Merge "Add fluentd-based notification transport" into release/proposed/2019.2.0
diff --git a/defaults/docker_images.yml b/defaults/docker_images.yml
index f92d45a..25f61c1 100644
--- a/defaults/docker_images.yml
+++ b/defaults/docker_images.yml
@@ -38,7 +38,7 @@
docker_image_remote_agent: "${_param:mcp_docker_registry}/openstack-docker/telegraf:2019.2.4"
docker_image_remote_collector: "${_param:mcp_docker_registry}/openstack-docker/heka:${_param:mcp_version}"
docker_image_remote_storage_adapter: "${_param:mcp_docker_registry}/openstack-docker/remote_storage_adapter:${_param:mcp_version}"
- docker_image_sf_notifier: "${_param:mcp_docker_registry}/openstack-docker/sf_notifier:2019.2.3"
+ docker_image_sf_notifier: "${_param:mcp_docker_registry}/openstack-docker/sf_notifier:0.2-mcp0"
##
docker_image_cockroachdb: "${_param:mcp_docker_registry}/mirantis/external/cockroach/cockroach:v2.1.1"
# keycloak
diff --git a/defaults/salt/init.yml b/defaults/salt/init.yml
index 2e19089..feb27d7 100644
--- a/defaults/salt/init.yml
+++ b/defaults/salt/init.yml
@@ -48,3 +48,11 @@
salt_control_trusty_image: ${_param:mcp_static_images_url}/ubuntu-14-04-x64-mcp${_param:mcp_version}.qcow2
salt_control_xenial_image: ${_param:mcp_static_images_url}/ubuntu-16-04-x64-mcp${_param:mcp_version}.qcow2
+ salt_master_api_permissions:
+ - '.*'
+ - '@local'
+ - '@wheel' # to allow access to all wheel modules
+ - '@runner' # to allow access to all runner modules
+ - '@jobs' # to allow access to the jobs runner and/or wheel mo
+
+ salt_minion_ca_authority: salt_master_ca
diff --git a/docker/swarm/stack/monitoring/prometheus/init.yml b/docker/swarm/stack/monitoring/prometheus/init.yml
index 65dd5b9..d7db52c 100644
--- a/docker/swarm/stack/monitoring/prometheus/init.yml
+++ b/docker/swarm/stack/monitoring/prometheus/init.yml
@@ -32,6 +32,7 @@
volumes:
- ${prometheus:server:dir:config}:${_param:prometheus_server_config_directory}
- ${prometheus:server:dir:data}:${_param:prometheus_server_data_directory}
+ - /etc/ssl/certs/ca-certificates.crt:/etc/ssl/certs/ca-certificates.crt:ro
environment:
PROMETHEUS_CONFIG_DIR: ${_param:prometheus_server_config_directory}
PROMETHEUS_DATA_DIR: ${_param:prometheus_server_data_directory}
diff --git a/prometheus/gainsight/query/openstack.yml b/prometheus/gainsight/query/openstack.yml
index fc9af46..b443712 100644
--- a/prometheus/gainsight/query/openstack.yml
+++ b/prometheus/gainsight/query/openstack.yml
@@ -19,3 +19,7 @@
nova_vm_all: "'Total VM number','avg_over_time(total:openstack_nova_instance_all[1d])'"
nova_vm_failed: "'Failed VM number','avg_over_time(total:openstack_nova_instance_failed[1d])'"
kpi_downtime: "'KPI Downtime','1 - avg_over_time(total:openstack_nova_instance_failed[1d]) / avg_over_time(total:openstack_nova_instance_all[1d])'"
+ compute_instance_create_start: "'VM creation start','sum(compute_instance_create_start_host_doc_count)'"
+ compute_instance_create_end: "'VM creation end','sum(compute_instance_create_end_host_doc_count)'"
+ compute_instance_create_error: "'VM creation error','sum(compute_instance_create_error_host_doc_count)'"
+
diff --git a/salt/minion/cert/telegraf_agent.yml b/salt/minion/cert/telegraf_agent.yml
new file mode 100644
index 0000000..d54520c
--- /dev/null
+++ b/salt/minion/cert/telegraf_agent.yml
@@ -0,0 +1,14 @@
+parameters:
+ salt:
+ minion:
+ cert:
+ telegraf_agent:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: telegraf_agent
+ signing_policy: cert_server
+ alternative_names: IP:127.0.0.1,IP:${_param:single_address},DNS:${linux:system:name},DNS:${linux:network:fqdn}
+ key_file: ${telegraf:agent:dir:config}/telegraf-agent.key
+ cert_file: ${telegraf:agent:dir:config}/telegraf-agent.crt
+ mode: '0444'
+ enabled: true
diff --git a/telegraf/agent/output/prometheus_client_ssl.yml b/telegraf/agent/output/prometheus_client_ssl.yml
new file mode 100644
index 0000000..f59335f
--- /dev/null
+++ b/telegraf/agent/output/prometheus_client_ssl.yml
@@ -0,0 +1,10 @@
+parameters:
+ telegraf:
+ agent:
+ output:
+ prometheus_client:
+ scheme: https
+ tls_cert: ${telegraf:agent:dir:config}/telegraf-agent.crt
+ tls_key: ${telegraf:agent:dir:config}/telegraf-agent.key
+ tls_config:
+ ca_file: /etc/ssl/certs/ca-certificates.crt