Merge "nova volumes ceph keyring params"
diff --git a/.releasenotes/notes/custom-path-proxy-7f587526696c0744.yaml b/.releasenotes/notes/custom-path-proxy-7f587526696c0744.yaml
new file mode 100644
index 0000000..6f16e07
--- /dev/null
+++ b/.releasenotes/notes/custom-path-proxy-7f587526696c0744.yaml
@@ -0,0 +1,30 @@
+---
+summary: >
+ Additional path for DevopsPortal nginx proxy service
+
+features:
+ - |
+ Possibility of defining additional path to service endpoints. Need to define 'custom_path' variable on system level metadata.
+ Result of endpoint looks like 'address:port/custom_path'. Main goal of this feature - auto loading special frame on DevopsPortal dashboard.
+
+ Example:
+ .. code-block:: yaml
+ parameters:
+ _param:
+ grafana_prometheus_ssl:
+ enabled: false
+ devops_portal:
+ config:
+ service:
+ stacklight-prometheus:
+ configure_proxy: false
+ enabled: true
+ endpoint:
+ address: ${_param:grafana_prometheus_address}
+ custom_path: alerts
+ port: ${_param:grafana_prometheus_port}
+ https: ${_param:grafana_prometheus_ssl:enabled}
+
+
+fixes:
+ - related bug: https://mirantis.jira.com/browse/PROD-15068
diff --git a/devops_portal/service/grafana.yml b/devops_portal/service/grafana.yml
new file mode 100644
index 0000000..402604a
--- /dev/null
+++ b/devops_portal/service/grafana.yml
@@ -0,0 +1,14 @@
+parameters:
+ _param:
+ grafana_ssl:
+ enabled: false
+ devops_portal:
+ config:
+ service:
+ grafana:
+ configure_proxy: false
+ enabled: true
+ endpoint:
+ address: ${_param:grafana_address}
+ port: ${_param:grafana_port}
+ https: ${_param:grafana_ssl:enabled}
diff --git a/devops_portal/service/stacklight-grafana.yml b/devops_portal/service/stacklight-grafana.yml
new file mode 100644
index 0000000..00f0990
--- /dev/null
+++ b/devops_portal/service/stacklight-grafana.yml
@@ -0,0 +1,14 @@
+parameters:
+ _param:
+ grafana_ssl:
+ enabled: false
+ devops_portal:
+ config:
+ service:
+ stacklight-grafana:
+ configure_proxy: false
+ enabled: true
+ endpoint:
+ address: ${_param:grafana_address}
+ port: ${_param:grafana_port}
+ https: ${_param:grafana_ssl:enabled}
diff --git a/devops_portal/service/stacklight-kibana.yml b/devops_portal/service/stacklight-kibana.yml
new file mode 100644
index 0000000..9fa86ae
--- /dev/null
+++ b/devops_portal/service/stacklight-kibana.yml
@@ -0,0 +1,11 @@
+parameters:
+ devops_portal:
+ config:
+ service:
+ stacklight-kibana:
+ configure_proxy: true
+ enabled: true
+ endpoint:
+ address: ${_param:haproxy_kibana_bind_host}
+ port: ${_param:haproxy_kibana_bind_port}
+ https: ${_param:haproxy_kibana_ssl:enabled}
diff --git a/devops_portal/service/stacklight-prometheus.yml b/devops_portal/service/stacklight-prometheus.yml
new file mode 100644
index 0000000..119c13f
--- /dev/null
+++ b/devops_portal/service/stacklight-prometheus.yml
@@ -0,0 +1,15 @@
+parameters:
+ _param:
+ grafana_prometheus_ssl:
+ enabled: false
+ devops_portal:
+ config:
+ service:
+ stacklight-prometheus:
+ configure_proxy: false
+ enabled: true
+ endpoint:
+ address: ${_param:grafana_prometheus_address}
+ custom_path: alerts
+ port: ${_param:stacklight_prometheus_port}
+ https: ${_param:grafana_prometheus_ssl:enabled}
diff --git a/docker/swarm/service/aptly.yml b/docker/swarm/service/aptly.yml
deleted file mode 100644
index 5f6de6e..0000000
--- a/docker/swarm/service/aptly.yml
+++ /dev/null
@@ -1,33 +0,0 @@
-parameters:
- _param:
- docker_image_aptly:
- api: tcpcloud/aptly-api
- public: tcpcloud/aptly-public
- docker:
- client:
- service:
- aptly-api:
- environment:
- EMAIL_ADDRESS: ${_param:admin_email}
- restart:
- condition: any
- image: ${_param:docker_image_aptly:api}
- ports:
- - 18084:8080
- volume:
- site:
- type: bind
- source: /srv/volumes/aptly
- destination: /var/lib/aptly
- aptly-public:
- replicas: 3
- restart:
- condition: any
- image: ${_param:docker_image_aptly:public}
- ports:
- - 18085:80
- volume:
- site:
- type: bind
- source: /srv/volumes/aptly/public
- destination: /var/www/html
diff --git a/docker/swarm/service/artifactory.yml b/docker/swarm/service/artifactory.yml
deleted file mode 100644
index 36d9577..0000000
--- a/docker/swarm/service/artifactory.yml
+++ /dev/null
@@ -1,36 +0,0 @@
-parameters:
- docker:
- client:
- service:
- artifactory:
- environment:
- MYSQL_HOST: ${_param:cluster_vip_address}
- MYSQL_USERNAME: artifactory
- MYSQL_PASSWORD: ${_param:mysql_artifactory_password}
- MYSQL_DATABASE: artifactory
- restart:
- condition: any
- image: ${_param:docker_image_repository:cicd}/artifactory
- ports:
- - 18082:8081
- volume:
- data:
- type: bind
- source: /srv/volumes/artifactory/data
- destination: /var/opt/jfrog/artifactory/data
- backup:
- type: bind
- source: /srv/volumes/artifactory/backup
- destination: /var/opt/jfrog/artifactory/backup
- etc:
- type: bind
- source: /srv/volumes/artifactory/etc
- destination: /var/opt/jfrog/artifactory/etc
- logs:
- type: bind
- source: /srv/volumes/artifactory/logs
- destination: /var/opt/jfrog/artifactory/logs
- keys:
- type: bind
- source: /srv/volumes/artifactory/keys
- destination: /var/opt/jfrog/artifactory/access/etc/keys
diff --git a/docker/swarm/service/devops_portal.yml b/docker/swarm/service/devops_portal.yml
deleted file mode 100644
index 6a82aa5..0000000
--- a/docker/swarm/service/devops_portal.yml
+++ /dev/null
@@ -1,23 +0,0 @@
-parameters:
- _param:
- docker_devops_portal_replicas: 1
- docker_image_devops_portal: docker-sandbox.sandbox.mirantis.net/ikharin/oss/devops-portal:latest
- docker:
- client:
- service:
- devops-portal:
- replicas: ${_param:docker_devops_portal_replicas}
- image: ${_param:docker_image_devops_portal}
- restart:
- condition: any
- ports:
- - 18800:8000
- volume:
- nginx:
- type: bind
- source: /srv/volumes/devops_portal/nginx/
- destination: /etc/nginx/config
- config:
- type: bind
- source: /srv/volumes/devops_portal/config/
- destination: /opt/devops-portal/config
diff --git a/docker/swarm/service/docker.yml b/docker/swarm/service/docker.yml
deleted file mode 100644
index d20b4db..0000000
--- a/docker/swarm/service/docker.yml
+++ /dev/null
@@ -1,20 +0,0 @@
-parameters:
- _param:
- docker_image_registry: registry:2
- docker:
- client:
- service:
- registry:
- replica: 3
- environment:
- REGISTRY_HTTP_SECRET: ${_param:docker_registry_http_secret}
- restart:
- condition: any
- image: ${_param:docker_image_registry}
- ports:
- - 15000:5000
- volume:
- site:
- type: bind
- source: /srv/volumes/registry
- destination: /var/lib/registry
diff --git a/docker/swarm/service/elasticsearch.yml b/docker/swarm/service/elasticsearch.yml
deleted file mode 100644
index 4d49494..0000000
--- a/docker/swarm/service/elasticsearch.yml
+++ /dev/null
@@ -1,19 +0,0 @@
-parameters:
- _param:
- elasticsearch_replicas: 1
- docker_image_oss_elasticsearch: docker-sandbox.sandbox.mirantis.net/vstoiko/oss/elasticsearch:latest
- docker:
- client:
- service:
- elasticsearch:
- replicas: ${_param:elasticsearch_replicas}
- image: ${_param:docker_image_oss_elasticsearch}
- restart:
- condition: any
- ports:
- - ${_param:haproxy_elasticsearch_exposed_port}:${_param:haproxy_elasticsearch_bind_port}
- volume:
- elasticsearch:
- type: bind
- source: /srv/volumes/elasticsearch
- destination: /usr/share/elasticsearch/data
diff --git a/docker/swarm/service/gerrit.yml b/docker/swarm/service/gerrit.yml
deleted file mode 100644
index 10e0629..0000000
--- a/docker/swarm/service/gerrit.yml
+++ /dev/null
@@ -1,43 +0,0 @@
-parameters:
- _param:
- docker_image_gerrit: tcpcloud/gerrit:2.13.6
- gerrit_ldap_server: ""
- gerrit_ldap_bind_user: ""
- gerrit_ldap_bind_password: ""
- gerrit_ldap_account_base: ""
- gerrit_ldap_group_base: ""
-
- docker:
- client:
- service:
- gerrit:
- environment:
- #GERRIT_INIT_ARGS: ""
- DATABASE_TYPE: "mysql"
- DB_PORT_3306_TCP_ADDR: ${_param:cluster_vip_address}
- DB_ENV_MYSQL_USER: gerrit
- DB_ENV_MYSQL_PASSWORD: ${_param:mysql_gerrit_password}
- DB_ENV_MYSQL_DB: gerrit
- AUTH_TYPE: ${_param:gerrit_auth_type}
- LDAP_SERVER: ${_param:gerrit_ldap_server}
- LDAP_ACCOUNTPATTERN: 'uid={username}'
- LDAP_ACCOUNTBASE: ${_param:gerrit_ldap_account_base}
- LDAP_GROUPBASE: ${_param:gerrit_ldap_group_base}
- LDAP_USERNAME: ${_param:gerrit_ldap_bind_user}
- LDAP_PASSWORD: ${_param:gerrit_ldap_bind_password}
- WEBURL: ${_param:gerrit_public_host}
- GERRIT_ADMIN_SSH_PUBLIC: ${_param:gerrit_admin_public_key}
- GERRIT_ADMIN_PWD: ${_param:gerrit_admin_password}
- GERRIT_ADMIN_EMAIL: ${_param:gerrit_admin_email}
- CANLOADINIFRAME: "true"
- restart:
- condition: any
- image: ${_param:docker_image_gerrit}
- ports:
- - 18083:8080
- - 29417:29418
- volume:
- site:
- type: bind
- source: /srv/volumes/gerrit
- destination: /var/gerrit/review_site
diff --git a/docker/swarm/service/jenkins.yml b/docker/swarm/service/jenkins.yml
deleted file mode 100644
index a39b7a4..0000000
--- a/docker/swarm/service/jenkins.yml
+++ /dev/null
@@ -1,25 +0,0 @@
-parameters:
- _param:
- docker_image_jenkins: tcpcloud/jenkins:2.63
- docker:
- client:
- service:
- jenkins:
- environment:
- JAVA_OPTS: "-Djenkins.install.runSetupWizard=false -Dhudson.DNSMultiCast.disabled=true -Dhudson.udp=-1 -Dhudson.footerURL=https://www.mirantis.com"
- JENKINS_NUM_EXECUTORS: 4
- restart:
- condition: any
- image: ${_param:docker_image_jenkins}
- ports:
- - 18081:8080
- - 50001:50000
- volume:
- home:
- type: bind
- source: /srv/volumes/jenkins
- destination: /var/jenkins_home
- cacerts:
- type: bind
- source: /etc/ssl/certs/java/cacerts
- destination: /etc/ssl/certs/java/cacerts
diff --git a/docker/swarm/service/mysql.yml b/docker/swarm/service/mysql.yml
deleted file mode 100644
index f94cf4d..0000000
--- a/docker/swarm/service/mysql.yml
+++ /dev/null
@@ -1,22 +0,0 @@
-parameters:
- _param:
- docker_image_mysql: mysql:5.6
- docker:
- client:
- service:
- mysql:
- environment:
- MYSQL_USER: gerrit
- MYSQL_PASSWORD: ${_param:mysql_gerrit_password}
- MYSQL_DATABASE: gerrit
- MYSQL_ROOT_PASSWORD: ${_param:mysql_admin_password}
- restart:
- condition: any
- image: "${_param:docker_image_mysql}"
- ports:
- - 13306:3306
- volume:
- data:
- type: bind
- source: /srv/volumes/mysql
- destination: /var/lib/mysql
diff --git a/docker/swarm/service/openldap.yml b/docker/swarm/service/openldap.yml
deleted file mode 100644
index f7f12e2..0000000
--- a/docker/swarm/service/openldap.yml
+++ /dev/null
@@ -1,34 +0,0 @@
-parameters:
- _param:
- docker_image_openldap: osixia/openldap:1.1.8
- docker:
- client:
- service:
- openldap:
- restart:
- condition: any
- image: ${_param:docker_image_openldap}
- hostname: ldap01.${_param:openldap_domain}
- hosts:
- ldap01:
- name: ldap01.${_param:openldap_domain}
- address: 127.0.0.1
- environment:
- HOSTNAME: ldap01.${_param:openldap_domain}
- LDAP_ORGANISATION: "${_param:openldap_organisation}"
- LDAP_DOMAIN: "${_param:openldap_domain}"
- LDAP_ADMIN_PASSWORD: ${_param:openldap_admin_password}
- LDAP_CONFIG_PASSWORD: ${_param:openldap_config_password}
- LDAP_TLS: "false"
- ports:
- - 1389:389
- - 1636:636
- volume:
- database:
- type: bind
- source: /srv/volumes/openldap/database
- destination: /var/lib/ldap
- config:
- type: bind
- source: /srv/volumes/openldap/config
- destination: /etc/ldap/slapd.d
diff --git a/docker/swarm/service/phpldapadmin.yml b/docker/swarm/service/phpldapadmin.yml
deleted file mode 100644
index 72b109f..0000000
--- a/docker/swarm/service/phpldapadmin.yml
+++ /dev/null
@@ -1,22 +0,0 @@
-parameters:
- _param:
- docker_image_phpldapadmin: tcpcloud/phpldapadmin:0.6.12
- docker:
- client:
- service:
- phpldapadmin:
- restart:
- condition: any
- image: ${_param:docker_image_phpldapadmin}
- hosts:
- ldap:
- name: ldap.${_param:openldap_domain}
- address: ${_param:cluster_vip_address}
- environment:
- PHPLDAPADMIN_LDAP_HOSTS: "#PYTHON2BASH:[{'${_param:cluster_public_host}': [{'server': [{'tls': False}]},{'login': [{'bind_id': 'cn=admin,${_param:openldap_dn}'},{'bind_pass': '${_param:openldap_admin_password}'}]}]}]"
- PHPLDAPADMIN_HTTPS: false
- PHPLDAPADMIN_TRUST_PROXY_SSL: true
- PHPLDAPADMIN_SERVER_ADMIN: ${_param:admin_email}
- PHPLDAPADMIN_THEME: mirantis
- ports:
- - 18089:80
diff --git a/docker/swarm/service/pushkin.yml b/docker/swarm/service/pushkin.yml
deleted file mode 100644
index d01842d..0000000
--- a/docker/swarm/service/pushkin.yml
+++ /dev/null
@@ -1,28 +0,0 @@
-parameters:
- _param:
- docker_pushkin_replicas: 1
- docker_image_pushkin: docker-sandbox.sandbox.mirantis.net/vstoiko/oss/pushkin:latest
- pushkin_db_password: pushkin
- pushkin_db_user: pushkin
- pushkin_db: pushkin
- docker:
- client:
- service:
- pushkin-backend:
- environment:
- POSTGRES_USER: ${_param:pushkin_db_user}
- POSTGRES_PASSWORD: ${_param:pushkin_db_password}
- POSTGRES_DB: ${_param:pushkin_db}
- PUSHKINDBHOST: ${_param:haproxy_pushkin_db_bind_host}
- PUSHKINELASTICHOST: ${_param:haproxy_elasticsearch_bind_host}
- replicas: ${_param:docker_pushkin_replicas}
- image: ${_param:docker_image_pushkin}
- restart:
- condition: any
- ports:
- - ${_param:haproxy_pushkin_exposed_port}:${_param:haproxy_pushkin_bind_port}
- volume:
- pushkin:
- type: bind
- source: /srv/volumes/pushkin/logs
- destination: /var/log/pushkin
\ No newline at end of file
diff --git a/docker/swarm/service/pushkin_db.yml b/docker/swarm/service/pushkin_db.yml
deleted file mode 100644
index 9b81778..0000000
--- a/docker/swarm/service/pushkin_db.yml
+++ /dev/null
@@ -1,27 +0,0 @@
-parameters:
- _param:
- docker_pushkin_db_replicas: 1
- docker_image_pushkin_db: docker-sandbox.sandbox.mirantis.net/vstoiko/oss/pushkindb:latest
- pushkin_db_password: pushkin
- pushkin_db_user: pushkin
- pushkin_db: pushkin
- docker:
- client:
- service:
- pushkin-db:
- environment:
- POSTGRES_USER: ${_param:pushkin_db_user}
- POSTGRES_PASSWORD: ${_param:pushkin_db_password}
- POSTGRES_DB: ${_param:pushkin_db}
- replicas: ${_param:docker_pushkin_db_replicas}
- image: ${_param:docker_image_pushkin_db}
- restart:
- condition: any
- ports:
- - ${_param:haproxy_pushkin_db_exposed_port}:${_param:haproxy_pushkin_db_bind_port}
- volume:
- pushkin:
- type: bind
- source: /srv/volumes/pushkin/data
- destination: /var/lib/postgresql/data
-
diff --git a/docker/swarm/service/rundeck.yml b/docker/swarm/service/rundeck.yml
deleted file mode 100644
index cc871dd..0000000
--- a/docker/swarm/service/rundeck.yml
+++ /dev/null
@@ -1,50 +0,0 @@
-parameters:
- _param:
- docker_rundeck_replicas: 1
- docker_image_rundeck: docker-sandbox.sandbox.mirantis.net/ikharin/oss/rundeck:devel
- docker:
- client:
- service:
- rundeck:
- environment:
- SERVER_URL: "http://${_param:haproxy_rundeck_bind_host}:${_param:haproxy_rundeck_bind_port}"
- RUNDECK_ADMIN_PASSWORD: ${_param:rundeck_admin_password}
- replicas: ${_param:docker_rundeck_replicas}
- image: ${_param:docker_image_rundeck}
- restart:
- condition: any
- ports:
- - 14440:4440
- volume:
- framework.properties:
- type: bind
- source: /srv/volumes/rundeck/config/framework.properties
- destination: /etc/rundeck/framework.properties
- tokens.properties:
- type: bind
- source: /srv/volumes/rundeck/config/tokens.properties
- destination: /etc/rundeck/tokens.properties
- rundeck:
- type: bind
- source: /srv/volumes/rundeck/rundeck
- destination: /var/rundeck
- mysql:
- type: bind
- source: /srv/volumes/rundeck/mysql
- destination: /var/lib/mysql
- log:
- type: bind
- source: /srv/volumes/rundeck/log
- destination: /var/log/rundeck
- logs:
- type: bind
- source: /srv/volumes/rundeck/logs
- destination: /var/lib/rundeck/logs
- plugins:
- type: bind
- source: /srv/volumes/rundeck/plugins
- destination: /opt/rundeck-plugins
- storage:
- type: bind
- source: /srv/volumes/rundeck/storage
- destination: /var/lib/rundeck/var/storage
diff --git a/docker/swarm/service/visualizer.yml b/docker/swarm/service/visualizer.yml
deleted file mode 100644
index 8519363..0000000
--- a/docker/swarm/service/visualizer.yml
+++ /dev/null
@@ -1,18 +0,0 @@
-parameters:
- _param:
- docker_image_visualizer: manomarks/visualizer
- docker:
- client:
- service:
- visualizer:
- restart:
- condition: any
- image: ${_param:docker_image_visualizer}
- constraint: "node.role==manager"
- ports:
- - 18090:8080
- volume:
- docker:
- type: bind
- source: /var/run/docker.sock
- destination: /var/run/docker.sock
diff --git a/docker/swarm/stack/pushkin.yml b/docker/swarm/stack/pushkin.yml
index d4cc6e6..f7ba935 100644
--- a/docker/swarm/stack/pushkin.yml
+++ b/docker/swarm/stack/pushkin.yml
@@ -4,6 +4,7 @@
docker_image_pushkin: docker-prod-local.artifactory.mirantis.com/mirantis/oss/pushkin
pushkin_bind_host: pushkin-api
pushkin_bind_port: ${_param:haproxy_pushkin_bind_port}
+ pushkin_elasticsearch: ${_param:elasticsearch_bind_host}
pushkin_ssl:
enabled: false
pushkin_db: pushkin
@@ -31,7 +32,7 @@
POSTGRES_PASSWORD: ${_param:pushkin_db_user_password}
POSTGRES_DB: ${_param:pushkin_db}
PUSHKINDBHOST: ${_param:postgresql_bind_host}
- PUSHKINELASTICHOST: ${_param:elasticsearch_bind_host}
+ PUSHKINELASTICHOST: ${_param:pushkin_elasticsearch}
WEBHOOK_FROM: ${_param:webhook_from}
EMAIL_SENDER_PASSWORD: ${_param:pushkin_email_sender_password}
SMTP_HOST: ${_param:pushkin_smtp_host}
diff --git a/elasticsearch/client/init.yml b/elasticsearch/client/init.yml
index d0710ca..061cd6e 100644
--- a/elasticsearch/client/init.yml
+++ b/elasticsearch/client/init.yml
@@ -7,4 +7,4 @@
enabled: true
server:
host: ${_param:elasticsearch_client_host}
- port: ${_param:elasticsearch_client_port}
\ No newline at end of file
+ port: ${_param:elasticsearch_client_port}
diff --git a/elasticsearch/client/single.yml b/elasticsearch/client/single.yml
index d9ce432..c4e2b43 100644
--- a/elasticsearch/client/single.yml
+++ b/elasticsearch/client/single.yml
@@ -6,3 +6,4 @@
enabled: true
server:
host: ${_param:stacklight_log_address}
+ port: ${_param:haproxy_elasticsearch_http_bind_port}
diff --git a/elasticsearch/server/cluster.yml b/elasticsearch/server/cluster.yml
index 8f53f21..9be44ed 100644
--- a/elasticsearch/server/cluster.yml
+++ b/elasticsearch/server/cluster.yml
@@ -5,6 +5,7 @@
_param:
java_environment_version: "8"
java_environment_platform: openjdk
+ elasticsearch_cluster_name: elasticsearch
linux:
system:
sysctl:
@@ -15,6 +16,7 @@
headless: true
elasticsearch:
server:
+ name: ${_param:elasticsearch_cluster_name}
enabled: true
master: true
data: true
diff --git a/haproxy/proxy/listen/oss/elasticsearch.yml b/haproxy/proxy/listen/oss/elasticsearch.yml
index 3a4c98e..b3b7e64 100644
--- a/haproxy/proxy/listen/oss/elasticsearch.yml
+++ b/haproxy/proxy/listen/oss/elasticsearch.yml
@@ -60,4 +60,4 @@
- name: ${_param:cluster_node03_name}
host: ${_param:cluster_node03_address}
port: ${_param:haproxy_elasticsearch_binary_exposed_port}
- params: backup check
\ No newline at end of file
+ params: backup check
diff --git a/haproxy/proxy/listen/stacklight/elasticsearch.yml b/haproxy/proxy/listen/stacklight/elasticsearch.yml
index 531d647..582de6a 100644
--- a/haproxy/proxy/listen/stacklight/elasticsearch.yml
+++ b/haproxy/proxy/listen/stacklight/elasticsearch.yml
@@ -1,4 +1,10 @@
parameters:
+ _param:
+ haproxy_elasticsearch_bind_host: ${_param:cluster_vip_address}
+ haproxy_elasticsearch_http_bind_port: 9200
+ haproxy_elasticsearch_http_exposed_port: 9200
+ haproxy_elasticsearch_binary_bind_port: 9300
+ haproxy_elasticsearch_binary_exposed_port: 9300
haproxy:
proxy:
listen:
@@ -11,18 +17,40 @@
- dontlog-normal
balance: roundrobin
binds:
- - address: ${_param:cluster_vip_address}
- port: 9200
+ - address: ${_param:haproxy_elasticsearch_bind_host}
+ port: ${_param:haproxy_elasticsearch_http_bind_port}
servers:
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
- port: 9200
+ port: ${_param:haproxy_elasticsearch_http_exposed_port}
params: 'check inter 10s fastinter 2s downinter 3s rise 3 fall 3'
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
- port: 9200
+ port: ${_param:haproxy_elasticsearch_http_exposed_port}
params: 'check inter 10s fastinter 2s downinter 3s rise 3 fall 3'
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
- port: 9200
+ port: ${_param:haproxy_elasticsearch_http_exposed_port}
params: 'check inter 10s fastinter 2s downinter 3s rise 3 fall 3'
+ elasticsearch_binary:
+ mode: tcp
+ options:
+ - tcpka
+ - tcplog
+ balance: source
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: ${_param:haproxy_elasticsearch_binary_bind_port}
+ servers:
+ - name: ${_param:cluster_node01_hostname}
+ host: ${_param:cluster_node01_address}
+ port: ${_param:haproxy_elasticsearch_binary_exposed_port}
+ params: 'check'
+ - name: ${_param:cluster_node02_hostname}
+ host: ${_param:cluster_node02_address}
+ port: ${_param:haproxy_elasticsearch_binary_exposed_port}
+ params: 'check'
+ - name: ${_param:cluster_node03_hostname}
+ host: ${_param:cluster_node03_address}
+ port: ${_param:haproxy_elasticsearch_binary_exposed_port}
+ params: 'check'
diff --git a/haproxy/proxy/listen/stacklight/kibana.yml b/haproxy/proxy/listen/stacklight/kibana.yml
index e92e38a..e244fb1 100644
--- a/haproxy/proxy/listen/stacklight/kibana.yml
+++ b/haproxy/proxy/listen/stacklight/kibana.yml
@@ -1,4 +1,10 @@
parameters:
+ _param:
+ haproxy_kibana_bind_host: ${_param:cluster_vip_address}
+ haproxy_kibana_bind_port: ${_param:cluster_kibana_port}
+ haproxy_kibana_exposed_port: ${_param:cluster_kibana_port}
+ haproxy_kibana_ssl:
+ enabled: false
haproxy:
proxy:
listen:
@@ -10,19 +16,23 @@
- prefer-last-server
- dontlog-normal
balance: roundrobin
+ http_request:
+ - action: "add-header X-Forwarded-Proto https"
+ condition: "if { ssl_fc }"
binds:
- - address: ${_param:cluster_vip_address}
- port: 5601
+ - address: ${_param:haproxy_kibana_bind_host}
+ port: ${_param:haproxy_kibana_bind_port}
+ ssl: ${_param:haproxy_kibana_ssl}
servers:
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
- port: 5601
+ port: ${_param:haproxy_kibana_exposed_port}
params: 'check inter 10s fastinter 2s downinter 3s rise 3 fall 3'
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
- port: 5601
+ port: ${_param:haproxy_kibana_exposed_port}
params: 'check inter 10s fastinter 2s downinter 3s rise 3 fall 3'
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
- port: 5601
+ port: ${_param:haproxy_kibana_exposed_port}
params: 'check inter 10s fastinter 2s downinter 3s rise 3 fall 3'
diff --git a/linux/system/repo_local/mcp/ceph.yml b/linux/system/repo_local/mcp/ceph.yml
new file mode 100644
index 0000000..89308ad
--- /dev/null
+++ b/linux/system/repo_local/mcp/ceph.yml
@@ -0,0 +1,9 @@
+parameters:
+ linux:
+ system:
+ repo:
+ ceph:
+ refresh_db: ${_param:linux_repo_refresh_db}
+ source: "deb [arch=amd64] http://${_param:local_repo_url}/ubuntu-${_param:linux_system_codename}/ ${_param:apt_mk_version} ceph"
+ architectures: amd64
+ key_url: "http://${_param:local_repo_url}/public.gpg"