Merge "Add new parameters to backupninja backup pipeline"
diff --git a/cinder/control/cluster.yml b/cinder/control/cluster.yml
index f881efc..245c859 100644
--- a/cinder/control/cluster.yml
+++ b/cinder/control/cluster.yml
@@ -54,6 +54,8 @@
user: ${_param:keystone_cinder_username}
password: ${_param:keystone_cinder_password}
protocol: ${_param:cluster_internal_protocol}
+ service_token_roles: admin
+ service_token_roles_required: true
service_user:
enabled: ${_param:cinder_service_user_enabled}
glance:
diff --git a/cinder/control/single.yml b/cinder/control/single.yml
index 6ddbdd4..c3030e5 100644
--- a/cinder/control/single.yml
+++ b/cinder/control/single.yml
@@ -37,6 +37,8 @@
password: ${_param:keystone_cinder_password}
protocol: ${_param:internal_protocol}
region: ${_param:openstack_region}
+ service_token_roles: admin
+ service_token_roles_required: true
service_user:
enabled: ${_param:cinder_service_user_enabled}
barbican:
diff --git a/cinder/volume/local.yml b/cinder/volume/local.yml
index 3648ad9..425998d 100644
--- a/cinder/volume/local.yml
+++ b/cinder/volume/local.yml
@@ -38,6 +38,8 @@
password: ${_param:keystone_cinder_password}
host: ${_param:single_address}
region: ${_param:openstack_region}
+ service_token_roles: admin
+ service_token_roles_required: true
service_user:
enabled: ${_param:cinder_service_user_enabled}
cache:
diff --git a/cinder/volume/single.yml b/cinder/volume/single.yml
index 52ecaf1..220601c 100644
--- a/cinder/volume/single.yml
+++ b/cinder/volume/single.yml
@@ -49,6 +49,8 @@
host: ${_param:openstack_control_address}
protocol: ${_param:cluster_internal_protocol}
region: ${_param:openstack_region}
+ service_token_roles: admin
+ service_token_roles_required: true
service_user:
enabled: ${_param:cinder_service_user_enabled}
cache:
diff --git a/glance/control/cluster.yml b/glance/control/cluster.yml
index 763ad09..0eae619 100644
--- a/glance/control/cluster.yml
+++ b/glance/control/cluster.yml
@@ -55,6 +55,8 @@
region: ${_param:openstack_region}
tenant: service
protocol: ${_param:cluster_internal_protocol}
+ service_token_roles: admin
+ service_token_roles_required: true
barbican:
enabled: ${_param:barbican_integration_enabled}
message_queue:
diff --git a/glance/control/single.yml b/glance/control/single.yml
index 24e9c3f..160d26d 100644
--- a/glance/control/single.yml
+++ b/glance/control/single.yml
@@ -29,6 +29,8 @@
identity:
region: ${_param:openstack_region}
protocol: ${_param:internal_protocol}
+ service_token_roles: admin
+ service_token_roles_required: true
registry:
protocol: ${_param:internal_protocol}
barbican:
diff --git a/ironic/api/cluster.yml b/ironic/api/cluster.yml
index c335b7e..eaec2ca 100644
--- a/ironic/api/cluster.yml
+++ b/ironic/api/cluster.yml
@@ -48,3 +48,5 @@
region: ${_param:openstack_region}
protocol: ${_param:cluster_internal_protocol}
user: ${_param:keystone_ironic_username}
+ middleware:
+ enable_proxy_headers_parsing: true
diff --git a/ironic/api/single.yml b/ironic/api/single.yml
index 9608424..58f9807 100644
--- a/ironic/api/single.yml
+++ b/ironic/api/single.yml
@@ -42,3 +42,5 @@
region: ${_param:openstack_region}
protocol: ${_param:cluster_internal_protocol}
user: ${_param:keystone_ironic_username}
+ middleware:
+ enable_proxy_headers_parsing: true
diff --git a/jenkins/client/job/deploy/openstack.yml b/jenkins/client/job/deploy/openstack.yml
index 3734741..8b82037 100644
--- a/jenkins/client/job/deploy/openstack.yml
+++ b/jenkins/client/job/deploy/openstack.yml
@@ -25,6 +25,10 @@
type: string
default: "core,kvm,openstack,stacklight"
description: "Components to be installed. Valid values are 'core,kvm,k8s,openstack,contrail,ovs,ceph,oss,cicd,stacklight,sl-legacy,finalize'. For all deployments it's recommended to run 'finalize' as a final step as Salt highstate on all nodes will be run."
+ BATCH_SIZE:
+ type: string
+ default: ''
+ description: 'Use batching for states, which targeted for large amount of nodes. Can be Integer or Percentage, e.g 20 or 20%'
# salt master
SALT_MASTER_CREDENTIALS:
type: string
@@ -64,3 +68,7 @@
type: string
default: ""
description: "Salt compound target to match nodes to be updated [*, G@osfamily:debian]."
+ BATCH_SIZE:
+ type: string
+ default: ''
+ description: 'Use batching for states, which targeted for large amount of nodes. Can be Integer or Percentage, e.g 20 or 20%'
diff --git a/jenkins/client/job/deploy/update/package.yml b/jenkins/client/job/deploy/update/package.yml
index 7444bcc..befd7ab 100644
--- a/jenkins/client/job/deploy/update/package.yml
+++ b/jenkins/client/job/deploy/update/package.yml
@@ -31,6 +31,10 @@
type: string
default: "*"
description: Salt compound target to match nodes to be updated [*, G@osfamily:debian].
+ BATCH_SIZE:
+ type: string
+ default: ''
+ description: 'Use batching for states, which targeted for large amount of nodes. Can be Integer or Percentage, e.g 20 or 20%'
TARGET_PACKAGES:
type: string
description: Space delimited list of packages to be updated, empty string means updating all packages to the latest version e.g. [package1=version package2=version] or [package1 package2].
diff --git a/jenkins/client/job/deploy/update/upgrade_mcp_release.yml b/jenkins/client/job/deploy/update/upgrade_mcp_release.yml
index 091d169..2019945 100644
--- a/jenkins/client/job/deploy/update/upgrade_mcp_release.yml
+++ b/jenkins/client/job/deploy/update/upgrade_mcp_release.yml
@@ -43,13 +43,15 @@
---
SALT_MASTER_URL: "${_param:jenkins_salt_api_url}"
SALT_MASTER_CREDENTIALS: "salt"
+ # Use batching for states, which targeted for large amount of nodes. Can be Integer or Percentage, e.g 20 or 20%
+ BATCH_SIZE: ''
# Replace `mcp_version` parameter to TARGET_MCP_VERSION in cluster level Reclass model?
UPDATE_CLUSTER_MODEL: true
# Upgrade SaltStack packages
UPGRADE_SALTSTACK: true
# Mirror pipelines from upstream/local mirror to Gerrit
UPDATE_PIPELINES: true
- # se only when local repositories are present
+ # Use only when local repositories are present
UPDATE_LOCAL_REPOS: false
# Next parameters added only for test purposes and not enabled by default
# RECLASS_SYSTEM_BRANCH: ''
diff --git a/nginx/server/proxy/ceph_radosgw.yml b/nginx/server/proxy/ceph_radosgw.yml
index c69ec3a..8207bda 100644
--- a/nginx/server/proxy/ceph_radosgw.yml
+++ b/nginx/server/proxy/ceph_radosgw.yml
@@ -12,7 +12,16 @@
enabled: true
type: nginx_proxy
name: ceph_radosgw
+ proxy_set_header:
+ Host:
+ enabled: true
+ value: "$host"
+ X-Forwarded-For:
+ enabled: true
+ value: "$remote_addr"
proxy:
+ size: 10240m
+ buffer_size: 10240m
host: ${_param:nginx_proxy_radosgw_service_host}
port: ${_param:nginx_proxy_radosgw_service_port}
protocol: http
diff --git a/nova/compute/cluster.yml b/nova/compute/cluster.yml
index 94e4157..8a7b362 100644
--- a/nova/compute/cluster.yml
+++ b/nova/compute/cluster.yml
@@ -43,6 +43,8 @@
password: ${_param:keystone_nova_password}
tenant: service
protocol: ${_param:cluster_internal_protocol}
+ service_token_roles: admin
+ service_token_roles_required: true
service_user:
enabled: ${_param:nova_service_user_enabled}
barbican:
diff --git a/nova/compute/single.yml b/nova/compute/single.yml
index 287442e..44077a8 100644
--- a/nova/compute/single.yml
+++ b/nova/compute/single.yml
@@ -42,6 +42,8 @@
tenant: service
protocol: ${_param:cluster_internal_protocol}
region: ${_param:openstack_region}
+ service_token_roles: admin
+ service_token_roles_required: true
barbican:
enabled: ${_param:barbican_integration_enabled}
service_user:
diff --git a/nova/control/cluster.yml b/nova/control/cluster.yml
index e7f76fa..359d0d6 100644
--- a/nova/control/cluster.yml
+++ b/nova/control/cluster.yml
@@ -62,6 +62,8 @@
password: ${_param:keystone_nova_password}
tenant: service
protocol: ${_param:cluster_internal_protocol}
+ service_token_roles: admin
+ service_token_roles_required: true
service_user:
enabled: ${_param:nova_service_user_enabled}
barbican:
diff --git a/nova/control/single.yml b/nova/control/single.yml
index 0108af6..cbdfddb 100644
--- a/nova/control/single.yml
+++ b/nova/control/single.yml
@@ -26,6 +26,8 @@
identity:
protocol: ${_param:cluster_internal_protocol}
region: ${_param:openstack_region}
+ service_token_roles: admin
+ service_token_roles_required: true
service_user:
enabled: ${_param:nova_service_user_enabled}
network:
diff --git a/opencontrail/common/init.yml b/opencontrail/common/init.yml
new file mode 100644
index 0000000..e24a9c3
--- /dev/null
+++ b/opencontrail/common/init.yml
@@ -0,0 +1,10 @@
+parameters:
+ linux:
+ system:
+ kernel:
+ sysctl:
+ net.ipv4.tcp_keepalive_intvl: 1
+ net.ipv4.tcp_keepalive_time: 5
+ net.ipv4.tcp_keepalive_probes: 5
+ net.nf_conntrack_max: 256000
+ fs.file-max: 124165
\ No newline at end of file