Merge "Add auditd formula to the salt/master/pkg"
diff --git a/.releasenotes/notes/kqueen-port-change-8b34593966336e27.yaml b/.releasenotes/notes/kqueen-port-change-8b34593966336e27.yaml
new file mode 100644
index 0000000..1021b5e
--- /dev/null
+++ b/.releasenotes/notes/kqueen-port-change-8b34593966336e27.yaml
@@ -0,0 +1,14 @@
+---
+
+summary: >
+ Changed default port for KQueen API service.
+
+upgrades:
+
+ .. code-block:: yaml
+
+ - haproxy_kqueen_api_exposed_port: 15000
+ + haproxy_kqueen_api_exposed_port: 15001
+
+fixes:
+ - https://mirantis.jira.com/browse/PROD-19571
diff --git a/docker/swarm/stack/kqueen.yml b/docker/swarm/stack/kqueen.yml
index 430a344..0c61ed9 100644
--- a/docker/swarm/stack/kqueen.yml
+++ b/docker/swarm/stack/kqueen.yml
@@ -33,24 +33,45 @@
client:
stack:
kqueen:
+ environment:
+ KQUEEN_DEBUG: ${_param:kqueen_api_debug}
+ KQUEEN_CONFIG_FILE: config/prod.py
+ KQUEEN_LDAP_URI: ${_param:kqueen_api_ldap_uri}
+ KQUEEN_LDAP_DN: ${_param:kqueen_api_ldap_dn}
+ KQUEEN_LDAP_PASSWORD: ${_param:kqueen_api_ldap_password}
+ KQUEEN_AUTH_MODULES: ${_param:kqueen_api_auth_modules}
+ KQUEEN_ETCD_HOST: ${_param:kqueen_api_db_host}
+ KQUEEN_PROMETHEUS_WHITELIST: ${_param:kqueen_api_prometheus_whitelist}
+ KQUEEN_SECRET_KEY: ${_param:kqueen_credentials:kqueen_api_secret_key}
+ BOOTSTRAP_ADMIN: ${_param:kqueen_credentials:kqueen_api_bootstrap_admin}
+ BOOTSTRAP_ADMIN_USERNAME: ${_param:kqueen_credentials:kqueen_api_admin_username}
+ BOOTSTRAP_ADMIN_PASSWORD: ${_param:kqueen_credentials:kqueen_api_admin_password}
+ BOOTSTRAP_ADMIN_ORGANIZATION: ${_param:kqueen_credentials:kqueen_api_admin_organization}
+ BOOTSTRAP_ADMIN_NAMESPACE: ${_param:kqueen_credentials:kqueen_api_admin_namespace}
+ KQUEENUI_PREFERRED_URL_SCHEME: https
+ KQUEENUI_DEBUG: ${_param:kqueen_ui_debug}
+ KQUEEN_UI_CONFIG_FILE: config/prod.py
+ KQUEENUI_SECRET_KEY: ${_param:kqueen_credentials:kqueen_ui_secret_key}
+ KQUEENUI_KQUEEN_API_URL: http://${_param:kqueen_api_bind_host}:${_param:kqueen_api_bind_port}/api/v1/
+ KQUEENUI_KQUEEN_AUTH_URL: http://${_param:kqueen_api_bind_host}:${_param:kqueen_api_bind_port}/api/v1/auth
+ KQUEENUI_KQUEEN_SERVICE_USER_USERNAME: ${_param:kqueen_credentials:kqueen_api_admin_username}
+ KQUEENUI_KQUEEN_SERVICE_USER_PASSWORD: ${_param:kqueen_credentials:kqueen_api_admin_password}
+ KQUEENUI_MAIL_SERVER: ${_param:kqueen_ui_mail_host}
+ KQUEENUI_MAIL_PORT: ${_param:kqueen_ui_mail_port}
+ KQUEENUI_ENABLE_PUBLIC_REGISTRATION: ${_param:kqueen_ui_enable_public_registration}
+ KQUEENUI_LDAP_AUTH_NOTIFY: ${_param:kqueen_ui_ldap_auth_notify}
+ KQUEENUI_LOCAL_AUTH_NOTIFY: ${_param:kqueen_ui_local_auth_notify}
+ STATIC_DIR: /mnt/static/
+ ETCD_NAME: 0
+ ETCD_INITIAL_ADVERTISE_PEER_URLS: http://etcd:2380
+ ETCD_INITIAL_CLUSTER_STATE: new
+ ETCD_INITIAL_CLUSTER_TOKEN: etcd-cluster-1
+ ETCD_LISTEN_CLIENT_URLS: http://0.0.0.0:${_param:haproxy_etcd_bind_port}
+ ETCD_LISTEN_PEER_URLS: http://0.0.0.0:2380
+ ETCD_ADVERTISE_CLIENT_URLS: http://127.0.0.1:4001,http://etcd:${_param:haproxy_etcd_bind_port}
service:
kqueen-api:
image: ${_param:docker_image_kqueen_api}
- environment:
- KQUEEN_DEBUG: ${_param:kqueen_api_debug}
- KQUEEN_CONFIG_FILE: config/prod.py
- KQUEEN_LDAP_URI: ${_param:kqueen_api_ldap_uri}
- KQUEEN_LDAP_DN: ${_param:kqueen_api_ldap_dn}
- KQUEEN_LDAP_PASSWORD: ${_param:kqueen_api_ldap_password}
- KQUEEN_AUTH_MODULES: ${_param:kqueen_api_auth_modules}
- KQUEEN_ETCD_HOST: ${_param:kqueen_api_db_host}
- KQUEEN_PROMETHEUS_WHITELIST: ${_param:kqueen_api_prometheus_whitelist}
- KQUEEN_SECRET_KEY: ${_param:kqueen_credentials:kqueen_api_secret_key}
- BOOTSTRAP_ADMIN: ${_param:kqueen_credentials:kqueen_api_bootstrap_admin}
- BOOTSTRAP_ADMIN_USERNAME: ${_param:kqueen_credentials:kqueen_api_admin_username}
- BOOTSTRAP_ADMIN_PASSWORD: ${_param:kqueen_credentials:kqueen_api_admin_password}
- BOOTSTRAP_ADMIN_ORGANIZATION: ${_param:kqueen_credentials:kqueen_api_admin_organization}
- BOOTSTRAP_ADMIN_NAMESPACE: ${_param:kqueen_credentials:kqueen_api_admin_namespace}
deploy:
replicas: ${_param:docker_kqueen_api_replicas}
restart_policy:
@@ -61,21 +82,6 @@
- /srv/volumes/kqueen/logs/:/var/log/kqueen-api
kqueen-ui:
image: ${_param:docker_image_kqueen_ui}
- environment:
- KQUEENUI_PREFERRED_URL_SCHEME: https
- KQUEENUI_DEBUG: ${_param:kqueen_ui_debug}
- KQUEEN_UI_CONFIG_FILE: config/prod.py
- KQUEENUI_SECRET_KEY: ${_param:kqueen_credentials:kqueen_ui_secret_key}
- KQUEENUI_KQUEEN_API_URL: http://${_param:kqueen_api_bind_host}:${_param:kqueen_api_bind_port}/api/v1/
- KQUEENUI_KQUEEN_AUTH_URL: http://${_param:kqueen_api_bind_host}:${_param:kqueen_api_bind_port}/api/v1/auth
- KQUEENUI_KQUEEN_SERVICE_USER_USERNAME: ${_param:kqueen_credentials:kqueen_api_admin_username}
- KQUEENUI_KQUEEN_SERVICE_USER_PASSWORD: ${_param:kqueen_credentials:kqueen_api_admin_password}
- KQUEENUI_MAIL_SERVER: ${_param:kqueen_ui_mail_host}
- KQUEENUI_MAIL_PORT: ${_param:kqueen_ui_mail_port}
- KQUEENUI_ENABLE_PUBLIC_REGISTRATION: ${_param:kqueen_ui_enable_public_registration}
- KQUEENUI_LDAP_AUTH_NOTIFY: ${_param:kqueen_ui_ldap_auth_notify}
- KQUEENUI_LOCAL_AUTH_NOTIFY: ${_param:kqueen_ui_local_auth_notify}
- STATIC_DIR: /mnt/static/
deploy:
replicas: ${_param:docker_kqueen_ui_replicas}
restart_policy:
@@ -86,14 +92,6 @@
- /srv/volumes/kqueen/logs/:/var/log/kqueen-ui
etcd:
image: quay.io/coreos/etcd:latest
- environment:
- ETCD_NAME: 0
- ETCD_INITIAL_ADVERTISE_PEER_URLS: http://etcd:2380
- ETCD_INITIAL_CLUSTER_STATE: new
- ETCD_INITIAL_CLUSTER_TOKEN: etcd-cluster-1
- ETCD_LISTEN_CLIENT_URLS: http://0.0.0.0:${_param:haproxy_etcd_bind_port}
- ETCD_LISTEN_PEER_URLS: http://0.0.0.0:2380
- ETCD_ADVERTISE_CLIENT_URLS: http://127.0.0.1:4001,http://etcd:${_param:haproxy_etcd_bind_port}
ports:
- ${_param:haproxy_etcd_exposed_port}:${_param:haproxy_etcd_bind_port}
volumes:
diff --git a/haproxy/proxy/listen/cicd/kqueen.yml b/haproxy/proxy/listen/cicd/kqueen.yml
index 52b02d0..71b6f3c 100644
--- a/haproxy/proxy/listen/cicd/kqueen.yml
+++ b/haproxy/proxy/listen/cicd/kqueen.yml
@@ -2,7 +2,7 @@
_param:
haproxy_kqueen_api_bind_host: ${_param:haproxy_bind_address}
haproxy_kqueen_api_bind_port: 5000
- haproxy_kqueen_api_exposed_port: 15000
+ haproxy_kqueen_api_exposed_port: 15001
haproxy_kqueen_ui_bind_host: ${_param:haproxy_bind_address}
haproxy_kqueen_ui_bind_port: 5080
haproxy_kqueen_ui_exposed_port: 15080