Merge "Adds SameHostFilter to default filters to allow users, schedule instances based on `same_host` hint"
diff --git a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/docker-legacy.yml b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/docker-legacy.yml
index c71c543..f9a0ecf 100644
--- a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/docker-legacy.yml
+++ b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/docker-legacy.yml
@@ -1,12 +1,11 @@
parameters:
_param:
apt_mk_version: stable
- mirror_mirantis_openstack_xenial_docker_legacy_source: http://apt.mirantis.com/xenial/docker/
- mirror_mirantis_openstack_xenial_docker_legacy_distribution: ${_param:apt_mk_version}
- mirror_mirantis_openstack_xenial_docker_legacy_components: legacy
- mirror_mirantis_openstack_xenial_docker_legacy_key_url: "http://apt.mirantis.com/public.gpg"
+ mirror_mirantis_openstack_xenial_docker_legacy_source: https://mirror.mirantis.com/${_param:apt_mk_version}/docker-1.x/
+ mirror_mirantis_openstack_xenial_docker_legacy_distribution: ubuntu-xenial
+ mirror_mirantis_openstack_xenial_docker_legacy_components: main
mirror_mirantis_openstack_xenial_docker_legacy_gpgkeys:
- - A76882D3
+ - 58118E89F3A912897C070ADBF76221572C52609D
aptly:
server:
mirror:
@@ -15,9 +14,8 @@
distribution: ${_param:mirror_mirantis_openstack_xenial_docker_legacy_distribution}
components: ${_param:mirror_mirantis_openstack_xenial_docker_legacy_components}
architectures: amd64
- key_url: ${_param:mirror_mirantis_openstack_xenial_docker_legacy_key_url}
gpgkeys: ${_param:mirror_mirantis_openstack_xenial_docker_legacy_gpgkeys}
publisher:
- component: ${_param:mirror_mirantis_openstack_xenial_docker_legacy_components}
+ component: legacy
distributions:
- ubuntu-xenial/docker/${_param:apt_mk_version}
\ No newline at end of file
diff --git a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/openstack/pike.yml b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/openstack/pike.yml
new file mode 100644
index 0000000..971e8fa
--- /dev/null
+++ b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/openstack/pike.yml
@@ -0,0 +1,25 @@
+parameters:
+ _param:
+ apt_mk_version: stable
+
+ mirror_mirantis_openstack_pike_xenial_source: http://apt.mirantis.com/xenial/openstack/pike/
+ mirror_mirantis_openstack_pike_xenial_distribution: ${_param:apt_mk_version}
+ mirror_mirantis_openstack_pike_xenial_components: main
+ mirror_mirantis_openstack_pike_xenial_key_url: "http://apt.mirantis.com/public.gpg"
+ mirror_mirantis_openstack_pike_xenial_gpgkeys:
+ - A76882D3
+ aptly:
+ server:
+ mirror:
+ mirantis_openstack_pike_xenial:
+ source: ${_param:mirror_mirantis_openstack_pike_xenial_source}
+ distribution: ${_param:mirror_mirantis_openstack_pike_xenial_distribution}
+ components: ${_param:mirror_mirantis_openstack_pike_xenial_components}
+ architectures: amd64
+ key_url: ${_param:mirror_mirantis_openstack_pike_xenial_key_url}
+ gpgkeys: ${_param:mirror_mirantis_openstack_pike_xenial_gpgkeys}
+ publisher:
+ component: main
+ distributions:
+ - ubuntu-xenial/openstack/pike/${_param:apt_mk_version}
+
diff --git a/galera/server/database/aodh.yml b/galera/server/database/aodh.yml
index f5095d2..c7cdfdc 100644
--- a/galera/server/database/aodh.yml
+++ b/galera/server/database/aodh.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ mysql_aodh_ssl_option: []
mysql:
server:
database:
@@ -9,7 +11,9 @@
password: ${_param:mysql_aodh_password}
host: '%'
rights: all
+ ssl_option: ${_param:mysql_aodh_ssl_option}
- name: aodh
password: ${_param:mysql_aodh_password}
host: ${_param:cluster_vip_address}
rights: all
+ ssl_option: ${_param:mysql_aodh_ssl_option}
diff --git a/galera/server/database/barbican.yml b/galera/server/database/barbican.yml
index 4759439..a292660 100644
--- a/galera/server/database/barbican.yml
+++ b/galera/server/database/barbican.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ mysql_barbican_ssl_option: []
mysql:
server:
database:
@@ -9,7 +11,9 @@
password: ${_param:mysql_barbican_password}
host: '%'
rights: all
+ ssl_option: ${_param:mysql_barbican_ssl_option}
- name: barbican
password: ${_param:mysql_barbican_password}
host: ${_param:cluster_vip_address}
rights: all
+ ssl_option: ${_param:mysql_barbican_ssl_option}
diff --git a/galera/server/database/ceilometer.yml b/galera/server/database/ceilometer.yml
index b33c8f9..08a7f8b 100644
--- a/galera/server/database/ceilometer.yml
+++ b/galera/server/database/ceilometer.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ mysql_ceilometer_ssl_option: []
mysql:
server:
database:
@@ -9,7 +11,9 @@
password: ${_param:mysql_ceilometer_password}
host: '%'
rights: all
+ ssl_option: ${_param:mysql_ceilometer_ssl_option}
- name: ceilometer
password: ${_param:mysql_ceilometer_password}
host: ${_param:cluster_local_address}
rights: all
+ ssl_option: ${_param:mysql_ceilometer_ssl_option}
diff --git a/galera/server/database/cinder.yml b/galera/server/database/cinder.yml
index 08b6ddb..6478cb8 100644
--- a/galera/server/database/cinder.yml
+++ b/galera/server/database/cinder.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ mysql_cinder_ssl_option: []
mysql:
server:
database:
@@ -9,7 +11,9 @@
password: ${_param:mysql_cinder_password}
host: '%'
rights: all
+ ssl_option: ${_param:mysql_cinder_ssl_option}
- name: cinder
password: ${_param:mysql_cinder_password}
host: ${_param:cluster_local_address}
rights: all
+ ssl_option: ${_param:mysql_cinder_ssl_option}
diff --git a/galera/server/database/designate.yml b/galera/server/database/designate.yml
index 107e3ae..43a76f9 100644
--- a/galera/server/database/designate.yml
+++ b/galera/server/database/designate.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ mysql_designate_ssl_option: []
mysql:
server:
database:
@@ -9,10 +11,12 @@
password: ${_param:mysql_designate_password}
host: '%'
rights: all
+ ssl_option: ${_param:mysql_designate_ssl_option}
- name: designate
password: ${_param:mysql_designate_password}
host: ${_param:cluster_vip_address}
rights: all
+ ssl_option: ${_param:mysql_designate_ssl_option}
designate_pool_manager:
encoding: utf8
users:
@@ -20,7 +24,9 @@
password: ${_param:mysql_designate_password}
host: '%'
rights: all
+ ssl_option: ${_param:mysql_designate_ssl_option}
- name: designate
password: ${_param:mysql_designate_password}
host: ${_param:cluster_vip_address}
rights: all
+ ssl_option: ${_param:mysql_designate_ssl_option}
diff --git a/galera/server/database/glance.yml b/galera/server/database/glance.yml
index 7e5e443..7af81d8 100644
--- a/galera/server/database/glance.yml
+++ b/galera/server/database/glance.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ mysql_glance_ssl_option: []
mysql:
server:
database:
@@ -9,7 +11,9 @@
password: ${_param:mysql_glance_password}
host: '%'
rights: all
+ ssl_option: ${_param:mysql_glance_ssl_option}
- name: glance
password: ${_param:mysql_glance_password}
host: ${_param:cluster_local_address}
rights: all
+ ssl_option: ${_param:mysql_glance_ssl_option}
diff --git a/galera/server/database/grafana.yml b/galera/server/database/grafana.yml
index fa4742e..3bfee87 100644
--- a/galera/server/database/grafana.yml
+++ b/galera/server/database/grafana.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ mysql_grafana_ssl_option: []
mysql:
server:
database:
@@ -9,8 +11,10 @@
password: ${_param:mysql_grafana_password}
host: '%'
rights: all
+ ssl_option: ${_param:mysql_grafana_ssl_option}
- name: grafana
password: ${_param:mysql_grafana_password}
host: ${_param:cluster_local_address}
rights: all
+ ssl_option: ${_param:mysql_grafana_ssl_option}
diff --git a/galera/server/database/graphite.yml b/galera/server/database/graphite.yml
index 8ba6efd..595c16b 100644
--- a/galera/server/database/graphite.yml
+++ b/galera/server/database/graphite.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ mysql_graphite_ssl_option: []
mysql:
server:
database:
@@ -9,3 +11,4 @@
password: '${_param:mysql_graphite_password}'
host: '%'
rights: 'all'
+ ssl_option: ${_param:mysql_graphite_ssl_option}
diff --git a/galera/server/database/heat.yml b/galera/server/database/heat.yml
index 0d716d8..31b3968 100644
--- a/galera/server/database/heat.yml
+++ b/galera/server/database/heat.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ mysql_heat_ssl_option: []
mysql:
server:
database:
@@ -9,7 +11,9 @@
password: ${_param:mysql_heat_password}
host: '%'
rights: all
+ ssl_option: ${_param:mysql_heat_ssl_option}
- name: heat
password: ${_param:mysql_heat_password}
host: ${_param:cluster_local_address}
rights: all
+ ssl_option: ${_param:mysql_heat_ssl_option}
diff --git a/galera/server/database/ironic.yml b/galera/server/database/ironic.yml
index 8cb14a3..a478aeb 100644
--- a/galera/server/database/ironic.yml
+++ b/galera/server/database/ironic.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ mysql_ironic_ssl_option: []
mysql:
server:
database:
@@ -9,7 +11,9 @@
password: ${_param:mysql_ironic_password}
host: '%'
rights: all
+ ssl_option: ${_param:mysql_ironic_ssl_option}
- name: ironic
password: ${_param:mysql_ironic_password}
host: ${_param:cluster_local_address}
rights: all
+ ssl_option: ${_param:mysql_ironic_ssl_option}
diff --git a/galera/server/database/keystone.yml b/galera/server/database/keystone.yml
index fc2c5eb..d6483cd 100644
--- a/galera/server/database/keystone.yml
+++ b/galera/server/database/keystone.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ mysql_keystone_ssl_option: []
mysql:
server:
database:
@@ -9,7 +11,9 @@
password: ${_param:mysql_keystone_password}
host: '%'
rights: all
+ ssl_option: ${_param:mysql_keystone_ssl_option}
- name: keystone
password: ${_param:mysql_keystone_password}
host: ${_param:cluster_local_address}
rights: all
+ ssl_option: ${_param:mysql_keystone_ssl_option}
diff --git a/galera/server/database/neutron.yml b/galera/server/database/neutron.yml
index 58dd012..b5ee606 100644
--- a/galera/server/database/neutron.yml
+++ b/galera/server/database/neutron.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ mysql_neutron_ssl_option: []
mysql:
server:
database:
@@ -9,7 +11,9 @@
password: '${_param:mysql_neutron_password}'
host: '%'
rights: 'all'
+ ssl_option: ${_param:mysql_neutron_ssl_option}
- name: 'neutron'
password: '${_param:mysql_neutron_password}'
host: '${_param:cluster_local_address}'
rights: 'all'
+ ssl_option: ${_param:mysql_neutron_ssl_option}
diff --git a/galera/server/database/nova.yml b/galera/server/database/nova.yml
index 86d4821..d2ffc4a 100644
--- a/galera/server/database/nova.yml
+++ b/galera/server/database/nova.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ mysql_nova_ssl_option: []
mysql:
server:
database:
@@ -9,10 +11,12 @@
password: ${_param:mysql_nova_password}
host: '%'
rights: all
+ ssl_option: ${_param:mysql_nova_ssl_option}
- name: nova
password: ${_param:mysql_nova_password}
host: ${_param:cluster_local_address}
rights: all
+ ssl_option: ${_param:mysql_nova_ssl_option}
nova_api:
encoding: utf8
users:
@@ -20,10 +24,12 @@
password: ${_param:mysql_nova_password}
host: '%'
rights: all
+ ssl_option: ${_param:mysql_nova_ssl_option}
- name: nova
password: ${_param:mysql_nova_password}
host: ${_param:cluster_local_address}
rights: all
+ ssl_option: ${_param:mysql_nova_ssl_option}
nova_cell0:
encoding: utf8
users:
@@ -31,7 +37,9 @@
password: ${_param:mysql_nova_password}
host: '%'
rights: all
+ ssl_option: ${_param:mysql_nova_ssl_option}
- name: nova
password: ${_param:mysql_nova_password}
host: ${_param:cluster_local_address}
rights: all
+ ssl_option: ${_param:mysql_nova_ssl_option}
diff --git a/galera/server/database/octavia.yml b/galera/server/database/octavia.yml
index dfefb9c..7b4eaaf 100644
--- a/galera/server/database/octavia.yml
+++ b/galera/server/database/octavia.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ mysql_octavia_ssl_option: []
mysql:
server:
database:
@@ -9,7 +11,9 @@
password: '${_param:mysql_octavia_password}'
host: '%'
rights: 'all'
+ ssl_option: ${_param:mysql_octavia_ssl_option}
- name: 'octavia'
password: '${_param:mysql_octavia_password}'
host: '${_param:cluster_local_address}'
rights: 'all'
+ ssl_option: ${_param:mysql_octavia_ssl_option}
diff --git a/galera/server/database/panko.yml b/galera/server/database/panko.yml
index 7a3ed63..c4c455a 100644
--- a/galera/server/database/panko.yml
+++ b/galera/server/database/panko.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ mysql_panko_ssl_option: []
mysql:
server:
database:
@@ -9,7 +11,9 @@
password: ${_param:mysql_panko_password}
host: '%'
rights: all
+ ssl_option: ${_param:mysql_panko_ssl_option}
- name: panko
password: ${_param:mysql_panko_password}
host: ${_param:cluster_local_address}
rights: all
+ ssl_option: ${_param:mysql_panko_ssl_option}
diff --git a/haproxy/proxy/listen/kubernetes/apiserver.yml b/haproxy/proxy/listen/kubernetes/apiserver.yml
index 8dfcb35..950765f 100644
--- a/haproxy/proxy/listen/kubernetes/apiserver.yml
+++ b/haproxy/proxy/listen/kubernetes/apiserver.yml
@@ -4,8 +4,6 @@
listen:
k8s_secure:
type: kubernetes
- options:
- - ssl-hello-chk
binds:
- address: ${_param:cluster_vip_address}
port: 443
@@ -13,15 +11,15 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 6443
- params: check
+ params: check check-ssl verify none
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 6443
- params: check
+ params: check check-ssl verify none
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 6443
- params: check
+ params: check check-ssl verify none
timeout:
server: 10m
client: 10m
diff --git a/helm/analytics_pipeline/hdfs.yml b/helm/analytics_pipeline/hdfs.yml
index 64e0cef..2b1382b 100644
--- a/helm/analytics_pipeline/hdfs.yml
+++ b/helm/analytics_pipeline/hdfs.yml
@@ -1,7 +1,7 @@
parameters:
_param:
analytics_hdfs_release: ${_param:analytics_release_prefix}hdfs
- analytics_hdfs_address: hdfs-namenode-${_param:analytics_hdfs_release}-0.hdfs-namenode-${_param:analytics_hdfs_release}
+ analytics_hdfs_address: hdfs-namenode-${_param:analytics_hdfs_release}-0.hdfs-namenode-${_param:analytics_hdfs_release}:8020
helm:
client:
releases:
diff --git a/helm/analytics_pipeline/kafka.yml b/helm/analytics_pipeline/kafka.yml
index 3c88299..3911bd0 100644
--- a/helm/analytics_pipeline/kafka.yml
+++ b/helm/analytics_pipeline/kafka.yml
@@ -14,4 +14,5 @@
antiAffinity: soft
zookeeper:
deployChart: false
- externalAddress: ${_param:analytics_zookeeper_address}
+ addresses:
+ zookeeper: ${_param:analytics_zookeeper_address}
diff --git a/helm/analytics_pipeline/spark.yml b/helm/analytics_pipeline/spark.yml
index aeb2856..5533df5 100644
--- a/helm/analytics_pipeline/spark.yml
+++ b/helm/analytics_pipeline/spark.yml
@@ -1,7 +1,7 @@
parameters:
_param:
analytics_spark_release: ${_param:analytics_release_prefix}spark
- analytics_spark_address: spark-master-${_param:analytics_spark_release}-0.spark-master-${_param:analytics_spark_release}:7077,spark-master-${_param:analytics_spark_release}-1.spark-master-${_param:analytics_spark_release}:7077
+ analytics_spark_address: spark-master-${_param:analytics_spark_release}-0:7077
helm:
client:
releases:
@@ -17,4 +17,5 @@
replicas: 3
zookeeper:
deployChart: false
- externalAddress: ${_param:analytics_zookeeper_address}
+ addresses:
+ zookeeper: ${_param:analytics_zookeeper_address}
diff --git a/helm/analytics_pipeline/tweepub.yml b/helm/analytics_pipeline/tweepub.yml
index 42678a3..daa62ca 100644
--- a/helm/analytics_pipeline/tweepub.yml
+++ b/helm/analytics_pipeline/tweepub.yml
@@ -19,5 +19,6 @@
locations: -71.4415,41.9860,-70.4747,42.9041,-122.75,36.8,-121.75,37.8,-74,40,-73,41
kafka:
deployChart: false
- externalAddress: ${_param:analytics_kafka_address}
topic: twitter-stream
+ addresses:
+ kafka: ${_param:analytics_kafka_address}
diff --git a/helm/analytics_pipeline/tweetics.yml b/helm/analytics_pipeline/tweetics.yml
index de438bf..0a6bebb 100644
--- a/helm/analytics_pipeline/tweetics.yml
+++ b/helm/analytics_pipeline/tweetics.yml
@@ -12,16 +12,20 @@
minHashtagCounts: 0
zookeeper:
deployChart: false
- externalAddress: ${_param:analytics_zookeeper_address}
+ addresses:
+ zookeeper: ${_param:analytics_zookeeper_address}
kafka:
deployChart: false
- externalAddress: ${_param:analytics_kafka_address}
topic: twitter-stream
+ addresses:
+ kafka: ${_param:analytics_kafka_address}
spark:
deployChart: false
- externalAddress: ${_param:analytics_spark_address}
+ addresses:
+ spark: ${_param:analytics_spark_address}
storage: hdfs
hdfs:
deployChart: false
- externalAddress: ${_param:analytics_hdfs_address}
path: /twitter
+ addresses:
+ namenode: ${_param:analytics_hdfs_address}
diff --git a/helm/analytics_pipeline/tweeviz.yml b/helm/analytics_pipeline/tweeviz.yml
index d8f7aef..e264031 100644
--- a/helm/analytics_pipeline/tweeviz.yml
+++ b/helm/analytics_pipeline/tweeviz.yml
@@ -14,6 +14,6 @@
storage: hdfs
hdfs:
deployChart: false
- externalAddress: ${_param:analytics_hdfs_address}
path: /
- externalPort: 8020
+ addresses:
+ namenode: ${_param:analytics_hdfs_address}
diff --git a/jenkins/client/approved_scripts.yml b/jenkins/client/approved_scripts.yml
index 2c6528f..80cfd95 100644
--- a/jenkins/client/approved_scripts.yml
+++ b/jenkins/client/approved_scripts.yml
@@ -58,6 +58,7 @@
- method java.util.List subList int int
- method java.util.Map remove java.lang.Object
- method java.util.Map size
+ - method java.util.Map isEmpty
- method java.util.regex.MatchResult group int
- method java.util.regex.MatchResult groupCount
- method java.util.regex.Matcher find
@@ -140,3 +141,5 @@
- method hudson.model.Actionable getAction java.lang.Class
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods toSorted java.lang.Iterable
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods intersect java.util.List java.lang.Iterable
+ - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods reverse java.util.List
+ - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods getAt java.util.Collection java.lang.String
diff --git a/jenkins/client/job/debian/packages/ceph.yml b/jenkins/client/job/debian/packages/ceph.yml
new file mode 100644
index 0000000..5307b4b
--- /dev/null
+++ b/jenkins/client/job/debian/packages/ceph.yml
@@ -0,0 +1,77 @@
+parameters:
+ jenkins:
+ client:
+ job_template:
+ build-debian-ceph-package:
+ name: build-debian-{{package}}-{{version}}-ubuntu-{{dist}}
+ jobs:
+ # Xenial
+ - package: ceph
+ dist: xenial
+ branch: debian/xenial-luminous
+ version: luminous
+ - package: ceph
+ dist: xenial
+ branch: debian/xenial-jewel
+ version: jewel
+ template:
+ discard:
+ build:
+ keep_num: 10
+ artifact:
+ keep_num: 10
+ type: workflow-scm
+ concurrent: false
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
+ branch: "${_param:jenkins_pipelines_branch}"
+ credentials: "gerrit"
+ script: build-debian-packages-pipeline.groovy
+ trigger:
+ gerrit:
+ project:
+ debian/{{package}}:
+ branches:
+ - "{{branch}}"
+ message:
+ build_successful: "Build successful"
+ build_unstable: "Build unstable"
+ build_failure: "Build failed"
+ event:
+ ref:
+ - updated
+ param:
+ SOURCE_URL:
+ type: string
+ default: "${_param:jenkins_gerrit_url}/debian/{{package}}.git"
+ SOURCE_BRANCH:
+ type: string
+ default: "{{branch}}"
+ SOURCE_CREDENTIALS:
+ type: string
+ default: "gerrit"
+ EXTRA_REPO_URL:
+ type: string
+ default: "deb ${_param:jenkins_aptly_url}/{{dist}}/ testing ceph"
+ EXTRA_REPO_KEY_URL:
+ type: string
+ default: "${_param:jenkins_aptly_url}/public.gpg"
+ APTLY_URL:
+ type: string
+ default: "${_param:jenkins_aptly_api_url}"
+ APTLY_REPO:
+ type: string
+ default: "ubuntu-{{dist}}-{{package}}-{{version}}"
+ OS:
+ type: string
+ default: "ubuntu"
+ DIST:
+ type: string
+ default: "{{dist}}"
+ ARCH:
+ type: string
+ default: "amd64"
+ UPLOAD_APTLY:
+ type: boolean
+ default: 'true'
\ No newline at end of file
diff --git a/jenkins/client/job/debian/packages/init.yml b/jenkins/client/job/debian/packages/init.yml
index 2fff22c..4196f95 100644
--- a/jenkins/client/job/debian/packages/init.yml
+++ b/jenkins/client/job/debian/packages/init.yml
@@ -4,6 +4,7 @@
- system.jenkins.client.job.debian.packages.salt-multi
- system.jenkins.client.job.debian.packages.horizon
- system.jenkins.client.job.debian.packages.heat.resources
+ - system.jenkins.client.job.debian.packages.ceph
parameters:
jenkins:
client:
diff --git a/jenkins/client/job/debian/packages/salt-multi.yml b/jenkins/client/job/debian/packages/salt-multi.yml
index 90e6f02..f7a87c7 100644
--- a/jenkins/client/job/debian/packages/salt-multi.yml
+++ b/jenkins/client/job/debian/packages/salt-multi.yml
@@ -142,3 +142,6 @@
UPLOAD_APTLY:
type: boolean
default: '{{upload_source_package}}'
+ DEBUG:
+ type: boolean
+ default: 'false'
diff --git a/jenkins/client/job/debian/packages/salt.yml b/jenkins/client/job/debian/packages/salt.yml
index 7b0dc68..0a34447 100644
--- a/jenkins/client/job/debian/packages/salt.yml
+++ b/jenkins/client/job/debian/packages/salt.yml
@@ -5,6 +5,9 @@
build-debian-salt-formula:
name: build-debian-salt-formula-{{name}}-ubuntu-{{dist}}
jobs:
+ - name: aide
+ upload_source_package: false
+ dist: trusty
- name: aodh
upload_source_package: false
dist: trusty
@@ -20,6 +23,9 @@
- name: artifactory
upload_source_package: false
dist: trusty
+ - name: auditd
+ upload_source_package: false
+ dist: trusty
- name: avinetworks
upload_source_package: false
dist: trusty
@@ -170,6 +176,9 @@
- name: magnum
upload_source_package: false
dist: trusty
+ - name: manila
+ upload_source_package: false
+ dist: trusty
- name: memcached
upload_source_package: false
dist: trusty
@@ -314,6 +323,9 @@
- name: zookeeper
upload_source_package: false
dist: trusty
+ - name: aide
+ upload_source_package: true
+ dist: xenial
- name: aodh
upload_source_package: true
dist: xenial
@@ -329,6 +341,9 @@
- name: artifactory
upload_source_package: true
dist: xenial
+ - name: auditd
+ upload_source_package: true
+ dist: xenial
- name: avinetworks
upload_source_package: true
dist: xenial
@@ -488,6 +503,9 @@
- name: magnum
upload_source_package: true
dist: xenial
+ - name: manila
+ upload_source_package: true
+ dist: xenial
- name: memcached
upload_source_package: true
dist: xenial
@@ -629,6 +647,9 @@
- name: varnish
upload_source_package: true
dist: xenial
+ - name: watchdog
+ upload_source_package: true
+ dist: xenial
- name: xtrabackup
upload_source_package: true
dist: xenial
@@ -708,3 +729,6 @@
UPLOAD_APTLY:
type: boolean
default: 'true'
+ DEBUG:
+ type: boolean
+ default: 'false'
diff --git a/jenkins/client/job/deploy/k8s_control.yml b/jenkins/client/job/deploy/k8s_control.yml
index f851176..4dba2e7 100644
--- a/jenkins/client/job/deploy/k8s_control.yml
+++ b/jenkins/client/job/deploy/k8s_control.yml
@@ -8,7 +8,7 @@
display_name: "Deploy - k8s control"
discard:
build:
- keep_num: 20
+ keep_num: 50
concurrent: false
scm:
type: git
diff --git a/jenkins/client/job/deploy/kqueen.yml b/jenkins/client/job/deploy/kqueen.yml
index 817eb8f..0214da7 100644
--- a/jenkins/client/job/deploy/kqueen.yml
+++ b/jenkins/client/job/deploy/kqueen.yml
@@ -7,7 +7,7 @@
type: workflow-scm
discard:
build:
- keep_num: 20
+ keep_num: 50
concurrent: true
display_name: "Deploy AWS K8S using kqueen"
scm:
@@ -58,4 +58,70 @@
default: "jenkins-mk"
KQUEEN_BUILD_ID:
type: string
+ deploy_heat_k8s_kqueen_job:
+ name: deploy-heat-k8s-kqueen
+ type: workflow-scm
+ discard:
+ build:
+ keep_num: 50
+ concurrent: true
+ display_name: "Deploy Heat K8S using kqueen"
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
+ branch: "${_param:jenkins_pipelines_branch}"
+ credentials: "gerrit"
+ script: deploy-heat-k8s-kqueen-pipeline.groovy
+ param:
+ # deployments
+ STACK_NAME:
+ type: string
+ description: "AWS stack name - mandatory param, will be used as is"
+ STACK_COMPUTE_COUNT:
+ type: string
+ default: '2'
+ STACK_TEMPLATE:
+ type: string
+ default: "k8s_ha_calico"
+ STACK_TEMPLATE_URL:
+ type: string
+ default: "${_param:jenkins_gerrit_url}/mk/heat-templates"
+ STACK_TEMPLATE_CREDENTIALS:
+ type: string
+ default: "gerrit"
+ STACK_TEMPLATE_BRANCH:
+ type: string
+ default: "master"
+
+ # salt
+ SALT_MASTER_CREDENTIALS:
+ type: string
+ default: "salt-qa-credentials"
+ SALT_MASTER_URL:
+ type: string
+ default: ""
+
+ # heat
+ HEAT_STACK_ENVIRONMENT:
+ type: string
+ default: "devcloud"
+ HEAT_STACK_ZONE:
+ type: string
+ default: "mcp-mk"
+ HEAT_STACK_PUBLIC_NET:
+ type: string
+ default: "public"
+
+ # openstack api
+ OPENSTACK_API_URL:
+ type: string
+ default: "https://cloud-cz.bud.mirantis.net:5000"
+ OPENSTACK_API_CREDENTIALS:
+ type: string
+ default: "openstack-devcloud-credentials"
+ OPENSTACK_API_PROJECT:
+ type: string
+ default: "mcp-mk"
+ KQUEEN_BUILD_ID:
+ type: string
diff --git a/jenkins/client/job/deploy/lab/cleanup.yml b/jenkins/client/job/deploy/lab/cleanup.yml
index 93a0818..0db6463 100644
--- a/jenkins/client/job/deploy/lab/cleanup.yml
+++ b/jenkins/client/job/deploy/lab/cleanup.yml
@@ -8,7 +8,7 @@
display_name: "Deploy - stack cleanup"
discard:
build:
- keep_num: 20
+ keep_num: 50
scm:
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
@@ -59,7 +59,7 @@
default: "aws-credentials"
AWS_DEFAULT_REGION:
type: string
- default: "us-west-2"
+ default: "eu-central-1"
delete-failed-stacks:
type: workflow-scm
diff --git a/jenkins/client/job/deploy/lab/deploy.yml b/jenkins/client/job/deploy/lab/deploy.yml
index b6bbc71..9a04876 100644
--- a/jenkins/client/job/deploy/lab/deploy.yml
+++ b/jenkins/client/job/deploy/lab/deploy.yml
@@ -11,7 +11,7 @@
type: workflow-scm
discard:
build:
- keep_num: 20
+ keep_num: 100
concurrent: true
display_name: "Deploy - {{stack_name}} {{stack_type}}"
scm:
@@ -100,7 +100,7 @@
description: "Formulas revision to install on Salt Master bootstrap stage"
EXTRA_FORMULAS:
type: string
- default: "maas memcached ntp nginx collectd sensu heka sphinx mysql grafana libvirt rsyslog glusterfs postfix xtrabackup freeipa prometheus telegraf elasticsearch kibana rundeck devops-portal rsync docker keepalived aptly jenkins gerrit artifactory influxdb horizon ceph"
+ default: ""
STATIC_MGMT_NETWORK:
type: boolean
default: 'false'
@@ -180,3 +180,32 @@
description: "Run tests matched to pattern only"
default: ""
+ # TestRail vars
+ TESTRAIL_REPORT:
+ type: boolean
+ description: "Report test results to TestRail if true"
+ default: "false"
+ TESTRAIL_REPORTER_IMAGE:
+ type: string
+ description: "Testrail reporter docker image"
+ default: "alrem/xunit2testrail"
+ TESTRAIL_QA_CREDENTIALS:
+ type: string
+ description: "Credentials for results upload to testrail"
+ default: "oscore-qa-credentials"
+ TESTRAIL_MILESTONE:
+ type: string
+ description: "TestRail milestone"
+ default: "MCP1.1"
+ TESTRAIL_PLAN:
+ type: string
+ description: "TestRail test plan name. Will be generated if missing."
+ default: ""
+ TESTRAIL_GROUP:
+ type: string
+ description: "TestRail test group name."
+ default: "{{stack_name}}"
+ TESTRAIL_SUITE:
+ type: string
+ description: "TestRail test suite name"
+ default: "Tempest 16.0.0 with designate tests"
diff --git a/jenkins/client/job/deploy/lab/release/mcp11.yml b/jenkins/client/job/deploy/lab/release/mcp11.yml
index 8e61e8e..5c0f4d4 100644
--- a/jenkins/client/job/deploy/lab/release/mcp11.yml
+++ b/jenkins/client/job/deploy/lab/release/mcp11.yml
@@ -9,7 +9,7 @@
stack_type: heat
stack_test: ""
job_timer: ""
- - stack_name: virtual_mcp11_ovs_dvr
+ - stack_name: virtual_mcp11_dvr
stack_env: devcloud_virtual_mcp11_dvr
stack_install: core,openstack,dvr
stack_type: heat
diff --git a/jenkins/client/job/deploy/openstack.yml b/jenkins/client/job/deploy/openstack.yml
index 3595e01..d9b1c29 100644
--- a/jenkins/client/job/deploy/openstack.yml
+++ b/jenkins/client/job/deploy/openstack.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ jenkins_salt_api_url: "http://${_param:salt_master_host}:6969"
jenkins:
client:
job:
@@ -8,7 +10,7 @@
display_name: "Deploy - OpenStack"
discard:
build:
- keep_num: 20
+ keep_num: 50
concurrent: true
scm:
type: git
@@ -31,7 +33,7 @@
default: "salt"
SALT_MASTER_URL:
type: string
- default: ""
+ default: "${_param:jenkins_salt_api_url}"
ASK_ON_ERROR:
type: boolean
default: 'false'
diff --git a/jenkins/client/job/deploy/test.yml b/jenkins/client/job/deploy/test.yml
index c226fbc..acf6fa3 100644
--- a/jenkins/client/job/deploy/test.yml
+++ b/jenkins/client/job/deploy/test.yml
@@ -7,7 +7,7 @@
type: workflow-scm
discard:
build:
- keep_num: 20
+ keep_num: 50
concurrent: true
display_name: "Deploy - Test services in environment"
scm:
diff --git a/jenkins/client/job/k8s-test/mcp-k8s-test-pipeline.yml b/jenkins/client/job/k8s-test/mcp-k8s-test-pipeline.yml
index 8490ee7..36e1dc0 100644
--- a/jenkins/client/job/k8s-test/mcp-k8s-test-pipeline.yml
+++ b/jenkins/client/job/k8s-test/mcp-k8s-test-pipeline.yml
@@ -8,7 +8,7 @@
display_name: "Kubernetes tests pipeline"
discard:
build:
- keep_num: 20
+ keep_num: 50
concurrent: false
scm:
type: git
diff --git a/jenkins/client/job/oscore/tests.yml b/jenkins/client/job/oscore/tests.yml
index 06060bd..e4f8009 100644
--- a/jenkins/client/job/oscore/tests.yml
+++ b/jenkins/client/job/oscore/tests.yml
@@ -131,6 +131,14 @@
type: string
default: ""
description: "Defines a list of extra repos with parameters, format: repo 1, repo priority 1, repo pin 1; repo 2, repo priority 2, repo pin 2"
+ ARTIFACTORY_CREDENTIALS:
+ type: string
+ default: "artifactory"
+ description: Jenkins credential ID for Artifactory
+ SALT_MASTER_CREDENTIALS:
+ type: string
+ default: "salt-qa-credentials"
+ description: Jenkins credential ID for Salt master
test-openstack-component-periodic:
name: "{{job_prefix}}-{{milestone}}-{{model}}-{{openstack_version}}-{{formula_pkg_revision}}"
template:
@@ -252,7 +260,7 @@
TEST_TEMPEST_PATTERN:
type: string
description: Run tests matched to pattern only
- default: "tempest"
+ default: "tempest --concurrency 2"
TEST_MODEL:
type: string
description: Environment salt model
@@ -525,6 +533,9 @@
credentials: "gerrit"
branch: 'master'
script: oscc-ci-pipeline.groovy
+ trigger:
+ timer:
+ spec: "0 1 * * *"
param:
# general
DEPLOY_JOB_NAME:
@@ -566,6 +577,10 @@
type: string
description: "OpenStack related components list"
default: "{{openstack_components_list}}"
+ AUTO_PROMOTE:
+ type: boolean
+ default: "{{auto_promote}}"
+ description: Enable to autopromote repo
build-salt-formula-refspec-template:
name: "{{job_prefix}}-build-salt-formula-refspec"
template:
@@ -654,7 +669,7 @@
trigger:
gerrit:
project:
- "^salt-formulas/(nova|cinder|glance|keystone|horizon|neutron|designate|heat|ironic|barbican)$":
+ "^salt-formulas/(nova|cinder|glance|keystone|horizon|neutron|designate|heat|ironic|barbican|salt|linux|reclass|galera|memcached|rabbitmq|bind|apache)$":
compare_type: 'REG_EXP'
branches:
- master
diff --git a/jenkins/client/job/salt-formulas/git-mirrors/2way.yml b/jenkins/client/job/salt-formulas/git-mirrors/2way.yml
index 87f1b89..06117f1 100644
--- a/jenkins/client/job/salt-formulas/git-mirrors/2way.yml
+++ b/jenkins/client/job/salt-formulas/git-mirrors/2way.yml
@@ -7,232 +7,359 @@
git-mirror-2way-salt-formula:
name: git-mirror-2way-salt-formula-{{name}}
jobs:
+ - name: aide
+ branches: ${_param:salt_formulas_branches}
- name: aodh
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: apache
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: aptcacher
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: aptly
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: artifactory
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
+ - name: auditd
+ branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: avinetworks
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: backupninja
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: barbican
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: billometer
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: bind
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: bird
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: cadf
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: calico
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: cassandra
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: ccp
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: ceilometer
branches: ${_param:salt_formulas_extra_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: ceph
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: chrony
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: cinder
branches: ${_param:salt_formulas_extra_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: collectd
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: dekapod
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
+ - name: debmirror
+ branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: devops-portal
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: docker
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: dovecot
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: elasticsearch
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: etcd
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: fluentbit
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: fluentd
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: foreman
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: freeipa
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: galera
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: gerrit
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: git
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: gitlab
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: glance
branches: ${_param:salt_formulas_extra_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: glusterfs
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: gnocchi
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: grafana
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: graphite
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: haproxy
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: heat
branches: ${_param:salt_formulas_extra_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: heka
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: helm
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: horizon
branches: ${_param:salt_formulas_extra_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: influxdb
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: iptables
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: ironic
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: isc-dhcp
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: java
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: jenkins
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: kedb
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: keepalived
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: keystone
branches: ${_param:salt_formulas_extra_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: kibana
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: kubernetes
branches: ${_param:salt_formulas_extra_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: letsencrypt
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: libvirt
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: linux
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: lldp
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: logrotate
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: maas
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: magnum
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
+ - name: manila
+ branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: memcached
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: midonet
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: monasca
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: mongodb
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: murano
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: mysql
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: nagios
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: network
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: neutron
branches: ${_param:salt_formulas_extra_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: nfs
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: nginx
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: nodejs
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: nova
branches: ${_param:salt_formulas_extra_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: ntp
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: octavia
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: opencontrail
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: openldap
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: openssh
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: openvpn
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: openvstorage
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: owncloud
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: panko
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: postfix
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: postgresql
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: powerdns
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: pritunl
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: prometheus
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: python
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: rabbitmq
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: reclass
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: redis
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: roundcube
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: rsync
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: rsyslog
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: rundeck
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: runtest
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: sahara
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: salt
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: sensu
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: sentry
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: sphinx
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: spinnaker
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: statsd
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: supervisor
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: swift
branches: ${_param:salt_formulas_extra_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: taiga
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: telegraf
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: tinyproxy
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: varnish
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
+ - name: watchdog
+ branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: xtrabackup
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: zookeeper
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
template:
discard:
build:
@@ -274,6 +401,9 @@
BRANCHES:
type: string
default: "{{branches}}"
+ NOTIFICATION_RECIPIENTS:
+ type: string
+ default: "{{notification_recipients}}"
job:
git-mirror-2way-salt-formulas-scripts:
discard:
diff --git a/jenkins/client/job/salt-formulas/git-mirrors/init.yml b/jenkins/client/job/salt-formulas/git-mirrors/init.yml
index b46aebc..676fe4e 100644
--- a/jenkins/client/job/salt-formulas/git-mirrors/init.yml
+++ b/jenkins/client/job/salt-formulas/git-mirrors/init.yml
@@ -4,3 +4,4 @@
_param:
salt_formulas_branches: "master"
salt_formulas_extra_branches: "master,debian/xenial,debian/trusty"
+ salt_formulas_notification_recipients: "ci-notifications@mirantis.com"
diff --git a/jenkins/client/job/salt-formulas/tests.yml b/jenkins/client/job/salt-formulas/tests.yml
index 3dd77bf..646212b 100644
--- a/jenkins/client/job/salt-formulas/tests.yml
+++ b/jenkins/client/job/salt-formulas/tests.yml
@@ -5,11 +5,13 @@
test-salt-formula:
name: test-salt-formula-{{name}}-latest
jobs:
+ - name: aide
- name: aodh
- name: apache
- name: aptcacher
- name: aptly
- name: artifactory
+ - name: auditd
- name: avinetworks
- name: backupninja
- name: barbican
@@ -70,6 +72,7 @@
- name: logrotate
- name: maas
- name: magnum
+ - name: manila
- name: memcached
- name: midonet
- name: mirascan
@@ -121,6 +124,7 @@
- name: tinyproxy
- name: tftpd-hpa
- name: varnish
+ - name: watchdog
- name: xtrabackup
- name: zookeeper
template:
@@ -179,6 +183,12 @@
keep_num: 10
type: workflow-scm
concurrent: true
+ plugin_properties:
+ throttleconcurrents:
+ enabled: true
+ throttle_option: category
+ categories:
+ - test-formula
scm:
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
diff --git a/jenkins/client/job/salt-models/tests.yml b/jenkins/client/job/salt-models/tests.yml
index 879a1f1..c496b61 100644
--- a/jenkins/client/job/salt-models/tests.yml
+++ b/jenkins/client/job/salt-models/tests.yml
@@ -8,6 +8,11 @@
name: test-salt-model-{{name}}
template:
type: workflow-scm
+ discard:
+ build:
+ keep_num: 50
+ artifact:
+ keep_num: 50
scm:
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
@@ -81,6 +86,11 @@
name: test-salt-model-{{name}}
template:
type: workflow-scm
+ discard:
+ build:
+ keep_num: 50
+ artifact:
+ keep_num: 50
scm:
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
@@ -119,9 +129,9 @@
template:
discard:
build:
- keep_num: 20
+ keep_num: 50
artifact:
- keep_num: 20
+ keep_num: 50
type: workflow-scm
concurrent: true
scm:
@@ -178,6 +188,12 @@
keep_num: 10
type: workflow-scm
concurrent: true
+ plugin_properties:
+ throttleconcurrents:
+ enabled: true
+ throttle_option: category
+ categories:
+ - test-model
scm:
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
diff --git a/jenkins/client/job/validate.yml b/jenkins/client/job/validate.yml
index ab2dd38..2f8865c 100644
--- a/jenkins/client/job/validate.yml
+++ b/jenkins/client/job/validate.yml
@@ -15,9 +15,9 @@
display_name: "Validate - Openstack"
discard:
build:
- keep_num: 20
+ keep_num: 50
artifact:
- keep_num: 20
+ keep_num: 50
concurrent: false
scm:
type: git
@@ -187,6 +187,69 @@
type: string
default: ""
description: Proxy address to clone repo and install python requirements
+ cvp-func:
+ type: workflow-scm
+ name: cvp-func
+ display_name: "CVP - Functional tests"
+ discard:
+ build:
+ keep_num: 20
+ artifact:
+ keep_num: 20
+ concurrent: false
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
+ credentials: "gerrit"
+ script: cvp-func.groovy
+ param:
+ DEBUG_MODE:
+ type: boolean
+ default: 'false'
+ description: Enable if you need to keep container after the test and debug
+ SKIP_LIST_PATH:
+ type: string
+ default: "cvp-configuration/tempest/skip-list.yaml"
+ description: Path to skip list in container
+ SALT_MASTER_URL:
+ type: string
+ default: "${_param:jenkins_salt_api_url}"
+ description: Full Salt API address [e.g. https://10.10.10.2:6969]
+ SALT_MASTER_CREDENTIALS:
+ type: string
+ default: "salt"
+ description: Credentials to the Salt API
+ TEST_IMAGE:
+ type: string
+ default: "xrally/xrally-openstack:0.9.1"
+ description: Docker image to use for running Rally/Tempest
+ TARGET_NODE:
+ type: string
+ default: "${_param:cicd_control_node03_hostname}.${_param:cluster_domain}"
+ description: Node where container with Tempest will be run
+ PROXY:
+ type: string
+ default: ""
+ description: Proxy address to clone repo and install python requirements
+ TEMPEST_TEST_PATTERN:
+ type: string
+ default: "set=smoke"
+ description: Use set=smoke (or identity,full...] or just test name
+ TEMPEST_ENDPOINT_TYPE:
+ type: choice
+ choices:
+ - internalURL
+ - adminURL
+ - publicURL
+ description: Openstack endpoint type to use during test run
+ TEMPEST_REPO:
+ type: string
+ default: "https://github.com/openstack/tempest"
+ description: URL to Tempest repo (local or remote) or path to tempest folder in container
+ TOOLS_REPO:
+ type: string
+ default: "https://github.com/Mirantis/cvp-configuration"
+ description: URL of repo where testing tools, scenarios, configs are located.
cvp-ha:
type: workflow-scm
name: cvp-ha
diff --git a/jenkins/client/job/vnf-onboarding/init.yml b/jenkins/client/job/vnf-onboarding/init.yml
new file mode 100644
index 0000000..cd97fef
--- /dev/null
+++ b/jenkins/client/job/vnf-onboarding/init.yml
@@ -0,0 +1,11 @@
+classes:
+ - system.jenkins.client.job.vnf-onboarding.test_avi_loadbalancer
+ - system.jenkins.client.job.vnf-onboarding.test_nginx_vnf
+
+parameters:
+ _param:
+ cluster_public_protocol: https
+ vnf_gerrit_credentials: "gerrit"
+ vnf_openstack_api_url: "${_param:cluster_public_protocol}://${_param:cluster_public_host}:5000/v2.0"
+ vnf_openstack_api_credentials: "test-openstack"
+ vnf_elastic_url: "${_param:stacklight_log_address}:${_param:cluster_elasticsearch_port}"
diff --git a/jenkins/client/job/vnf-onboarding/test_avi_loadbalancer.yml b/jenkins/client/job/vnf-onboarding/test_avi_loadbalancer.yml
new file mode 100644
index 0000000..f30b2b7
--- /dev/null
+++ b/jenkins/client/job/vnf-onboarding/test_avi_loadbalancer.yml
@@ -0,0 +1,81 @@
+parameters:
+ jenkins:
+ client:
+ plugin:
+ gerrit-trigger: {}
+ job:
+ test_avi_loadbalancer:
+ type: workflow-scm
+ name: test-avi-loadbalancer
+ display_name: "Onboarding tests for the AVI Loadbalancer VNF"
+ discard:
+ build:
+ keep_num: 20
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/vnf-onboarding/pipelines"
+ credentials: "${_param:vnf_gerrit_credentials}"
+ script: test_vnf_onboarding.groovy
+ trigger:
+ gerrit:
+ project:
+ "vnf-onboarding/avi-loadbalancer":
+ branches:
+ - compare_type: "ANT"
+ name: "**"
+ event:
+ patchset:
+ - created:
+ excludeDrafts: false
+ excludeTrivialRebase: false
+ excludeNoCodeChange: false
+ change:
+ - merged
+ comment:
+ - addedContains:
+ commentAddedCommentContains: '(retest|recheck|reverify)'
+ message:
+ build_successful: "Build successful"
+ build_unstable: "Build unstable"
+ build_failure: "Build failed"
+ param:
+ DEFAULT_GIT_URL:
+ type: string
+ default: "${_param:jenkins_gerrit_url}/vnf-onboarding/avi-loadbalancer"
+ DEFAULT_GIT_REF:
+ type: string
+ default: master
+ OPENSTACK_API_URL:
+ type: string
+ default: "${_param:vnf_openstack_api_url}"
+ OPENSTACK_API_CREDENTIALS:
+ type: string
+ default: "${_param:vnf_openstack_api_credentials}"
+ OPENSTACK_API_TENANT:
+ type: string
+ default: "test-avi"
+ GERRIT_CREDENTIALS:
+ type: string
+ default: "${_param:vnf_gerrit_credentials}"
+ ELASTIC_URL:
+ type: string
+ default: "${_param:vnf_elastic_url}"
+ DEBUG_OPTIONS:
+ type: string
+ description: "Example: skip_all=1 skip_deploy=1 skip_inspection=1"
+ NFV_PLATFORM_REPO:
+ type: string
+ description: "Take Cloudify blueprints, Dockerfile and CI scripts from this repo"
+ default: "${_param:jenkins_gerrit_url}/vnf-onboarding/nfv-platform"
+ NFV_PLATFORM_REPO_BRANCH:
+ type: string
+ default: "master"
+ NFV_PLATFORM_REPO_CREDENTIALS:
+ type: string
+ default: "${_param:vnf_gerrit_credentials}"
+ CI_OPTIONS:
+ type: string
+ default: "CFY_AGENT_NET=cfm-net CFY_AGENT_FLAVOR=cfy.agent CFY_AGENT_IMAGE=ubuntu1 CFY_AGENT_USER=cfyuser CFY_SG=cfm-sg CFY_SSH_KEY_ID=openstack_key"
+ VNF_OPTIONS:
+ type: string
+ default: "AVI_VERSION=17.2.3 AVI_USERNAME=admin AVI_PASSWORD=Swordfish1234 AVI_IMAGE_PASSWORD=58NFaGDJm(PJH0G AVI_OS_FLAVOR=avi_ctrl.small AVI_OS_IMAGE=avi-control-17.2.3"
diff --git a/jenkins/client/job/vnf-onboarding/test_nginx_vnf.yml b/jenkins/client/job/vnf-onboarding/test_nginx_vnf.yml
new file mode 100644
index 0000000..8a86363
--- /dev/null
+++ b/jenkins/client/job/vnf-onboarding/test_nginx_vnf.yml
@@ -0,0 +1,82 @@
+parameters:
+ jenkins:
+ client:
+ plugin:
+ gerrit-trigger: {}
+ job:
+ test_nginx_vnf:
+ type: workflow-scm
+ name: test-nginx-vnf
+ display_name: "Onboarding tests for the NGINX VNF"
+ discard:
+ build:
+ keep_num: 20
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/vnf-onboarding/pipelines"
+ credentials: "${_param:vnf_gerrit_credentials}"
+ script: test_vnf_onboarding.groovy
+ trigger:
+ gerrit:
+ project:
+ "vnf-onboarding/nginx-vnf":
+ branches:
+ - compare_type: "ANT"
+ name: "**"
+ event:
+ patchset:
+ - created:
+ excludeDrafts: false
+ excludeTrivialRebase: false
+ excludeNoCodeChange: false
+ change:
+ - merged
+ comment:
+ - addedContains:
+ commentAddedCommentContains: '(retest|recheck|reverify)'
+ message:
+ build_successful: "Build successful"
+ build_unstable: "Build unstable"
+ build_failure: "Build failed"
+ param:
+ DEFAULT_GIT_URL:
+ type: string
+ default: "${_param:jenkins_gerrit_url}/vnf-onboarding/nginx-vnf"
+ DEFAULT_GIT_REF:
+ type: string
+ default: master
+ OPENSTACK_API_URL:
+ type: string
+ default: "${_param:vnf_openstack_api_url}"
+ OPENSTACK_API_CREDENTIALS:
+ type: string
+ default: "${_param:vnf_openstack_api_credentials}"
+ OPENSTACK_API_TENANT:
+ type: string
+ default: "test-nginx"
+ GERRIT_CREDENTIALS:
+ type: string
+ default: "${_param:vnf_gerrit_credentials}"
+ ELASTIC_URL:
+ type: string
+ default: "${_param:vnf_elastic_url}"
+ DEBUG_OPTIONS:
+ type: string
+ default: "skip_inspection=1"
+ description: "Example: skip_all=1 skip_deploy=1 skip_inspection=1"
+ NFV_PLATFORM_REPO:
+ type: string
+ description: "Take Cloudify blueprints, Dockerfile and CI scripts from this repo"
+ default: "${_param:jenkins_gerrit_url}/vnf-onboarding/nfv-platform"
+ NFV_PLATFORM_REPO_BRANCH:
+ type: string
+ default: "master"
+ NFV_PLATFORM_REPO_CREDENTIALS:
+ type: string
+ default: "${_param:vnf_gerrit_credentials}"
+ CI_OPTIONS:
+ type: string
+ default: "CFY_AGENT_NET=cfm-net CFY_AGENT_FLAVOR=cfy.agent CFY_AGENT_IMAGE=ubuntu1 CFY_AGENT_USER=cfyuser CFY_SG=cfm-sg CFY_SSH_KEY_ID=openstack_key"
+ VNF_OPTIONS:
+ type: string
+ default: ""
diff --git a/jenkins/slave/debmirror.yml b/jenkins/slave/debmirror.yml
new file mode 100644
index 0000000..6cd7829
--- /dev/null
+++ b/jenkins/slave/debmirror.yml
@@ -0,0 +1,8 @@
+classes:
+ - system.jenkins.slave
+parameters:
+ linux:
+ system:
+ package:
+ debmirror:
+ version: latest
diff --git a/keystone/client/core.yml b/keystone/client/core.yml
index 39d28de..f869059 100644
--- a/keystone/client/core.yml
+++ b/keystone/client/core.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ keystone_service_protocol: http
linux:
system:
job:
@@ -16,6 +18,7 @@
host: ${_param:keystone_service_host}
port: 35357
token: ${_param:keystone_service_token}
+ protocol: ${_param:keystone_service_protocol}
roles:
- admin
- Member
@@ -38,3 +41,4 @@
port: 5000
region_name: ${_param:openstack_region}
use_keystoneauth: true
+ protocol: ${_param:keystone_service_protocol}
diff --git a/keystone/client/image_manager.yml b/keystone/client/image_manager.yml
index 024b0c4..becd512 100644
--- a/keystone/client/image_manager.yml
+++ b/keystone/client/image_manager.yml
@@ -1,6 +1,7 @@
parameters:
_param:
keystone_image_manager_email: 'root@localhost'
+ keystone_service_protocol: http
keystone:
client:
enabled: true
@@ -10,6 +11,7 @@
host: ${_param:keystone_service_host}
port: 35357
token: ${_param:keystone_service_token}
+ protocol: ${_param:keystone_service_protocol}
roles:
- image_manager
project:
diff --git a/keystone/client/service/aodh.yml b/keystone/client/service/aodh.yml
index 51de0ca..c4d49b8 100644
--- a/keystone/client/service/aodh.yml
+++ b/keystone/client/service/aodh.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ aodh_service_protocol: http
keystone:
client:
server:
@@ -25,6 +26,8 @@
internal_address: ${_param:aodh_service_host}
internal_port: 8042
internal_path: '/'
+ internal_protocol: ${_param:aodh_service_protocol}
+ admin_protocol: ${_param:aodh_service_protocol}
admin_address: ${_param:aodh_service_host}
admin_port: 8042
admin_path: '/'
diff --git a/keystone/client/service/barbican.yml b/keystone/client/service/barbican.yml
index 497eb50..d222fb6 100644
--- a/keystone/client/service/barbican.yml
+++ b/keystone/client/service/barbican.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ barbican_service_protocol: http
keystone:
client:
server:
@@ -31,6 +32,8 @@
internal_address: ${_param:barbican_service_host}
internal_port: 9311
internal_path: '/'
+ internal_protocol: ${_param:barbican_service_protocol}
admin_address: ${_param:barbican_service_host}
admin_port: 9311
admin_path: '/'
+ admin_protocol: ${_param:barbican_service_protocol}
diff --git a/keystone/client/service/billometer.yml b/keystone/client/service/billometer.yml
index 3728aa5..6100dc9 100644
--- a/keystone/client/service/billometer.yml
+++ b/keystone/client/service/billometer.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ billometer_service_protocol: http
keystone:
client:
server:
@@ -25,6 +26,8 @@
internal_address: ${_param:billometer_service_host}
internal_port: 9753
internal_path: '/v1'
+ internal_protocol: ${_param:billometer_service_protocol}
+ admin_protocol: ${_param:billometer_service_protocol}
admin_address: ${_param:billometer_service_host}
admin_port: 9753
admin_path: '/v1'
diff --git a/keystone/client/service/ceilometer.yml b/keystone/client/service/ceilometer.yml
index 4c59f80..90e0d3e 100644
--- a/keystone/client/service/ceilometer.yml
+++ b/keystone/client/service/ceilometer.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ ceilometer_service_protocol: http
keystone:
client:
server:
@@ -25,6 +26,8 @@
internal_address: ${_param:ceilometer_service_host}
internal_port: 8777
internal_path: '/'
+ internal_protocol: ${_param:ceilometer_service_protocol}
+ admin_protocol: ${_param:ceilometer_service_protocol}
admin_address: ${_param:ceilometer_service_host}
admin_port: 8777
admin_path: '/'
diff --git a/keystone/client/service/cinder.yml b/keystone/client/service/cinder.yml
index ffb5510..64705e3 100644
--- a/keystone/client/service/cinder.yml
+++ b/keystone/client/service/cinder.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ cinder_service_protocol: http
keystone:
client:
server:
@@ -25,6 +26,8 @@
internal_address: ${_param:cinder_service_host}
internal_port: 8776
internal_path: '/v1/$(project_id)s'
+ internal_protocol: ${_param:cinder_service_protocol}
+ admin_protocol: ${_param:cinder_service_protocol}
admin_address: ${_param:cinder_service_host}
admin_port: 8776
admin_path: '/v1/$(project_id)s'
diff --git a/keystone/client/service/cinder2.yml b/keystone/client/service/cinder2.yml
index e0e2636..cb289e1 100644
--- a/keystone/client/service/cinder2.yml
+++ b/keystone/client/service/cinder2.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ cinder_service_protocol: http
keystone:
client:
server:
@@ -25,6 +26,8 @@
internal_address: ${_param:cinder_service_host}
internal_port: 8776
internal_path: '/v2/$(project_id)s'
+ internal_protocol: ${_param:cinder_service_protocol}
+ admin_protocol: ${_param:cinder_service_protocol}
admin_address: ${_param:cinder_service_host}
admin_port: 8776
admin_path: '/v2/$(project_id)s'
diff --git a/keystone/client/service/cinder3.yml b/keystone/client/service/cinder3.yml
index 43a805c..d5e0ae1 100644
--- a/keystone/client/service/cinder3.yml
+++ b/keystone/client/service/cinder3.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ cinder_service_protocol: http
keystone:
client:
server:
@@ -25,6 +26,8 @@
internal_address: ${_param:cinder_service_host}
internal_port: 8776
internal_path: '/v3/$(project_id)s'
+ internal_protocol: ${_param:cinder_service_protocol}
+ admin_protocol: ${_param:cinder_service_protocol}
admin_address: ${_param:cinder_service_host}
admin_port: 8776
admin_path: '/v3/$(project_id)s'
diff --git a/keystone/client/service/congress.yml b/keystone/client/service/congress.yml
index 529d3ee..49e8337 100644
--- a/keystone/client/service/congress.yml
+++ b/keystone/client/service/congress.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ congress_service_protocol: http
keystone:
client:
server:
@@ -25,6 +26,8 @@
internal_address: ${_param:congress_service_host}
internal_port: 1789
internal_path: '/'
+ internal_protocol: ${_param:congress_service_protocol}
+ admin_protocol: ${_param:congress_service_protocol}
admin_address: ${_param:congress_service_host}
admin_port: 1789
admin_path: '/'
diff --git a/keystone/client/service/designate.yml b/keystone/client/service/designate.yml
index 4018712..75a588e 100644
--- a/keystone/client/service/designate.yml
+++ b/keystone/client/service/designate.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ designate_service_protocol: http
keystone:
client:
server:
@@ -25,6 +26,8 @@
internal_address: ${_param:designate_service_host}
internal_port: 9001
internal_path: '/'
+ internal_protocol: ${_param:designate_service_protocol}
+ admin_protocol: ${_param:designate_service_protocol}
admin_address: ${_param:designate_service_host}
admin_port: 9001
admin_path: '/'
diff --git a/keystone/client/service/glance.yml b/keystone/client/service/glance.yml
index 365917b..3c0db9c 100644
--- a/keystone/client/service/glance.yml
+++ b/keystone/client/service/glance.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ glance_service_protocol: http
keystone:
client:
server:
@@ -25,6 +26,8 @@
internal_address: ${_param:glance_service_host}
internal_port: 9292
internal_path: ''
+ internal_protocol: ${_param:glance_service_protocol}
+ admin_protocol: ${_param:glance_service_protocol}
admin_address: ${_param:glance_service_host}
admin_port: 9292
admin_path: ''
diff --git a/keystone/client/service/glare.yml b/keystone/client/service/glare.yml
index 78c7d1f..4534b0e 100644
--- a/keystone/client/service/glare.yml
+++ b/keystone/client/service/glare.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ glare_service_protocol: http
keystone:
client:
server:
@@ -25,6 +26,8 @@
internal_address: ${_param:glance_service_host}
internal_port: 9494
internal_path: ''
+ internal_protocol: ${_param:glare_service_protocol}
+ admin_protocol: ${_param:glare_service_protocol}
admin_address: ${_param:glance_service_host}
admin_port: 9494
admin_path: ''
diff --git a/keystone/client/service/heat-cfn.yml b/keystone/client/service/heat-cfn.yml
index 343ff46..1a2486a 100644
--- a/keystone/client/service/heat-cfn.yml
+++ b/keystone/client/service/heat-cfn.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ heat_service_protocol: http
keystone:
client:
server:
@@ -18,6 +19,8 @@
internal_address: ${_param:heat_service_host}
internal_port: 8000
internal_path: '/v1'
+ internal_protocol: ${_param:heat_service_protocol}
+ admin_protocol: ${_param:heat_service_protocol}
admin_address: ${_param:heat_service_host}
admin_port: 8000
admin_path: '/v1'
diff --git a/keystone/client/service/heat.yml b/keystone/client/service/heat.yml
index d7eadd5..c8882dd 100644
--- a/keystone/client/service/heat.yml
+++ b/keystone/client/service/heat.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ heat_service_protocol: http
keystone:
client:
server:
@@ -28,6 +29,8 @@
internal_address: ${_param:heat_service_host}
internal_port: 8004
internal_path: '/v1/%(project_id)s'
+ internal_protocol: ${_param:heat_service_protocol}
+ admin_protocol: ${_param:heat_service_protocol}
admin_address: ${_param:heat_service_host}
admin_port: 8004
admin_path: '/v1/%(project_id)s'
diff --git a/keystone/client/service/ironic.yml b/keystone/client/service/ironic.yml
index 1ab9872..e4c384c 100644
--- a/keystone/client/service/ironic.yml
+++ b/keystone/client/service/ironic.yml
@@ -1,6 +1,8 @@
parameters:
_param:
cluster_public_protocol: https
+ keystone_service_protocol: http
+ ironic_service_protocol: http
keystone:
client:
server:
@@ -25,6 +27,8 @@
internal_address: ${_param:ironic_service_host}
internal_port: 6385
internal_path: ''
+ internal_protocol: ${_param:ironic_service_protocol}
+ admin_protocol: ${_param:ironic_service_protocol}
admin_address: ${_param:ironic_service_host}
admin_port: 6385
admin_path: ''
@@ -36,3 +40,4 @@
host: ${_param:keystone_service_host}
port: 5000
region_name: ${_param:openstack_region}
+ protocol: ${_param:keystone_service_protocol}
diff --git a/keystone/client/service/keystone.yml b/keystone/client/service/keystone.yml
index af3acfc..d9092e0 100644
--- a/keystone/client/service/keystone.yml
+++ b/keystone/client/service/keystone.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ keystone_service_protocol: http
keystone:
client:
server:
@@ -18,6 +19,8 @@
internal_address: ${_param:keystone_service_host}
internal_port: 5000
internal_path: '/v2.0'
+ internal_protocol: ${_param:keystone_service_protocol}
admin_address: ${_param:keystone_service_host}
admin_port: 35357
admin_path: '/v2.0'
+ admin_protocol: ${_param:keystone_service_protocol}
diff --git a/keystone/client/service/keystone3.yml b/keystone/client/service/keystone3.yml
index bd0c63b..5138c4f 100644
--- a/keystone/client/service/keystone3.yml
+++ b/keystone/client/service/keystone3.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ keystone_service_protocol: http
keystone:
client:
server:
@@ -18,6 +19,8 @@
internal_address: ${_param:keystone_service_host}
internal_port: 5000
internal_path: '/v3'
+ internal_protocol: ${_param:keystone_service_protocol}
admin_address: ${_param:keystone_service_host}
admin_port: 35357
admin_path: '/v2.0'
+ admin_protocol: ${_param:keystone_service_protocol}
diff --git a/keystone/client/service/murano.yml b/keystone/client/service/murano.yml
index 5e65038..e6c70f1 100644
--- a/keystone/client/service/murano.yml
+++ b/keystone/client/service/murano.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ murano_service_protocol: http
keystone:
client:
server:
@@ -25,6 +26,8 @@
internal_address: ${_param:murano_service_host}
internal_port: 8082
internal_path: ''
+ internal_protocol: ${_param:murano_service_protocol}
+ admin_protocol: ${_param:murano_service_protocol}
admin_address: ${_param:murano_service_host}
admin_port: 8082
admin_path: ''
diff --git a/keystone/client/service/neutron.yml b/keystone/client/service/neutron.yml
index 12fe9fe..8bec7f2 100644
--- a/keystone/client/service/neutron.yml
+++ b/keystone/client/service/neutron.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ neutron_service_protocol: http
keystone:
client:
server:
@@ -25,6 +26,8 @@
internal_address: ${_param:neutron_service_host}
internal_port: 9696
internal_path: '/'
+ internal_protocol: ${_param:neutron_service_protocol}
+ admin_protocol: ${_param:neutron_service_protocol}
admin_address: ${_param:neutron_service_host}
admin_port: 9696
admin_path: '/'
diff --git a/keystone/client/service/nova-placement.yml b/keystone/client/service/nova-placement.yml
index 61b5455..3ed0654 100644
--- a/keystone/client/service/nova-placement.yml
+++ b/keystone/client/service/nova-placement.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ nova_service_protocol: http
keystone:
client:
server:
@@ -18,6 +19,8 @@
internal_address: ${_param:nova_service_host}
internal_port: '8778'
internal_path: ''
+ internal_protocol: ${_param:nova_service_protocol}
+ admin_protocol: ${_param:nova_service_protocol}
admin_address: ${_param:nova_service_host}
admin_port: '8778'
admin_path: ''
diff --git a/keystone/client/service/nova.yml b/keystone/client/service/nova.yml
index a0d698b..ca20106 100644
--- a/keystone/client/service/nova.yml
+++ b/keystone/client/service/nova.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ nova_service_protocol: http
keystone:
client:
server:
@@ -25,6 +26,8 @@
internal_address: ${_param:nova_service_host}
internal_port: 8774
internal_path: '/v2/$(project_id)s'
+ internal_protocol: ${_param:nova_service_protocol}
+ admin_protocol: ${_param:nova_service_protocol}
admin_address: ${_param:nova_service_host}
admin_port: 8774
admin_path: '/v2/$(project_id)s'
diff --git a/keystone/client/service/nova21.yml b/keystone/client/service/nova21.yml
index 328aefd..2782ec2 100644
--- a/keystone/client/service/nova21.yml
+++ b/keystone/client/service/nova21.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ nova_service_protocol: http
keystone:
client:
server:
@@ -25,6 +26,8 @@
internal_address: ${_param:nova_service_host}
internal_port: 8774
internal_path: '/v2/$(project_id)s'
+ internal_protocol: ${_param:nova_service_protocol}
+ admin_protocol: ${_param:nova_service_protocol}
admin_address: ${_param:nova_service_host}
admin_port: 8774
admin_path: '/v2/$(project_id)s'
@@ -40,6 +43,8 @@
internal_address: ${_param:nova_service_host}
internal_port: 8774
internal_path: '/v2.1/$(project_id)s'
+ internal_protocol: ${_param:nova_service_protocol}
+ admin_protocol: ${_param:nova_service_protocol}
admin_address: ${_param:nova_service_host}
admin_port: 8774
admin_path: '/v2.1/$(project_id)s'
diff --git a/keystone/client/service/octavia.yml b/keystone/client/service/octavia.yml
index 0382345..c08312e 100644
--- a/keystone/client/service/octavia.yml
+++ b/keystone/client/service/octavia.yml
@@ -1,6 +1,8 @@
parameters:
_param:
cluster_public_protocol: https
+ keystone_service_protocol: http
+ octavia_service_protocol: http
keystone:
client:
server:
@@ -25,6 +27,8 @@
internal_address: ${_param:octavia_service_host}
internal_port: 9876
internal_path: '/'
+ internal_protocol: ${_param:octavia_service_protocol}
+ admin_protocol: ${_param:octavia_service_protocol}
admin_address: ${_param:octavia_service_host}
admin_port: 9876
admin_path: '/'
@@ -37,3 +41,4 @@
port: 5000
region_name: ${_param:openstack_region}
use_keystoneauth: true
+ protocol: ${_param:keystone_service_protocol}
diff --git a/keystone/client/service/radosgw-s3.yml b/keystone/client/service/radosgw-s3.yml
index 06d8299..c97c812 100644
--- a/keystone/client/service/radosgw-s3.yml
+++ b/keystone/client/service/radosgw-s3.yml
@@ -2,6 +2,7 @@
_param:
cluster_public_protocol: https
radosgw_s3_cluster_port: 8081
+ radosgw_service_protocol: http
keystone:
client:
server:
@@ -26,6 +27,8 @@
internal_address: ${_param:radosgw_service_host}
internal_port: ${_param:radosgw_s3_cluster_port}
internal_path: '/'
+ internal_protocol: ${_param:radosgw_service_protocol}
+ admin_protocol: ${_param:radosgw_service_protocol}
admin_address: ${_param:radosgw_service_host}
admin_port: ${_param:radosgw_s3_cluster_port}
admin_path: '/'
diff --git a/keystone/client/service/radosgw-swift.yml b/keystone/client/service/radosgw-swift.yml
index 3bf9b27..14a24af 100644
--- a/keystone/client/service/radosgw-swift.yml
+++ b/keystone/client/service/radosgw-swift.yml
@@ -2,6 +2,7 @@
_param:
cluster_public_protocol: https
radosgw_swift_cluster_port: 8081
+ radosgw_service_protocol: http
keystone:
client:
server:
@@ -26,6 +27,8 @@
internal_address: ${_param:radosgw_service_host}
internal_port: ${_param:radosgw_swift_cluster_port}
internal_path: '/swift/v1'
+ internal_protocol: ${_param:radosgw_service_protocol}
+ admin_protocol: ${_param:radosgw_service_protocol}
admin_address: ${_param:radosgw_service_host}
admin_port: ${_param:radosgw_swift_cluster_port}
admin_path: '/swift/v1'
diff --git a/keystone/client/service/sahara.yml b/keystone/client/service/sahara.yml
index 84a0b96..b635137 100644
--- a/keystone/client/service/sahara.yml
+++ b/keystone/client/service/sahara.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ sahara_internal_protocol: http
keystone:
client:
server:
@@ -25,6 +26,8 @@
internal_address: ${_param:sahara_service_host}
internal_port: 8386
internal_path: '/v1.1/%(project_id)s'
+ internal_protocol: ${_param:sahara_internal_protocol}
+ admin_protocol: ${_param:sahara_internal_protocol}
admin_address: ${_param:sahara_service_host}
admin_port: 8386
admin_path: '/v1.1/%(project_id)s'
diff --git a/keystone/client/service/swift-s3.yml b/keystone/client/service/swift-s3.yml
index 5880487c9..b2769a0 100644
--- a/keystone/client/service/swift-s3.yml
+++ b/keystone/client/service/swift-s3.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ swift_service_protocol: http
keystone:
client:
server:
@@ -26,6 +27,8 @@
internal_address: ${_param:swift_service_host}
internal_port: 8080
internal_path: '/v1/AUTH_%(project_id)s'
+ internal_protocol: ${_param:swift_service_protocol}
+ admin_protocol: ${_param:swift_service_protocol}
admin_address: ${_param:swift_service_host}
admin_port: 8080
admin_path: '/'
diff --git a/keystone/client/service/swift.yml b/keystone/client/service/swift.yml
index 781fab9..6f558fb 100644
--- a/keystone/client/service/swift.yml
+++ b/keystone/client/service/swift.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ swift_service_protocol: http
keystone:
client:
server:
@@ -25,6 +26,8 @@
internal_address: ${_param:swift_service_host}
internal_port: 8080
internal_path: '/v1/AUTH_%(project_id)s'
+ internal_protocol: ${_param:swift_service_protocol}
+ admin_protocol: ${_param:swift_service_protocol}
admin_address: ${_param:swift_service_host}
admin_port: 8080
admin_path: '/'
diff --git a/keystone/client/single.yml b/keystone/client/single.yml
index ebf5b5f..a79ed7e 100644
--- a/keystone/client/single.yml
+++ b/keystone/client/single.yml
@@ -7,6 +7,8 @@
- system.keystone.client.service.keystone
- system.keystone.client.service.neutron
parameters:
+ _param:
+ keystone_service_protocol: http
linux:
system:
job:
@@ -24,6 +26,7 @@
host: ${_param:keystone_service_host}
port: 35357
token: ${_param:keystone_service_token}
+ protocol: ${_param:keystone_service_protocol}
roles:
- admin
- Member
@@ -46,3 +49,4 @@
port: 5000
region_name: ${_param:openstack_region}
use_keystoneauth: true
+ protocol: ${_param:keystone_service_protocol}
diff --git a/keystone/server/wsgi.yml b/keystone/server/wsgi.yml
index f62c1cc..333cb76 100644
--- a/keystone/server/wsgi.yml
+++ b/keystone/server/wsgi.yml
@@ -1,6 +1,10 @@
classes:
- system.apache.server.single
parameters:
+ _param:
+ apache_keystone_ssl:
+ enabled: false
+ apache_keystone_api_host: ${linux:network:fqdn}
keystone:
server:
service_name: apache2
@@ -14,7 +18,8 @@
type: keystone
name: wsgi
host:
- name: ${linux:network:fqdn}
+ name: ${_param:apache_keystone_api_host}
+ ssl: ${_param:apache_keystone_ssl}
log:
custom:
format: >-
diff --git a/libvirt/server/init.yml b/libvirt/server/init.yml
new file mode 100644
index 0000000..9374c84
--- /dev/null
+++ b/libvirt/server/init.yml
@@ -0,0 +1,2 @@
+classes:
+- service.libvirt.server
diff --git a/libvirt/server/single.yml b/libvirt/server/single.yml
index f25f8ed..dbf9177 100644
--- a/libvirt/server/single.yml
+++ b/libvirt/server/single.yml
@@ -1,3 +1,5 @@
+classes:
+- service.libvirt.server
parameters:
linux:
system:
diff --git a/linux/network/interface/single_ovs_dvr.yml b/linux/network/interface/single_ovs_dvr.yml
index 482bd02..2f4cf2a 100644
--- a/linux/network/interface/single_ovs_dvr.yml
+++ b/linux/network/interface/single_ovs_dvr.yml
@@ -39,7 +39,7 @@
type: ovs_port
mtu: 65000
bridge: br-floating
- br-mgmt:
+ br-mgm:
enabled: true
type: bridge
mtu: ${_param:interface_mtu}
@@ -64,4 +64,4 @@
use_interfaces:
- ${_param:external_interface}
use_ovs_ports:
- - float-to-ex
\ No newline at end of file
+ - float-to-ex
diff --git a/linux/system/repo/mcp/apt_mirantis/docker_legacy.yml b/linux/system/repo/mcp/apt_mirantis/docker_legacy.yml
index 86c6426..287dc27 100644
--- a/linux/system/repo/mcp/apt_mirantis/docker_legacy.yml
+++ b/linux/system/repo/mcp/apt_mirantis/docker_legacy.yml
@@ -6,11 +6,7 @@
system:
repo:
mcp_docker_legacy:
- source: "deb [arch=amd64] http://apt.mirantis.com/${_param:linux_system_codename}/docker/ ${_param:linux_system_repo_mcp_docker_legacy_version} legacy"
+ source: "deb [arch=amd64] https://mirror.mirantis.com/${_param:linux_system_repo_mcp_docker_legacy_version}/docker-1.x/ ubuntu-${_param:linux_system_codename} main"
architectures: amd64
- key_url: "http://apt.mirantis.com/public.gpg"
- clean_file: true
- pin:
- - pin: 'release a=${_param:linux_system_repo_mcp_docker_legacy_version}'
- priority: 1100
- package: '*'
+ key_id: 58118E89F3A912897C070ADBF76221572C52609D
+ key_server: keyserver.ubuntu.com
\ No newline at end of file
diff --git a/neutron/control/ovn/single.yml b/neutron/control/ovn/single.yml
index c02f621..92b8258 100644
--- a/neutron/control/ovn/single.yml
+++ b/neutron/control/ovn/single.yml
@@ -32,6 +32,11 @@
message_queue:
members:
- host: ${_param:openstack_message_queue_node01_address}
+ ovn_ctl_opts:
+ db-nb-create-insecure-remote: 'yes'
+ db-sb-create-insecure-remote: 'yes'
+ db-nb-addr: ${_param:single_address}
+ db-sb-addr: ${_param:single_address}
mysql:
server:
database:
diff --git a/nginx/server/proxy/openstack/barbican.yml b/nginx/server/proxy/openstack/barbican.yml
index 5f658d1..89e5a9c 100644
--- a/nginx/server/proxy/openstack/barbican.yml
+++ b/nginx/server/proxy/openstack/barbican.yml
@@ -1,6 +1,8 @@
parameters:
_param:
nginx_proxy_openstack_api_host: ${_param:cluster_public_host}
+ nginx_proxy_openstack_api_address: 0.0.0.0
+ nginx_proxy_openstack_barbican_host: ${_param:barbican_service_host}
nginx:
server:
enabled: true
@@ -11,10 +13,11 @@
name: openstack_api_barbican
check: false
proxy:
- host: ${_param:barbican_service_host}
+ host: ${_param:nginx_proxy_openstack_barbican_host}
port: 9311
protocol: http
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 9311
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
diff --git a/nginx/server/proxy/openstack/designate.yml b/nginx/server/proxy/openstack/designate.yml
index 29bc390..c238775 100644
--- a/nginx/server/proxy/openstack/designate.yml
+++ b/nginx/server/proxy/openstack/designate.yml
@@ -1,6 +1,8 @@
parameters:
_param:
nginx_proxy_openstack_api_host: ${_param:cluster_public_host}
+ nginx_proxy_openstack_api_address: 0.0.0.0
+ nginx_proxy_openstack_designate_host: ${_param:designate_service_host}
nginx:
server:
enabled: true
@@ -10,10 +12,11 @@
type: nginx_proxy
name: openstack_api_designate
proxy:
- host: ${_param:nginx_proxy_openstack_api_proxy_host}
+ host: ${_param:nginx_proxy_openstack_designate_host}
port: 9001
protocol: http
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 9001
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
diff --git a/nginx/server/proxy/openstack/horizon.yml b/nginx/server/proxy/openstack/horizon.yml
index 13df5cb..03e3f3c 100644
--- a/nginx/server/proxy/openstack/horizon.yml
+++ b/nginx/server/proxy/openstack/horizon.yml
@@ -1,4 +1,8 @@
parameters:
+ _param:
+ nginx_proxy_openstack_api_host: ${_param:cluster_public_host}
+ nginx_proxy_openstack_api_address: 0.0.0.0
+ nginx_proxy_openstack_horizon_host: ${_param:openstack_proxy_address}
nginx:
server:
enabled: true
@@ -8,11 +12,12 @@
type: nginx_proxy
name: horizon
proxy:
- host: ${_param:openstack_proxy_address}
+ host: ${_param:nginx_proxy_openstack_horizon_host}
port: 443
protocol: https
host:
- name: ${_param:cluster_public_host}
+ name: ${_param:nginx_proxy_openstack_api_host}
port: 443
protocol: https
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
diff --git a/nginx/server/proxy/openstack/placement.yml b/nginx/server/proxy/openstack/placement.yml
new file mode 100644
index 0000000..eda272c
--- /dev/null
+++ b/nginx/server/proxy/openstack/placement.yml
@@ -0,0 +1,22 @@
+parameters:
+ _param:
+ nginx_proxy_openstack_api_host: ${_param:cluster_public_host}
+ nginx_proxy_openstack_api_address: 0.0.0.0
+ nginx_proxy_openstack_placement_host: ${_param:placement_service_host}
+ nginx:
+ server:
+ enabled: true
+ site:
+ nginx_proxy_openstack_api_placement:
+ enabled: true
+ type: nginx_proxy
+ name: openstack_api_placement
+ proxy:
+ host: ${_param:nginx_proxy_openstack_placement_host}
+ port: 8778
+ protocol: http
+ host:
+ name: ${_param:nginx_proxy_openstack_api_host}
+ port: 8778
+ address: ${_param:nginx_proxy_openstack_api_address}
+ ssl: ${_param:nginx_proxy_ssl}
diff --git a/nginx/server/proxy/openstack_api.yml b/nginx/server/proxy/openstack_api.yml
index 4b0b3f4..4f6073d 100644
--- a/nginx/server/proxy/openstack_api.yml
+++ b/nginx/server/proxy/openstack_api.yml
@@ -1,6 +1,13 @@
parameters:
_param:
nginx_proxy_openstack_api_host: ${_param:cluster_public_host}
+ nginx_proxy_openstack_api_address: 0.0.0.0
+ nginx_proxy_openstack_keystone_host: ${_param:keystone_service_host}
+ nginx_proxy_openstack_nova_host: ${_param:nova_service_host}
+ nginx_proxy_openstack_cinder_host: ${_param:cinder_service_host}
+ nginx_proxy_openstack_glance_host: ${_param:glance_service_host}
+ nginx_proxy_openstack_neutron_host: ${_param:neutron_service_host}
+ nginx_proxy_openstack_heat_host: ${_param:heat_service_host}
nginx:
server:
enabled: true
@@ -11,12 +18,13 @@
name: openstack_api_keystone
check: false
proxy:
- host: ${_param:keystone_service_host}
+ host: ${_param:nginx_proxy_openstack_keystone_host}
port: 5000
protocol: http
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 5000
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_keystone_private:
enabled: true
@@ -24,12 +32,13 @@
name: openstack_api_keystone_private
check: false
proxy:
- host: ${_param:keystone_service_host}
+ host: ${_param:nginx_proxy_openstack_keystone_host}
port: 35357
protocol: http
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 35357
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_nova:
enabled: true
@@ -37,12 +46,13 @@
name: openstack_api_nova
check: false
proxy:
- host: ${_param:nova_service_host}
+ host: ${_param:nginx_proxy_openstack_nova_host}
port: 8774
protocol: http
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 8774
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_cinder:
enabled: true
@@ -50,12 +60,13 @@
name: openstack_api_cinder
check: false
proxy:
- host: ${_param:cinder_service_host}
+ host: ${_param:nginx_proxy_openstack_cinder_host}
port: 8776
protocol: http
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 8776
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_glance:
enabled: true
@@ -64,13 +75,14 @@
check: false
underscores_in_headers: true
proxy:
- host: ${_param:glance_service_host}
+ host: ${_param:nginx_proxy_openstack_glance_host}
port: 9292
protocol: http
size: 30000m
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 9292
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_neutron:
enabled: true
@@ -78,36 +90,39 @@
name: openstack_api_neutron
check: false
proxy:
- host: ${_param:neutron_service_host}
+ host: ${_param:nginx_proxy_openstack_neutron_host}
port: 9696
protocol: http
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 9696
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_heat_cloudwatch:
enabled: true
type: nginx_proxy
name: openstack_api_heat_cloudwatch
proxy:
- host: ${_param:heat_service_host}
+ host: ${_param:nginx_proxy_openstack_heat_host}
port: 8003
protocol: http
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 8003
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_heat_cfn:
enabled: true
type: nginx_proxy
name: openstack_api_heat_cfn
proxy:
- host: ${_param:heat_service_host}
+ host: ${_param:nginx_proxy_openstack_heat_host}
port: 8000
protocol: http
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 8000
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_heat:
enabled: true
@@ -115,12 +130,13 @@
name: openstack_api_heat
check: false
proxy:
- host: ${_param:heat_service_host}
+ host: ${_param:nginx_proxy_openstack_heat_host}
port: 8004
protocol: http
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 8004
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_nova_ec2:
enabled: true
@@ -128,10 +144,11 @@
name: openstack_api_nova_ec2
check: false
proxy:
- host: ${_param:nova_service_host}
+ host: ${_param:nginx_proxy_openstack_nova_host}
port: 8773
protocol: http
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 8773
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
diff --git a/opencontrail/control/control.yml b/opencontrail/control/control.yml
index 50c0c77..e846f5d 100644
--- a/opencontrail/control/control.yml
+++ b/opencontrail/control/control.yml
@@ -4,7 +4,7 @@
- system.haproxy.proxy.listen.opencontrail.control
parameters:
_param:
- multi_tenancy: false
+ multi_tenancy: true
opencontrail_message_queue_node01_address: ${_param:openstack_message_queue_node01_address}
opencontrail_message_queue_node02_address: ${_param:openstack_message_queue_node02_address}
opencontrail_message_queue_node03_address: ${_param:openstack_message_queue_node03_address}
diff --git a/openssh/server/team/members/alugovoi.yml b/openssh/server/team/members/alugovoi.yml
new file mode 100644
index 0000000..4a5c0d8
--- /dev/null
+++ b/openssh/server/team/members/alugovoi.yml
@@ -0,0 +1,19 @@
+parameters:
+ linux:
+ system:
+ user:
+ alugovoi:
+ enabled: true
+ name: alugovoi
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: Alexei Lugovoi
+ home: /home/alugovoi
+ email: alugovoi@mirantis.com
+ openssh:
+ server:
+ user:
+ alugovoi:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQChbsvFGG96lVcXrKWiJuFkrKSYR+lv/0kWQw6NugJMfem4XycbC85J7op6WtjlbZPTEKLJUkF2WFRyY6sHlFNwuSNqEgQhxUwYT+TpbCXlW837fuykjBFR/XQH4FvOAH8X4Pd+jy+WRk0UN9rt2QZWFu1znzB1brB6OZBBHZooaSQjnbBPbnepvl6gOtCRMK/3qRqKaHe5at4cTML4UOwRn25eCwmbS1Tm2bVfRiabShIS2WA02Eit+Wme3M6J9l/iJ8vC9Y36cOSWD4sPmxRm4Lwv0TAN3eqJ2fqCVpKULYtsVQihsHgrmovkRzEMdhiEKvvjB3zNRUKtSqyo6Nox alugovoi@alugovoi-pc
+ user: ${linux:system:user:alugovoi}
diff --git a/openssh/server/team/members/tjaroszyk.yml b/openssh/server/team/members/tjaroszyk.yml
new file mode 100644
index 0000000..537d5e2
--- /dev/null
+++ b/openssh/server/team/members/tjaroszyk.yml
@@ -0,0 +1,19 @@
+parameters:
+ linux:
+ system:
+ user:
+ tjaroszyk:
+ enabled: true
+ name: tjaroszyk
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: Tomek Jaroszyk
+ home: /home/tjaroszyk
+ email: tjaroszyk@mirantis.com
+ openssh:
+ server:
+ user:
+ tjaroszyk:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDIl9Jhv6t99Ek1qaKxnVZwNpPq+ueZ257PHxkfMBYD62r5KXtJM93mYiul5FaK+YH4u7wHaI3onMQzf0BVqj1/TfTgFJVHkB332ZLq6DNwpcF5rv4NeLHKAZKTsJ6RR/cVLmIHtZBUsJwsUShN4p1ESIYVfdaaLse9SxOzUeaL/qz0MxGvjydUVNkegH4jfi/9lMgRrNGDSU9dsiKO4gFLZaLNU3pl/JyuqH++xEksbxQZ2BNUvZV5H4HWaHPuMQ31u0OrmUnVF8UrquwrVxE7f4FNZVJNdzCHhsYr6vCV2m+C/KN8LdnHSln+sG+P6QKu4MlETiFRbraKqLzUPrUvrYckIZiU4LTo6NRB2G7ioVnycYyZFLAzoajCt2MQowAmrpuLjM6RXUhbZilfWfwHxnKlR8LmJRBS3Q+h7i55fvhoReZ3IrzPGNqC8QlEdNdLX9gXuZ+e8BtbxUuAB4wi2yRYrEBnQoqUEB7kj64W8YdBsM0ftKJJu44DLcY7djrMHuF6QFvxezEGIfIPsuE96DCyzFoQZtvJ11x7kjSJ1dQuycsWSRvsfpxTj87iQvHKR9aZXIoVtqxHefosaKoIhTZnI53HsPR50g6r4NwXPzcCpR1SOC3lpIDyK4rwkoze85aLVjaKWMgXY1GlMbMIhOk/mlVGZiezmFdgGTtCMQ== blady@figa
+ user: ${linux:system:user:tjaroszyk}
diff --git a/openssh/server/team/services.yml b/openssh/server/team/services.yml
index 40694d2..86258c2 100644
--- a/openssh/server/team/services.yml
+++ b/openssh/server/team/services.yml
@@ -11,6 +11,7 @@
- system.openssh.server.team.members.dbogaczyk
- system.openssh.server.team.members.dkruglov
- system.openssh.server.team.members.sflorczak
+- system.openssh.server.team.members.alugovoi
parameters:
_param:
linux_system_user_sudo: true
diff --git a/salt/master/formula/git/monitoring.yml b/salt/master/formula/git/monitoring.yml
index e0cf30d..ab8a8fc 100644
--- a/salt/master/formula/git/monitoring.yml
+++ b/salt/master/formula/git/monitoring.yml
@@ -4,6 +4,10 @@
environment:
dev:
formula:
+ fluentd:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-fluentd.git'
+ revision: ${_param:salt_master_environment_revision}
prometheus:
source: git
address: '${_param:salt_master_environment_repository}/salt-formula-prometheus.git'
diff --git a/salt/master/formula/pkg/monitoring.yml b/salt/master/formula/pkg/monitoring.yml
index 375cbd8..9e2db0b 100644
--- a/salt/master/formula/pkg/monitoring.yml
+++ b/salt/master/formula/pkg/monitoring.yml
@@ -4,6 +4,9 @@
environment:
prd:
formula:
+ fluentd:
+ source: pkg
+ name: salt-formula-fluentd
prometheus:
source: pkg
name: salt-formula-prometheus
diff --git a/salt/minion/cert/k8s_client.yml b/salt/minion/cert/k8s_client.yml
index be262b5..53ff3ba 100644
--- a/salt/minion/cert/k8s_client.yml
+++ b/salt/minion/cert/k8s_client.yml
@@ -21,21 +21,3 @@
common_name: system:kube-proxy
signing_policy: cert_client
alternative_names: IP:${_param:cluster_vip_address},IP:${_param:cluster_node01_address},IP:${_param:cluster_node02_address},IP:${_param:cluster_node03_address},IP:${_param:kubernetes_internal_api_address}
- k8s_scheduler:
- host: ${_param:salt_minion_ca_host}
- authority: ${_param:salt_minion_ca_authority}
- key_file: /etc/kubernetes/ssl/kube-scheduler-client.key
- cert_file: /etc/kubernetes/ssl/kube-scheduler-client.crt
- ca_file: /etc/kubernetes/ssl/ca-kubernetes.crt
- common_name: system:kube-scheduler
- signing_policy: cert_client
- alternative_names: IP:${_param:cluster_vip_address},IP:${_param:cluster_node01_address},IP:${_param:cluster_node02_address},IP:${_param:cluster_node03_address},IP:${_param:kubernetes_internal_api_address}
- k8s_controller_manager:
- host: ${_param:salt_minion_ca_host}
- authority: ${_param:salt_minion_ca_authority}
- key_file: /etc/kubernetes/ssl/kube-controller-manager-client.key
- cert_file: /etc/kubernetes/ssl/kube-controller-manager-client.crt
- ca_file: /etc/kubernetes/ssl/ca-kubernetes.crt
- common_name: system:kube-controller-manager
- signing_policy: cert_client
- alternative_names: IP:${_param:cluster_vip_address},IP:${_param:cluster_node01_address},IP:${_param:cluster_node02_address},IP:${_param:cluster_node03_address},IP:${_param:kubernetes_internal_api_address}
diff --git a/salt/minion/cert/k8s_client_single.yml b/salt/minion/cert/k8s_client_single.yml
index e9c7d79..eb7b21c 100644
--- a/salt/minion/cert/k8s_client_single.yml
+++ b/salt/minion/cert/k8s_client_single.yml
@@ -21,21 +21,3 @@
common_name: system:kube-proxy
signing_policy: cert_client
alternative_names: IP:${_param:control_address},IP:${_param:kubernetes_internal_api_address}
- k8s_scheduler:
- host: ${_param:salt_minion_ca_host}
- authority: ${_param:salt_minion_ca_authority}
- key_file: /etc/kubernetes/ssl/kube-scheduler-client.key
- cert_file: /etc/kubernetes/ssl/kube-scheduler-client.crt
- ca_file: /etc/kubernetes/ssl/ca-kubernetes.crt
- common_name: system:kube-scheduler
- signing_policy: cert_client
- alternative_names: IP:${_param:control_address},IP:${_param:kubernetes_internal_api_address}
- k8s_controller_manager:
- host: ${_param:salt_minion_ca_host}
- authority: ${_param:salt_minion_ca_authority}
- key_file: /etc/kubernetes/ssl/kube-controller-manager-client.key
- cert_file: /etc/kubernetes/ssl/kube-controller-manager-client.crt
- ca_file: /etc/kubernetes/ssl/ca-kubernetes.crt
- common_name: system:kube-controller-manager
- signing_policy: cert_client
- alternative_names: IP:${_param:control_address},IP:${_param:kubernetes_internal_api_address}
diff --git a/salt/minion/cert/k8s_server.yml b/salt/minion/cert/k8s_server.yml
index 603d369..d81f5a5 100644
--- a/salt/minion/cert/k8s_server.yml
+++ b/salt/minion/cert/k8s_server.yml
@@ -11,3 +11,30 @@
all_file: /srv/salt/env/${_param:salt_master_base_environment}/_certs/kubernetes/kubernetes-server.pem
signing_policy: cert_server
alternative_names: IP:${_param:cluster_vip_address},IP:${_param:cluster_node01_address},IP:${_param:cluster_node02_address},IP:${_param:cluster_node03_address},IP:${_param:kubernetes_internal_api_address},DNS:kubernetes.default,DNS:kubernetes.default.svc
+ k8s_scheduler:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ key_file: /etc/kubernetes/ssl/kube-scheduler-client.key
+ cert_file: /etc/kubernetes/ssl/kube-scheduler-client.crt
+ ca_file: /etc/kubernetes/ssl/ca-kubernetes.crt
+ common_name: system:kube-scheduler
+ signing_policy: cert_client
+ alternative_names: IP:${_param:cluster_vip_address},IP:${_param:cluster_node01_address},IP:${_param:cluster_node02_address},IP:${_param:cluster_node03_address},IP:${_param:kubernetes_internal_api_address}
+ k8s_controller_manager:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ key_file: /etc/kubernetes/ssl/kube-controller-manager-client.key
+ cert_file: /etc/kubernetes/ssl/kube-controller-manager-client.crt
+ ca_file: /etc/kubernetes/ssl/ca-kubernetes.crt
+ common_name: system:kube-controller-manager
+ signing_policy: cert_client
+ alternative_names: IP:${_param:cluster_vip_address},IP:${_param:cluster_node01_address},IP:${_param:cluster_node02_address},IP:${_param:cluster_node03_address},IP:${_param:kubernetes_internal_api_address}
+ k8s_admin:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ key_file: /etc/kubernetes/ssl/admin.key
+ cert_file: /etc/kubernetes/ssl/admin.crt
+ ca_file: /etc/kubernetes/ssl/ca-kubernetes.crt
+ common_name: admin
+ organization_name: system:masters
+ signing_policy: cert_client
diff --git a/salt/minion/cert/k8s_server_single.yml b/salt/minion/cert/k8s_server_single.yml
index 33637e4..fa3a008 100644
--- a/salt/minion/cert/k8s_server_single.yml
+++ b/salt/minion/cert/k8s_server_single.yml
@@ -11,3 +11,30 @@
all_file: /srv/salt/env/${_param:salt_master_base_environment}/_certs/kubernetes/kubernetes-server.pem
signing_policy: cert_server
alternative_names: IP:${_param:control_address},IP:${_param:kubernetes_internal_api_address}
+ k8s_scheduler:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ key_file: /etc/kubernetes/ssl/kube-scheduler-client.key
+ cert_file: /etc/kubernetes/ssl/kube-scheduler-client.crt
+ ca_file: /etc/kubernetes/ssl/ca-kubernetes.crt
+ common_name: system:kube-scheduler
+ signing_policy: cert_client
+ alternative_names: IP:${_param:control_address},IP:${_param:kubernetes_internal_api_address}
+ k8s_controller_manager:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ key_file: /etc/kubernetes/ssl/kube-controller-manager-client.key
+ cert_file: /etc/kubernetes/ssl/kube-controller-manager-client.crt
+ ca_file: /etc/kubernetes/ssl/ca-kubernetes.crt
+ common_name: system:kube-controller-manager
+ signing_policy: cert_client
+ alternative_names: IP:${_param:control_address},IP:${_param:kubernetes_internal_api_address}
+ k8s_admin:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ key_file: /etc/kubernetes/ssl/admin.key
+ cert_file: /etc/kubernetes/ssl/admin.crt
+ ca_file: /etc/kubernetes/ssl/ca-kubernetes.crt
+ common_name: admin
+ organization_name: system:masters
+ signing_policy: cert_client
diff --git a/salt/minion/cert/rabbitmq_server.yml b/salt/minion/cert/rabbitmq_server.yml
index 59972fe..78520e2 100644
--- a/salt/minion/cert/rabbitmq_server.yml
+++ b/salt/minion/cert/rabbitmq_server.yml
@@ -18,5 +18,6 @@
cert_file: ${rabbitmq:server:ssl:cert_file}
all_file: ${rabbitmq:server:ssl:all_file}
ca_file: ${rabbitmq:server:ssl:ca_file}
- user: rabbitmq
- group: rabbitmq
\ No newline at end of file
+ user: root
+ group: rabbitmq
+ mode: 640