
+ mode: 640
diff --git a/salt/minion/cert/rabbitmq/clients/openstack/cinder.yml b/salt/minion/cert/rabbitmq/clients/openstack/cinder.yml
new file mode 100644
index 0000000..576c135
--- /dev/null
+++ b/salt/minion/cert/rabbitmq/clients/openstack/cinder.yml
@@ -0,0 +1,27 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ rabbitmq_cinder_client_ssl_key_file: /etc/cinder/ssl/rabbitmq/client-key.pem
+ rabbitmq_cinder_client_ssl_cert_file: /etc/cinder/ssl/rabbitmq/client-cert.pem
+ rabbitmq_cinder_ssl_ca_file: /etc/cinder/ssl/rabbitmq/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ rabbitmq-cinder-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: rabbitmq-cinder-client
+ signing_policy: cert_client
+ alternative_names: >
+ IP:${_param:cluster_local_address},
+ DNS:${_param:cluster_local_address},
+ DNS:${linux:system:name},
+ DNS:${linux:network:fqdn}
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:rabbitmq_cinder_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_cinder_client_ssl_cert_file}
+ ca_file: ${_param:rabbitmq_cinder_ssl_ca_file}
+ user: cinder
+ group: cinder
+ mode: 640
diff --git a/salt/minion/cert/rabbitmq/clients/openstack/designate.yml b/salt/minion/cert/rabbitmq/clients/openstack/designate.yml
new file mode 100644
index 0000000..f5eb631
--- /dev/null
+++ b/salt/minion/cert/rabbitmq/clients/openstack/designate.yml
@@ -0,0 +1,22 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ rabbitmq_designate_client_ssl_key_file: /etc/designate/ssl/rabbitmq/client-key.pem
+ rabbitmq_designate_client_ssl_cert_file: /etc/designate/ssl/rabbitmq/client-cert.pem
+ rabbitmq_designate_ssl_ca_file: /etc/designate/ssl/rabbitmq/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ rabbitmq-designate-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: rabbitmq-designate-client
+ signing_policy: cert_client
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:rabbitmq_designate_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_designate_client_ssl_cert_file}
+ ca_file: ${_param:rabbitmq_designate_ssl_ca_file}
+ user: designate
+ group: designate
+ mode: 640
diff --git a/salt/minion/cert/rabbitmq/clients/openstack/glance.yml b/salt/minion/cert/rabbitmq/clients/openstack/glance.yml
new file mode 100644
index 0000000..94749ae
--- /dev/null
+++ b/salt/minion/cert/rabbitmq/clients/openstack/glance.yml
@@ -0,0 +1,27 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ rabbitmq_glance_client_ssl_key_file: /etc/glance/ssl/rabbitmq/client-key.pem
+ rabbitmq_glance_client_ssl_cert_file: /etc/glance/ssl/rabbitmq/client-cert.pem
+ rabbitmq_glance_ssl_ca_file: /etc/glance/ssl/rabbitmq/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ rabbitmq-glance-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: rabbitmq-glance-client
+ signing_policy: cert_client
+ alternative_names: >
+ IP:${_param:cluster_local_address},
+ DNS:${_param:cluster_local_address},
+ DNS:${linux:system:name},
+ DNS:${linux:network:fqdn}
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:rabbitmq_glance_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_glance_client_ssl_cert_file}
+ ca_file: ${_param:rabbitmq_glance_ssl_ca_file}
+ user: glance
+ group: glance
+ mode: 640
diff --git a/salt/minion/cert/rabbitmq/clients/openstack/heat.yml b/salt/minion/cert/rabbitmq/clients/openstack/heat.yml
new file mode 100644
index 0000000..e69ab14
--- /dev/null
+++ b/salt/minion/cert/rabbitmq/clients/openstack/heat.yml
@@ -0,0 +1,27 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ rabbitmq_heat_client_ssl_key_file: /etc/heat/ssl/rabbitmq/client-key.pem
+ rabbitmq_heat_client_ssl_cert_file: /etc/heat/ssl/rabbitmq/client-cert.pem
+ rabbitmq_heat_ssl_ca_file: /etc/heat/ssl/rabbitmq/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ rabbitmq-heat-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: rabbitmq-heat-client
+ signing_policy: cert_client
+ alternative_names: >
+ IP:${_param:cluster_local_address},
+ DNS:${_param:cluster_local_address},
+ DNS:${linux:system:name},
+ DNS:${linux:network:fqdn}
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:rabbitmq_heat_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_heat_client_ssl_cert_file}
+ ca_file: ${_param:rabbitmq_heat_ssl_ca_file}
+ user: heat
+ group: heat
+ mode: 640
diff --git a/salt/minion/cert/rabbitmq/clients/openstack/ironic.yml b/salt/minion/cert/rabbitmq/clients/openstack/ironic.yml
new file mode 100644
index 0000000..f9b0d74
--- /dev/null
+++ b/salt/minion/cert/rabbitmq/clients/openstack/ironic.yml
@@ -0,0 +1,22 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ rabbitmq_ironic_client_ssl_key_file: /etc/ironic/ssl/rabbitmq/client-key.pem
+ rabbitmq_ironic_client_ssl_cert_file: /etc/ironic/ssl/rabbitmq/client-cert.pem
+ rabbitmq_ironic_ssl_ca_file: /etc/ironic/ssl/rabbitmq/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ rabbitmq-ironic-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: rabbitmq-ironic-client
+ signing_policy: cert_client
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:rabbitmq_ironic_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_ironic_client_ssl_cert_file}
+ ca_file: ${_param:rabbitmq_ironic_ssl_ca_file}
+ user: ironic
+ group: ironic
+ mode: 640
diff --git a/salt/minion/cert/rabbitmq/clients/openstack/keystone.yml b/salt/minion/cert/rabbitmq/clients/openstack/keystone.yml
new file mode 100644
index 0000000..8261f73
--- /dev/null
+++ b/salt/minion/cert/rabbitmq/clients/openstack/keystone.yml
@@ -0,0 +1,27 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ rabbitmq_keystone_client_ssl_key_file: /etc/keystone/ssl/rabbitmq/client-key.pem
+ rabbitmq_keystone_client_ssl_cert_file: /etc/keystone/ssl/rabbitmq/client-cert.pem
+ rabbitmq_keystone_ssl_ca_file: /etc/keystone/ssl/rabbitmq/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ rabbitmq-keystone-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: rabbitmq-keystone-client
+ signing_policy: cert_client
+ alternative_names: >
+ IP:${_param:cluster_local_address},
+ DNS:${_param:cluster_local_address},
+ DNS:${linux:system:name},
+ DNS:${linux:network:fqdn}
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:rabbitmq_keystone_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_keystone_client_ssl_cert_file}
+ ca_file: ${_param:rabbitmq_keystone_ssl_ca_file}
+ user: keystone
+ group: keystone
+ mode: 640
diff --git a/salt/minion/cert/rabbitmq/clients/openstack/manila.yml b/salt/minion/cert/rabbitmq/clients/openstack/manila.yml
new file mode 100644
index 0000000..345b697
--- /dev/null
+++ b/salt/minion/cert/rabbitmq/clients/openstack/manila.yml
@@ -0,0 +1,22 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ rabbitmq_manila_client_ssl_key_file: /etc/manila/ssl/rabbitmq/client-key.pem
+ rabbitmq_manila_client_ssl_cert_file: /etc/manila/ssl/rabbitmq/client-cert.pem
+ rabbitmq_manila_ssl_ca_file: /etc/manila/ssl/rabbitmq/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ rabbitmq-manila-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: rabbitmq-manila-client
+ signing_policy: cert_client
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:rabbitmq_manila_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_manila_client_ssl_cert_file}
+ ca_file: ${_param:rabbitmq_manila_ssl_ca_file}
+ user: manila
+ group: manila
+ mode: 640
diff --git a/salt/minion/cert/rabbitmq/clients/openstack/neutron.yml b/salt/minion/cert/rabbitmq/clients/openstack/neutron.yml
new file mode 100644
index 0000000..2f8f5c3
--- /dev/null
+++ b/salt/minion/cert/rabbitmq/clients/openstack/neutron.yml
@@ -0,0 +1,25 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ rabbitmq_neutron_client_ssl_key_file: /etc/neutron/ssl/rabbitmq/client-key.pem
+ rabbitmq_neutron_client_ssl_cert_file: /etc/neutron/ssl/rabbitmq/client-cert.pem
+ rabbitmq_neutron_ssl_ca_file: /etc/neutron/ssl/rabbitmq/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ rabbitmq-neutron-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: rabbitmq-neutron-client
+ signing_policy: cert_client
+ alternative_names: >
+ DNS:${linux:system:name},
+ DNS:${linux:network:fqdn}
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:rabbitmq_neutron_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_neutron_client_ssl_cert_file}
+ ca_file: ${_param:rabbitmq_neutron_ssl_ca_file}
+ user: neutron
+ group: neutron
+ mode: 640
diff --git a/salt/minion/cert/rabbitmq/clients/openstack/nova.yml b/salt/minion/cert/rabbitmq/clients/openstack/nova.yml
new file mode 100644
index 0000000..04a6078
--- /dev/null
+++ b/salt/minion/cert/rabbitmq/clients/openstack/nova.yml
@@ -0,0 +1,27 @@
+parameters:
+ _param:
+ salt_minion_ca_host: cfg01.${_param:cluster_domain}
+ salt_minion_ca_authority: salt_master_ca
+ rabbitmq_nova_client_ssl_key_file: /etc/nova/ssl/rabbitmq/client-key.pem
+ rabbitmq_nova_client_ssl_cert_file: /etc/nova/ssl/rabbitmq/client-cert.pem
+ rabbitmq_nova_ssl_ca_file: /etc/nova/ssl/rabbitmq/ca-cert.pem
+ salt:
+ minion:
+ cert:
+ rabbitmq-nova-client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: rabbitmq-nova-client
+ signing_policy: cert_client
+ alternative_names: >
+ IP:${_param:cluster_local_address},
+ DNS:${_param:cluster_local_address},
+ DNS:${linux:system:name},
+ DNS:${linux:network:fqdn}
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: ${_param:rabbitmq_nova_client_ssl_key_file}
+ cert_file: ${_param:rabbitmq_nova_client_ssl_cert_file}
+ ca_file: ${_param:rabbitmq_nova_ssl_ca_file}
+ user: nova
+ group: nova
+ mode: 640
diff --git a/xtrabackup/server/single.yml b/xtrabackup/server/single.yml
index f72a92a..ad06a94 100644
--- a/xtrabackup/server/single.yml
+++ b/xtrabackup/server/single.yml
@@ -4,3 +4,9 @@
_param:
xtrabackup_qpress_source: pkg
xtrabackup_qpress_source_name: qpress
+ linux:
+ system:
+ cron:
+ user:
+ xtrabackup:
+ enabled: true
diff --git a/zookeeper/backup/server/single.yml b/zookeeper/backup/server/single.yml
index 6796d8a..a97df06 100644
--- a/zookeeper/backup/server/single.yml
+++ b/zookeeper/backup/server/single.yml
@@ -3,6 +3,12 @@
parameters:
_param:
zookeeper_backup_public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCzLUiHKAjfFXiZ3fsgx35uXF6VivfC5WFafu4QMalxmj6W+s277oCfdWA8Du5f1wtQXM73VQ5nHkXhM2UIfUMarsyhXK+BxKVrcgEBNHdKlDytaecUPyuOxTDdGWhN/DPv5/vL8NYWweEYBbNbLgU0Td7Rvm52TUXKThIDjeF7XDxX4ShXWipBSwU4boOUBtR8KWfga8fsqeBN+eacuAQFR3MrrOfVvAuWW6Bsf047cmd+V6Qv0raoW73Nu4M/ZAdTsaR5k62a0cHsSRoi3hCmNRqw+CZaQi8prQU6t26eWPEtznjp5EkPF+LLh8LxUoCfWqWT+Lxe8QQwT1nx/LCN
+ linux:
+ system:
+ cron:
+ user:
+ zookeeper:
+ enabled: true
zookeeper:
backup:
server: