Add basic Barbican support
Change-Id: I40b21454ec9e9895c4833e9e3b46e81adbb8be98
diff --git a/barbican/server/cluster.yml b/barbican/server/cluster.yml
new file mode 100644
index 0000000..5b5bc5e
--- /dev/null
+++ b/barbican/server/cluster.yml
@@ -0,0 +1,3 @@
+classes:
+- service.barbican.server.cluster
+- system.haproxy.proxy.listen.openstack.barbican
\ No newline at end of file
diff --git a/barbican/server/single.yml b/barbican/server/single.yml
new file mode 100644
index 0000000..eb2b30b
--- /dev/null
+++ b/barbican/server/single.yml
@@ -0,0 +1,2 @@
+classes:
+- service.barbican.server.single
diff --git a/galera/server/database/barbican.yml b/galera/server/database/barbican.yml
new file mode 100644
index 0000000..4759439
--- /dev/null
+++ b/galera/server/database/barbican.yml
@@ -0,0 +1,15 @@
+parameters:
+ mysql:
+ server:
+ database:
+ barbican:
+ encoding: utf8
+ users:
+ - name: barbican
+ password: ${_param:mysql_barbican_password}
+ host: '%'
+ rights: all
+ - name: barbican
+ password: ${_param:mysql_barbican_password}
+ host: ${_param:cluster_vip_address}
+ rights: all
diff --git a/haproxy/proxy/listen/openstack/barbican.yml b/haproxy/proxy/listen/openstack/barbican.yml
new file mode 100644
index 0000000..04251d9
--- /dev/null
+++ b/haproxy/proxy/listen/openstack/barbican.yml
@@ -0,0 +1,42 @@
+parameters:
+ haproxy:
+ proxy:
+ listen:
+ barbican-api:
+ type: openstack-service
+ service_name: barbican
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 9311
+ servers:
+ - name: ctl01
+ host: ${_param:cluster_node01_address}
+ port: 9311
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ctl02
+ host: ${_param:cluster_node02_address}
+ port: 9311
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ctl03
+ host: ${_param:cluster_node03_address}
+ port: 9311
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ barbican-admin-api:
+ type: openstack-service
+ service_name: barbican
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 9312
+ servers:
+ - name: ctl01
+ host: ${_param:cluster_node01_address}
+ port: 9312
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ctl02
+ host: ${_param:cluster_node02_address}
+ port: 9312
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ctl03
+ host: ${_param:cluster_node03_address}
+ port: 9312
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
\ No newline at end of file
diff --git a/jenkins/client/job/salt-formulas/tests.yml b/jenkins/client/job/salt-formulas/tests.yml
index c25cc49..fe95493 100644
--- a/jenkins/client/job/salt-formulas/tests.yml
+++ b/jenkins/client/job/salt-formulas/tests.yml
@@ -10,8 +10,9 @@
- name: aptcacher
- name: aptly
- name: artifactory
- - name: backupninja
- name: avinetworks
+ - name: backupninja
+ - name: barbican
- name: billometer
- name: bind
- name: bird
diff --git a/keystone/client/service/barbican.yml b/keystone/client/service/barbican.yml
index f83e6ab..70b6054 100644
--- a/keystone/client/service/barbican.yml
+++ b/keystone/client/service/barbican.yml
@@ -5,13 +5,17 @@
client:
server:
identity:
+ roles:
+ - creator
project:
service:
user:
barbican:
- is_admin: true
password: ${_param:keystone_barbican_password}
email: ${_param:admin_email}
+ roles:
+ - admin
+ - creator
service:
barbican:
type: key-manager
diff --git a/mysql/client/database/barbican.yml b/mysql/client/database/barbican.yml
new file mode 100644
index 0000000..f9fe6dd
--- /dev/null
+++ b/mysql/client/database/barbican.yml
@@ -0,0 +1,17 @@
+parameters:
+ mysql:
+ client:
+ server:
+ database:
+ database:
+ barbican:
+ encoding: utf8
+ users:
+ - name: barbican
+ password: ${_param:mysql_barbican_password}
+ host: '%'
+ rights: all
+ - name: barbican
+ password: ${_param:mysql_barbican_password}
+ host: ${_param:single_address}
+ rights: all
diff --git a/nginx/server/proxy/openstack/barbican.yml b/nginx/server/proxy/openstack/barbican.yml
new file mode 100644
index 0000000..5f658d1
--- /dev/null
+++ b/nginx/server/proxy/openstack/barbican.yml
@@ -0,0 +1,20 @@
+parameters:
+ _param:
+ nginx_proxy_openstack_api_host: ${_param:cluster_public_host}
+ nginx:
+ server:
+ enabled: true
+ site:
+ nginx_proxy_openstack_api_barbican:
+ enabled: true
+ type: nginx_proxy
+ name: openstack_api_barbican
+ check: false
+ proxy:
+ host: ${_param:barbican_service_host}
+ port: 9311
+ protocol: http
+ host:
+ name: ${_param:nginx_proxy_openstack_api_host}
+ port: 9311
+ ssl: ${_param:nginx_proxy_ssl}