Merge "Add sizes for openstack extra services"
diff --git a/jenkins/client/job/oscore/cookiecutter.yml b/jenkins/client/job/oscore/cookiecutter.yml
index 0ea2bba..53d8260 100644
--- a/jenkins/client/job/oscore/cookiecutter.yml
+++ b/jenkins/client/job/oscore/cookiecutter.yml
@@ -87,6 +87,10 @@
type: boolean
description: "Delete Heat stack when finished (bool)"
default: 'false'
+ EXTRA_REPOS:
+ type: text
+ description: "Yaml based extra repos metadata to be added during bootstrap phase"
+ default: ''
oscore-test-cookiecutter-models:
display_name: oscore-test-cookiecutter-models
name: oscore-test-cookiecutter-models
diff --git a/jenkins/client/job/salt-models/generate.yml b/jenkins/client/job/salt-models/generate.yml
index c768fb4..783be95 100644
--- a/jenkins/client/job/salt-models/generate.yml
+++ b/jenkins/client/job/salt-models/generate.yml
@@ -20,7 +20,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "jenkins-mk"
+ credentials: "gerrit"
script: generate-cookiecutter-products.groovy
param:
# Cookiecutter
diff --git a/jenkins/client/job/salt-models/tests.yml b/jenkins/client/job/salt-models/tests.yml
index 3ec8300..e9ba541 100644
--- a/jenkins/client/job/salt-models/tests.yml
+++ b/jenkins/client/job/salt-models/tests.yml
@@ -245,7 +245,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "jenkins-mk"
+ credentials: "gerrit"
script: test-cookiecutter-reclass.groovy
trigger:
gerrit:
diff --git a/keystone/client/service/contrail.yml b/keystone/client/service/contrail.yml
new file mode 100644
index 0000000..91c925e
--- /dev/null
+++ b/keystone/client/service/contrail.yml
@@ -0,0 +1,28 @@
+classes:
+- system.keystone.client.v3.service.contrail
+parameters:
+ _param:
+ cluster_public_protocol: https
+ contrail_service_protocol: http
+ keystone:
+ client:
+ server:
+ identity:
+ service:
+ opencontrail:
+ type: contrail
+ description: OpenContrail API
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_protocol: ${_param:cluster_public_protocol}
+ public_address: ${_param:cluster_public_host}
+ public_port: 8082
+ public_path: ''
+ internal_protocol: ${_param:contrail_service_protocol}
+ internal_address: ${_param:opencontrail_control_address}
+ internal_port: 8082
+ internal_path: ''
+ admin_protocol: ${_param:contrail_service_protocol}
+ admin_address: ${_param:opencontrail_control_address}
+ admin_port: 8082
+ admin_path: ''
\ No newline at end of file
diff --git a/keystone/client/v3/service/contrail.yml b/keystone/client/v3/service/contrail.yml
new file mode 100644
index 0000000..a43f222
--- /dev/null
+++ b/keystone/client/v3/service/contrail.yml
@@ -0,0 +1,24 @@
+parameters:
+ _param:
+ cluster_public_protocol: https
+ contrail_service_protocol: http
+ keystone:
+ client:
+ resources:
+ v3:
+ opencontrail:
+ type: contrail
+ description: OpenContrail API
+ endpoints:
+ contrail_public:
+ interface: 'public'
+ url: ${_param:cluster_public_protocol}://${_param:cluster_public_host}:8082
+ region: ${_param:openstack_region}
+ contrail_internal:
+ interface: 'internal'
+ url: ${_param:contrail_service_protocol}://${_param:opencontrail_control_address}:8082
+ region: ${_param:openstack_region}
+ contrail_admin:
+ interface: 'admin'
+ url: ${_param:contrail_service_protocol}://${_param:opencontrail_control_address}:8082
+ region: ${_param:openstack_region}
diff --git a/linux/system/repo/keystorage/mirantis_com/mirror_mirantis.yml b/linux/system/repo/keystorage/mirantis_com/mirror_mirantis.yml
index 9b08546..d0c9368 100644
--- a/linux/system/repo/keystorage/mirantis_com/mirror_mirantis.yml
+++ b/linux/system/repo/keystorage/mirantis_com/mirror_mirantis.yml
@@ -1,11 +1,42 @@
parameters:
_param:
- # pub 2048R/4C5289EF 2018-07-25
+ # pub 2048R/1FA22B08 2015-07-21
+ # pub 2048R/4C5289EF 2018-07-25 - pike +
# https://mirror.mirantis.com
linux_system_repo_mirror_mirantis_key: |-
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1
+ mQENBFWt8ogBCACtT/j4WMGuhEI486Vv9zVV0GWGefHE5hBlgJSjSgrExLFqQ2Fo
+ ScaABCfvzUeuXHNoh/c2eLjx3YE6oFrdiw5tam0NFlZMM+PSufciTxQz8vrXHGx7
+ VB5rg2TXKoqOv9cW690FsRAeOtKTtBxZvYVTLEPn2GJW09Xy9CBa+n23XBHTBvKs
+ j3hxkn25Oy70Wgxk/BJqpynXGno+NzuAnIbb+f+X7i6fiXwrvtp5zOYOJeUwS+fU
+ IM/mXbetOd/sHtJqc9NUYpTip4nElEqAYRCsXDTbuMNdzSr8VlSMM8b61mBGelLH
+ XJe+EPP+Logc5KXO8adoGgWhqlbD6n7w+ynHABEBAAG0LmZ1ZWwtaW5mcmEgKEV4
+ YW1wbGUga2V5KSA8ZGV2b3BzQG1pcmFudGlzLmNvbT6JATgEEwECACIFAlWt8ogC
+ GwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJELzlzEYfoisIkuQIAJl0cFJ5
+ BSKMXHhRYf0BeDzhdh3pmcOXs/jSznTIxB4OE5OdwrMgKyoIkSIP8AEttvB+BuOv
+ BHmhTL7kvRhP5xiKdbCwmDtoERoaqxhRRbZJcJ+pHvl7mkEu8Gj2KZe2lfE4Z6ZF
+ 6q00Gx9HYfse1+VgUR5ymh41nZCvRTNEnYBp1RQcPogiLy2rYvZbxYnUtg4jaD7D
+ vuuEQwrfEHdKFUlWBCIVbl+e3K6ZSniOcqqyHK72/HI0SYuZpGfCzzw5deODcjWm
+ Gz4nZr41cB3eHXkfmG3ngdhmb2MpVr83u+JebOovjzusf71oIdZBTFNYsZNSVKrn
+ l0rrRuDIMHbQMuS5AQ0EVa3yiAEIALZqdLGXSGZAgUXl7zhPH5wnIQtdo6iMIovZ
+ zQNW95RDT2nm/3YddiRy6FuOTbaHXw07D4ZUl4dGVHzEwBllhULxcHV3OOdQ3gVp
+ 4mBAZ8kv0EelzqPfDQWR2Cq0hi7IJ4Q4ePpZhQFiasz8qbV7D7CYbZdDAmQKxqAk
+ 0XYOjbB3jzB2r6MHflAKmJzTp3+NAE9bDLAwXa0ot2THDbpPdB4R6pxpD6Y3jweW
+ uLUCnIfvyIBwhHobaU28pw/BA+0dkC9jnLnoO+TrzB9YD5839Lc3ctrdPBLiFPMG
+ wdfAVRCyfgLjOyULqjTudx1Mo+Dgz9+xrcTFoehI7UYoZnraEKkAEQEAAYkBHwQY
+ AQIACQUCVa3yiAIbDAAKCRC85cxGH6IrCPH5B/0Uc+OhMSCkRos1Yv5tA4bsEcjt
+ 8+sJ2S6pUqCbZxmXpzKspKpnjp3DJjmQKDB2q4UPDVElVDMMdBlstTx1RRZDf8yk
+ nDvRBSzawk7Xhfloro8N2Lxv6gWhhMvHUYItyO6KMbAZuZ2M1I1/OFHG/f//7oPM
+ 0QpNbihf+GqE/dWRz9ZDz+xlSFli6AR/3ldq7N6gkCsEFdi3j6ZDf0qLsZpazPUI
+ wiCC/aAYLkRDtTJV1G6EsWijmOTNNlCEFS/XDLQ3N2Ev/1sgAO0AlBMdXqSnqUI1
+ 1h/eSKCiGmkwFWlCf/4HnJVP7QpSeRPLyw785Fvt3p9vT+64isZ0ZK6cpcj8
+ =0aQD
+ -----END PGP PUBLIC KEY BLOCK-----
+ -----BEGIN PGP PUBLIC KEY BLOCK-----
+ Version: GnuPG v1
+
mQENBFtYVY8BCAC3oli93husG0ZVtv/L8I4/bcW60LFCyB0DuwEznGlSaj1fjOQu
C7QX9wvGRq8mRZ8mfZ6sbxGmgs0LnV5QIBle1l5I3B+AMGksf6UGEWgoN/vq86g+
0Jg6kJP/D0sjGXvdlfy+bgAqjsx2bWOLjQGtHSIxhe4cE9HPBfMiYsFwGQua3XN3
diff --git a/linux/system/users/cinder.yml b/linux/system/users/cinder.yml
new file mode 100644
index 0000000..0e915a3
--- /dev/null
+++ b/linux/system/users/cinder.yml
@@ -0,0 +1,18 @@
+parameters:
+ linux:
+ system:
+ user:
+ cinder:
+ enabled: true
+ name: cinder
+ home: /var/lib/cinder
+ uid: 304
+ gid: 304
+ shell: /bin/false
+ system: True
+ group:
+ cinder:
+ enabled: true
+ name: cinder
+ gid: 304
+ system: True
diff --git a/nova/compute/volume/nfs.yml b/nova/compute/volume/nfs.yml
new file mode 100644
index 0000000..8ff7266
--- /dev/null
+++ b/nova/compute/volume/nfs.yml
@@ -0,0 +1,13 @@
+# (ohryhorov): the class is created to be included in favour of creating
+# user cinder and add user nova to group cinder in all nova-compute nodes
+# if nfs backend is used.
+# PROD-22772
+classes:
+- system.linux.system.users.cinder
+parameters:
+ nova:
+ compute:
+ user:
+ groups:
+ - cinder
+ - libvirtd
diff --git a/openscap/server/init.yml b/openscap/server/init.yml
index 0f2a76f..7964aea 100644
--- a/openscap/server/init.yml
+++ b/openscap/server/init.yml
@@ -1,2 +1,8 @@
classes:
- service.openscap.cis
+parameters:
+ _param:
+ openscap_enabled: true
+ openscap:
+ service:
+ enabled: ${_param:openscap_enabled}
diff --git a/prometheus/server/target/federation/init.yml b/prometheus/server/target/federation/init.yml
index 564af82..c480c1a 100644
--- a/prometheus/server/target/federation/init.yml
+++ b/prometheus/server/target/federation/init.yml
@@ -10,8 +10,8 @@
prometheus_federation:
honor_labels: true
metrics_path: '/federate'
- scrape_interval: 15s
- scrape_timeout: 15s
+ scrape_interval: 30s
+ scrape_timeout: 30s
endpoint:
- address: ${_param:stacklight_monitor_address}
port: 15010
diff --git a/salt/minion/cert/octavia/amphora_client.yml b/salt/minion/cert/octavia/amphora_client.yml
index fd8f465..5a0309f 100644
--- a/salt/minion/cert/octavia/amphora_client.yml
+++ b/salt/minion/cert/octavia/amphora_client.yml
@@ -5,7 +5,7 @@
minion:
cert:
octavia_amp_client:
- ca_file: ${octavia:manager:certificates:ca_certificate}
+ ca_file: ${octavia:manager:haproxy_amphora:server_ca}
ca_key_file: ${octavia:manager:certificates:ca_private_key}
key_file: ${octavia:manager:haproxy_amphora:client_cert_key}
cert_file: ${octavia:manager:haproxy_amphora:client_cert}