Merge "parametrized aptly.server ubuntu mirror url"
diff --git a/aptly/server/mirror/ubuntu/trusty/mcp/apt_mk/extra.yml b/aptly/server/mirror/ubuntu/trusty/mcp/apt_mk/extra.yml
index 61fdf17..89e3da0 100644
--- a/aptly/server/mirror/ubuntu/trusty/mcp/apt_mk/extra.yml
+++ b/aptly/server/mirror/ubuntu/trusty/mcp/apt_mk/extra.yml
@@ -1,10 +1,10 @@
parameters:
_param:
apt_mk_version: stable
- mirror_mirantis_openstack_trusty_extra_source: http://apt-mk.mirantis.com/trusty/
+ mirror_mirantis_openstack_trusty_extra_source: http://apt.mirantis.com/trusty/
mirror_mirantis_openstack_trusty_extra_distribution: ${_param:apt_mk_version}
mirror_mirantis_openstack_trusty_extra_components: extra
- mirror_mirantis_openstack_trusty_extra_key_url: "http://apt-mk.mirantis.com/public.gpg"
+ mirror_mirantis_openstack_trusty_extra_key_url: "http://apt.mirantis.com/public.gpg"
mirror_mirantis_openstack_trusty_extra_gpgkeys:
- A76882D3
aptly:
diff --git a/aptly/server/mirror/ubuntu/trusty/mcp/apt_mk/mitaka.yml b/aptly/server/mirror/ubuntu/trusty/mcp/apt_mk/mitaka.yml
index 19e7a01..6ad0019 100644
--- a/aptly/server/mirror/ubuntu/trusty/mcp/apt_mk/mitaka.yml
+++ b/aptly/server/mirror/ubuntu/trusty/mcp/apt_mk/mitaka.yml
@@ -1,10 +1,10 @@
parameters:
_param:
apt_mk_version: stable
- mirror_mk_openstack_xenial_mitaka_source: http://apt-mk.mirantis.com/trusty/
+ mirror_mk_openstack_xenial_mitaka_source: http://apt.mirantis.com/trusty/
mirror_mk_openstack_xenial_mitaka_distribution: ${_param:apt_mk_version}
mirror_mk_openstack_xenial_mitaka_components: mitaka
- mirror_mk_openstack_xenial_mitaka_key_url: "http://apt-mk.mirantis.com/public.gpg"
+ mirror_mk_openstack_xenial_mitaka_key_url: "http://apt.mirantis.com/public.gpg"
mirror_mk_openstack_xenial_mitaka_gpgkeys:
- A76882D3
aptly:
diff --git a/aptly/server/mirror/ubuntu/trusty/mcp/apt_mk/oc31.yml b/aptly/server/mirror/ubuntu/trusty/mcp/apt_mk/oc31.yml
index 3617a1c..5678d34 100644
--- a/aptly/server/mirror/ubuntu/trusty/mcp/apt_mk/oc31.yml
+++ b/aptly/server/mirror/ubuntu/trusty/mcp/apt_mk/oc31.yml
@@ -1,10 +1,10 @@
parameters:
_param:
apt_mk_version: stable
- mirror_mcp_opencontrail_trusty_oc31_source: http://apt-mk.mirantis.com/trusty/
+ mirror_mcp_opencontrail_trusty_oc31_source: http://apt.mirantis.com/trusty/
mirror_mcp_opencontrail_trusty_oc31_distribution: ${_param:apt_mk_version}
mirror_mcp_opencontrail_trusty_oc31_components: oc31
- mirror_mcp_opencontrail_trusty_oc31_key_url: "http://apt-mk.mirantis.com/public.gpg"
+ mirror_mcp_opencontrail_trusty_oc31_key_url: "http://apt.mirantis.com/public.gpg"
mirror_mcp_opencontrail_trusty_oc31_gpgkeys:
- A76882D3
aptly:
diff --git a/aptly/server/mirror/ubuntu/trusty/mcp/apt_mk/oc311.yml b/aptly/server/mirror/ubuntu/trusty/mcp/apt_mk/oc311.yml
index 602751d..026abdc 100644
--- a/aptly/server/mirror/ubuntu/trusty/mcp/apt_mk/oc311.yml
+++ b/aptly/server/mirror/ubuntu/trusty/mcp/apt_mk/oc311.yml
@@ -1,10 +1,10 @@
parameters:
_param:
apt_mk_version: stable
- mirror_mcp_opencontrail_trusty_oc311_source: http://apt-mk.mirantis.com/trusty/
+ mirror_mcp_opencontrail_trusty_oc311_source: http://apt.mirantis.com/trusty/
mirror_mcp_opencontrail_trusty_oc311_distribution: ${_param:apt_mk_version}
mirror_mcp_opencontrail_trusty_oc311_components: oc311
- mirror_mcp_opencontrail_trusty_oc311_key_url: "http://apt-mk.mirantis.com/public.gpg"
+ mirror_mcp_opencontrail_trusty_oc311_key_url: "http://apt.mirantis.com/public.gpg"
mirror_mcp_opencontrail_trusty_oc311_gpgkeys:
- A76882D3
aptly:
diff --git a/aptly/server/mirror/ubuntu/trusty/mcp/apt_mk/oc32.yml b/aptly/server/mirror/ubuntu/trusty/mcp/apt_mk/oc32.yml
index 9b4a7c8..a9f388b 100644
--- a/aptly/server/mirror/ubuntu/trusty/mcp/apt_mk/oc32.yml
+++ b/aptly/server/mirror/ubuntu/trusty/mcp/apt_mk/oc32.yml
@@ -1,10 +1,10 @@
parameters:
_param:
apt_mk_version: stable
- mirror_mcp_opencontrail_trusty_oc32_source: http://apt-mk.mirantis.com/trusty/
+ mirror_mcp_opencontrail_trusty_oc32_source: http://apt.mirantis.com/trusty/
mirror_mcp_opencontrail_trusty_oc32_distribution: ${_param:apt_mk_version}
mirror_mcp_opencontrail_trusty_oc32_components: oc32
- mirror_mcp_opencontrail_trusty_oc32_key_url: "http://apt-mk.mirantis.com/public.gpg"
+ mirror_mcp_opencontrail_trusty_oc32_key_url: "http://apt.mirantis.com/public.gpg"
mirror_mcp_opencontrail_trusty_oc32_gpgkeys:
- A76882D3
aptly:
diff --git a/aptly/server/mirror/ubuntu/trusty/mcp/apt_mk/oc323.yml b/aptly/server/mirror/ubuntu/trusty/mcp/apt_mk/oc323.yml
index cf62aff..10b503e 100644
--- a/aptly/server/mirror/ubuntu/trusty/mcp/apt_mk/oc323.yml
+++ b/aptly/server/mirror/ubuntu/trusty/mcp/apt_mk/oc323.yml
@@ -1,10 +1,10 @@
parameters:
_param:
apt_mk_version: stable
- mirror_mcp_opencontrail_trusty_oc323_source: http://apt-mk.mirantis.com/trusty/
+ mirror_mcp_opencontrail_trusty_oc323_source: http://apt.mirantis.com/trusty/
mirror_mcp_opencontrail_trusty_oc323_distribution: ${_param:apt_mk_version}
mirror_mcp_opencontrail_trusty_oc323_components: oc323
- mirror_mcp_opencontrail_trusty_oc323_key_url: "http://apt-mk.mirantis.com/public.gpg"
+ mirror_mcp_opencontrail_trusty_oc323_key_url: "http://apt.mirantis.com/public.gpg"
mirror_mcp_opencontrail_trusty_oc323_gpgkeys:
- A76882D3
aptly:
diff --git a/aptly/server/mirror/ubuntu/trusty/mcp/apt_mk/salt.yml b/aptly/server/mirror/ubuntu/trusty/mcp/apt_mk/salt.yml
index 7b3b85d..5e06a4e 100644
--- a/aptly/server/mirror/ubuntu/trusty/mcp/apt_mk/salt.yml
+++ b/aptly/server/mirror/ubuntu/trusty/mcp/apt_mk/salt.yml
@@ -1,10 +1,10 @@
parameters:
_param:
apt_mk_version: stable
- mirror_mirantis_openstack_trusty_salt_source: http://apt-mk.mirantis.com/trusty/
+ mirror_mirantis_openstack_trusty_salt_source: http://apt.mirantis.com/trusty/
mirror_mirantis_openstack_trusty_salt_distribution: ${_param:apt_mk_version}
mirror_mirantis_openstack_trusty_salt_components: salt
- mirror_mirantis_openstack_trusty_salt_key_url: "http://apt-mk.mirantis.com/public.gpg"
+ mirror_mirantis_openstack_trusty_salt_key_url: "http://apt.mirantis.com/public.gpg"
mirror_mirantis_openstack_trusty_salt_gpgkeys:
- A76882D3
aptly:
diff --git a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/extra.yml b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/extra.yml
index fbdc0f9..1f2b7d8 100644
--- a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/extra.yml
+++ b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/extra.yml
@@ -1,10 +1,10 @@
parameters:
_param:
apt_mk_version: stable
- mirror_mirantis_openstack_xenial_extra_source: http://apt-mk.mirantis.com/xenial/
+ mirror_mirantis_openstack_xenial_extra_source: http://apt.mirantis.com/xenial/
mirror_mirantis_openstack_xenial_extra_distribution: ${_param:apt_mk_version}
mirror_mirantis_openstack_xenial_extra_components: extra
- mirror_mirantis_openstack_xenial_extra_key_url: "http://apt-mk.mirantis.com/public.gpg"
+ mirror_mirantis_openstack_xenial_extra_key_url: "http://apt.mirantis.com/public.gpg"
mirror_mirantis_openstack_xenial_extra_gpgkeys:
- A76882D3
aptly:
diff --git a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/oc31.yml b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/oc31.yml
index b7a8def..a2b64a0 100644
--- a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/oc31.yml
+++ b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/oc31.yml
@@ -1,10 +1,10 @@
parameters:
_param:
apt_mk_version: stable
- mirror_mcp_opencontrail_xenial_oc31_source: http://apt-mk.mirantis.com/xenial/
+ mirror_mcp_opencontrail_xenial_oc31_source: http://apt.mirantis.com/xenial/
mirror_mcp_opencontrail_xenial_oc31_distribution: ${_param:apt_mk_version}
mirror_mcp_opencontrail_xenial_oc31_components: oc31
- mirror_mcp_opencontrail_xenial_oc31_key_url: "http://apt-mk.mirantis.com/public.gpg"
+ mirror_mcp_opencontrail_xenial_oc31_key_url: "http://apt.mirantis.com/public.gpg"
mirror_mcp_opencontrail_xenial_oc31_gpgkeys:
- A76882D3
aptly:
diff --git a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/oc311.yml b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/oc311.yml
index bfbb099..c09a324 100644
--- a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/oc311.yml
+++ b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/oc311.yml
@@ -1,10 +1,10 @@
parameters:
_param:
apt_mk_version: stable
- mirror_mcp_opencontrail_xenial_oc311_source: http://apt-mk.mirantis.com/xenial/
+ mirror_mcp_opencontrail_xenial_oc311_source: http://apt.mirantis.com/xenial/
mirror_mcp_opencontrail_xenial_oc311_distribution: ${_param:apt_mk_version}
mirror_mcp_opencontrail_xenial_oc311_components: oc311
- mirror_mcp_opencontrail_xenial_oc311_key_url: "http://apt-mk.mirantis.com/public.gpg"
+ mirror_mcp_opencontrail_xenial_oc311_key_url: "http://apt.mirantis.com/public.gpg"
mirror_mcp_opencontrail_xenial_oc311_gpgkeys:
- A76882D3
aptly:
diff --git a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/oc32.yml b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/oc32.yml
index 012634b..95f33e8 100644
--- a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/oc32.yml
+++ b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/oc32.yml
@@ -1,10 +1,10 @@
parameters:
_param:
apt_mk_version: stable
- mirror_mcp_opencontrail_xenial_oc32_source: http://apt-mk.mirantis.com/xenial/
+ mirror_mcp_opencontrail_xenial_oc32_source: http://apt.mirantis.com/xenial/
mirror_mcp_opencontrail_xenial_oc32_distribution: ${_param:apt_mk_version}
mirror_mcp_opencontrail_xenial_oc32_components: oc32
- mirror_mcp_opencontrail_xenial_oc32_key_url: "http://apt-mk.mirantis.com/public.gpg"
+ mirror_mcp_opencontrail_xenial_oc32_key_url: "http://apt.mirantis.com/public.gpg"
mirror_mcp_opencontrail_xenial_oc32_gpgkeys:
- A76882D3
aptly:
diff --git a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/oc323.yml b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/oc323.yml
index 064ea75..deceada 100644
--- a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/oc323.yml
+++ b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/oc323.yml
@@ -1,10 +1,10 @@
parameters:
_param:
apt_mk_version: stable
- mirror_mcp_opencontrail_xenial_oc323_source: http://apt-mk.mirantis.com/xenial/
+ mirror_mcp_opencontrail_xenial_oc323_source: http://apt.mirantis.com/xenial/
mirror_mcp_opencontrail_xenial_oc323_distribution: ${_param:apt_mk_version}
mirror_mcp_opencontrail_xenial_oc323_components: oc323
- mirror_mcp_opencontrail_xenial_oc323_key_url: "http://apt-mk.mirantis.com/public.gpg"
+ mirror_mcp_opencontrail_xenial_oc323_key_url: "http://apt.mirantis.com/public.gpg"
mirror_mcp_opencontrail_xenial_oc323_gpgkeys:
- A76882D3
aptly:
diff --git a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/ocata.yml b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/ocata.yml
index 8282405..b42fdbe 100644
--- a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/ocata.yml
+++ b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/ocata.yml
@@ -1,10 +1,10 @@
parameters:
_param:
apt_mk_version: stable
- mirror_mk_openstack_xenial_ocata_source: http://apt-mk.mirantis.com/xenial/
+ mirror_mk_openstack_xenial_ocata_source: http://apt.mirantis.com/xenial/
mirror_mk_openstack_xenial_ocata_distribution: ${_param:apt_mk_version}
mirror_mk_openstack_xenial_ocata_components: ocata
- mirror_mk_openstack_xenial_ocata_key_url: "http://apt-mk.mirantis.com/public.gpg"
+ mirror_mk_openstack_xenial_ocata_key_url: "http://apt.mirantis.com/public.gpg"
mirror_mk_openstack_xenial_ocata_gpgkeys:
- A76882D3
aptly:
diff --git a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/salt.yml b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/salt.yml
index fd78f2c..8e872b7 100644
--- a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/salt.yml
+++ b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/salt.yml
@@ -1,10 +1,10 @@
parameters:
_param:
apt_mk_version: stable
- mirror_mirantis_openstack_xenial_salt_source: http://apt-mk.mirantis.com/xenial/
+ mirror_mirantis_openstack_xenial_salt_source: http://apt.mirantis.com/xenial/
mirror_mirantis_openstack_xenial_salt_distribution: ${_param:apt_mk_version}
mirror_mirantis_openstack_xenial_salt_components: salt
- mirror_mirantis_openstack_xenial_salt_key_url: "http://apt-mk.mirantis.com/public.gpg"
+ mirror_mirantis_openstack_xenial_salt_key_url: "http://apt.mirantis.com/public.gpg"
mirror_mirantis_openstack_xenial_salt_gpgkeys:
- A76882D3
aptly:
diff --git a/ceph/osd/cluster.yml b/ceph/osd/cluster.yml
index 9e98f91..31fa050 100644
--- a/ceph/osd/cluster.yml
+++ b/ceph/osd/cluster.yml
@@ -1,2 +1,8 @@
classes:
- service.ceph.osd.cluster
+parameters:
+ linux:
+ system:
+ kernel:
+ sysctl:
+ fs.aio-max-nr: 131072
diff --git a/ceph/rgw/cluster.yml b/ceph/rgw/cluster.yml
index fbee1fc..31aae9a 100644
--- a/ceph/rgw/cluster.yml
+++ b/ceph/rgw/cluster.yml
@@ -1,7 +1,5 @@
classes:
- system.haproxy.proxy.single
- system.haproxy.proxy.listen.radosgw
-- system.linux.system.repo.ceph
-- system.linux.system.repo.ubuntu
- service.keepalived.cluster.single
- service.ceph.radosgw.cluster
diff --git a/ceph/rgw/single.yml b/ceph/rgw/single.yml
index 4dba033..c140ec8 100644
--- a/ceph/rgw/single.yml
+++ b/ceph/rgw/single.yml
@@ -1,4 +1,2 @@
classes:
-- system.linux.system.repo.ceph
-- system.linux.system.repo.ubuntu
- service.ceph.radosgw.single
diff --git a/docker/host.yml b/docker/host.yml
index 7e5fb8c..c3cc808 100644
--- a/docker/host.yml
+++ b/docker/host.yml
@@ -10,3 +10,6 @@
insecure_registries:
- ${_param:cluster_vip_address}:5000
- ${_param:cluster_public_host}:5000
+ options:
+ ipv6: true
+ fixed-cidr-v6: fc00::/7
diff --git a/docker/swarm/stack/jenkins/master.yml b/docker/swarm/stack/jenkins/master.yml
index e974dee..1237fe3 100644
--- a/docker/swarm/stack/jenkins/master.yml
+++ b/docker/swarm/stack/jenkins/master.yml
@@ -2,7 +2,7 @@
- system.docker
parameters:
_param:
- docker_image_jenkins: tcpcloud/jenkins:2.83
+ docker_image_jenkins: tcpcloud/jenkins:2.89
jenkins_master_extra_opts: ""
jenkins_master_executors_num: 4
jenkins_master_max_concurent_requests: 40
diff --git a/docker/swarm/stack/pushkin.yml b/docker/swarm/stack/pushkin.yml
index a1fc0a8..d0a3bce 100644
--- a/docker/swarm/stack/pushkin.yml
+++ b/docker/swarm/stack/pushkin.yml
@@ -8,6 +8,7 @@
pushkin_ssl:
enabled: false
pushkin_db: pushkin
+ pushkin_db_host: ${_param:haproxy_postgresql_bind_host}
pushkin_smtp_host: smtp.gmail.com
pushkin_smtp_port: 587
webhook_from: your_sender@mail.com
@@ -30,7 +31,7 @@
POSTGRES_USER: ${_param:pushkin_db_user}
POSTGRES_PASSWORD: ${_param:pushkin_db_user_password}
POSTGRES_DB: ${_param:pushkin_db}
- PUSHKINDBHOST: ${_param:postgresql_bind_host}
+ PUSHKINDBHOST: ${_param:pushkin_db_host}
PUSHKINELASTICHOST: ${_param:pushkin_elasticsearch}
WEBHOOK_FROM: ${_param:webhook_from}
EMAIL_SENDER_PASSWORD: ${_param:pushkin_email_sender_password}
diff --git a/fluentd/label/default_output/file.yml b/fluentd/label/default_output/file.yml
new file mode 100644
index 0000000..5e0050d
--- /dev/null
+++ b/fluentd/label/default_output/file.yml
@@ -0,0 +1,27 @@
+parameters:
+ _param:
+ fluentd_default_output_file: /var/log/td-agent/default-all.log
+ fluentd:
+ config:
+ dollar: '$'
+ label:
+ default_output:
+ filter:
+ add_general_fields:
+ tag: "**"
+ type: record_transformer
+ enable_ruby: true
+ record:
+ - name: Type
+ value: log
+ - name: environment_label
+ value: ${_param:cluster_domain}
+ - name: Hostname
+ value: ${fluentd:config:dollar}{ hostname }
+ - name: Timestamp
+ value: ${fluentd:config:dollar}{ time.strftime('%Y-%m-%dT%H:%M:%S%z') }
+ match:
+ everything:
+ tag: '**'
+ type: 'file'
+ path: ${_param:fluentd_default_output_file}
diff --git a/jenkins/client/approved_scripts.yml b/jenkins/client/approved_scripts.yml
index daafadd..7d470b6 100644
--- a/jenkins/client/approved_scripts.yml
+++ b/jenkins/client/approved_scripts.yml
@@ -127,6 +127,7 @@
- staticMethod org.codehaus.groovy.runtime.ScriptBytecodeAdapter bitwiseNegate java.lang.Object
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods toBoolean java.lang.Boolean
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods getAt java.lang.Object java.lang.String
+ - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods multiply java.lang.String java.lang.Number
- method java.io.File listFiles
- method java.lang.String concat java.lang.String
- method org.jenkinsci.plugins.workflow.steps.FlowInterruptedException getCauses
diff --git a/jenkins/client/init.yml b/jenkins/client/init.yml
index 5e3f4a1..3eeac91 100644
--- a/jenkins/client/init.yml
+++ b/jenkins/client/init.yml
@@ -31,6 +31,7 @@
git: {}
heavy-job: {}
jobConfigHistory: {}
+ jira: {}
ldap: {}
matrix-auth: {}
monitoring: {}
diff --git a/jenkins/client/job/ceph/backend-migration.yml b/jenkins/client/job/ceph/backend-migration.yml
index e0dc091..a8736a2 100644
--- a/jenkins/client/job/ceph/backend-migration.yml
+++ b/jenkins/client/job/ceph/backend-migration.yml
@@ -43,6 +43,14 @@
type: boolean
default: 'true'
description: Wait for healthy during pipeline
+ PER_OSD_CONTROL:
+ type: boolean
+ default: 'true'
+ description: Set to true if Ceph status verification after every osd disk migration is desired
+ PER_OSD_HOST_CONTROL:
+ type: boolean
+ default: 'true'
+ description: Set to true if Ceph status verificaton after whole OSD host migration is desired
ORIGIN_BACKEND:
type: string
description: Ceph backend before migration
diff --git a/jenkins/client/job/ceph/upgrade.yml b/jenkins/client/job/ceph/upgrade.yml
index bf8e9e4..9b58f3b 100644
--- a/jenkins/client/job/ceph/upgrade.yml
+++ b/jenkins/client/job/ceph/upgrade.yml
@@ -64,3 +64,11 @@
type: boolean
default: 'true'
description: Set to True if Ceph client nodes upgrade is desired (includes for example ctl/cmp nodes)
+ STAGE_FINALIZE:
+ type: boolean
+ default: 'true'
+ description: Set to True if configs recommended for TARGET_RELEASE should be set after upgrade is done
+ BACKUP_ENABLED:
+ type: boolean
+ default: 'true'
+ description: Set to True if disks of Ceph VMs should be copied before upgrade
diff --git a/jenkins/client/job/debian/packages/salt.yml b/jenkins/client/job/debian/packages/salt.yml
index 2430724..74665e7 100644
--- a/jenkins/client/job/debian/packages/salt.yml
+++ b/jenkins/client/job/debian/packages/salt.yml
@@ -71,6 +71,9 @@
- name: docker
upload_source_package: false
dist: trusty
+ - name: dogtag
+ upload_source_package: false
+ dist: trusty
- name: dovecot
upload_source_package: false
dist: trusty
@@ -293,6 +296,9 @@
- name: telegraf
upload_source_package: false
dist: trusty
+ - name: tinyproxy
+ upload_source_package: false
+ dist: trusty
- name: tftpd-hpa
upload_source_package: false
dist: trusty
@@ -374,6 +380,9 @@
- name: docker
upload_source_package: true
dist: xenial
+ - name: dogtag
+ upload_source_package: true
+ dist: xenial
- name: dovecot
upload_source_package: true
dist: xenial
@@ -602,6 +611,9 @@
- name: telegraf
upload_source_package: true
dist: xenial
+ - name: tinyproxy
+ upload_source_package: true
+ dist: xenial
- name: tftpd-hpa
upload_source_package: true
dist: xenial
diff --git a/jenkins/client/job/deploy/update/upgrade.yml b/jenkins/client/job/deploy/update/upgrade.yml
index efbd153..415e0b4 100644
--- a/jenkins/client/job/deploy/update/upgrade.yml
+++ b/jenkins/client/job/deploy/update/upgrade.yml
@@ -35,3 +35,7 @@
type: boolean
default: 'true'
description: "Rollback if control upgrade fails"
+ SKIP_VM_RELAUNCH:
+ type: boolean
+ default: 'false'
+ description: "Set to true if vms should not be recreated"
diff --git a/jenkins/client/job/oscore/init.yml b/jenkins/client/job/oscore/init.yml
index 171ff6e..fc06d59 100644
--- a/jenkins/client/job/oscore/init.yml
+++ b/jenkins/client/job/oscore/init.yml
@@ -1,5 +1,6 @@
classes:
- system.jenkins.client.job.oscore.tests
+ - system.jenkins.client.job.oscore.qa
parameters:
jenkins:
client:
@@ -7,4 +8,4 @@
"OSCORE":
enabled: true
type: ListView
- include_regex: "^oscore-.*"
\ No newline at end of file
+ include_regex: "^oscore-.*"
diff --git a/jenkins/client/job/oscore/qa.yml b/jenkins/client/job/oscore/qa.yml
new file mode 100644
index 0000000..1fa2ab3
--- /dev/null
+++ b/jenkins/client/job/oscore/qa.yml
@@ -0,0 +1,48 @@
+parameters:
+ jenkins:
+ client:
+ job_template:
+ oscore-build-docker-image:
+ name: "{{job_prefix}}-{{oscore-qa-project}}-build-docker-image"
+ template:
+ discard:
+ build:
+ keep_num: 25
+ artifact:
+ keep_num: 25
+ type: workflow-scm
+ concurrent: true
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/openstack-ci/openstack-pipelines.git"
+ credentials: "gerrit"
+ branch: 'master'
+ script: build-docker-image-pipeline.groovy
+ trigger:
+ gerrit:
+ project:
+ mcp/{{oscore-qa-project}}:
+ branches:
+ - master
+ event:
+ change:
+ - merged
+ param:
+ GIT_URL:
+ type: string
+ default: "ssh://mcp-ci-gerrit@gerrit.mcp.mirantis.net:29418/mcp/{{oscore-qa-project}}"
+ GIT_REF:
+ type: string
+ default: "master"
+ GIT_CREDS_ID:
+ type: string
+ default: "mcp-ci-gerrit"
+ IMAGE_NAME:
+ type: string
+ default: "mirantis/oscore/{{oscore-qa-project}}"
+ IMAGE_TAG:
+ type: string
+ default: "latest"
+ DOCKER_REGISTRY:
+ type: string
+ default: "docker-prod-local.docker.mirantis.net"
diff --git a/jenkins/client/job/oscore/tests.yml b/jenkins/client/job/oscore/tests.yml
index 5e5f743..4844708 100644
--- a/jenkins/client/job/oscore/tests.yml
+++ b/jenkins/client/job/oscore/tests.yml
@@ -163,6 +163,9 @@
type: string
description: Job for results processing
default: "{{proc_results_job}}"
+ SLAVE_NODE:
+ type: string
+ default: 'python'
# salt
SALT_MASTER_CREDENTIALS:
type: string
diff --git a/jenkins/client/job/salt-formulas/git-mirrors/2way.yml b/jenkins/client/job/salt-formulas/git-mirrors/2way.yml
index 90a96a0..2de63a5 100644
--- a/jenkins/client/job/salt-formulas/git-mirrors/2way.yml
+++ b/jenkins/client/job/salt-formulas/git-mirrors/2way.yml
@@ -223,6 +223,8 @@
branches: ${_param:salt_formulas_branches}
- name: telegraf
branches: ${_param:salt_formulas_branches}
+ - name: tinyproxy
+ branches: ${_param:salt_formulas_branches}
- name: varnish
branches: ${_param:salt_formulas_branches}
- name: xtrabackup
diff --git a/jenkins/client/job/salt-formulas/tests.yml b/jenkins/client/job/salt-formulas/tests.yml
index 892ca76..3b3eb43 100644
--- a/jenkins/client/job/salt-formulas/tests.yml
+++ b/jenkins/client/job/salt-formulas/tests.yml
@@ -29,6 +29,7 @@
- name: dekapod
- name: devops-portal
- name: docker
+ - name: dogtag
- name: dovecot
- name: elasticsearch
- name: etcd
@@ -113,7 +114,9 @@
- name: supervisor
- name: swift
- name: taiga
+ - name: tinyproxy
- name: telegraf
+ - name: tinyproxy
- name: tftpd-hpa
- name: varnish
- name: xtrabackup
diff --git a/jenkins/client/job/salt-models/tests.yml b/jenkins/client/job/salt-models/tests.yml
index 1cc904d..0440b28 100644
--- a/jenkins/client/job/salt-models/tests.yml
+++ b/jenkins/client/job/salt-models/tests.yml
@@ -153,12 +153,18 @@
RECLASS_MODEL_BRANCH:
type: string
default: master
+ SYSTEM_GIT_URL:
+ type: string
+ default: ""
+ SYSTEM_GIT_REF:
+ type: string
+ default: ""
PARALLEL_NODE_GROUP_SIZE:
type: string
default: "1"
EXTRA_FORMULAS:
type: string
- default: "xtrabackup docker haproxy aptly keepalived gerrit jenkins openldap maas"
+ default: "xtrabackup docker haproxy aptly keepalived gerrit jenkins openldap maas backupninja"
job:
test-salt-model-node:
name: test-salt-model-node
diff --git a/jenkins/client/job/validate.yml b/jenkins/client/job/validate.yml
index 1c9aafc..6d3ecda 100644
--- a/jenkins/client/job/validate.yml
+++ b/jenkins/client/job/validate.yml
@@ -59,6 +59,22 @@
- smoke
- full
description: Set of Tempest tests to run
+ TEMPEST_CONFIG_REPO:
+ type: string
+ default: ""
+ description: Git repository with configuration files for Tempest
+ TEMPEST_CONFIG_BRANCH:
+ type: string
+ default: ""
+ description: Git branch which will be used during the checkout
+ TEMPEST_REPO:
+ type: string
+ default: ""
+ description: Git repository with Tempest
+ TEMPEST_VERSION:
+ type: string
+ default: ""
+ description: Version of Tempest (tag, branch or commit)
TEST_K8S_NODE:
type: string
default: ""
@@ -102,6 +118,14 @@
type: string
default: "m1.tiny"
description: Flavor name for Rally scenarios
+ RALLY_CONFIG_REPO:
+ type: string
+ default: ""
+ description: Git repository with configuration files for Rally
+ RALLY_CONFIG_BRANCH:
+ type: string
+ default: ""
+ description: Git branch which will be used during the checkout
AVAILABILITY_ZONE:
type: string
default: "nova"
diff --git a/kubernetes/control/init.yml b/kubernetes/control/init.yml
index 87aee26..6e5fb40 100644
--- a/kubernetes/control/init.yml
+++ b/kubernetes/control/init.yml
@@ -1,3 +1,2 @@
classes:
- service.kubernetes.control.cluster
- - system.linux.system.repo.docker_legacy
diff --git a/kubernetes/master/cluster.yml b/kubernetes/master/cluster.yml
index 4164267..f21f003 100644
--- a/kubernetes/master/cluster.yml
+++ b/kubernetes/master/cluster.yml
@@ -3,7 +3,6 @@
- service.keepalived.cluster.single
- service.haproxy.proxy.single
- system.haproxy.proxy.listen.kubernetes.apiserver
-- system.linux.system.repo.docker_legacy
parameters:
_param:
kubernetes_netchecker_agent_image: quay.io/l23network/k8s-netchecker-agent:v1.0
diff --git a/kubernetes/master/single.yml b/kubernetes/master/single.yml
index a546233..cc8d8ab 100644
--- a/kubernetes/master/single.yml
+++ b/kubernetes/master/single.yml
@@ -1,6 +1,5 @@
classes:
- service.kubernetes.master.single
-- system.linux.system.repo.docker_legacy
parameters:
_param:
kubernetes_netchecker_agent_image: quay.io/l23network/k8s-netchecker-agent:v1.0
diff --git a/kubernetes/pool/cluster.yml b/kubernetes/pool/cluster.yml
index 252a0b7..0f961a3 100644
--- a/kubernetes/pool/cluster.yml
+++ b/kubernetes/pool/cluster.yml
@@ -1,7 +1,6 @@
classes:
- service.kubernetes.pool.cluster
- service.docker.host
-- system.linux.system.repo.docker_legacy
parameters:
_param:
# component docker images
diff --git a/kubernetes/pool/single.yml b/kubernetes/pool/single.yml
index c2505bb..00f22b8 100644
--- a/kubernetes/pool/single.yml
+++ b/kubernetes/pool/single.yml
@@ -1,7 +1,6 @@
classes:
- service.kubernetes.pool.single
- service.docker.host
-- system.linux.system.repo.docker_legacy
parameters:
_param:
# component docker images
diff --git a/linux/system/repo/fluentd.yml b/linux/system/repo/fluentd.yml
new file mode 100644
index 0000000..bec4794
--- /dev/null
+++ b/linux/system/repo/fluentd.yml
@@ -0,0 +1,8 @@
+parameters:
+ linux:
+ system:
+ repo:
+ fluentd3:
+ source: "deb [arch=amd64] http://packages.treasuredata.com/3/ubuntu/${_param:linux_system_codename} ${_param:linux_system_codename} contrib"
+ architectures: amd64
+ key_url: "http://packages.treasuredata.com/GPG-KEY-td-agent"
\ No newline at end of file
diff --git a/linux/system/repo/mcp/contrail.yml b/linux/system/repo/mcp/contrail.yml
index 8dad590..85e66ae 100644
--- a/linux/system/repo/mcp/contrail.yml
+++ b/linux/system/repo/mcp/contrail.yml
@@ -7,9 +7,9 @@
system:
repo:
mcp_opencontrail:
- source: "deb [arch=amd64] http://apt-mk.mirantis.com/${_param:linux_system_codename}/ ${_param:linux_system_repo_mcp_contrail_version} ${_param:linux_repo_contrail_component} extra"
+ source: "deb [arch=amd64] http://apt.mirantis.com/${_param:linux_system_codename}/ ${_param:linux_system_repo_mcp_contrail_version} ${_param:linux_repo_contrail_component} extra"
architectures: amd64
- key_url: "http://apt-mk.mirantis.com/public.gpg"
+ key_url: "http://apt.mirantis.com/public.gpg"
pin:
- pin: 'release a=${_param:linux_system_repo_mcp_contrail_version}'
priority: 1100
diff --git a/linux/system/repo/mcp/extra.yml b/linux/system/repo/mcp/extra.yml
index 826969b..9839a23 100644
--- a/linux/system/repo/mcp/extra.yml
+++ b/linux/system/repo/mcp/extra.yml
@@ -6,9 +6,9 @@
system:
repo:
mcp_extra:
- source: "deb [arch=amd64] http://apt-mk.mirantis.com/${_param:linux_system_codename}/ ${_param:linux_system_repo_mcp_extra_version} extra"
+ source: "deb [arch=amd64] http://apt.mirantis.com/${_param:linux_system_codename}/ ${_param:linux_system_repo_mcp_extra_version} extra"
architectures: amd64
- key_url: "http://apt-mk.mirantis.com/public.gpg"
+ key_url: "http://apt.mirantis.com/public.gpg"
clean_file: true
pin:
- pin: 'release a=${_param:linux_system_repo_mcp_extra_version}'
diff --git a/linux/system/repo/mcp/openstack.yml b/linux/system/repo/mcp/openstack.yml
index 2235b2c..baa363a 100644
--- a/linux/system/repo/mcp/openstack.yml
+++ b/linux/system/repo/mcp/openstack.yml
@@ -13,42 +13,10 @@
- pin: 'release a=${_param:openstack_version}'
priority: 1100
package: '*'
- mirantis_openstack_hotfix:
- source: "deb http://mirror.fuel-infra.org/mcp-repos/${_param:openstack_version}/${_param:linux_system_codename} ${_param:openstack_version}-hotfix main"
- architectures: amd64
- key_url: "http://mirror.fuel-infra.org/mcp-repos/${_param:openstack_version}/${_param:linux_system_codename}/archive-mcp${_param:openstack_version}.key"
- pin:
- - pin: 'release a=${_param:openstack_version}-hotfix'
- priority: 1100
- package: '*'
- mirantis_openstack_security:
- source: "deb http://mirror.fuel-infra.org/mcp-repos/${_param:openstack_version}/${_param:linux_system_codename} ${_param:openstack_version}-security main"
- architectures: amd64
- key_url: "http://mirror.fuel-infra.org/mcp-repos/${_param:openstack_version}/${_param:linux_system_codename}/archive-mcp${_param:openstack_version}.key"
- pin:
- - pin: 'release a=${_param:openstack_version}-security'
- priority: 1100
- package: '*'
- mirantis_openstack_updates:
- source: "deb http://mirror.fuel-infra.org/mcp-repos/${_param:openstack_version}/${_param:linux_system_codename} ${_param:openstack_version}-updates main"
- architectures: amd64
- key_url: "http://mirror.fuel-infra.org/mcp-repos/${_param:openstack_version}/${_param:linux_system_codename}/archive-mcp${_param:openstack_version}.key"
- pin:
- - pin: 'release a=${_param:openstack_version}-updates'
- priority: 1100
- package: '*'
- mirantis_openstack_holdback:
- source: "deb http://mirror.fuel-infra.org/mcp-repos/${_param:openstack_version}/${_param:linux_system_codename} ${_param:openstack_version}-holdback main"
- architectures: amd64
- key_url: "http://mirror.fuel-infra.org/mcp-repos/${_param:openstack_version}/${_param:linux_system_codename}/archive-mcp${_param:openstack_version}.key"
- pin:
- - pin: 'release a=${_param:openstack_version}-holdback'
- priority: 1100
- package: '*'
mk_openstack:
- source: "deb [arch=amd64] http://apt-mk.mirantis.com/${_param:linux_system_codename}/ ${_param:linux_system_repo_mk_openstack_version} ${_param:openstack_version}"
+ source: "deb [arch=amd64] http://apt.mirantis.com/${_param:linux_system_codename}/ ${_param:linux_system_repo_mk_openstack_version} ${_param:openstack_version}"
architectures: amd64
- key_url: "http://apt-mk.mirantis.com/public.gpg"
+ key_url: "http://apt.mirantis.com/public.gpg"
pin:
- pin: 'release a=${_param:linux_system_repo_mk_openstack_version}'
priority: 1100
diff --git a/linux/system/repo/mcp/salt/init.yml b/linux/system/repo/mcp/salt/init.yml
index 6d79919..61a2d2e 100644
--- a/linux/system/repo/mcp/salt/init.yml
+++ b/linux/system/repo/mcp/salt/init.yml
@@ -6,9 +6,9 @@
system:
repo:
mcp_salt:
- source: "deb [arch=amd64] http://apt-mk.mirantis.com/${_param:linux_system_codename}/ ${_param:linux_system_repo_mcp_salt_version} salt"
+ source: "deb [arch=amd64] http://apt.mirantis.com/${_param:linux_system_codename}/ ${_param:linux_system_repo_mcp_salt_version} salt"
architectures: amd64
- key_url: "http://apt-mk.mirantis.com/public.gpg"
+ key_url: "http://apt.mirantis.com/public.gpg"
clean_file: true
pin:
- pin: 'release a=${_param:linux_system_repo_mcp_salt_version}'
diff --git a/linux/system/repo/mcp/salt/unstable.yml b/linux/system/repo/mcp/salt/unstable.yml
index b0b992e..8350413 100644
--- a/linux/system/repo/mcp/salt/unstable.yml
+++ b/linux/system/repo/mcp/salt/unstable.yml
@@ -7,9 +7,9 @@
system:
repo:
mcp_salt_unstable:
- source: "deb [arch=amd64] http://apt-mk.mirantis.com/${_param:linux_system_codename}/ ${_param:linux_system_repo_mcp_salt_unstable_version} salt"
+ source: "deb [arch=amd64] http://apt.mirantis.com/${_param:linux_system_codename}/ ${_param:linux_system_repo_mcp_salt_unstable_version} salt"
architectures: amd64
- key_url: "http://apt-mk.mirantis.com/public.gpg"
+ key_url: "http://apt.mirantis.com/public.gpg"
clean_file: true
pin:
- pin: 'release a=${_param:linux_system_repo_mcp_salt_unstable_version}'
diff --git a/linux/system/repo/saltstack/rhel.yml b/linux/system/repo/saltstack/rhel.yml
index b0f28f3..ba045c5 100644
--- a/linux/system/repo/saltstack/rhel.yml
+++ b/linux/system/repo/saltstack/rhel.yml
@@ -6,9 +6,11 @@
linux:
system:
repo:
- salt:
+ saltstack:
humanname: "SaltStack repo for RHEL/CentOS ${rhel_repo_releasever}"
source: "https://repo.saltstack.com/yum/redhat/${_param:rhel_releasever}/${_param:rhel_basearch}/${_param:salt_version}"
gpgkey: "https://repo.saltstack.com/yum/redhat/${_param:rhel_releasever}/${_param:rhel_basearch}/${_param:salt_version}/SALTSTACK-GPG-KEY.pub"
gpgcheck: true
architectures: amd64
+ salt:
+ enabled: false
diff --git a/linux/system/repo/saltstack/trusty.yml b/linux/system/repo/saltstack/trusty.yml
index 68ce215..a4bde9a 100644
--- a/linux/system/repo/saltstack/trusty.yml
+++ b/linux/system/repo/saltstack/trusty.yml
@@ -4,7 +4,9 @@
linux:
system:
repo:
- salt:
+ saltstack:
source: "deb http://repo.saltstack.com/apt/ubuntu/14.04/amd64/${_param:salt_version} trusty main"
architectures: amd64
- key_url: "http://repo.saltstack.com/apt/ubuntu/14.04/amd64/${_param:salt_version}/SALTSTACK-GPG-KEY.pub"
\ No newline at end of file
+ key_url: "http://repo.saltstack.com/apt/ubuntu/14.04/amd64/${_param:salt_version}/SALTSTACK-GPG-KEY.pub"
+ salt:
+ enabled: false
diff --git a/linux/system/repo/saltstack/xenial.yml b/linux/system/repo/saltstack/xenial.yml
index aca462a..e63ff41 100644
--- a/linux/system/repo/saltstack/xenial.yml
+++ b/linux/system/repo/saltstack/xenial.yml
@@ -4,7 +4,9 @@
linux:
system:
repo:
- salt:
+ saltstack:
source: "deb http://repo.saltstack.com/apt/ubuntu/16.04/amd64/${_param:salt_version} xenial main"
architectures: amd64
- key_url: "http://repo.saltstack.com/apt/ubuntu/16.04/amd64/${_param:salt_version}/SALTSTACK-GPG-KEY.pub"
\ No newline at end of file
+ key_url: "http://repo.saltstack.com/apt/ubuntu/16.04/amd64/${_param:salt_version}/SALTSTACK-GPG-KEY.pub"
+ salt:
+ enabled: false
diff --git a/linux/system/repo/saltstack_2016_3_trusty.yml b/linux/system/repo/saltstack_2016_3_trusty.yml
index c7e03d7..d968734 100644
--- a/linux/system/repo/saltstack_2016_3_trusty.yml
+++ b/linux/system/repo/saltstack_2016_3_trusty.yml
@@ -3,6 +3,8 @@
linux:
system:
repo:
- salt:
+ saltstack:
source: "deb http://repo.saltstack.com/apt/ubuntu/14.04/amd64/2016.3 trusty main"
- key_url: "http://repo.saltstack.com/apt/ubuntu/14.04/amd64/2016.3/SALTSTACK-GPG-KEY.pub"
\ No newline at end of file
+ key_url: "http://repo.saltstack.com/apt/ubuntu/14.04/amd64/2016.3/SALTSTACK-GPG-KEY.pub"
+ salt:
+ enabled: false
diff --git a/linux/system/repo/saltstack_2016_3_xenial.yml b/linux/system/repo/saltstack_2016_3_xenial.yml
index 413294f..ee2189a 100644
--- a/linux/system/repo/saltstack_2016_3_xenial.yml
+++ b/linux/system/repo/saltstack_2016_3_xenial.yml
@@ -3,6 +3,8 @@
linux:
system:
repo:
- salt:
+ saltstack:
source: "deb http://repo.saltstack.com/apt/ubuntu/16.04/amd64/2016.3 xenial main"
- key_url: "http://repo.saltstack.com/apt/ubuntu/16.04/amd64/2016.3/SALTSTACK-GPG-KEY.pub"
\ No newline at end of file
+ key_url: "http://repo.saltstack.com/apt/ubuntu/16.04/amd64/2016.3/SALTSTACK-GPG-KEY.pub"
+ salt:
+ enabled: false
diff --git a/linux/system/repo_local/mcp/openstack.yml b/linux/system/repo_local/mcp/openstack.yml
index 83bb29b..a25cc57 100644
--- a/linux/system/repo_local/mcp/openstack.yml
+++ b/linux/system/repo_local/mcp/openstack.yml
@@ -10,36 +10,3 @@
- pin: 'release a=${_param:openstack_version}'
priority: 1100
package: '*'
- mirantis_openstack_hotfix:
- source: "deb [arch=amd64] http://${_param:local_repo_url}/ubuntu-${_param:linux_system_codename}/ ${_param:openstack_version}-hotfix main"
- architectures: amd64
- key_url: "http://${_param:local_repo_url}/public.gpg"
- pin:
- - pin: 'release a=${_param:openstack_version}-hotfix'
- priority: 1100
- package: '*'
- mirantis_openstack_security:
- source: "deb [arch=amd64] http://${_param:local_repo_url}/ubuntu-${_param:linux_system_codename}/ ${_param:openstack_version}-security main"
- architectures: amd64
- key_url: "http://${_param:local_repo_url}/public.gpg"
- pin:
- - pin: 'release a=${_param:openstack_version}-security'
- priority: 1100
- package: '*'
- mirantis_openstack_updates:
- source: "deb [arch=amd64] http://${_param:local_repo_url}/ubuntu-${_param:linux_system_codename}/ ${_param:openstack_version}-updates main"
- architectures: amd64
- key_url: "http://${_param:local_repo_url}/public.gpg"
- pin:
- - pin: 'release a=${_param:openstack_version}-updates'
- priority: 1100
- package: '*'
- mirantis_openstack_holdback:
- refresh_db: ${_param:linux_repo_refresh_db}
- source: "deb [arch=amd64] http://${_param:local_repo_url}/ubuntu-${_param:linux_system_codename}/ ${_param:openstack_version}-holdback main"
- architectures: amd64
- key_url: "http://${_param:local_repo_url}/public.gpg"
- pin:
- - pin: 'release a=${_param:openstack_version}-holdback'
- priority: 1100
- package: '*'
diff --git a/nginx/server/proxy/graphite_web.yml b/nginx/server/proxy/graphite_web.yml
index 02035cd..2f3e1e8 100644
--- a/nginx/server/proxy/graphite_web.yml
+++ b/nginx/server/proxy/graphite_web.yml
@@ -8,7 +8,7 @@
type: nginx_proxy
name: graphite
proxy:
- host: mon
+ host: ${_param:stacklight_monitor_hostname}
port: 80
protocol: http
host:
diff --git a/nginx/server/proxy/infra/sphinx.yml b/nginx/server/proxy/infra/sphinx.yml
index 5f733ac..b7bbfc1 100644
--- a/nginx/server/proxy/infra/sphinx.yml
+++ b/nginx/server/proxy/infra/sphinx.yml
@@ -8,7 +8,7 @@
type: nginx_proxy
name: sphinx
proxy:
- host: prx
+ host: ${_param:openstack_proxy_hostname}
port: 8090
protocol: http
host:
diff --git a/nginx/server/proxy/openstack_api.yml b/nginx/server/proxy/openstack_api.yml
index 2b84993..4b0b3f4 100644
--- a/nginx/server/proxy/openstack_api.yml
+++ b/nginx/server/proxy/openstack_api.yml
@@ -88,7 +88,7 @@
nginx_proxy_openstack_api_heat_cloudwatch:
enabled: true
type: nginx_proxy
- name: openstack_api_heat_cfn
+ name: openstack_api_heat_cloudwatch
proxy:
host: ${_param:heat_service_host}
port: 8003
@@ -100,7 +100,7 @@
nginx_proxy_openstack_api_heat_cfn:
enabled: true
type: nginx_proxy
- name: openstack_api_heat_cloudwatch
+ name: openstack_api_heat_cfn
proxy:
host: ${_param:heat_service_host}
port: 8000
diff --git a/nginx/server/proxy/sensu_web.yml b/nginx/server/proxy/sensu_web.yml
index e06120d..c250a49 100644
--- a/nginx/server/proxy/sensu_web.yml
+++ b/nginx/server/proxy/sensu_web.yml
@@ -8,7 +8,7 @@
type: nginx_proxy
name: sensu
proxy:
- host: mon
+ host: ${_param:stacklight_monitor_hostname}
port: 3000
protocol: http
host:
diff --git a/nginx/server/proxy/sphinx_web.yml b/nginx/server/proxy/sphinx_web.yml
index 5f733ac..b7bbfc1 100644
--- a/nginx/server/proxy/sphinx_web.yml
+++ b/nginx/server/proxy/sphinx_web.yml
@@ -8,7 +8,7 @@
type: nginx_proxy
name: sphinx
proxy:
- host: prx
+ host: ${_param:openstack_proxy_hostname}
port: 8090
protocol: http
host:
diff --git a/nova/compute/cluster.yml b/nova/compute/cluster.yml
index 5d0e6a1..e8b29cc 100644
--- a/nova/compute/cluster.yml
+++ b/nova/compute/cluster.yml
@@ -1,5 +1,6 @@
classes:
- service.nova.compute.kvm
+- service.iptables.server
parameters:
_param:
nova_vncproxy_url: https://${_param:cluster_public_host}:6080
@@ -94,3 +95,15 @@
public_key: ${_param:nova_compute_ssh_public}
private_key: ${_param:nova_compute_ssh_private}
my_ip: ${_param:single_address}
+ libvirt:
+ uri: qemu+unix:///system?socket=/var/run/libvirt/libvirt-sock
+ iptables:
+ service:
+ enabled: true
+ chain:
+ INPUT:
+ rules:
+ # deny any connections to libvirt port
+ - destination_port: 16509
+ protocol: tcp
+ jump: DROP
\ No newline at end of file
diff --git a/nova/compute/single.yml b/nova/compute/single.yml
index b915145..d5126df 100644
--- a/nova/compute/single.yml
+++ b/nova/compute/single.yml
@@ -2,6 +2,7 @@
- nova
classes:
- service.nova.compute.kvm
+- service.iptables.server
parameters:
_param:
nova_vncproxy_url: https://${_param:cluster_public_host}:6080
@@ -90,3 +91,15 @@
public_key: ${_param:nova_compute_ssh_public}
private_key: ${_param:nova_compute_ssh_private}
my_ip: ${_param:single_address}
+ libvirt:
+ uri: qemu+unix:///system?socket=/var/run/libvirt/libvirt-sock
+ iptables:
+ service:
+ enabled: true
+ chain:
+ INPUT:
+ rules:
+ # deny any connections to libvirt port
+ - destination_port: 16509
+ protocol: tcp
+ jump: DROP
\ No newline at end of file
diff --git a/openssh/server/team/members/crh.yml b/openssh/server/team/members/crh.yml
new file mode 100644
index 0000000..8179415
--- /dev/null
+++ b/openssh/server/team/members/crh.yml
@@ -0,0 +1,20 @@
+parameters:
+ linux:
+ system:
+ user:
+ crh:
+ enabled: true
+ name: crh
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: Christian Huebner
+ home: /home/crh
+ email: chuebner@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ crh:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDjW4PSMoILjoZWDM8RnbiW6HXHBFntnDd6jgAlokJhTpYIjzUHpoh/OqphraKbNFnPbzL2nkIbaKZqKj+uuvbsitHnApmdFgSpOmBRGeaSExA30GqweYrIMKN5JAQTbONZWLSm+LD689CXRv2s6Th/YMELYfoi2W0pkvwiBdr+/0NxpdRvJydCn36SE6wOigu4uJXIXeNqIjTD+x4sW6GB54Ugbg+SMmI9D5ONlmfEj8K/ZmG1THdPGOLlquy/VLiuOBuwNoJCBV9shsGEmdg8NiOu8NPupQlsbmClZDbBAklJ0AF6ElAwKSiqCOhbaa7hu4qJFrCKC+XAgYxS9t7r
+ user: ${linux:system:user:crh}
diff --git a/openssh/server/team/stacklight.yml b/openssh/server/team/stacklight.yml
index 403e7e1..e1f09f3 100644
--- a/openssh/server/team/stacklight.yml
+++ b/openssh/server/team/stacklight.yml
@@ -102,6 +102,13 @@
full_name: Szymon Banka
home: /home/sbanka
email: sbanka@mirantis.com
+ crh:
+ enabled: true
+ name: crh
+ sudo: true
+ full_name: Christian Huebner
+ home: /home/crh
+ email: chuebner@mirantis.com
openssh:
client:
enabled: true
@@ -178,6 +185,11 @@
public_keys:
- ${public_keys:sbanka}
user: ${linux:system:user:sbanka}
+ crh:
+ enabled: true
+ public_keys:
+ - ${public_keys:crh}
+ user: ${linux:system:user:crh}
public_keys:
newt:
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC3odU+3V2uDA2ptAFL9hrJRPNEEdAyztWOZFQ5Oyd9oerTGOU3p4xmrgWWjfKFKbYGhiiIUcYAol5PkTfKukGEkkjCHYA1t023soCaaAj85wCZCnw2zQNAziwxTYmAzTqgxiSvtZNMMrtJvFHRIRDzJ3M1lV0prWNWkMM1/3FAd4W49y6VT3fkMCo8uqG7CfGdgR2DgBCxf9KaNPfW5eDEPOgmE5lK8tVSEI6T+Cg7hbcTf4lFYnlFBnlQgp/0JstsM4Vbwb4B34LOpOsf2S8rrWk2xQMjwaMHXkc2s/E8iW3F5nVFuyEXYISFQIiAHw8dzC6CHgLcyHUVWwznKawZ newt@newt-dev1
@@ -207,3 +219,5 @@
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC/UtqwBD6qkEoWSrmO0jXa9sUcwumySxmkX2XCTlAj+e8tzCNndNhaUueu01pbcNrGrB7xvCHyTa5cxgJEv0RAJRxZnObTjluegiuW+/KNSGwiSDy90bwPVb6zWalrDg12xGh8C0ybmv90uC+GrGO1UXFpm5N1qL3ZsUvSjWBRZ70xXjUI4self+fWxBYJhu7hGZ0RVCeA8TjRutzdOWcSZwN2Arn2Oq+fx9n5HP8iXlPcfM6aWj+QvkXphvKjUhDYiImQ07kJctYvxEwMei5pM1dAPZefQ6FRsUP1gKYKPVp1CiBHPIKLG3LMwxp0/LWQmHB4umZvA6HYplSUXZLMd+FhCRuocVFdxe308JWeIFWyw7og/qEBlpxqW4BUk0bR3c4deI9QDKWCuuunTDB4oEB8ZnkI7utknpx7sqO72Ev2UNS/CSi3yyqgOajojQ3l+McWn9bm08KSLzuuMaexETRYQ9dgjE79N7fH+DEt5Ryii+GA2a8Gl3iRtTZs9WA94mTb/KjZBrVxh+PixpQ6s3oGFelFCPMKSPWIEb+rwuAUi0Ulrqb2UZDzJYhT50QfbCzRN2MU+8bR7PJt/xpAADvQX0iMMrMUvAVngs2YrXKapJliyHhTZxOmVdDRIyCQ1YpK2ktBJf+E+RXl3R5XUmbJkT4jZ1R6cA1QJOEKVQ== nzaporozhets@mirantis.com
sbanka:
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMdgjQ/jeWwQTaPyy7G5JJAkM+QPNPFkzMldPHJzOxEBzt/M5zAooj0XgbRIDIztolhXhmj8N5QSG5n3Wn9T9e2KpoxrLaVhMV5WGTgMrXMmyT8oXLV3gLxGNHMWFvplSbHLK78EsZQQ1/kBQMyPXB1+FpIuSHVOxaospOQObJ08lvQfvlO7AUUV4ecpFj3PpV5vkKPRS+KfiRm84BeGIu51BL1BClZcOyHZPBQT+DUBjm8y4Nd7pVZRjsiBzZBvUotCbn5+RqWJnu4kyoGoRNmk8pvCx7jGL1G9rE8NNsKlCUWedvyNkDeoWKvleJuzkj3ggfuCj/iTtDoXFR95e3
+ crh:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDjW4PSMoILjoZWDM8RnbiW6HXHBFntnDd6jgAlokJhTpYIjzUHpoh/OqphraKbNFnPbzL2nkIbaKZqKj+uuvbsitHnApmdFgSpOmBRGeaSExA30GqweYrIMKN5JAQTbONZWLSm+LD689CXRv2s6Th/YMELYfoi2W0pkvwiBdr+/0NxpdRvJydCn36SE6wOigu4uJXIXeNqIjTD+x4sW6GB54Ugbg+SMmI9D5ONlmfEj8K/ZmG1THdPGOLlquy/VLiuOBuwNoJCBV9shsGEmdg8NiOu8NPupQlsbmClZDbBAklJ0AF6ElAwKSiqCOhbaa7hu4qJFrCKC+XAgYxS9t7r
diff --git a/prometheus/alertmanager/notification/pushkin.yml b/prometheus/alertmanager/notification/pushkin.yml
index 905a292..9d27a8b 100644
--- a/prometheus/alertmanager/notification/pushkin.yml
+++ b/prometheus/alertmanager/notification/pushkin.yml
@@ -18,5 +18,5 @@
enabled: true
webhook_configs:
pushkin-vip:
- url: "${_param:alertmanager_notification_pushkin_host}:${_param:alertmanager_notification_pushkin_port}/webhook?app=stacklight"
+ url: "http://${_param:alertmanager_notification_pushkin_host}:${_param:alertmanager_notification_pushkin_port}/webhook?app=stacklight"
send_resolved: true
diff --git a/salt/control/cluster/infra_idm_cluster.yml b/salt/control/cluster/infra_idm_cluster.yml
index 3db87a2..ff135a1 100644
--- a/salt/control/cluster/infra_idm_cluster.yml
+++ b/salt/control/cluster/infra_idm_cluster.yml
@@ -13,14 +13,17 @@
engine: virt
node:
idm01:
+ name: ${_param:infra_idm_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_centos7_image}
size: infra.idm
idm02:
+ name: ${_param:infra_idm_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_centos7_image}
size: infra.idm
idm03:
+ name: ${_param:infra_idm_node03_hostname}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_centos7_image}
size: infra.idm
diff --git a/salt/control/cluster/openstack_baremetal_cluster.yml b/salt/control/cluster/openstack_baremetal_cluster.yml
index 609be28..4dd62e4 100644
--- a/salt/control/cluster/openstack_baremetal_cluster.yml
+++ b/salt/control/cluster/openstack_baremetal_cluster.yml
@@ -13,14 +13,17 @@
engine: virt
node:
bmt01:
+ name: ${_param:openstack_baremetal_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
size: openstack.baremetal
bmt02:
+ name: ${_param:openstack_baremetal_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
size: openstack.baremetal
bmt03:
+ name: ${_param:openstack_baremetal_node03_hostname}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
size: openstack.baremetal
diff --git a/salt/control/cluster/openstack_baremetal_single.yml b/salt/control/cluster/openstack_baremetal_single.yml
index 5ff00f5..f0aa319 100644
--- a/salt/control/cluster/openstack_baremetal_single.yml
+++ b/salt/control/cluster/openstack_baremetal_single.yml
@@ -13,6 +13,7 @@
engine: virt
node:
bmt01:
+ name: ${_param:openstack_baremetal_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
size: openstack.baremetal
diff --git a/salt/control/cluster/openstack_benchmark_single.yml b/salt/control/cluster/openstack_benchmark_single.yml
index 0677320..ea10fc3 100644
--- a/salt/control/cluster/openstack_benchmark_single.yml
+++ b/salt/control/cluster/openstack_benchmark_single.yml
@@ -13,6 +13,7 @@
engine: virt
node:
bmk01:
+ name: ${_param:openstack_benchmark_node01_hostname}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_trusty_image}
size: openstack.benchmark
diff --git a/salt/control/cluster/openstack_dns_cluster.yml b/salt/control/cluster/openstack_dns_cluster.yml
index 71af5c1..7f1dbb8 100644
--- a/salt/control/cluster/openstack_dns_cluster.yml
+++ b/salt/control/cluster/openstack_dns_cluster.yml
@@ -13,10 +13,12 @@
engine: virt
node:
dns01:
+ name: ${_param:openstack_dns_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
size: openstack.dns
dns02:
+ name: ${_param:openstack_dns_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
size: openstack.dns
diff --git a/salt/control/cluster/openstack_gateway_cluster.yml b/salt/control/cluster/openstack_gateway_cluster.yml
index efc7215..1a7e06b 100644
--- a/salt/control/cluster/openstack_gateway_cluster.yml
+++ b/salt/control/cluster/openstack_gateway_cluster.yml
@@ -13,14 +13,17 @@
engine: virt
node:
gtw01:
+ name: ${_param:openstack_gateway_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
size: openstack.gateway
gtw02:
+ name: ${_param:openstack_gateway_node02_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
size: openstack.gateway
gtw03:
+ name: ${_param:openstack_gateway_node03_hostname}
provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
size: openstack.gateway
diff --git a/salt/control/cluster/openstack_gateway_single.yml b/salt/control/cluster/openstack_gateway_single.yml
index e10d1b2..801ee0c 100644
--- a/salt/control/cluster/openstack_gateway_single.yml
+++ b/salt/control/cluster/openstack_gateway_single.yml
@@ -13,6 +13,7 @@
engine: virt
node:
gtw01:
+ name: ${_param:openstack_gateway_node01_hostname}
provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
size: openstack.gateway
diff --git a/salt/control/cluster/rsyslog_single.yml b/salt/control/cluster/rsyslog_single.yml
index 76cc77f..72e6c86 100644
--- a/salt/control/cluster/rsyslog_single.yml
+++ b/salt/control/cluster/rsyslog_single.yml
@@ -13,6 +13,7 @@
engine: virt
node:
rsl01:
+ name: ${_param:rsyslog_node01_hostname}
provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain}
image: ${_param:salt_control_xenial_image}
size: infra.rsyslog
diff --git a/salt/master/formula/pkg/foundation.yml b/salt/master/formula/pkg/foundation.yml
index 3111419..5d530d4 100644
--- a/salt/master/formula/pkg/foundation.yml
+++ b/salt/master/formula/pkg/foundation.yml
@@ -34,3 +34,6 @@
lldp:
source: pkg
name: salt-formula-lldp
+ tinyproxy:
+ source: pkg
+ name: salt-formula-tinyproxy
diff --git a/salt/minion/cert/etcd_server_single.yml b/salt/minion/cert/etcd_server_single.yml
index f9fc585..d333fb8 100644
--- a/salt/minion/cert/etcd_server_single.yml
+++ b/salt/minion/cert/etcd_server_single.yml
@@ -7,7 +7,7 @@
authority: ${_param:salt_minion_ca_authority}
common_name: ${linux:system:name}
signing_policy: cert_open
- alternative_names: IP:127.0.0.1,DNS:${linux:system:name},DNS:${linux:network:fqdn}
+ alternative_names: IP:127.0.0.1,IP:${_param:cluster_local_address},DNS:${linux:system:name},DNS:${linux:network:fqdn}
extended_key_usage: serverAuth,clientAuth
key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
key_file: /var/lib/etcd/etcd-server.key