Merge "Add TestRail parameters for devcloud deployments"
diff --git a/docker/swarm/stack/janitor_monkey.yml b/docker/swarm/stack/janitor_monkey.yml
index 1152841..2849554 100644
--- a/docker/swarm/stack/janitor_monkey.yml
+++ b/docker/swarm/stack/janitor_monkey.yml
@@ -32,10 +32,11 @@
auth_url: http://yourcloud.com:5000/v3/auth/tokens
username: admin
password: password
- ssl_verify: False
endpoint_type: public
- source_credentials: /srv/volumes/rundeck/storage/content/cis/openstack
- service_credentials: /opt/os_creds
+ ssl_verify: False
+ source_credentials_dir: /srv/volumes/rundeck/storage
+ destination_credentials_dir: /opt/os_creds
+ cacert_path: ${_param:janitor_monkey_openstack:destination_credentials_dir}/content/keys/cis/openstack/cert.pem
docker:
client:
stack:
@@ -63,7 +64,7 @@
simianarmy.client.cloudfire.domain: ${_param:janitor_monkey_openstack:project_domain_name}
simianarmy.client.cloudfire.project: ${_param:janitor_monkey_openstack:project_name}
simianarmy.client.cloudfire.SSLVerify: ${_param:janitor_monkey_openstack:ssl_verify}
- simianarmy.client.cloudfire.cafile: ${_param:janitor_monkey_openstack:service_credentials}/cert.pem
+ simianarmy.client.cloudfire.cafile: ${_param:janitor_monkey_openstack:cacert_path}
simianarmy.janitor.rule.stoppedInstanceRule.instanceAgeThreshold: ${_param:janitor_monkey_instance_age_threshold}
simianarmy.janitor.notification.oss.url: ${_param:janitor_monkey_notification_oss_url}
simianarmy.janitor.notification.oss.login_id: ${_param:janitor_monkey_notification_oss_login_id}
@@ -88,7 +89,7 @@
ports:
- ${_param:haproxy_janitor_monkey_exposed_port}:${_param:janitor_monkey_bind_port}
volumes:
- - ${_param:janitor_monkey_openstack:source_credentials}:${_param:janitor_monkey_openstack:service_credentials}:ro
+ - ${_param:janitor_monkey_openstack:source_credentials_dir}:${_param:janitor_monkey_openstack:destination_credentials_dir}:ro
network:
default:
external:
diff --git a/docker/swarm/stack/security_monkey.yml b/docker/swarm/stack/security_monkey.yml
index 3b9c272..2f844c0 100644
--- a/docker/swarm/stack/security_monkey.yml
+++ b/docker/swarm/stack/security_monkey.yml
@@ -30,10 +30,11 @@
project_domain_name: Default
project_name: admin
user_domain_name: Default
- source_credentials: /srv/volumes/rundeck/storage/content/cis/openstack
- service_credentials: /opt/os_creds
endpoint_type: public
ssl_verify: False
+ source_credentials_dir: /srv/volumes/rundeck/storage
+ destination_credentials_dir: /opt/os_creds
+ cacert_path: ${_param:security_monkey_openstack:destination_credentials_dir}/content/keys/cis/openstack/cert.pem
docker:
client:
stack:
@@ -62,7 +63,7 @@
OS_PROJECT_NAME: ${_param:security_monkey_openstack:project_name}
OS_SSL_VERIFY: ${_param:security_monkey_openstack:ssl_verify}
OS_ENDPOINT_TYPE: ${_param:security_monkey_openstack:endpoint_type}
- CACERT_PATH: ${_param:security_monkey_openstack:service_credentials}/cert.pem
+ CACERT_PATH: ${_param:security_monkey_openstack:cacert_path}
USER_DOMAIN_NAME: ${_param:security_monkey_openstack:user_domain_name}
SM_WTF_CSRF_ENABLED: ${_param:devops_portal_sm_wtf_csrf_enabled}
SECURITY_MONKEY_SYNC_INTERVAL: ${_param:security_monkey_sync_interval}
@@ -79,7 +80,7 @@
- ${_param:haproxy_security_monkey_exposed_port}:${_param:haproxy_security_monkey_bind_port}
volumes:
- /srv/volumes/security_monkey/logs:/var/log/security_monkey/logs
- - ${_param:security_monkey_openstack:source_credentials}:${_param:security_monkey_openstack:service_credentials}:ro
+ - ${_param:security_monkey_openstack:source_credentials_dir}:${_param:security_monkey_openstack:destination_credentials_dir}:ro
security-audit-scheduler:
image: ${_param:docker_image_security_monkey_scheduler}
deploy:
@@ -88,7 +89,7 @@
condition: any
volumes:
- /srv/volumes/security_monkey/logs:/var/log/security_monkey/logs
- - ${_param:security_monkey_openstack:source_credentials}:${_param:security_monkey_openstack:service_credentials}:ro
+ - ${_param:security_monkey_openstack:source_credentials_dir}:${_param:security_monkey_openstack:destination_credentials_dir}:ro
network:
default:
external:
diff --git a/fluentd/init.yml b/fluentd/init.yml
new file mode 100644
index 0000000..ebf469a
--- /dev/null
+++ b/fluentd/init.yml
@@ -0,0 +1,6 @@
+classes:
+- service.fluentd.agent.single
+- system
+parameters:
+ fluentd:
+ dollar: ${_param:dollarsign}
diff --git a/fluentd/label/default_metric/init.yml b/fluentd/label/default_metric/init.yml
new file mode 100644
index 0000000..ef8ecf2
--- /dev/null
+++ b/fluentd/label/default_metric/init.yml
@@ -0,0 +1,20 @@
+parameters:
+ fluentd:
+ agent:
+ config:
+ label:
+ default_metric:
+ filter:
+ add_general_fields:
+ tag: "**"
+ type: record_transformer
+ enable_ruby: true
+ record:
+ - name: environment_label
+ value: ${_param:cluster_domain}
+ - name: Hostname
+ value: ${fluentd:dollar}{ hostname }
+ match:
+ drop_everything:
+ tag: '**'
+ type: 'null'
diff --git a/fluentd/label/default_metric/prometheus.yml b/fluentd/label/default_metric/prometheus.yml
new file mode 100644
index 0000000..9eb3b1b
--- /dev/null
+++ b/fluentd/label/default_metric/prometheus.yml
@@ -0,0 +1,11 @@
+parameters:
+ fluentd:
+ agent:
+ plugin:
+ fluent-plugin-prometheus:
+ gem: ['fluent-plugin-prometheus']
+ config:
+ input:
+ prometheus:
+ metric:
+ type: prometheus
diff --git a/galera/server/database/panko.yml b/galera/server/database/panko.yml
new file mode 100644
index 0000000..7a3ed63
--- /dev/null
+++ b/galera/server/database/panko.yml
@@ -0,0 +1,15 @@
+parameters:
+ mysql:
+ server:
+ database:
+ panko:
+ encoding: utf8
+ users:
+ - name: panko
+ password: ${_param:mysql_panko_password}
+ host: '%'
+ rights: all
+ - name: panko
+ password: ${_param:mysql_panko_password}
+ host: ${_param:cluster_local_address}
+ rights: all
diff --git a/gerrit/client/init.yml b/gerrit/client/init.yml
index 5456900..8b097ee 100644
--- a/gerrit/client/init.yml
+++ b/gerrit/client/init.yml
@@ -7,8 +7,6 @@
client:
enabled: True
try_login: ${_param:gerrit_try_login}
- source:
- engine: pip
dir:
git: /srv/volumes/gerrit/git
gerrit_config: /srv/volumes/gerrit/etc/gerrit.config
diff --git a/haproxy/proxy/listen/kubernetes/apiserver.yml b/haproxy/proxy/listen/kubernetes/apiserver.yml
index 8dfcb35..950765f 100644
--- a/haproxy/proxy/listen/kubernetes/apiserver.yml
+++ b/haproxy/proxy/listen/kubernetes/apiserver.yml
@@ -4,8 +4,6 @@
listen:
k8s_secure:
type: kubernetes
- options:
- - ssl-hello-chk
binds:
- address: ${_param:cluster_vip_address}
port: 443
@@ -13,15 +11,15 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 6443
- params: check
+ params: check check-ssl verify none
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 6443
- params: check
+ params: check check-ssl verify none
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 6443
- params: check
+ params: check check-ssl verify none
timeout:
server: 10m
client: 10m
diff --git a/init.yml b/init.yml
new file mode 100644
index 0000000..7d8695f
--- /dev/null
+++ b/init.yml
@@ -0,0 +1,3 @@
+parameters:
+ _param:
+ dollarsign: '$'
diff --git a/jenkins/client/approved_scripts.yml b/jenkins/client/approved_scripts.yml
index 1973906..dfcf9ac 100644
--- a/jenkins/client/approved_scripts.yml
+++ b/jenkins/client/approved_scripts.yml
@@ -54,6 +54,7 @@
- method java.util.Collection stream
- method java.util.Date getTime
- method java.util.LinkedHashMap$LinkedHashIterator hasNext
+ - method java.util.List add int java.lang.Object
- method java.util.List subList int int
- method java.util.Map remove java.lang.Object
- method java.util.Map size
@@ -139,3 +140,4 @@
- method hudson.model.Actionable getAction java.lang.Class
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods toSorted java.lang.Iterable
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods intersect java.util.List java.lang.Iterable
+ - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods reverse java.util.List
diff --git a/jenkins/client/job/deploy/k8s_control.yml b/jenkins/client/job/deploy/k8s_control.yml
index f851176..4dba2e7 100644
--- a/jenkins/client/job/deploy/k8s_control.yml
+++ b/jenkins/client/job/deploy/k8s_control.yml
@@ -8,7 +8,7 @@
display_name: "Deploy - k8s control"
discard:
build:
- keep_num: 20
+ keep_num: 50
concurrent: false
scm:
type: git
diff --git a/jenkins/client/job/deploy/kqueen.yml b/jenkins/client/job/deploy/kqueen.yml
index 817eb8f..06b449b 100644
--- a/jenkins/client/job/deploy/kqueen.yml
+++ b/jenkins/client/job/deploy/kqueen.yml
@@ -7,7 +7,7 @@
type: workflow-scm
discard:
build:
- keep_num: 20
+ keep_num: 50
concurrent: true
display_name: "Deploy AWS K8S using kqueen"
scm:
diff --git a/jenkins/client/job/deploy/lab/cleanup.yml b/jenkins/client/job/deploy/lab/cleanup.yml
index 93a0818..3f3875f 100644
--- a/jenkins/client/job/deploy/lab/cleanup.yml
+++ b/jenkins/client/job/deploy/lab/cleanup.yml
@@ -8,7 +8,7 @@
display_name: "Deploy - stack cleanup"
discard:
build:
- keep_num: 20
+ keep_num: 50
scm:
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
diff --git a/jenkins/client/job/deploy/lab/deploy.yml b/jenkins/client/job/deploy/lab/deploy.yml
index 9e240b2..9a04876 100644
--- a/jenkins/client/job/deploy/lab/deploy.yml
+++ b/jenkins/client/job/deploy/lab/deploy.yml
@@ -11,7 +11,7 @@
type: workflow-scm
discard:
build:
- keep_num: 20
+ keep_num: 100
concurrent: true
display_name: "Deploy - {{stack_name}} {{stack_type}}"
scm:
@@ -100,7 +100,7 @@
description: "Formulas revision to install on Salt Master bootstrap stage"
EXTRA_FORMULAS:
type: string
- default: "maas memcached ntp nginx collectd sensu heka sphinx mysql grafana libvirt rsyslog glusterfs postfix xtrabackup freeipa prometheus telegraf elasticsearch kibana rundeck devops-portal rsync docker keepalived aptly jenkins gerrit artifactory influxdb horizon ceph"
+ default: ""
STATIC_MGMT_NETWORK:
type: boolean
default: 'false'
diff --git a/jenkins/client/job/deploy/openstack.yml b/jenkins/client/job/deploy/openstack.yml
index 3595e01..c507824 100644
--- a/jenkins/client/job/deploy/openstack.yml
+++ b/jenkins/client/job/deploy/openstack.yml
@@ -8,7 +8,7 @@
display_name: "Deploy - OpenStack"
discard:
build:
- keep_num: 20
+ keep_num: 50
concurrent: true
scm:
type: git
diff --git a/jenkins/client/job/deploy/test.yml b/jenkins/client/job/deploy/test.yml
index c226fbc..acf6fa3 100644
--- a/jenkins/client/job/deploy/test.yml
+++ b/jenkins/client/job/deploy/test.yml
@@ -7,7 +7,7 @@
type: workflow-scm
discard:
build:
- keep_num: 20
+ keep_num: 50
concurrent: true
display_name: "Deploy - Test services in environment"
scm:
diff --git a/jenkins/client/job/docker/init.yml b/jenkins/client/job/docker/init.yml
index c5f7d44..d4c15b6 100644
--- a/jenkins/client/job/docker/init.yml
+++ b/jenkins/client/job/docker/init.yml
@@ -16,7 +16,11 @@
dockerfile: "Dockerfile"
- name: gerrit
branch: "2.13.6"
- tags: "2.13.6 latest"
+ tags: "2.13.6"
+ dockerfile: "Dockerfile"
+ - name: gerrit
+ branch: "2.14.6"
+ tags: "2.14.6 latest"
dockerfile: "Dockerfile"
- name: jenkins
branch: "master"
@@ -28,7 +32,7 @@
dockerfile: "Dockerfile"
- name: jenkins
branch: "2.73"
- tags: "2.73 latest"
+ tags: "2.73"
dockerfile: "Dockerfile"
- name: phpldapadmin
branch: "master"
diff --git a/jenkins/client/job/docker/oss/cis-collectors.yml b/jenkins/client/job/docker/oss/cis-collectors.yml
index 11d8be9..05620cf 100644
--- a/jenkins/client/job/docker/oss/cis-collectors.yml
+++ b/jenkins/client/job/docker/oss/cis-collectors.yml
@@ -22,11 +22,6 @@
"oss/cis-collectors":
branches:
- master
- skip_vote:
- - successful
- - failed
- - unstable
- - not_built
event:
patchset:
- created:
diff --git a/jenkins/client/job/docker/oss/devops-portal.yml b/jenkins/client/job/docker/oss/devops-portal.yml
index 3b831d8..9c3025f 100644
--- a/jenkins/client/job/docker/oss/devops-portal.yml
+++ b/jenkins/client/job/docker/oss/devops-portal.yml
@@ -22,11 +22,6 @@
"oss/devops-portal":
branches:
- master
- skip_vote:
- - successful
- - failed
- - unstable
- - not_built
event:
patchset:
- created:
diff --git a/jenkins/client/job/docker/oss/hce-codebase.yml b/jenkins/client/job/docker/oss/hce-codebase.yml
index 41fe789..747ed77 100644
--- a/jenkins/client/job/docker/oss/hce-codebase.yml
+++ b/jenkins/client/job/docker/oss/hce-codebase.yml
@@ -22,11 +22,6 @@
"oss/hce":
branches:
- master
- skip_vote:
- - successful
- - failed
- - unstable
- - not_built
event:
patchset:
- created:
diff --git a/jenkins/client/job/docker/oss/hce-docker.yml b/jenkins/client/job/docker/oss/hce-docker.yml
index 33372b9..c7c4a7b 100644
--- a/jenkins/client/job/docker/oss/hce-docker.yml
+++ b/jenkins/client/job/docker/oss/hce-docker.yml
@@ -22,11 +22,6 @@
"oss/docker-hce":
branches:
- master
- skip_vote:
- - successful
- - failed
- - unstable
- - not_built
event:
patchset:
- created:
diff --git a/jenkins/client/job/docker/oss/janitor-monkey-codebase.yml b/jenkins/client/job/docker/oss/janitor-monkey-codebase.yml
index 95a45f1..d10993e 100644
--- a/jenkins/client/job/docker/oss/janitor-monkey-codebase.yml
+++ b/jenkins/client/job/docker/oss/janitor-monkey-codebase.yml
@@ -22,11 +22,6 @@
"oss/SimianArmy":
branches:
- devel
- skip_vote:
- - successful
- - failed
- - unstable
- - not_built
event:
patchset:
- created:
diff --git a/jenkins/client/job/docker/oss/janitor-monkey-docker.yml b/jenkins/client/job/docker/oss/janitor-monkey-docker.yml
index 78167bd..672e13e 100644
--- a/jenkins/client/job/docker/oss/janitor-monkey-docker.yml
+++ b/jenkins/client/job/docker/oss/janitor-monkey-docker.yml
@@ -22,11 +22,6 @@
"oss/docker-janitor-monkey":
branches:
- master
- skip_vote:
- - successful
- - failed
- - unstable
- - not_built
event:
patchset:
- created:
@@ -58,4 +53,4 @@
default: "Dockerfile"
CONTEXT_PATH:
type: string
- default: "."
\ No newline at end of file
+ default: "."
diff --git a/jenkins/client/job/docker/oss/pushkin-codebase-ext.yml b/jenkins/client/job/docker/oss/pushkin-codebase-ext.yml
index 1a5b5b6..0508d49 100644
--- a/jenkins/client/job/docker/oss/pushkin-codebase-ext.yml
+++ b/jenkins/client/job/docker/oss/pushkin-codebase-ext.yml
@@ -22,11 +22,6 @@
"oss/pushkin-extensions":
branches:
- master
- skip_vote:
- - successful
- - failed
- - unstable
- - not_built
event:
patchset:
- created:
diff --git a/jenkins/client/job/docker/oss/pushkin-codebase.yml b/jenkins/client/job/docker/oss/pushkin-codebase.yml
index f40bde3..a45ea75 100644
--- a/jenkins/client/job/docker/oss/pushkin-codebase.yml
+++ b/jenkins/client/job/docker/oss/pushkin-codebase.yml
@@ -22,11 +22,6 @@
"oss/pushkin":
branches:
- devel
- skip_vote:
- - successful
- - failed
- - unstable
- - not_built
event:
patchset:
- created:
diff --git a/jenkins/client/job/docker/oss/pushkin-docker.yml b/jenkins/client/job/docker/oss/pushkin-docker.yml
index e77e99b..61d959c 100644
--- a/jenkins/client/job/docker/oss/pushkin-docker.yml
+++ b/jenkins/client/job/docker/oss/pushkin-docker.yml
@@ -22,11 +22,6 @@
"oss/docker-pushkin":
branches:
- master
- skip_vote:
- - successful
- - failed
- - unstable
- - not_built
event:
patchset:
- created:
@@ -58,4 +53,4 @@
default: "Dockerfile"
CONTEXT_PATH:
type: string
- default: "."
\ No newline at end of file
+ default: "."
diff --git a/jenkins/client/job/docker/oss/rundeck.yml b/jenkins/client/job/docker/oss/rundeck.yml
index 9b116fe..adbe9f4 100644
--- a/jenkins/client/job/docker/oss/rundeck.yml
+++ b/jenkins/client/job/docker/oss/rundeck.yml
@@ -22,11 +22,6 @@
"oss/docker-rundeck":
branches:
- master
- skip_vote:
- - successful
- - failed
- - unstable
- - not_built
event:
patchset:
- created:
diff --git a/jenkins/client/job/docker/oss/security-monkey-codebase-openstack.yml b/jenkins/client/job/docker/oss/security-monkey-codebase-openstack.yml
index a135df8..0e5a9d4 100644
--- a/jenkins/client/job/docker/oss/security-monkey-codebase-openstack.yml
+++ b/jenkins/client/job/docker/oss/security-monkey-codebase-openstack.yml
@@ -3,7 +3,7 @@
client:
job:
docker-build-images-security-monkey-codebase-openstack:
- name: docker-build-images-security-monkey-codebase-openstack
+ name: docker-build-images-security-monkey-codebase-openstack
discard:
build:
keep_num: 25
@@ -22,11 +22,6 @@
"oss/security-monkey-openstack":
branches:
- master
- skip_vote:
- - successful
- - failed
- - unstable
- - not_built
event:
patchset:
- created:
diff --git a/jenkins/client/job/docker/oss/security-monkey-docker.yml b/jenkins/client/job/docker/oss/security-monkey-docker.yml
index b9d4512..613f789 100644
--- a/jenkins/client/job/docker/oss/security-monkey-docker.yml
+++ b/jenkins/client/job/docker/oss/security-monkey-docker.yml
@@ -22,11 +22,6 @@
"oss/docker-security-monkey":
branches:
- master
- skip_vote:
- - successful
- - failed
- - unstable
- - not_built
event:
patchset:
- created:
@@ -58,4 +53,4 @@
default: "security-monkey/Dockerfile"
CONTEXT_PATH:
type: string
- default: "."
\ No newline at end of file
+ default: "."
diff --git a/jenkins/client/job/k8s-test/mcp-k8s-test-pipeline.yml b/jenkins/client/job/k8s-test/mcp-k8s-test-pipeline.yml
index 8490ee7..36e1dc0 100644
--- a/jenkins/client/job/k8s-test/mcp-k8s-test-pipeline.yml
+++ b/jenkins/client/job/k8s-test/mcp-k8s-test-pipeline.yml
@@ -8,7 +8,7 @@
display_name: "Kubernetes tests pipeline"
discard:
build:
- keep_num: 20
+ keep_num: 50
concurrent: false
scm:
type: git
diff --git a/jenkins/client/job/opencontrail/build/generic.yml b/jenkins/client/job/opencontrail/build/generic.yml
index 699222e..d9be124 100644
--- a/jenkins/client/job/opencontrail/build/generic.yml
+++ b/jenkins/client/job/opencontrail/build/generic.yml
@@ -53,7 +53,7 @@
branch: R3.2
ppa: mirantis-opencontrail/opencontrail-3.2
upload_source_package: true
- dpdk: contrail_dpdk_2_1
+ dpdk: contrail_dpdk_17_02
build_trigger: ""
- buildname: oc32
os: ubuntu
@@ -61,7 +61,7 @@
branch: R3.2
ppa: mirantis-opencontrail/opencontrail-3.2
upload_source_package: true
- dpdk: contrail_dpdk_2_1
+ dpdk: contrail_dpdk_17_02
build_trigger: ""
- buildname: oc323
os: ubuntu
diff --git a/jenkins/client/job/oscore/security_tests.yml b/jenkins/client/job/oscore/security_tests.yml
index e4f5f6d..36b5441 100644
--- a/jenkins/client/job/oscore/security_tests.yml
+++ b/jenkins/client/job/oscore/security_tests.yml
@@ -62,7 +62,7 @@
SEVERITY:
type: string
description: Bandit args
- default: "3"
+ default: "1"
CONFIDENCE:
type: string
description: confidence
diff --git a/jenkins/client/job/oscore/tests.yml b/jenkins/client/job/oscore/tests.yml
index a751935..06060bd 100644
--- a/jenkins/client/job/oscore/tests.yml
+++ b/jenkins/client/job/oscore/tests.yml
@@ -12,6 +12,12 @@
keep_num: 30
type: workflow-scm
concurrent: true
+ plugin_properties:
+ throttleconcurrents:
+ enabled: true
+ throttle_option: category
+ categories:
+ - oscore-ci-builds
scm:
type: git
url: "${_param:jenkins_gerrit_url}/openstack-ci/openstack-pipelines.git"
@@ -638,7 +644,7 @@
artifact:
keep_num: 30
type: workflow-scm
- concurrent: false
+ concurrent: true
scm:
type: git
url: "${_param:jenkins_gerrit_url}/openstack-ci/openstack-pipelines.git"
@@ -657,19 +663,10 @@
- failed
- unstable
- not_built
- message:
- build_successful: "Build successful"
- build_unstable: "Build unstable"
- build_failure: "Build failed"
event:
comment:
- addedContains:
- commentAddedCommentContains: 'deploy'
- patchset:
- - created:
- excludeDrafts: true
- excludeTrivialRebase: true
- excludeNoCodeChange: true
+ commentAddedCommentContains: '^(?s:Patch Set \d+:.*(test|recheck|reverify)\s*)$'
param:
SOURCE_CREDENTIALS:
type: string
diff --git a/jenkins/client/job/oss/test_pushkin_codebase.yml b/jenkins/client/job/oss/test_pushkin_codebase.yml
index 245f1d8..baefbc9 100644
--- a/jenkins/client/job/oss/test_pushkin_codebase.yml
+++ b/jenkins/client/job/oss/test_pushkin_codebase.yml
@@ -23,11 +23,6 @@
branches:
- devel
- master
- skip_vote:
- - successful
- - failed
- - unstable
- - not_built
event:
patchset:
- created:
diff --git a/jenkins/client/job/salt-models/tests.yml b/jenkins/client/job/salt-models/tests.yml
index 879a1f1..6bf8e5a 100644
--- a/jenkins/client/job/salt-models/tests.yml
+++ b/jenkins/client/job/salt-models/tests.yml
@@ -8,6 +8,11 @@
name: test-salt-model-{{name}}
template:
type: workflow-scm
+ discard:
+ build:
+ keep_num: 50
+ artifact:
+ keep_num: 50
scm:
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
@@ -81,6 +86,11 @@
name: test-salt-model-{{name}}
template:
type: workflow-scm
+ discard:
+ build:
+ keep_num: 50
+ artifact:
+ keep_num: 50
scm:
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
@@ -119,9 +129,9 @@
template:
discard:
build:
- keep_num: 20
+ keep_num: 50
artifact:
- keep_num: 20
+ keep_num: 50
type: workflow-scm
concurrent: true
scm:
diff --git a/jenkins/client/job/validate.yml b/jenkins/client/job/validate.yml
index cfbd85d..7d2fa9b 100644
--- a/jenkins/client/job/validate.yml
+++ b/jenkins/client/job/validate.yml
@@ -15,9 +15,9 @@
display_name: "Validate - Openstack"
discard:
build:
- keep_num: 20
+ keep_num: 50
artifact:
- keep_num: 20
+ keep_num: 50
concurrent: false
scm:
type: git
@@ -149,7 +149,7 @@
description: If chosen then previous build results will be used in the current build
cvp-sanity:
type: workflow-scm
- name: validate-cvp-sanity
+ name: cvp-sanity
display_name: "CVP - Sanity checks"
discard:
build:
@@ -166,7 +166,7 @@
param:
SALT_MASTER_URL:
type: string
- default: ""
+ default: "${_param:jenkins_salt_api_url}"
description: Full Salt API address [e.g. https://10.10.10.2:6969]
SALT_MASTER_CREDENTIALS:
type: string
@@ -175,6 +175,10 @@
type: string
default: "https://github.com/Mirantis/cvp-sanity-checks"
description: Url for cvp-sanity-checks
+ SANITY_TESTS_SETTINGS:
+ type: string
+ default: ""
+ description: e.g. skipped_nodes=nal01.local.com,ntw01.local.com
SANITY_TESTS_SET:
type: string
default: ""
@@ -183,3 +187,71 @@
type: string
default: ""
description: Proxy address to clone repo and install python requirements
+ cvp-ha:
+ type: workflow-scm
+ name: cvp-ha
+ display_name: "CVP - HA tests"
+ discard:
+ build:
+ keep_num: 20
+ artifact:
+ keep_num: 20
+ concurrent: false
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
+ credentials: "gerrit"
+ script: cvp-ha.groovy
+ param:
+ SALT_MASTER_URL:
+ type: string
+ default: "${_param:jenkins_salt_api_url}"
+ description: Full Salt API address [e.g. https://10.10.10.2:6969]
+ SALT_MASTER_CREDENTIALS:
+ type: string
+ default: "salt"
+ description: Credentials to the Salt API
+ TEMPEST_TARGET_NODE:
+ type: string
+ default: ""
+ description: Node where container with tempest will be run
+ TEST_IMAGE:
+ type: string
+ default: "rallyforge/rally"
+ description: Docker image to use for running Rally/Tempest
+ TARGET_NODES:
+ type: string
+ default: "ctl*"
+ description: Nodes to test
+ DEBUG_MODE:
+ type: boolean
+ default: 'false'
+ description: If you need to debug (keep container after test), please enabled this
+ RETRY_CHECK_STATUS:
+ type: string
+ default: "200"
+ description: If you have any problems with timeouts (e.g. while waiting for node to be up/down), please increase this value
+ SKIP_LIST_PATH:
+ type: string
+ default: "/home/rally/cvp-configuration/tempest/skip-list.yaml"
+ description: path to skip-list file inside container
+ PROXY:
+ type: string
+ default: ""
+ description: Proxy address to clone repo and install python requirements
+ TEMPEST_TEST_PATTERN:
+ type: string
+ default: "set=smoke"
+ description: Use set=smoke (or identity,full...] or just test name
+ MANUAL_CONFIRMATION:
+ type: boolean
+ default: 'false'
+ description: Ask for confirmation before doing something destructive (reboot/shutdown node)
+ TEMPEST_REPO:
+ type: string
+ default: "https://github.com/openstack/tempest"
+ description: Can be repo url (local or remote) or path to folder (inside container) with Tempest
+ TOOLS_REPO:
+ type: string
+ default: "${_param:gerrit_public_host}/cvp-configuration"
+ description: URL of repo where testing tools, scenarios, configs are located.
diff --git a/jenkins/slave/salt-pepper.yml b/jenkins/slave/salt-pepper.yml
new file mode 100644
index 0000000..c5baf1f
--- /dev/null
+++ b/jenkins/slave/salt-pepper.yml
@@ -0,0 +1,8 @@
+ classes:
+ - system.jenkins.slave
+ parameters:
+ linux:
+ system:
+ package:
+ salt-pepper:
+ version: latest
diff --git a/keystone/client/service/panko.yml b/keystone/client/service/panko.yml
new file mode 100644
index 0000000..05f9453
--- /dev/null
+++ b/keystone/client/service/panko.yml
@@ -0,0 +1,30 @@
+parameters:
+ _param:
+ cluster_public_protocol: https
+ keystone:
+ client:
+ server:
+ identity:
+ project:
+ service:
+ user:
+ panko:
+ is_admin: true
+ password: ${_param:keystone_panko_password}
+ email: ${_param:admin_email}
+ service:
+ panko:
+ type: event
+ description: OpenStack Event Service
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:cluster_public_host}
+ public_protocol: ${_param:cluster_public_protocol}
+ public_port: 8977
+ public_path: '/'
+ internal_address: ${_param:panko_service_host}
+ internal_port: 8977
+ internal_path: '/'
+ admin_address: ${_param:panko_service_host}
+ admin_port: 8977
+ admin_path: '/'
diff --git a/keystone/server/wsgi.yml b/keystone/server/wsgi.yml
index f62c1cc..333cb76 100644
--- a/keystone/server/wsgi.yml
+++ b/keystone/server/wsgi.yml
@@ -1,6 +1,10 @@
classes:
- system.apache.server.single
parameters:
+ _param:
+ apache_keystone_ssl:
+ enabled: false
+ apache_keystone_api_host: ${linux:network:fqdn}
keystone:
server:
service_name: apache2
@@ -14,7 +18,8 @@
type: keystone
name: wsgi
host:
- name: ${linux:network:fqdn}
+ name: ${_param:apache_keystone_api_host}
+ ssl: ${_param:apache_keystone_ssl}
log:
custom:
format: >-
diff --git a/mysql/client/database/panko.yml b/mysql/client/database/panko.yml
new file mode 100644
index 0000000..e0463ef
--- /dev/null
+++ b/mysql/client/database/panko.yml
@@ -0,0 +1,17 @@
+parameters:
+ mysql:
+ client:
+ server:
+ database:
+ database:
+ panko:
+ encoding: utf8
+ users:
+ - name: panko
+ password: ${_param:mysql_panko_password}
+ host: '%'
+ rights: all
+ - name: panko
+ password: ${_param:mysql_panko_password}
+ host: ${_param:single_address}
+ rights: all
diff --git a/nginx/server/proxy/openstack/barbican.yml b/nginx/server/proxy/openstack/barbican.yml
index 5f658d1..89e5a9c 100644
--- a/nginx/server/proxy/openstack/barbican.yml
+++ b/nginx/server/proxy/openstack/barbican.yml
@@ -1,6 +1,8 @@
parameters:
_param:
nginx_proxy_openstack_api_host: ${_param:cluster_public_host}
+ nginx_proxy_openstack_api_address: 0.0.0.0
+ nginx_proxy_openstack_barbican_host: ${_param:barbican_service_host}
nginx:
server:
enabled: true
@@ -11,10 +13,11 @@
name: openstack_api_barbican
check: false
proxy:
- host: ${_param:barbican_service_host}
+ host: ${_param:nginx_proxy_openstack_barbican_host}
port: 9311
protocol: http
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 9311
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
diff --git a/nginx/server/proxy/openstack/designate.yml b/nginx/server/proxy/openstack/designate.yml
index 29bc390..c238775 100644
--- a/nginx/server/proxy/openstack/designate.yml
+++ b/nginx/server/proxy/openstack/designate.yml
@@ -1,6 +1,8 @@
parameters:
_param:
nginx_proxy_openstack_api_host: ${_param:cluster_public_host}
+ nginx_proxy_openstack_api_address: 0.0.0.0
+ nginx_proxy_openstack_designate_host: ${_param:designate_service_host}
nginx:
server:
enabled: true
@@ -10,10 +12,11 @@
type: nginx_proxy
name: openstack_api_designate
proxy:
- host: ${_param:nginx_proxy_openstack_api_proxy_host}
+ host: ${_param:nginx_proxy_openstack_designate_host}
port: 9001
protocol: http
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 9001
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
diff --git a/nginx/server/proxy/openstack/horizon.yml b/nginx/server/proxy/openstack/horizon.yml
index 13df5cb..03e3f3c 100644
--- a/nginx/server/proxy/openstack/horizon.yml
+++ b/nginx/server/proxy/openstack/horizon.yml
@@ -1,4 +1,8 @@
parameters:
+ _param:
+ nginx_proxy_openstack_api_host: ${_param:cluster_public_host}
+ nginx_proxy_openstack_api_address: 0.0.0.0
+ nginx_proxy_openstack_horizon_host: ${_param:openstack_proxy_address}
nginx:
server:
enabled: true
@@ -8,11 +12,12 @@
type: nginx_proxy
name: horizon
proxy:
- host: ${_param:openstack_proxy_address}
+ host: ${_param:nginx_proxy_openstack_horizon_host}
port: 443
protocol: https
host:
- name: ${_param:cluster_public_host}
+ name: ${_param:nginx_proxy_openstack_api_host}
port: 443
protocol: https
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
diff --git a/nginx/server/proxy/openstack/placement.yml b/nginx/server/proxy/openstack/placement.yml
new file mode 100644
index 0000000..eda272c
--- /dev/null
+++ b/nginx/server/proxy/openstack/placement.yml
@@ -0,0 +1,22 @@
+parameters:
+ _param:
+ nginx_proxy_openstack_api_host: ${_param:cluster_public_host}
+ nginx_proxy_openstack_api_address: 0.0.0.0
+ nginx_proxy_openstack_placement_host: ${_param:placement_service_host}
+ nginx:
+ server:
+ enabled: true
+ site:
+ nginx_proxy_openstack_api_placement:
+ enabled: true
+ type: nginx_proxy
+ name: openstack_api_placement
+ proxy:
+ host: ${_param:nginx_proxy_openstack_placement_host}
+ port: 8778
+ protocol: http
+ host:
+ name: ${_param:nginx_proxy_openstack_api_host}
+ port: 8778
+ address: ${_param:nginx_proxy_openstack_api_address}
+ ssl: ${_param:nginx_proxy_ssl}
diff --git a/nginx/server/proxy/openstack_api.yml b/nginx/server/proxy/openstack_api.yml
index 4b0b3f4..4f6073d 100644
--- a/nginx/server/proxy/openstack_api.yml
+++ b/nginx/server/proxy/openstack_api.yml
@@ -1,6 +1,13 @@
parameters:
_param:
nginx_proxy_openstack_api_host: ${_param:cluster_public_host}
+ nginx_proxy_openstack_api_address: 0.0.0.0
+ nginx_proxy_openstack_keystone_host: ${_param:keystone_service_host}
+ nginx_proxy_openstack_nova_host: ${_param:nova_service_host}
+ nginx_proxy_openstack_cinder_host: ${_param:cinder_service_host}
+ nginx_proxy_openstack_glance_host: ${_param:glance_service_host}
+ nginx_proxy_openstack_neutron_host: ${_param:neutron_service_host}
+ nginx_proxy_openstack_heat_host: ${_param:heat_service_host}
nginx:
server:
enabled: true
@@ -11,12 +18,13 @@
name: openstack_api_keystone
check: false
proxy:
- host: ${_param:keystone_service_host}
+ host: ${_param:nginx_proxy_openstack_keystone_host}
port: 5000
protocol: http
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 5000
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_keystone_private:
enabled: true
@@ -24,12 +32,13 @@
name: openstack_api_keystone_private
check: false
proxy:
- host: ${_param:keystone_service_host}
+ host: ${_param:nginx_proxy_openstack_keystone_host}
port: 35357
protocol: http
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 35357
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_nova:
enabled: true
@@ -37,12 +46,13 @@
name: openstack_api_nova
check: false
proxy:
- host: ${_param:nova_service_host}
+ host: ${_param:nginx_proxy_openstack_nova_host}
port: 8774
protocol: http
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 8774
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_cinder:
enabled: true
@@ -50,12 +60,13 @@
name: openstack_api_cinder
check: false
proxy:
- host: ${_param:cinder_service_host}
+ host: ${_param:nginx_proxy_openstack_cinder_host}
port: 8776
protocol: http
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 8776
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_glance:
enabled: true
@@ -64,13 +75,14 @@
check: false
underscores_in_headers: true
proxy:
- host: ${_param:glance_service_host}
+ host: ${_param:nginx_proxy_openstack_glance_host}
port: 9292
protocol: http
size: 30000m
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 9292
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_neutron:
enabled: true
@@ -78,36 +90,39 @@
name: openstack_api_neutron
check: false
proxy:
- host: ${_param:neutron_service_host}
+ host: ${_param:nginx_proxy_openstack_neutron_host}
port: 9696
protocol: http
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 9696
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_heat_cloudwatch:
enabled: true
type: nginx_proxy
name: openstack_api_heat_cloudwatch
proxy:
- host: ${_param:heat_service_host}
+ host: ${_param:nginx_proxy_openstack_heat_host}
port: 8003
protocol: http
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 8003
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_heat_cfn:
enabled: true
type: nginx_proxy
name: openstack_api_heat_cfn
proxy:
- host: ${_param:heat_service_host}
+ host: ${_param:nginx_proxy_openstack_heat_host}
port: 8000
protocol: http
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 8000
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_heat:
enabled: true
@@ -115,12 +130,13 @@
name: openstack_api_heat
check: false
proxy:
- host: ${_param:heat_service_host}
+ host: ${_param:nginx_proxy_openstack_heat_host}
port: 8004
protocol: http
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 8004
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_nova_ec2:
enabled: true
@@ -128,10 +144,11 @@
name: openstack_api_nova_ec2
check: false
proxy:
- host: ${_param:nova_service_host}
+ host: ${_param:nginx_proxy_openstack_nova_host}
port: 8773
protocol: http
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 8773
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
diff --git a/nova/control/cluster.yml b/nova/control/cluster.yml
index dee725d..3b8877d 100644
--- a/nova/control/cluster.yml
+++ b/nova/control/cluster.yml
@@ -29,11 +29,6 @@
ram_allocation_ratio: ${_param:nova_ram_allocation_ratio}
disk_allocation_ratio: ${_param:nova_disk_allocation_ratio}
workers: 8
- logging:
- - engine: syslog
- facility: local0
- heka:
- enabled: true
bind:
private_address: ${_param:cluster_local_address}
public_address: ${_param:cluster_vip_address}