Merge "Adding remark for deploy-openstack-compute"
diff --git a/billometer/server/single.yml b/billometer/server/single.yml
index 8152202..c606303 100644
--- a/billometer/server/single.yml
+++ b/billometer/server/single.yml
@@ -7,16 +7,8 @@
- service.supervisor.server.single
parameters:
_param:
- billometer_secret_key: billometer
keystone_billometer_address: localhost
- keystone_billometer_password: password
- postgresql_billometer_password: password
- postgresql_graphite_password: password
rabbitmq_admin_name: admin
- rabbitmq_admin_password: password
- rabbitmq_secret_key: rabbitmq
- rabbitmq_billometer_password: password
- rabbitmq_graphite_password: password
postgresql:
server:
database:
diff --git a/ceilometer/agent/polling/opendaylight.yml b/ceilometer/agent/polling/opendaylight.yml
index aabbe9c..082231a 100644
--- a/ceilometer/agent/polling/opendaylight.yml
+++ b/ceilometer/agent/polling/opendaylight.yml
@@ -7,7 +7,7 @@
driver: opendaylight.v2
auth: basic
user: admin
- password: admin
+# password: admin
scheme: http
interval: 900
ceilometer:
diff --git a/ceilometer/server/backend/default.yml b/ceilometer/server/backend/default.yml
index 071e4a1..8d0531e 100644
--- a/ceilometer/server/backend/default.yml
+++ b/ceilometer/server/backend/default.yml
@@ -10,7 +10,7 @@
server:
database:
engine: none
- password: none
+# password: none
publisher:
default:
enabled: false
diff --git a/defaults/docker_images.yml b/defaults/docker_images.yml
index 8db61a5..bec34e7 100644
--- a/defaults/docker_images.yml
+++ b/defaults/docker_images.yml
@@ -16,7 +16,7 @@
docker_image_gerrit: "${_param:mcp_docker_registry}/mirantis/cicd/gerrit:${_param:mcp_version}"
# mysql:5.6
docker_image_mysql: "${_param:mcp_docker_registry}/mirantis/cicd/mysql:${_param:mcp_version}"
- # jenkins:2.121.3
+ # jenkins:2.150.3
docker_image_jenkins: "${_param:mcp_docker_registry}/mirantis/cicd/jenkins:${_param:mcp_version}"
docker_image_jenkins_slave: "${_param:mcp_docker_registry}/mirantis/cicd/jnlp-slave:${_param:mcp_version}"
# model-generator
diff --git a/defaults/etcd.yml b/defaults/etcd.yml
new file mode 100644
index 0000000..06d9a18
--- /dev/null
+++ b/defaults/etcd.yml
@@ -0,0 +1,6 @@
+parameters:
+ _param:
+ docker_image_etcd: quay.io/coreos/etcd:v3.3.12
+ kubernetes_etcd_repo: https://github.com/etcd-io/etcd/releases/download
+ kubernetes_etcd_source: ${_param:kubernetes_etcd_repo}/v3.3.12/etcd-v3.3.12-linux-amd64.tar.gz
+ kubernetes_etcd_source_hash: md5=079af00546443b686df31e7ec605135e
diff --git a/defaults/init.yml b/defaults/init.yml
index 978671c..72ca17c 100644
--- a/defaults/init.yml
+++ b/defaults/init.yml
@@ -11,6 +11,7 @@
- system.defaults.backupninja
- system.defaults.git
- system.defaults.jenkins
+- system.defaults.postgresql
- system.defaults.maas
- system.defaults.openstack
- system.defaults.galera
@@ -20,9 +21,12 @@
- system.defaults.gerrit
- system.defaults.keepalived
- system.defaults.salt
+- system.defaults.secrets
- system.defaults.stacklight
- system.defaults.xtrabackup
- system.defaults.backup
+# k8s
+- system.defaults.etcd
parameters:
_param:
mcp_version: stable
diff --git a/defaults/maas.yml b/defaults/maas.yml
index df932c8..795d4b0 100644
--- a/defaults/maas.yml
+++ b/defaults/maas.yml
@@ -1,5 +1,6 @@
parameters:
_param:
+ maas_postgresql_server: ${_param:postgresql_server}
default_local_mirrror_content:
maas_mirror_image_sections:
bootloaders:
diff --git a/defaults/openstack/init.yml b/defaults/openstack/init.yml
index 8a6db83..b5b66e1 100644
--- a/defaults/openstack/init.yml
+++ b/defaults/openstack/init.yml
@@ -29,6 +29,12 @@
openstack_version: queens
openstack_old_version: ${_param:openstack_version}
openstack_upgrade_enabled: False
+ # Security compliance user options
+ openstack_service_user_options:
+ ignore_change_password_upon_first_use: True
+ ignore_password_expiry: True
+ ignore_lockout_failure_attempts: False
+ lock_password: False
# Cinder
cinder_memcache_security_enabled: ${_param:openstack_memcache_security_enabled}
cinder_memcache_secret_key: ''
diff --git a/defaults/postgresql/init.yml b/defaults/postgresql/init.yml
new file mode 100644
index 0000000..e0d3de1
--- /dev/null
+++ b/defaults/postgresql/init.yml
@@ -0,0 +1,9 @@
+parameters:
+ _param:
+ postgresql_server: localhost
+ postgresql_exposed_port: 5432
+ postgresql_admin_user: postgres
+ postgresql_glusterfs_volume_name: postgresql-data
+ postgresql_data_mountpoint: /var/lib/postgresql/data
+ postgresql_data_directory: ${_param:postgresql_data_mountpoint}/pgdata
+
diff --git a/defaults/secrets.yml b/defaults/secrets.yml
new file mode 100644
index 0000000..f47c1e0
--- /dev/null
+++ b/defaults/secrets.yml
@@ -0,0 +1,74 @@
+# All commented params just for reference, should be auto-generated
+# Actually all must be genertated but keep some uncommented for backward
+# compatibility.
+parameters:
+ _param:
+# PostgreSQL
+# postgresql_admin_user_password: <<CHANGEME>>
+# postgresql_client_password: <<CHANGEME>>
+# rundeck_db_user_password: <<CHANGEME>>
+# sfdc_db_user_password: <<CHANGEME>>
+# alertmanager_db_user_password: <<CHANGEME>>
+# pushkin_db_user_password: <<CHANGEME>>
+# postgresql_billometer_password: <<CHANGEME>>
+# postgresql_graphite_password: <<CHANGEME>>
+
+# Opencontrail
+ opencontrail_identity_password: contrail123
+# opencontrail_stats_password: <<CHANGEME>>
+ opencontrail_message_queue_password: guest
+
+# RabbitMQ
+# rabbitmq_monitor_password: <<CHANGEME>>
+# rabbitmq_admin_password: <<CHANGEME>>
+ rabbitmq_guest_password: guest
+# rabbitmq_billometer_password: <<CHANGEME>>
+# rabbitmq_graphite_password: <<CHANGEME>>
+# rabbitmq_cold_password: <<CHANGEME>>
+# rabbitmq_secret_key: <<CHANGEME>>
+
+# Keepalived
+# keepalived_k8s_apiserver_vip_password: <<CHANGEME>>
+# keepalived_openstack_web_public_vip_password: <<CHANGEME>>
+# keepalived_openstack_baremetal_password: <<CHANGEME>>
+ keepalived_openstack_telemetry_vip_password: password
+# keepalived_openstack_manila_vip_password: <<CHANGEME>>
+# keepalived_openstack_barbican_vip_password: <<CHANGEME>>
+
+# Jenkins
+# jenkins_admin_password: <<CHANGEME>>
+# jenkins_client_password: <<CHANGEME>>
+# jenkins_security_ldap_manager_password: <<CHANGEME>>
+# oss_jenkins_password: <<CHANGEME>>
+
+# Gerrit/LDAP
+ gerrit_ldap_bind_password: password
+
+# Docker
+# keycloak_admin_password: <<CHANGEME>>
+# kqueen_api_ldap_password: <<CHANGEME>>
+# kqueen_credentials:
+# kqueen_api_admin_password: <<CHANGEME>>
+# pushkin_email_sender_password: <<CHANGEME>>
+# sfdc_password: <<CHANGEME>>
+
+# Billometer
+# keystone_billometer_password: <<CHANGEME>>
+
+# Nova
+# metadata_password: <<CHANGEME>>
+
+# Grafana
+# grafana_password: <<CHANGEME>>
+# grafana_database_password: <<CHANGEME>>
+
+# Keystone
+# keystone_admin_password: <<CHANGEME>>
+# mysql_admin_password: <<CHANGEME>>
+# mysql_keystone_password: <<CHANGEME>>
+
+# Kubernetes
+ kubernetes_openstack_provider_cloud_password: password
+
+# Galera
+# galera_clustercheck_password: <<CHANGEME>>
diff --git a/devops_portal/service/jenkins.yml b/devops_portal/service/jenkins.yml
index ee00912..b800188 100644
--- a/devops_portal/service/jenkins.yml
+++ b/devops_portal/service/jenkins.yml
@@ -1,7 +1,6 @@
parameters:
_param:
oss_jenkins_user: admin
- oss_jenkins_password: password
devops_portal:
config:
service:
diff --git a/docker/client/compose/service/gerrit.yml b/docker/client/compose/service/gerrit.yml
index 69b2a2c..67af5eb 100644
--- a/docker/client/compose/service/gerrit.yml
+++ b/docker/client/compose/service/gerrit.yml
@@ -4,7 +4,6 @@
_param:
gerrit_ldap_server: ""
gerrit_ldap_bind_user: ""
- gerrit_ldap_bind_password: ""
gerrit_ldap_account_base: ""
gerrit_ldap_group_base: ""
gerrit_http_listen_url: http://*:8080/
diff --git a/docker/client/images/monitoring.yml b/docker/client/images/monitoring.yml
index 229152d..2189b52 100644
--- a/docker/client/images/monitoring.yml
+++ b/docker/client/images/monitoring.yml
@@ -7,6 +7,7 @@
- ${_param:docker_image_alertmanager}
- ${_param:docker_image_grafana}
- ${_param:docker_image_prometheus}
+ - ${_param:docker_image_prometheus_es_exporter}
- ${_param:docker_image_prometheus_gainsight}
- ${_param:docker_image_prometheus_gainsight_elasticsearch}
- ${_param:docker_image_prometheus_relay}
@@ -14,4 +15,4 @@
- ${_param:docker_image_remote_agent}
- ${_param:docker_image_remote_collector}
- ${_param:docker_image_remote_storage_adapter}
- - ${_param:docker_image_sf_notifier}
\ No newline at end of file
+ - ${_param:docker_image_sf_notifier}
diff --git a/docker/swarm/stack/dashboard.yml b/docker/swarm/stack/dashboard.yml
index 62a3e14..7b0eac5 100644
--- a/docker/swarm/stack/dashboard.yml
+++ b/docker/swarm/stack/dashboard.yml
@@ -6,7 +6,6 @@
grafana_database_type: sqlite3
grafana_database_host: localhost
grafana_database_port: 3306
- grafana_database_password: password
docker:
client:
stack:
diff --git a/docker/swarm/stack/gerrit.yml b/docker/swarm/stack/gerrit.yml
index 964899d..42af606 100644
--- a/docker/swarm/stack/gerrit.yml
+++ b/docker/swarm/stack/gerrit.yml
@@ -4,7 +4,6 @@
_param:
gerrit_ldap_server: ""
gerrit_ldap_bind_user: ""
- gerrit_ldap_bind_password: ""
gerrit_ldap_account_base: ""
gerrit_ldap_group_base: ""
gerrit_http_listen_url: http://*:8080/
diff --git a/docker/swarm/stack/janitor_monkey.yml b/docker/swarm/stack/janitor_monkey.yml
index 0cb8c43..b711e45 100644
--- a/docker/swarm/stack/janitor_monkey.yml
+++ b/docker/swarm/stack/janitor_monkey.yml
@@ -2,7 +2,7 @@
_param:
docker_janitor_monkey_replicas: 1
docker_mongodb_admin_username: admin
- docker_mongodb_admin_password: password
+# docker_mongodb_admin_password: password
docker_image_janitor_monkey: ${_param:mcp_docker_registry}/mirantis/oss/janitor-monkey
janitor_monkey_bind_host: cleanup-service-api
janitor_monkey_bind_port: 8080
@@ -17,7 +17,7 @@
janitor_monkey_base_url: http://${_param:janitor_monkey_mongodb_host}:${_param:janitor_monkey_mongodb_port}
janitor_monkey_mongodb_db: mcp_cloud
janitor_monkey_mongodb_username: janitor
- janitor_monkey_mongodb_password: password
+# janitor_monkey_mongodb_password: password
janitor_monkey_elasticsearch: ${_param:elasticsearch_bind_host}:${_param:elasticsearch_binary_bind_port}
janitor_monkey_cloudfire_region: RegionOne
janitor_monkey_cis_clustername: ${_param:elasticsearch_cluster_name}
@@ -30,7 +30,7 @@
project_name: admin
auth_url: http://yourcloud.com:5000/v3/auth/tokens
username: admin
- password: password
+# password: password
endpoint_type: public
ssl_verify: False
source_credentials_dir: /srv/volumes/rundeck/storage
diff --git a/docker/swarm/stack/keycloak.yml b/docker/swarm/stack/keycloak.yml
index 7dcb88a..3598282 100644
--- a/docker/swarm/stack/keycloak.yml
+++ b/docker/swarm/stack/keycloak.yml
@@ -6,7 +6,6 @@
keycloak_proxy_bind_port: ${_param:haproxy_keycloak_proxy_bind_port}
# Initial admin support
keycloak_admin_username: admin
- keycloak_admin_password: password
docker:
client:
stack:
diff --git a/docker/swarm/stack/kqueen.yml b/docker/swarm/stack/kqueen.yml
index 0c61ed9..24166ed 100644
--- a/docker/swarm/stack/kqueen.yml
+++ b/docker/swarm/stack/kqueen.yml
@@ -10,7 +10,6 @@
kqueen_api_prometheus_whitelist: '172.16.10.0/24' ##REcheck with network
kqueen_api_ldap_uri: 'ldap://ldap'
kqueen_api_ldap_dn: 'cn=admin,dc=example,dc=org'
- kqueen_api_ldap_password: 'password'
kqueen_api_auth_modules: 'local'
docker_kqueen_ui_replicas: 1
kqueen_ui_bind_port: ${_param:haproxy_kqueen_ui_bind_port}
@@ -26,7 +25,6 @@
kqueen_ui_secret_key: 'pasteyoursecret'
kqueen_api_bootstrap_admin: True
kqueen_api_admin_username: admin
- kqueen_api_admin_password: default
kqueen_api_admin_organization: MirantisCloudPlatform
kqueen_api_admin_namespace: mcp
docker:
diff --git a/docker/swarm/stack/monitoring/elasticsearch_exporter.yml b/docker/swarm/stack/monitoring/elasticsearch_exporter.yml
new file mode 100644
index 0000000..5cbc05e
--- /dev/null
+++ b/docker/swarm/stack/monitoring/elasticsearch_exporter.yml
@@ -0,0 +1,28 @@
+classes:
+- system.prometheus.elasticsearch_exporter.container
+parameters:
+ docker:
+ client:
+ stack:
+ monitoring:
+ network:
+ monitoring:
+ driver: overlay
+ driver_opts:
+ encrypted: 1
+ service:
+ elasticsearch_exporter:
+ command: --es-cluster ${_param:stacklight_log_address}:9200 --nodes-stats-disable --cluster-health-disable --indices-stats-disable
+ networks:
+ - monitoring
+ deploy:
+ replicas: 1
+ labels:
+ com.mirantis.monitoring: "elasticsearch_exporter"
+ restart_policy:
+ condition: any
+ labels:
+ com.mirantis.monitoring: "elasticsearch_exporter"
+ image: ${_param:docker_image_prometheus_es_exporter}
+ volumes:
+ - "${prometheus:elasticsearch_exporter:dir:config}/elasticsearch_exporter.cfg:/usr/src/app/exporter.cfg"
diff --git a/docker/swarm/stack/monitoring/init.yml b/docker/swarm/stack/monitoring/init.yml
index 134efdc..9fa4281 100644
--- a/docker/swarm/stack/monitoring/init.yml
+++ b/docker/swarm/stack/monitoring/init.yml
@@ -2,6 +2,7 @@
- system.docker.swarm.stack.monitoring.prometheus
- system.docker.swarm.stack.monitoring.prometheus.replicated
- system.docker.swarm.stack.monitoring.alertmanager
+- system.docker.swarm.stack.monitoring.elasticsearch_exporter
- system.docker.swarm.stack.monitoring.prometheus_relay
- system.docker.swarm.stack.monitoring.pushgateway
- system.docker.swarm.stack.monitoring.remote_agent
diff --git a/docker/swarm/stack/monitoring/prometheus_global.yml b/docker/swarm/stack/monitoring/prometheus_global.yml
index 6d8e4ba..925675a 100644
--- a/docker/swarm/stack/monitoring/prometheus_global.yml
+++ b/docker/swarm/stack/monitoring/prometheus_global.yml
@@ -2,6 +2,7 @@
- system.docker.swarm.stack.monitoring.prometheus
- system.docker.swarm.stack.monitoring.prometheus.global
- system.docker.swarm.stack.monitoring.alertmanager
+- system.docker.swarm.stack.monitoring.elasticsearch_exporter
- system.docker.swarm.stack.monitoring.prometheus_relay
- system.docker.swarm.stack.monitoring.pushgateway
- system.docker.swarm.stack.monitoring.remote_agent
diff --git a/docker/swarm/stack/postgresql.yml b/docker/swarm/stack/postgresql.yml
index b3936c6..619e0c2 100644
--- a/docker/swarm/stack/postgresql.yml
+++ b/docker/swarm/stack/postgresql.yml
@@ -7,7 +7,6 @@
postgresql_ssl:
enabled: false
postgresql_admin_user: postgres
- postgresql_admin_user_password: postgrespassword
docker:
client:
stack:
diff --git a/docker/swarm/stack/pushkin.yml b/docker/swarm/stack/pushkin.yml
index 2ee26e4..3bb1e17 100644
--- a/docker/swarm/stack/pushkin.yml
+++ b/docker/swarm/stack/pushkin.yml
@@ -13,13 +13,11 @@
pushkin_smtp_port: 587
pushkin_smtp_use_tls: true
webhook_from: your_sender@mail.com
- pushkin_email_sender_password: your_sender_password
webhook_recipients: "recepient1@mail.com,recepient2@mail.com"
webhook_login_id: 13
webhook_application_id: 24
sfdc_auth_url: https://login.salesforce.com/services/oauth2/token
sfdc_username: user@example.net
- sfdc_password: secret
sfdc_consumer_key: example_consumer_key
sfdc_consumer_secret: example_consumer_secret
sfdc_organization_id: example_organization_id
diff --git a/docker/swarm/stack/security_monkey.yml b/docker/swarm/stack/security_monkey.yml
index 5db205e..582a219 100644
--- a/docker/swarm/stack/security_monkey.yml
+++ b/docker/swarm/stack/security_monkey.yml
@@ -13,7 +13,7 @@
security_monkey_db: secmonkey
notification_service_url: http://${_param:pushkin_bind_host}:${_param:haproxy_pushkin_bind_port}/post_notification_json
security_monkey_user: devopsportal@devopsportal.local
- security_monkey_password: devopsportal
+# security_monkey_password: devopsportal
security_monkey_role: Justify
security_monkey_fqdn: ${_param:security_monkey_bind_host}
security_monkey_web_port: ${_param:security_monkey_bind_port}
@@ -26,7 +26,7 @@
os_account_name: mcp_cloud
auth_url: http://yourcloud.com:5000/v3/auth/tokens
username: admin
- password: password
+# password: password
project_domain_name: Default
project_name: admin
user_domain_name: Default
diff --git a/etcd/server/cluster.yml b/etcd/server/cluster.yml
index af210d7..2314dc2 100644
--- a/etcd/server/cluster.yml
+++ b/etcd/server/cluster.yml
@@ -3,11 +3,6 @@
- service.etcd.support
- service.etcd.linux
parameters:
- _param:
- docker_image_etcd: quay.io/coreos/etcd:v3.3.12
- kubernetes_etcd_repo: https://github.com/etcd-io/etcd/releases/download
- kubernetes_etcd_source: ${_param:kubernetes_etcd_repo}/v3.3.12/etcd-v3.3.12-linux-amd64.tar.gz
- kubernetes_etcd_source_hash: md5=079af00546443b686df31e7ec605135e
etcd:
server:
enabled: true
diff --git a/etcd/server/single.yml b/etcd/server/single.yml
new file mode 100644
index 0000000..b36f743
--- /dev/null
+++ b/etcd/server/single.yml
@@ -0,0 +1,17 @@
+classes:
+- service.etcd.server.single
+- service.etcd.support
+- service.etcd.linux
+parameters:
+ etcd:
+ server:
+ enabled: true
+ image: ${_param:docker_image_etcd}
+ source:
+ engine: archive
+ etcd_source: ${_param:kubernetes_etcd_source}
+ etcd_source_hash: ${_param:kubernetes_etcd_source_hash}
+ bind:
+ host: ${_param:single_address}
+ ssl:
+ enabled: true
diff --git a/galera/server/clustercheck.yml b/galera/server/clustercheck.yml
index a5d7137..6213c58 100644
--- a/galera/server/clustercheck.yml
+++ b/galera/server/clustercheck.yml
@@ -1,6 +1,4 @@
parameters:
- _param:
- galera_clustercheck_password: clustercheck
galera:
clustercheck:
enabled: True
diff --git a/glusterfs/server/volume/postgresql_k8s.yml b/glusterfs/server/volume/postgresql_k8s.yml
new file mode 100644
index 0000000..f276d60
--- /dev/null
+++ b/glusterfs/server/volume/postgresql_k8s.yml
@@ -0,0 +1,20 @@
+parameters:
+ glusterfs:
+ server:
+ volumes:
+ postgresql-data:
+ storage: /srv/glusterfs/postgresql
+ replica: 3
+ bricks:
+ - ${_param:cluster_node01_address}:/srv/glusterfs/postgresql
+ - ${_param:cluster_node02_address}:/srv/glusterfs/postgresql
+ - ${_param:cluster_node03_address}:/srv/glusterfs/postgresql
+ options:
+ storage.owner-gid: 999
+ storage.owner-uid: 999
+ cluster.readdir-optimize: On
+ nfs.disable: On
+ network.remote-dio: On
+ diagnostics.client-log-level: WARNING
+ diagnostics.brick-log-level: WARNING
+ cluster.favorite-child-policy: mtime
diff --git a/grafana/server/single.yml b/grafana/server/single.yml
index 775ce38..6303430 100644
--- a/grafana/server/single.yml
+++ b/grafana/server/single.yml
@@ -4,7 +4,6 @@
_param:
grafana_port: 3000
grafana_user: admin
- grafana_password: admin
grafana:
server:
enabled: true
diff --git a/graphite/collector/single.yml b/graphite/collector/single.yml
index 5ca5715..5442a3f 100644
--- a/graphite/collector/single.yml
+++ b/graphite/collector/single.yml
@@ -2,8 +2,6 @@
- service.memcached.server.local
- service.graphite.collector.single
parameters:
- _param:
- rabbitmq_monitor_password: password
carbon:
relay:
enabled: false
diff --git a/graphite/server/single.yml b/graphite/server/single.yml
index 237c65d..9c891d3 100644
--- a/graphite/server/single.yml
+++ b/graphite/server/single.yml
@@ -7,12 +7,7 @@
parameters:
_param:
graphite_secret_key: secret
- postgresql_graphite_password: password
apache2_site_graphite_host: ${_param:single_address}
- rabbitmq_graphite_password: password
- rabbitmq_monitor_password: password
- rabbitmq_admin_password: password
- rabbitmq_secret_key: password
apache:
server:
modules:
diff --git a/haproxy/proxy/listen/opencontrail/analytics.yml b/haproxy/proxy/listen/opencontrail/analytics.yml
index 14890ca..fd20277 100644
--- a/haproxy/proxy/listen/opencontrail/analytics.yml
+++ b/haproxy/proxy/listen/opencontrail/analytics.yml
@@ -1,6 +1,4 @@
parameters:
- _param:
- opencontrail_stats_password: password
haproxy:
proxy:
listen:
diff --git a/haproxy/proxy/listen/opencontrail/control.yml b/haproxy/proxy/listen/opencontrail/control.yml
index db407be..b704f04 100644
--- a/haproxy/proxy/listen/opencontrail/control.yml
+++ b/haproxy/proxy/listen/opencontrail/control.yml
@@ -1,6 +1,5 @@
parameters:
_param:
- opencontrail_stats_password: password
opencontrail_api_start_offset: 0
opencontrail_api_workers_count: 1
haproxy:
diff --git a/haproxy/proxy/listen/opencontrail/control4_0.yml b/haproxy/proxy/listen/opencontrail/control4_0.yml
index baeb86e..22623fd 100644
--- a/haproxy/proxy/listen/opencontrail/control4_0.yml
+++ b/haproxy/proxy/listen/opencontrail/control4_0.yml
@@ -1,6 +1,5 @@
parameters:
_param:
- opencontrail_stats_password: password
opencontrail_api_start_offset: 0
opencontrail_api_workers_count: 1
haproxy:
diff --git a/heka/router/single.yml b/heka/router/single.yml
index 8801e42..bba6458 100644
--- a/heka/router/single.yml
+++ b/heka/router/single.yml
@@ -12,7 +12,6 @@
heka_router_prefetch_count: 20
rabbitmq_secret_key: secret_key
rabbitmq_admin_name: admin
- rabbitmq_admin_password: workshoplearning42
kibana_elasticsearch_host: localhost
heka:
shipper:
diff --git a/jenkins/client/init.yml b/jenkins/client/init.yml
index 676fe4d..d1fa605 100644
--- a/jenkins/client/init.yml
+++ b/jenkins/client/init.yml
@@ -6,7 +6,6 @@
parameters:
_param:
jenkins_client_user: none
- jenkins_client_password: none
jenkins_master_host: ${_param:control_vip_address}
jenkins_aptly_storages: "local"
jenkins_master_url_prefix: ""
diff --git a/jenkins/client/job/git-mirrors/downstream/pipelines.yml b/jenkins/client/job/git-mirrors/downstream/pipelines.yml
index e0fd821..fbec27c 100644
--- a/jenkins/client/job/git-mirrors/downstream/pipelines.yml
+++ b/jenkins/client/job/git-mirrors/downstream/pipelines.yml
@@ -8,8 +8,8 @@
- name: pipeline-library
downstream: mcp-ci/pipeline-library
upstream: "${_param:gerrit_pipeline_library_repo}"
- branches: "master,release/2018.8.1,release/2018.11.0,release/2019.2.0"
+ branches: "*"
- name: mk-pipelines
downstream: mk/mk-pipelines
upstream: "${_param:gerrit_mk_pipelines_repo}"
- branches: "master,release/2018.8.1,release/2018.11.0,release/2019.2.0"
\ No newline at end of file
+ branches: "*"
\ No newline at end of file
diff --git a/jenkins/client/job/validate.yml b/jenkins/client/job/validate.yml
index ad3ab9e..d24db10 100644
--- a/jenkins/client/job/validate.yml
+++ b/jenkins/client/job/validate.yml
@@ -24,6 +24,40 @@
credentials: "gerrit"
script: validate-cloud.groovy
param:
+ ACCUMULATE_RESULTS:
+ type: boolean
+ default: 'true'
+ description: If chosen then previous build results will be used in the current build
+ JOB_TIMEOUT:
+ type: string
+ default: "3"
+ description: Job timeout in hours
+ RUN_RALLY_TESTS:
+ type: boolean
+ default: 'true'
+ description: |
+ If chosen, Rally tests will be executed. Please set K8S_RALLY='true' if you plan
+ to test K8S cluster with Rally framework. Special K8S plugin has to be utilized
+ RUN_TEMPEST_TESTS:
+ type: boolean
+ default: 'false'
+ description: If chosen then Tempest tests will be executed
+ RUN_SPT_TESTS:
+ type: boolean
+ default: 'false'
+ description: If chosen, SPT tests will be executed
+ TEST_IMAGE:
+ type: string
+ default: 'xrally/xrally-openstack:latest'
+ description: |
+ Docker image to use with required test set. Please use
+ 'xrally/xrally-openstack:latest' - for Rally tests
+ "${_param:mcp_docker_registry}/mirantis/oss/qa-tools" -
+ for SPT/Tempest environment setup
+ TARGET_NODE:
+ type: string
+ default: ""
+ description: Target node where this job will be executed from
SALT_MASTER_URL:
type: string
default: "${_param:jenkins_salt_api_url}"
@@ -32,151 +66,78 @@
type: string
default: "salt"
description: Credentials to the Salt API
- TEST_IMAGE:
- type: string
- default: "${_param:mcp_docker_registry}/mirantis/oss/qa-tools"
- description: Docker image to setup testing environment
- TARGET_NODE:
- type: string
- default: ""
- description: Target node where this job will be executed from
- RUN_RALLY_TESTS:
- type: boolean
- default: 'true'
- description: If chosen then Rally tests will be executed
- RUN_TEMPEST_TESTS:
- type: boolean
- default: 'true'
- description: If chosen then Tempest tests will be executed
- RUN_K8S_TESTS:
- type: boolean
- default: 'true'
- description: If chosen then K8S tests will be executed
- TEMPEST_TEST_SET:
- type: choice
- choices:
- - smoke
- - full
- description: Set of Tempest tests to run
- TEMPEST_CONFIG_REPO:
- type: string
- default: ""
- description: Git repository with configuration files for Tempest
- TEMPEST_CONFIG_BRANCH:
- type: string
- default: ""
- description: Git branch which will be used during the checkout
- TEMPEST_REPO:
- type: string
- default: ""
- description: Git repository with Tempest
- TEMPEST_VERSION:
- type: string
- default: ""
- description: Version of Tempest (tag, branch or commit)
- TEST_K8S_NODE:
- type: string
- default: ""
- description: Kubernetes node to run tests from
- TEST_K8S_API_SERVER:
- type: string
- default: "http://127.0.0.1:8080"
- description: API server parameter for K8S tests
- TEST_K8S_CONFORMANCE_IMAGE:
- type: string
- default: "docker-dev-virtual.docker.mirantis.net/mirantis/kubernetes/k8s-conformance:v1.7.5-2_1504192939316"
- description: Docker image to run K8S tests
- RUN_SPT_TESTS:
- type: boolean
- default: 'true'
- description: If chosen then SPT tests will be executed
- SPT_SSH_USER:
- type: string
- default: "root"
- description: Username that is used to ssh between cluster nodes
- FLOATING_NETWORK:
- type: string
- default: ""
- description: External(floating) network name (used in both SPT and Rally)
- SPT_IMAGE:
- type: string
- default: ""
- description: Image that is used for network-VM-to-VM-iperf-tests tests
- SPT_IMAGE_USER:
- type: string
- default: ""
- description: Username that is used to ssh to SPT_IMAGE
- SPT_FLAVOR:
- type: string
- default: ""
- description: Flavor name for SPT_IMAGE (make sure you have required flavor created)
- RALLY_IMAGE:
- type: string
- default: "cirros"
- RALLY_FLAVOR:
- type: string
- default: "m1.tiny"
- description: Flavor name for Rally scenarios
- RALLY_CONFIG_REPO:
- type: string
- default: ""
- description: Git repository with configuration files for Rally
- RALLY_CONFIG_BRANCH:
- type: string
- default: ""
- description: Git branch which will be used during the checkout
- RALLY_SCENARIOS:
- type: string
- default: ""
- description: Rally scenarios directory or file with scenarios
- RALLY_SL_SCENARIOS:
- type: string
- default: ""
- description: Stacklight Rally scenarios directory or file with scenarios
- RALLY_TASK_ARGS_FILE:
- type: string
- default: ""
- description: Rally scenarios arguments file
- AVAILABILITY_ZONE:
- type: string
- default: "nova"
- description: Name of availability zone
- GENERATE_REPORT:
- type: boolean
- default: 'true'
- description: If chosen then at the end of the test run HTML report will be generated
- ACCUMULATE_RESULTS:
- type: boolean
- default: 'true'
- description: If chosen then previous build results will be used in the current build
- RALLY_PLUGINS_REPO:
- type: string
- default: ""
- description: Git repository with Rally plugins
- RALLY_PLUGINS_BRANCH:
- type: string
- default: ""
- description: Git branch which will be used during the checkout
- K8S_RALLY:
- type: boolean
- default: 'false'
- description: If chosen then K8S Rally test will be executed
- STACKLIGHT_RALLY:
- type: boolean
- default: 'false'
- description: If chosen then Stacklight Rally test will be executed
- JOB_TIMEOUT:
- type: string
- default: "3"
- description: Job timeout in hours
- REPORT_DIR:
- type: string
- default: ""
- description: Path for reports outside docker image
- SKIP_LIST:
- type: string
- description: "Skip list for Rally test"
- default: ""
+ VALIDATE_PARAMS:
+ type: text
+ default: |
+ ---
+ rally:
+ # Name of availability zone
+ AVAILABILITY_ZONE: 'nova'
+ # External(floating) network name
+ FLOATING_NETWORK: 'public'
+ # Rally base image for glance
+ RALLY_IMAGE: 'cirros'
+ # Flavor name for Rally scenarios
+ RALLY_FLAVOR: 'm1.tiny'
+ # Git repository with configuration files for Rally
+ RALLY_CONFIG_REPO: 'https://github.com/Mirantis/scale-scenarios'
+ # Git branch which will be used during the checkout
+ RALLY_CONFIG_BRANCH: 'master'
+ # Git repository with Rally plugins
+ RALLY_PLUGINS_REPO: 'https://github.com/Mirantis/rally-plugins'
+ # Git branch which will be used during the checkout
+ RALLY_PLUGINS_BRANCH: 'master'
+ # Rally scenarios directory or file with scenarios
+ RALLY_SCENARIOS: 'rally-scenarios-light'
+ # Stacklight Rally scenarios directory or file with scenarios
+ RALLY_SL_SCENARIOS: 'rally-stacklight'
+ # Rally scenarios arguments file
+ RALLY_TASK_ARGS_FILE: 'job-params-light.yaml'
+ # Rally-compliant DB connection string for long-term results storing
+ RALLY_DB_CONN_STRING: ''
+ # List of tags for marking Rally tasks. Used as filter for Rally trends
+ RALLY_TAGS:
+ # - 'platform=openstack'
+ # - 'env=your_env_name'
+ # - 'cmp=2'
+ # Generate rally trends report. Requires an external DB
+ RALLY_TRENDS: 'false'
+ # If chosen K8S Rally plugin will be used to test K8S cluster
+ K8S_RALLY: 'false'
+ # If chosen then Stacklight Rally test will be executed
+ STACKLIGHT_RALLY: 'false'
+ # Path for reports outside docker image
+ REPORT_DIR: '/root/qa_results'
+ # Scenarios names/dirs to skip
+ SKIP_LIST: ''
+ tempest:
+ # Set of Tempest tests to run (smoke,full)
+ TEMPEST_TEST_SET: 'smoke'
+ # Git repository with configuration files for Tempest
+ TEMPEST_CONFIG_REPO: ''
+ # Git branch which will be used during the checkout
+ TEMPEST_CONFIG_BRANCH: ''
+ # description: Git repository with Tempest
+ TEMPEST_REPO: ''
+ # description: Version of Tempest (tag, branch or commit)
+ TEMPEST_VERSION: ''
+ # If chosen, run HTML report will be generated
+ GENERATE_REPORT: 'false'
+ spt:
+ # Name of availability zone
+ AVAILABILITY_ZONE: 'nova'
+ # External(floating) network name
+ FLOATING_NETWORK: 'public'
+ # Username that is used to ssh between cluster nodes
+ SPT_SSH_USER: 'root'
+ # Image that is used for network-VM-to-VM-iperf-tests tests
+ SPT_IMAGE: ''
+ # Username that is used to ssh to SPT_IMAGE
+ SPT_IMAGE_USER: ''
+ # Flavor name for SPT_IMAGE (make sure you have required flavor created)
+ SPT_FLAVOR: ''
+ # If chosen, run HTML report will be generated
+ GENERATE_REPORT: 'false'
cvp-sanity:
type: workflow-scm
name: cvp-sanity
diff --git a/jenkins/client/security/ldap.yml b/jenkins/client/security/ldap.yml
index ba53570..d47e74f 100644
--- a/jenkins/client/security/ldap.yml
+++ b/jenkins/client/security/ldap.yml
@@ -1,7 +1,6 @@
parameters:
_param:
jenkins_security_ldap_manager_dn: ''
- jenkins_security_ldap_manager_password: ''
jenkins_security_ldap_user_search_filter: 'uid={0}'
jenkins_security_ldap_user_search_base: ''
jenkins_security_ldap_group_search_base: ''
diff --git a/keepalived/cluster/instance/kube_api_server_vip.yml b/keepalived/cluster/instance/kube_api_server_vip.yml
index f7fbce8..42d95f1 100644
--- a/keepalived/cluster/instance/kube_api_server_vip.yml
+++ b/keepalived/cluster/instance/kube_api_server_vip.yml
@@ -8,7 +8,6 @@
keepalived_kube_apiserver_vrrp_script_content: "pidof haproxy && systemctl status kube-apiserver.service --quiet --no-pager"
keepalived_k8s_apiserver_vip_interface: ens3
keepalived_k8s_apiserver_vip_address: ${_param:kubernetes_control_address}
- keepalived_k8s_apiserver_vip_password: password
keepalived:
cluster:
vrrp_scripts:
@@ -25,4 +24,4 @@
interface: ${_param:keepalived_k8s_apiserver_vip_interface}
virtual_router_id: 60
priority: ${_param:keepalived_vip_priority}
- track_script: k8s_vip
\ No newline at end of file
+ track_script: k8s_vip
diff --git a/keepalived/cluster/instance/openstack_barbican_vip.yml b/keepalived/cluster/instance/openstack_barbican_vip.yml
index 3c733c4..f6e430f 100644
--- a/keepalived/cluster/instance/openstack_barbican_vip.yml
+++ b/keepalived/cluster/instance/openstack_barbican_vip.yml
@@ -3,7 +3,6 @@
parameters:
_param:
keepalived_openstack_barbican_vip_address: ${_param:cluster_vip_address}
- keepalived_openstack_barbican_vip_password: password
keepalived_openstack_barbican_vip_interface: eth1
keepalived_vip_virtual_router_id: 250
keepalived_vip_address: ${_param:keepalived_openstack_barbican_vip_address}
diff --git a/keepalived/cluster/instance/openstack_baremetal_vip.yml b/keepalived/cluster/instance/openstack_baremetal_vip.yml
index 355cf53..fe2b527 100644
--- a/keepalived/cluster/instance/openstack_baremetal_vip.yml
+++ b/keepalived/cluster/instance/openstack_baremetal_vip.yml
@@ -5,7 +5,6 @@
parameters:
_param:
keepalived_openstack_baremetal_vip_address: ${_param:cluster_baremetal_vip_address}
- keepalived_openstack_baremetal_password: password
keepalived_openstack_baremetal_vip_interface: eth1
keepalived_openstack_baremetal_vip_virtual_router_id: 132
keepalived_openstack_baremetal_vip_priority: ${_param:keepalived_vip_priority}
diff --git a/keepalived/cluster/instance/openstack_manila_vip.yml b/keepalived/cluster/instance/openstack_manila_vip.yml
index d8330c4..b87d998 100644
--- a/keepalived/cluster/instance/openstack_manila_vip.yml
+++ b/keepalived/cluster/instance/openstack_manila_vip.yml
@@ -3,7 +3,6 @@
parameters:
_param:
keepalived_openstack_manila_vip_address: ${_param:cluster_vip_address}
- keepalived_openstack_manila_vip_password: password
keepalived_openstack_manila_vip_interface: eth1
keepalived_vip_virtual_router_id: 235
keepalived_vip_address: ${_param:keepalived_openstack_manila_vip_address}
diff --git a/keepalived/cluster/instance/openstack_telemetry_vip.yml b/keepalived/cluster/instance/openstack_telemetry_vip.yml
index 5dc91a1..92aa048 100644
--- a/keepalived/cluster/instance/openstack_telemetry_vip.yml
+++ b/keepalived/cluster/instance/openstack_telemetry_vip.yml
@@ -3,7 +3,6 @@
parameters:
_param:
keepalived_openstack_telemetry_vip_address: ${_param:cluster_vip_address}
- keepalived_openstack_telemetry_vip_password: password
keepalived_openstack_telemetry_vip_interface: eth1
keepalived_vip_virtual_router_id: 230
keepalived_vip_address: ${_param:keepalived_openstack_telemetry_vip_address}
diff --git a/keepalived/cluster/instance/openstack_web_public_vip.yml b/keepalived/cluster/instance/openstack_web_public_vip.yml
index 363f23b..3efebd2 100644
--- a/keepalived/cluster/instance/openstack_web_public_vip.yml
+++ b/keepalived/cluster/instance/openstack_web_public_vip.yml
@@ -5,7 +5,6 @@
parameters:
_param:
keepalived_openstack_web_public_vip_address: ${_param:cluster_vip_address}
- keepalived_openstack_web_public_vip_password: password
keepalived_openstack_web_public_vip_interface: eth1
keepalived:
cluster:
diff --git a/keystone/client/core.yml b/keystone/client/core.yml
index 8c73b16..c965e6f 100644
--- a/keystone/client/core.yml
+++ b/keystone/client/core.yml
@@ -35,6 +35,7 @@
is_admin: true
password: ${_param:keystone_admin_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
admin_identity:
admin:
user: admin
diff --git a/keystone/client/image_manager.yml b/keystone/client/image_manager.yml
index becd512..3f7c773 100644
--- a/keystone/client/image_manager.yml
+++ b/keystone/client/image_manager.yml
@@ -21,5 +21,6 @@
is_admin: false
password: ${_param:keystone_image_manager_password}
email: ${_param:keystone_image_manager_email}
+ options: ${_param:openstack_service_user_options}
roles:
- image_manager
diff --git a/keystone/client/service/aodh.yml b/keystone/client/service/aodh.yml
index e7c8a0d..3d2dae0 100644
--- a/keystone/client/service/aodh.yml
+++ b/keystone/client/service/aodh.yml
@@ -15,6 +15,7 @@
is_admin: true
password: ${_param:keystone_aodh_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
service:
aodh:
type: alarming
diff --git a/keystone/client/service/barbican.yml b/keystone/client/service/barbican.yml
index 8c975ba..1a65afd 100644
--- a/keystone/client/service/barbican.yml
+++ b/keystone/client/service/barbican.yml
@@ -16,6 +16,7 @@
barbican:
password: ${_param:keystone_barbican_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
roles:
- admin
- creator
diff --git a/keystone/client/service/billometer.yml b/keystone/client/service/billometer.yml
index 5aa1f2e..14c570e 100644
--- a/keystone/client/service/billometer.yml
+++ b/keystone/client/service/billometer.yml
@@ -14,6 +14,7 @@
is_admin: true
password: ${_param:keystone_billometer_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
service:
billometer:
type: billing
diff --git a/keystone/client/service/ceilometer.yml b/keystone/client/service/ceilometer.yml
index e3bc485..131f3bb 100644
--- a/keystone/client/service/ceilometer.yml
+++ b/keystone/client/service/ceilometer.yml
@@ -16,6 +16,7 @@
is_admin: true
password: ${_param:keystone_ceilometer_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
service:
ceilometer:
type: metering
diff --git a/keystone/client/service/cinder.yml b/keystone/client/service/cinder.yml
index cf27875..ec0b2ca 100644
--- a/keystone/client/service/cinder.yml
+++ b/keystone/client/service/cinder.yml
@@ -14,3 +14,4 @@
is_admin: true
password: ${_param:keystone_cinder_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
diff --git a/keystone/client/service/cinder2.yml b/keystone/client/service/cinder2.yml
index 997651a..fd8cbfc 100644
--- a/keystone/client/service/cinder2.yml
+++ b/keystone/client/service/cinder2.yml
@@ -14,6 +14,7 @@
is_admin: true
password: ${_param:keystone_cinder_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
service:
cinderv2:
type: volumev2
diff --git a/keystone/client/service/cinder3.yml b/keystone/client/service/cinder3.yml
index 870c781..6280a7b 100644
--- a/keystone/client/service/cinder3.yml
+++ b/keystone/client/service/cinder3.yml
@@ -14,6 +14,7 @@
is_admin: true
password: ${_param:keystone_cinder_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
service:
cinderv3:
type: volumev3
diff --git a/keystone/client/service/congress.yml b/keystone/client/service/congress.yml
index 1e1141b..e0a6754 100644
--- a/keystone/client/service/congress.yml
+++ b/keystone/client/service/congress.yml
@@ -14,6 +14,7 @@
is_admin: true
password: ${_param:keystone_congress_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
service:
congress:
type: policy
diff --git a/keystone/client/service/contrail.yml b/keystone/client/service/contrail.yml
index ad2f6e2..6792156 100644
--- a/keystone/client/service/contrail.yml
+++ b/keystone/client/service/contrail.yml
@@ -14,6 +14,7 @@
is_admin: true
password: ${_param:opencontrail_admin_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
service:
opencontrail:
type: contrail
diff --git a/keystone/client/service/designate.yml b/keystone/client/service/designate.yml
index 83bb7ef..80f3761 100644
--- a/keystone/client/service/designate.yml
+++ b/keystone/client/service/designate.yml
@@ -14,6 +14,7 @@
is_admin: true
password: ${_param:keystone_designate_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
service:
designate:
type: dns
diff --git a/keystone/client/service/glance.yml b/keystone/client/service/glance.yml
index 8c6f39d..69b5d8b 100644
--- a/keystone/client/service/glance.yml
+++ b/keystone/client/service/glance.yml
@@ -14,6 +14,7 @@
is_admin: true
password: ${_param:keystone_glance_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
service:
glance:
type: image
diff --git a/keystone/client/service/glare.yml b/keystone/client/service/glare.yml
index 24d827a..22d619f 100644
--- a/keystone/client/service/glare.yml
+++ b/keystone/client/service/glare.yml
@@ -12,6 +12,7 @@
is_admin: true
password: ${_param:keystone_glance_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
service:
glare:
type: artifact
diff --git a/keystone/client/service/gnocchi.yml b/keystone/client/service/gnocchi.yml
index 0b46f36..2336a8c 100644
--- a/keystone/client/service/gnocchi.yml
+++ b/keystone/client/service/gnocchi.yml
@@ -17,6 +17,7 @@
is_admin: true
password: ${_param:keystone_gnocchi_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
service:
gnocchi:
type: metric
diff --git a/keystone/client/service/heat.yml b/keystone/client/service/heat.yml
index e0bae14..9c17b06 100644
--- a/keystone/client/service/heat.yml
+++ b/keystone/client/service/heat.yml
@@ -17,6 +17,7 @@
is_admin: true
password: ${_param:keystone_heat_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
service:
heat:
type: orchestration
diff --git a/keystone/client/service/ironic.yml b/keystone/client/service/ironic.yml
index 1466039..e350284 100644
--- a/keystone/client/service/ironic.yml
+++ b/keystone/client/service/ironic.yml
@@ -15,6 +15,7 @@
is_admin: true
password: ${_param:keystone_ironic_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
service:
ironic:
type: baremetal
diff --git a/keystone/client/service/manila.yml b/keystone/client/service/manila.yml
index 358ed36..5cc66d2 100644
--- a/keystone/client/service/manila.yml
+++ b/keystone/client/service/manila.yml
@@ -14,6 +14,7 @@
is_admin: true
password: ${_param:keystone_manila_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
service:
manila:
type: share
diff --git a/keystone/client/service/manila2.yml b/keystone/client/service/manila2.yml
index 38f2672..8cccc24 100644
--- a/keystone/client/service/manila2.yml
+++ b/keystone/client/service/manila2.yml
@@ -14,6 +14,7 @@
is_admin: true
password: ${_param:keystone_manila_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
service:
manilav2:
type: sharev2
diff --git a/keystone/client/service/murano.yml b/keystone/client/service/murano.yml
index aa3cee3..1652ac2 100644
--- a/keystone/client/service/murano.yml
+++ b/keystone/client/service/murano.yml
@@ -12,6 +12,7 @@
is_admin: true
password: ${_param:keystone_murano_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
service:
murano:
type: application-catalog
diff --git a/keystone/client/service/neutron.yml b/keystone/client/service/neutron.yml
index 33434c1..59e4b33 100644
--- a/keystone/client/service/neutron.yml
+++ b/keystone/client/service/neutron.yml
@@ -14,6 +14,7 @@
is_admin: true
password: ${_param:keystone_neutron_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
service:
neutron:
type: network
diff --git a/keystone/client/service/nova.yml b/keystone/client/service/nova.yml
index 24a1dd5..22bbfc9 100644
--- a/keystone/client/service/nova.yml
+++ b/keystone/client/service/nova.yml
@@ -14,6 +14,7 @@
is_admin: true
password: ${_param:keystone_nova_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
service:
nova:
type: compute
diff --git a/keystone/client/service/nova21.yml b/keystone/client/service/nova21.yml
index 2335f5a..27a0580 100644
--- a/keystone/client/service/nova21.yml
+++ b/keystone/client/service/nova21.yml
@@ -14,6 +14,7 @@
is_admin: true
password: ${_param:keystone_nova_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
service:
nova20:
type: compute_legacy
diff --git a/keystone/client/service/octavia.yml b/keystone/client/service/octavia.yml
index a38d40e..c5ca83f 100644
--- a/keystone/client/service/octavia.yml
+++ b/keystone/client/service/octavia.yml
@@ -18,6 +18,7 @@
is_admin: true
password: ${_param:keystone_octavia_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
service:
octavia:
type: load-balancer
diff --git a/keystone/client/service/panko.yml b/keystone/client/service/panko.yml
index 7ad4397..43897be 100644
--- a/keystone/client/service/panko.yml
+++ b/keystone/client/service/panko.yml
@@ -15,6 +15,7 @@
is_admin: true
password: ${_param:keystone_panko_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
service:
panko:
type: event
diff --git a/keystone/client/service/radosgw-s3.yml b/keystone/client/service/radosgw-s3.yml
index b44d7eb..bcf596f 100644
--- a/keystone/client/service/radosgw-s3.yml
+++ b/keystone/client/service/radosgw-s3.yml
@@ -15,6 +15,7 @@
is_admin: true
password: ${_param:keystone_swift_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
service:
radosgw-s3:
type: s3
diff --git a/keystone/client/service/radosgw-swift.yml b/keystone/client/service/radosgw-swift.yml
index cd495ee..c8b6569 100644
--- a/keystone/client/service/radosgw-swift.yml
+++ b/keystone/client/service/radosgw-swift.yml
@@ -17,6 +17,7 @@
is_admin: true
password: ${_param:keystone_swift_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
admin:
user:
admin:
diff --git a/keystone/client/service/sahara.yml b/keystone/client/service/sahara.yml
index 526649a..8d88168 100644
--- a/keystone/client/service/sahara.yml
+++ b/keystone/client/service/sahara.yml
@@ -12,6 +12,7 @@
is_admin: true
password: ${_param:keystone_sahara_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
service:
sahara:
type: data-processing
diff --git a/keystone/client/service/swift-s3.yml b/keystone/client/service/swift-s3.yml
index d36d279..36050a4 100644
--- a/keystone/client/service/swift-s3.yml
+++ b/keystone/client/service/swift-s3.yml
@@ -12,6 +12,7 @@
is_admin: true
password: ${_param:keystone_swift_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
service:
swift-s3:
type: object-store
diff --git a/keystone/client/service/swift.yml b/keystone/client/service/swift.yml
index b599d97..ddcaf26 100644
--- a/keystone/client/service/swift.yml
+++ b/keystone/client/service/swift.yml
@@ -12,6 +12,7 @@
is_admin: true
password: ${_param:keystone_swift_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
service:
swift:
type: object-store
diff --git a/keystone/client/service/tacker.yml b/keystone/client/service/tacker.yml
index 28eef93..e1c7019 100644
--- a/keystone/client/service/tacker.yml
+++ b/keystone/client/service/tacker.yml
@@ -13,6 +13,7 @@
is_admin: true
password: ${_param:keystone_tacker_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
service:
tacker:
type: nfv-orchestration
diff --git a/keystone/client/single.yml b/keystone/client/single.yml
index 74d3e5b..20b2b91 100644
--- a/keystone/client/single.yml
+++ b/keystone/client/single.yml
@@ -43,6 +43,7 @@
is_admin: true
password: ${_param:keystone_admin_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
admin_identity:
admin:
user: admin
diff --git a/keystone/client/v3/service/aodh.yml b/keystone/client/v3/service/aodh.yml
index eafd92a..a4f217c 100644
--- a/keystone/client/v3/service/aodh.yml
+++ b/keystone/client/v3/service/aodh.yml
@@ -11,6 +11,7 @@
aodh:
password: ${_param:keystone_aodh_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
roles:
service_admin:
name: admin
diff --git a/keystone/client/v3/service/barbican.yml b/keystone/client/v3/service/barbican.yml
index 93ce204..f008abc 100644
--- a/keystone/client/v3/service/barbican.yml
+++ b/keystone/client/v3/service/barbican.yml
@@ -16,6 +16,7 @@
barbican:
password: ${_param:keystone_barbican_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
roles:
service_admin:
name: admin
diff --git a/keystone/client/v3/service/billometer.yml b/keystone/client/v3/service/billometer.yml
index 0992519..9e115eb 100644
--- a/keystone/client/v3/service/billometer.yml
+++ b/keystone/client/v3/service/billometer.yml
@@ -5,10 +5,11 @@
client:
resources:
v3:
- user:
+ users:
billometer:
password: ${_param:keystone_billometer_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
roles:
service_admin:
name: admin
diff --git a/keystone/client/v3/service/ceilometer.yml b/keystone/client/v3/service/ceilometer.yml
index 727171e..9129773 100644
--- a/keystone/client/v3/service/ceilometer.yml
+++ b/keystone/client/v3/service/ceilometer.yml
@@ -10,6 +10,7 @@
ceilometer:
password: ${_param:keystone_ceilometer_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
roles:
service_admin:
name: admin
diff --git a/keystone/client/v3/service/cinder.yml b/keystone/client/v3/service/cinder.yml
index 4f6c76c..1dd279a 100644
--- a/keystone/client/v3/service/cinder.yml
+++ b/keystone/client/v3/service/cinder.yml
@@ -9,6 +9,7 @@
cinder:
password: ${_param:keystone_cinder_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
roles:
service_admin:
name: admin
diff --git a/keystone/client/v3/service/cinder2.yml b/keystone/client/v3/service/cinder2.yml
index 886edee..4d49d2b 100644
--- a/keystone/client/v3/service/cinder2.yml
+++ b/keystone/client/v3/service/cinder2.yml
@@ -9,6 +9,7 @@
cinder:
password: ${_param:keystone_cinder_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
roles:
service_admin:
name: admin
diff --git a/keystone/client/v3/service/cinder3.yml b/keystone/client/v3/service/cinder3.yml
index 9682186..a4465ac 100644
--- a/keystone/client/v3/service/cinder3.yml
+++ b/keystone/client/v3/service/cinder3.yml
@@ -9,6 +9,7 @@
cinder:
password: ${_param:keystone_cinder_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
roles:
service_admin:
name: admin
diff --git a/keystone/client/v3/service/congress.yml b/keystone/client/v3/service/congress.yml
index 15cce34..0d34181 100644
--- a/keystone/client/v3/service/congress.yml
+++ b/keystone/client/v3/service/congress.yml
@@ -9,6 +9,7 @@
congress:
password: ${_param:keystone_congress_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
roles:
service_admin:
name: admin
diff --git a/keystone/client/v3/service/contrail.yml b/keystone/client/v3/service/contrail.yml
index e6277d5..930804a 100644
--- a/keystone/client/v3/service/contrail.yml
+++ b/keystone/client/v3/service/contrail.yml
@@ -20,6 +20,7 @@
contrail:
password: ${_param:opencontrail_admin_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
is_admin: true
roles:
admin:
diff --git a/keystone/client/v3/service/designate.yml b/keystone/client/v3/service/designate.yml
index 821f2cb..271ea22 100644
--- a/keystone/client/v3/service/designate.yml
+++ b/keystone/client/v3/service/designate.yml
@@ -9,6 +9,7 @@
designate:
password: ${_param:keystone_designate_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
roles:
service_admin:
name: admin
diff --git a/keystone/client/v3/service/glance.yml b/keystone/client/v3/service/glance.yml
index a690a73..0e01709 100644
--- a/keystone/client/v3/service/glance.yml
+++ b/keystone/client/v3/service/glance.yml
@@ -9,6 +9,7 @@
glance:
password: ${_param:keystone_glance_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
roles:
service_admin:
name: admin
diff --git a/keystone/client/v3/service/gnocchi.yml b/keystone/client/v3/service/gnocchi.yml
index 6a11023..63241db 100644
--- a/keystone/client/v3/service/gnocchi.yml
+++ b/keystone/client/v3/service/gnocchi.yml
@@ -10,6 +10,7 @@
gnocchi:
password: ${_param:keystone_gnocchi_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
roles:
service_admin:
name: admin
diff --git a/keystone/client/v3/service/heat.yml b/keystone/client/v3/service/heat.yml
index a1b248f..54c8f0b 100644
--- a/keystone/client/v3/service/heat.yml
+++ b/keystone/client/v3/service/heat.yml
@@ -16,6 +16,7 @@
heat:
password: ${_param:keystone_heat_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
roles:
service_admin:
name: admin
diff --git a/keystone/client/v3/service/ironic.yml b/keystone/client/v3/service/ironic.yml
index 216049c..bd2795b 100644
--- a/keystone/client/v3/service/ironic.yml
+++ b/keystone/client/v3/service/ironic.yml
@@ -10,6 +10,7 @@
ironic:
password: ${_param:keystone_ironic_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
roles:
service_admin:
name: admin
diff --git a/keystone/client/v3/service/keystone.yml b/keystone/client/v3/service/keystone.yml
index ab3b29c..6c005c7 100644
--- a/keystone/client/v3/service/keystone.yml
+++ b/keystone/client/v3/service/keystone.yml
@@ -24,6 +24,7 @@
admin:
password: ${_param:keystone_admin_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
roles:
service_admin:
name: admin
diff --git a/keystone/client/v3/service/manila.yml b/keystone/client/v3/service/manila.yml
index 9030c98..bb90159 100644
--- a/keystone/client/v3/service/manila.yml
+++ b/keystone/client/v3/service/manila.yml
@@ -9,6 +9,7 @@
manila:
password: ${_param:keystone_manila_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
roles:
service_admin:
name: admin
diff --git a/keystone/client/v3/service/manila2.yml b/keystone/client/v3/service/manila2.yml
index 06aa44e..f5771ad 100644
--- a/keystone/client/v3/service/manila2.yml
+++ b/keystone/client/v3/service/manila2.yml
@@ -9,6 +9,7 @@
manila:
password: ${_param:keystone_manila_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
roles:
service_admin:
name: admin
diff --git a/keystone/client/v3/service/neutron.yml b/keystone/client/v3/service/neutron.yml
index 2c1df47..6af16f9 100644
--- a/keystone/client/v3/service/neutron.yml
+++ b/keystone/client/v3/service/neutron.yml
@@ -9,6 +9,7 @@
neutron:
password: ${_param:keystone_neutron_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
roles:
service_admin:
name: admin
diff --git a/keystone/client/v3/service/nova.yml b/keystone/client/v3/service/nova.yml
index d2f76f6..d0c7366 100644
--- a/keystone/client/v3/service/nova.yml
+++ b/keystone/client/v3/service/nova.yml
@@ -9,6 +9,7 @@
nova:
password: ${_param:keystone_nova_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
roles:
service_admin:
name: admin
diff --git a/keystone/client/v3/service/nova21.yml b/keystone/client/v3/service/nova21.yml
index 5bccedf..85bd29f 100644
--- a/keystone/client/v3/service/nova21.yml
+++ b/keystone/client/v3/service/nova21.yml
@@ -9,6 +9,7 @@
nova:
password: ${_param:keystone_nova_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
roles:
service_admin:
name: admin
diff --git a/keystone/client/v3/service/octavia.yml b/keystone/client/v3/service/octavia.yml
index 26940ff..54c8bc9 100644
--- a/keystone/client/v3/service/octavia.yml
+++ b/keystone/client/v3/service/octavia.yml
@@ -26,6 +26,7 @@
octavia:
password: ${_param:keystone_octavia_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
roles:
service_admin:
name: admin
diff --git a/keystone/client/v3/service/panko.yml b/keystone/client/v3/service/panko.yml
index 5f4c70b..226f601 100644
--- a/keystone/client/v3/service/panko.yml
+++ b/keystone/client/v3/service/panko.yml
@@ -10,6 +10,7 @@
panko:
password: ${_param:keystone_panko_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
roles:
service_admin:
name: admin
diff --git a/keystone/client/v3/service/radosgw-s3.yml b/keystone/client/v3/service/radosgw-s3.yml
index 7c03f4a..1a7ae3c 100644
--- a/keystone/client/v3/service/radosgw-s3.yml
+++ b/keystone/client/v3/service/radosgw-s3.yml
@@ -4,12 +4,13 @@
radosgw_service_protocol: http
keystone:
client:
- resource:
+ resources:
v3:
users:
swift:
password: ${_param:keystone_swift_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
roles:
service_admin:
name: admin
diff --git a/keystone/client/v3/service/radosgw-swift.yml b/keystone/client/v3/service/radosgw-swift.yml
index d1acce3..2e78bb9 100644
--- a/keystone/client/v3/service/radosgw-swift.yml
+++ b/keystone/client/v3/service/radosgw-swift.yml
@@ -14,6 +14,7 @@
swift:
password: ${_param:keystone_swift_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
roles:
service_admin:
name: admin
diff --git a/keystone/client/v3/service/tacker.yml b/keystone/client/v3/service/tacker.yml
index 8a01280..bddca05 100644
--- a/keystone/client/v3/service/tacker.yml
+++ b/keystone/client/v3/service/tacker.yml
@@ -10,6 +10,7 @@
tacker:
password: ${_param:keystone_tacker_password}
email: ${_param:admin_email}
+ options: ${_param:openstack_service_user_options}
roles:
service_admin:
name: admin
diff --git a/keystone/server/single.yml b/keystone/server/single.yml
index 9663488..014a6dc 100644
--- a/keystone/server/single.yml
+++ b/keystone/server/single.yml
@@ -9,10 +9,8 @@
parameters:
_param:
keystone_service_token: token
- keystone_admin_password: password
mysql_admin_user: root
- mysql_admin_password: password
- mysql_keystone_password: password
+ keystone_tokens_expiration: 3600
openstack_node_role: primary
keystone_service_protocol: ${_param:cluster_internal_protocol}
linux:
diff --git a/kubernetes/common/init.yml b/kubernetes/common/init.yml
index 952e5c8..bfbd98a 100644
--- a/kubernetes/common/init.yml
+++ b/kubernetes/common/init.yml
@@ -131,7 +131,6 @@
kubernetes_openstack_provider_binary: ${_param:kubernetes_openstack_provider_repo}/openstack-cloud-controller-manager_v0.3.0-2_1549884015986
kubernetes_openstack_provider_binary_hash: md5=fd19a97527009aac72de7997744885fb
kubernetes_openstack_provider_cloud_user: admin
- kubernetes_openstack_provider_cloud_password: secret
kubernetes_openstack_provider_cloud_auth_url: http://127.0.0.1:5000/v3
kubernetes_openstack_provider_cloud_tenant_id: tenant_id
kubernetes_openstack_provider_cloud_domain_id: default
diff --git a/kubernetes/control/opencontrail.yml b/kubernetes/control/opencontrail.yml
index 75e3b0d..8cdd97c 100644
--- a/kubernetes/control/opencontrail.yml
+++ b/kubernetes/control/opencontrail.yml
@@ -1,12 +1,10 @@
parameters:
_param:
opencontrail_identity_user: admin
- opencontrail_identity_password: contrail123
opencontrail_identity_tenant: admin
opencontrail_public_ip_range: 172.17.47.128/25
opencontrail_public_ip_network: default-domain:default-project:Public
opencontrail_private_ip_range: 10.150.0.0/16
- opencontrail_message_queue_password: guest
kubernetes:
pool:
network:
diff --git a/kubernetes/control/services/drivetrain/gerrit.yml b/kubernetes/control/services/drivetrain/gerrit.yml
index 724ffc2..8350c56 100644
--- a/kubernetes/control/services/drivetrain/gerrit.yml
+++ b/kubernetes/control/services/drivetrain/gerrit.yml
@@ -3,7 +3,6 @@
gerrit_ldap_user_pattern: 'uid={username}'
gerrit_ldap_server: "ldap://openldap"
gerrit_ldap_bind_user: ""
- gerrit_ldap_bind_password: ""
gerrit_ldap_account_base: ""
gerrit_ldap_group_base: ""
gerrit_http_listen_url: proxy-http://*:8080/gerrit/
diff --git a/kubernetes/control/services/drivetrain/postgresql.yml b/kubernetes/control/services/drivetrain/postgresql.yml
new file mode 100644
index 0000000..fd1c7bd
--- /dev/null
+++ b/kubernetes/control/services/drivetrain/postgresql.yml
@@ -0,0 +1,48 @@
+parameters:
+ kubernetes:
+ common:
+ addons:
+ ingress-nginx:
+ tcp_data:
+ 5432: drivetrain/postgresql-db:${_param:postgresql_exposed_port}
+ tcp_ports:
+ - 5432
+ control:
+ service:
+ postgresql-db:
+ enabled: true
+ cluster: drivetrain
+ service: postgresql-db
+ create: true
+ namespace: drivetrain
+ ports:
+ - port: ${_param:postgresql_exposed_port}
+ name: psql-server
+ type: ClusterIP
+ apiVersion: extensions/v1beta1
+ kind: Deployment
+ replicas: 1
+ container:
+ postgresql-server:
+ image: ${_param:docker_image_postgresql}
+ image_pull_policy: IfNotPresent
+ variables:
+ - name: POSTGRES_USER
+ value: ${_param:postgresql_admin_user}
+ - name: POSTGRES_PASSWORD
+ value: ${_param:postgresql_admin_user_password}
+ - name: PGDATA
+ value: ${_param:postgresql_data_directory}
+ ports:
+ - port: ${_param:postgresql_exposed_port}
+ name: psql-server
+ volumes:
+ - name: postgresql-data
+ mount: ${_param:postgresql_data_mountpoint}
+ read_only: false
+ volume:
+ postgresql-data:
+ type: glusterfs
+ endpoints: glusterfs
+ path: ${_param:postgresql_glusterfs_volume_name}
+ read_only: false
diff --git a/maas/region/single.yml b/maas/region/single.yml
index 96ba7c6..52a613e 100644
--- a/maas/region/single.yml
+++ b/maas/region/single.yml
@@ -49,7 +49,7 @@
email: email@example.com
database:
engine: postgresql
- host: localhost
+ host: ${_param:maas_postgresql_server}
name: maasdb
password: ${_param:maas_db_password}
username: maas
diff --git a/neutron/control/opendaylight/cluster.yml b/neutron/control/opendaylight/cluster.yml
index 2f22403..91ed809 100644
--- a/neutron/control/opendaylight/cluster.yml
+++ b/neutron/control/opendaylight/cluster.yml
@@ -11,7 +11,7 @@
host: ${_param:opendaylight_service_host}
rest_api_port: 8282
user: admin
- password: admin
+# password: admin
ovsdb_connection: tcp:127.0.0.1:6639
router: ${_param:opendaylight_router}
mechanism:
diff --git a/neutron/control/opendaylight/single.yml b/neutron/control/opendaylight/single.yml
index c12d04a..333d2c2 100644
--- a/neutron/control/opendaylight/single.yml
+++ b/neutron/control/opendaylight/single.yml
@@ -11,7 +11,7 @@
host: ${_param:opendaylight_service_host}
rest_api_port: 8282
user: admin
- password: admin
+# password: admin
ovsdb_connection: tcp:127.0.0.1:6639
router: ${_param:opendaylight_router}
mechanism:
diff --git a/nova/control/cluster.yml b/nova/control/cluster.yml
index 779acae..2527b33 100644
--- a/nova/control/cluster.yml
+++ b/nova/control/cluster.yml
@@ -13,7 +13,6 @@
nova_cpu_allocation_ratio: 16.0
nova_ram_allocation_ratio: 1.5
nova_disk_allocation_ratio: 1.0
- metadata_password: metadataPass
linux:
system:
package:
diff --git a/opencontrail/control/analytics4_0.yml b/opencontrail/control/analytics4_0.yml
index f18babb..d60ed8b 100644
--- a/opencontrail/control/analytics4_0.yml
+++ b/opencontrail/control/analytics4_0.yml
@@ -19,7 +19,6 @@
opencontrail_message_queue_node02_address: ${_param:openstack_message_queue_node02_address}
opencontrail_message_queue_node03_address: ${_param:openstack_message_queue_node03_address}
opencontrail_message_queue_address: ${_param:openstack_message_queue_address}
- opencontrail_message_queue_password: guest
opencontrail_analytics_image: ${_param:mcp_docker_registry}/opencontrail-${_param:linux_repo_contrail_component}/opencontrail-analytics:${_param:opencontrail_image_tag}
opencontrail_analyticsdb_image: ${_param:mcp_docker_registry}/opencontrail-${_param:linux_repo_contrail_component}/opencontrail-analyticsdb:${_param:opencontrail_image_tag}
opencontrail_analytics_container_name: opencontrail_analytics_1
diff --git a/opencontrail/control/cluster4_0.yml b/opencontrail/control/cluster4_0.yml
index 95b0d90..129639c 100644
--- a/opencontrail/control/cluster4_0.yml
+++ b/opencontrail/control/cluster4_0.yml
@@ -20,7 +20,6 @@
opencontrail_message_queue_node02_address: ${_param:openstack_control_node02_address}
opencontrail_message_queue_node03_address: ${_param:openstack_control_node03_address}
opencontrail_message_queue_address: ${_param:openstack_control_address}
- opencontrail_message_queue_password: guest
opencontrail_analytics_image: ${_param:mcp_docker_registry}/opencontrail-${_param:linux_repo_contrail_component}/opencontrail-analytics:${_param:opencontrail_image_tag}
opencontrail_analyticsdb_image: ${_param:mcp_docker_registry}/opencontrail-${_param:linux_repo_contrail_component}/opencontrail-analyticsdb:${_param:opencontrail_image_tag}
opencontrail_controller_image: ${_param:mcp_docker_registry}/opencontrail-${_param:linux_repo_contrail_component}/opencontrail-controller:${_param:opencontrail_image_tag}
diff --git a/opencontrail/control/cluster4_0_k8s.yml b/opencontrail/control/cluster4_0_k8s.yml
index cf9a8e7..e8d8b59 100644
--- a/opencontrail/control/cluster4_0_k8s.yml
+++ b/opencontrail/control/cluster4_0_k8s.yml
@@ -14,7 +14,6 @@
opencontrail_message_queue_node02_address: ${_param:openstack_control_node02_address}
opencontrail_message_queue_node03_address: ${_param:openstack_control_node03_address}
opencontrail_message_queue_address: ${_param:openstack_control_address}
- opencontrail_message_queue_password: guest
opencontrail_analytics_image: ${_param:mcp_docker_registry}/opencontrail-${_param:linux_repo_contrail_component}/opencontrail-analytics:${_param:opencontrail_image_tag}
opencontrail_analyticsdb_image: ${_param:mcp_docker_registry}/opencontrail-${_param:linux_repo_contrail_component}/opencontrail-analyticsdb:${_param:opencontrail_image_tag}
opencontrail_controller_image: ${_param:mcp_docker_registry}/opencontrail-${_param:linux_repo_contrail_component}/opencontrail-controller:${_param:opencontrail_image_tag}
diff --git a/opencontrail/control/control4_0.yml b/opencontrail/control/control4_0.yml
index ba47959..a6dd1a0 100644
--- a/opencontrail/control/control4_0.yml
+++ b/opencontrail/control/control4_0.yml
@@ -14,7 +14,6 @@
opencontrail_message_queue_node01_address: ${_param:openstack_message_queue_node01_address}
opencontrail_message_queue_node02_address: ${_param:openstack_message_queue_node02_address}
opencontrail_message_queue_node03_address: ${_param:openstack_message_queue_node03_address}
- opencontrail_message_queue_password: guest
opencontrail_controller_image: ${_param:mcp_docker_registry}/opencontrail-${_param:linux_repo_contrail_component}/opencontrail-controller:${_param:opencontrail_image_tag}
opencontrail_controller_container_name: opencontrail_controller_1
opencontrail_api_workers_count: 6
diff --git a/opencontrail/control/single4_0.yml b/opencontrail/control/single4_0.yml
index 9c11443..342eb98 100644
--- a/opencontrail/control/single4_0.yml
+++ b/opencontrail/control/single4_0.yml
@@ -16,7 +16,6 @@
opencontrail_controller_container_name: opencontrail_controller_1
opencontrail_analytics_container_name: opencontrail_analytics_1
opencontrail_analyticsdb_container_name: opencontrail_analyticsdb_1
- opencontrail_message_queue_password: guest
# Temprorary fix for MOS9 packages to pin old version of kafka
linux:
system:
diff --git a/openssh/server/team/members/lmendes.yml b/openssh/server/team/members/lmendes.yml
new file mode 100644
index 0000000..e461c85
--- /dev/null
+++ b/openssh/server/team/members/lmendes.yml
@@ -0,0 +1,19 @@
+parameters:
+ linux:
+ system:
+ user:
+ lmendes:
+ enabled: true
+ name: lmendes
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: Leandro Mendes
+ home: /home/lmendes
+ email: lmendes@mirantis.com
+ openssh:
+ server:
+ user:
+ lmendes:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQD44cCDiCstIu7i8fxM1BaHi9xbFrvKMWaExFgc+ygw+WXxqVpBRdjn+Tm41ItrfD2A5vHQ6Az/gKE2qBFIIjRqR/Qe3CuOOIES1aNGNsRQ2pBk8B7YQnrctOvikTLDbPGZWXKIOvVNL3Jd6BlRrfCc8JxJE0h5E+ssa+zIHlNP+CwCs+TYYuhzU0zrbqCN2sqjytSIAp+zkH9M653m3EKZ1XyaPuz2U5q2LWmfyjMoTjWzBadlaQdf5xROKgdewg+femcOkX/hImUtK3YPsGJAbjBLv1wtqVGUuPuGtYfG5RPHSC5s4KEGf+3VlLQk8jQvWfgIIpEhw7T8VbcLvBlJoqE2rSbCMyKQI/t61rMCFE3llBS1ZHtkPIp8efgiU7Dil8u0lIztzgVqlIvqV1tzw7yCKFYE8VRtQebtbreCkU6zrvUmJLArFMKaYWHMs28LsSz7QNce4DnqS1wehuvbnrvQCpc85d5U4w8Q1ZFDmTbmc1x+lEYHG7io0nhTt2u6H/7/JEbedNg7wrQLq7/w28jY3vY+aoa7QtE9LRxTBRm0wB0ROVXt/AC3v5ErrpkSvMl2TjGHIJqCLrmmt1xogKCTmDHbX55xhN6SkshuGYHy/y6qM+CpomTeqDBhvdbgAKHUnzT3TbJdfmuxa3ztra2pBTB7Yx5FIOQW7i/CUw== lmendes@mirantis.com
+ user: ${linux:system:user:lmendes}
diff --git a/openssh/server/team/services.yml b/openssh/server/team/services.yml
index 371c254..65e3cb1 100644
--- a/openssh/server/team/services.yml
+++ b/openssh/server/team/services.yml
@@ -24,6 +24,7 @@
- system.openssh.server.team.members.alis
- system.openssh.server.team.members.isviridov
- system.openssh.server.team.members.cdodda
+- system.openssh.server.team.members.lmendes
parameters:
_param:
linux_system_user_sudo: true
diff --git a/postgresql/client/init.yml b/postgresql/client/init.yml
index 95fdcdb..1775654 100644
--- a/postgresql/client/init.yml
+++ b/postgresql/client/init.yml
@@ -1,7 +1,6 @@
parameters:
_param:
postgresql_client_user: none
- postgresql_client_password: none
postgresql_client_host: ${_param:control_vip_address}
postgresql_client_port: 5432
postgresql:
diff --git a/postgresql/client/pushkin/alertmanager.yml b/postgresql/client/pushkin/alertmanager.yml
index 8e413da..bf01013 100644
--- a/postgresql/client/pushkin/alertmanager.yml
+++ b/postgresql/client/pushkin/alertmanager.yml
@@ -4,7 +4,6 @@
_param:
alertmanager_db_host: ${_param:haproxy_postgresql_bind_host}
alertmanager_db_user: alertmanager
- alertmanager_db_user_password: alertmanager
webhook_login_id: 13
webhook_application_id: 24
postgresql:
diff --git a/postgresql/client/pushkin/init.yml b/postgresql/client/pushkin/init.yml
index 5677646..26f8abe 100644
--- a/postgresql/client/pushkin/init.yml
+++ b/postgresql/client/pushkin/init.yml
@@ -4,7 +4,6 @@
_param:
pushkin_db_host: ${_param:haproxy_postgresql_bind_host}
pushkin_db_user: pushkin
- pushkin_db_user_password: pushkin
postgresql:
client:
server:
diff --git a/postgresql/client/pushkin/janitor_monkey.yml b/postgresql/client/pushkin/janitor_monkey.yml
index b56d098..78a3b27 100644
--- a/postgresql/client/pushkin/janitor_monkey.yml
+++ b/postgresql/client/pushkin/janitor_monkey.yml
@@ -4,7 +4,6 @@
_param:
janmonkey_db_host: ${_param:haproxy_postgresql_bind_host}
janmonkey_db_user: janmonkey
- janmonkey_db_user_password: janmonkey
janmonkey_login_id: 12
janmonkey_application_id: 2
postgresql:
diff --git a/postgresql/client/pushkin/security_monkey.yml b/postgresql/client/pushkin/security_monkey.yml
index 18154cd..1ebf4f4 100644
--- a/postgresql/client/pushkin/security_monkey.yml
+++ b/postgresql/client/pushkin/security_monkey.yml
@@ -4,7 +4,6 @@
_param:
secmonkey_db_host: ${_param:haproxy_postgresql_bind_host}
secmonkey_db_user: secmonkey
- secmonkey_db_user_password: secmonkey
postgresql:
client:
server:
diff --git a/postgresql/client/pushkin/sfdc.yml b/postgresql/client/pushkin/sfdc.yml
index 57af7fe..cfb1236 100644
--- a/postgresql/client/pushkin/sfdc.yml
+++ b/postgresql/client/pushkin/sfdc.yml
@@ -4,7 +4,6 @@
_param:
sfdc_db_host: ${_param:haproxy_postgresql_bind_host}
sfdc_db_user: sfdc
- sfdc_db_user_password: sfdc
sfdc_login_id: 14
sfdc_application_id: 4
postgresql:
diff --git a/postgresql/client/rundeck.yml b/postgresql/client/rundeck.yml
index 0c1102d..d4cd256 100644
--- a/postgresql/client/rundeck.yml
+++ b/postgresql/client/rundeck.yml
@@ -4,7 +4,6 @@
_param:
rundeck_db_host: ${_param:haproxy_postgresql_bind_host}
rundeck_db_user: rundeck
- rundeck_db_user_password: password
postgresql:
client:
server:
diff --git a/postgresql/client/security_monkey.yml b/postgresql/client/security_monkey.yml
index ab7a4c8..5693d6c 100644
--- a/postgresql/client/security_monkey.yml
+++ b/postgresql/client/security_monkey.yml
@@ -4,7 +4,6 @@
_param:
secmonkey_db_host: ${_param:haproxy_postgresql_bind_host}
secmonkey_db_user: secmonkey
- secmonkey_db_user_password: secmonkey
postgresql:
client:
server:
diff --git a/prometheus/elasticsearch_exporter/container.yml b/prometheus/elasticsearch_exporter/container.yml
new file mode 100644
index 0000000..9f78f4a
--- /dev/null
+++ b/prometheus/elasticsearch_exporter/container.yml
@@ -0,0 +1,2 @@
+classes:
+- service.prometheus.elasticsearch_exporter.container
diff --git a/prometheus/server/target/dns/elasticsearch_exporter.yml b/prometheus/server/target/dns/elasticsearch_exporter.yml
new file mode 100644
index 0000000..3c331fd
--- /dev/null
+++ b/prometheus/server/target/dns/elasticsearch_exporter.yml
@@ -0,0 +1,12 @@
+parameters:
+ prometheus:
+ server:
+ target:
+ dns:
+ enabled: true
+ endpoint:
+ - name: 'elasticsearch_exporter'
+ domain:
+ - 'tasks.monitoring_elasticsearch_exporter'
+ type: A
+ port: 9206
diff --git a/prometheus/server/target/dns/init.yml b/prometheus/server/target/dns/init.yml
index 361d296..7363be1 100644
--- a/prometheus/server/target/dns/init.yml
+++ b/prometheus/server/target/dns/init.yml
@@ -1,5 +1,6 @@
classes:
- system.prometheus.server.target.dns.alertmanager
+- system.prometheus.server.target.dns.elasticsearch_exporter
- system.prometheus.server.target.dns.prometheus
- system.prometheus.server.target.dns.pushgateway
- system.prometheus.server.target.dns.remote_agent
diff --git a/rabbitmq/server/vhost/catalog.yml b/rabbitmq/server/vhost/catalog.yml
index 23cb0f2..cd4b0cb 100644
--- a/rabbitmq/server/vhost/catalog.yml
+++ b/rabbitmq/server/vhost/catalog.yml
@@ -12,7 +12,7 @@
definition: '{"ha-mode": "all", "message-ttl": 120000}'
admin:
name: admin
- password: zeQuooQu47eed8esahpie2Lai8En9ohp
+ password: ${_param:rabbitmq_guest_password}
bind:
address: ${_param:single_address}
management:
diff --git a/rabbitmq/server/vhost/opencontrail.yml b/rabbitmq/server/vhost/opencontrail.yml
index 8f88cee..c29f7c8 100644
--- a/rabbitmq/server/vhost/opencontrail.yml
+++ b/rabbitmq/server/vhost/opencontrail.yml
@@ -5,7 +5,7 @@
'/':
enabled: true
user: guest
- password: guest
+ password: ${_param:rabbitmq_guest_password}
policies:
- name: HA
pattern: '^(?!amq\.).*'
diff --git a/rabbitmq/server/vhost/openstack/init.yml b/rabbitmq/server/vhost/openstack/init.yml
index 50b0814..5b440e7 100644
--- a/rabbitmq/server/vhost/openstack/init.yml
+++ b/rabbitmq/server/vhost/openstack/init.yml
@@ -8,7 +8,7 @@
'/':
enabled: true
user: guest
- password: guest
+ password: ${_param:rabbitmq_guest_password}
policies:
- name: HA
pattern: '^(?!amq\.).*'
diff --git a/rundeck/client/project/cicd.yml b/rundeck/client/project/cicd.yml
index e09d9f1..e8e528e 100644
--- a/rundeck/client/project/cicd.yml
+++ b/rundeck/client/project/cicd.yml
@@ -8,7 +8,7 @@
auth_url: http://yourcloud.com:5000/v3/auth/tokens
endpoint_type: publicURL
username: admin
- password: password
+# password: password
cert: plain-certificate
ssl_cert_file: cert.pem
project_name: admin
diff --git a/sensu/server/cluster.yml b/sensu/server/cluster.yml
index 5c8fe85..7f17a2c 100644
--- a/sensu/server/cluster.yml
+++ b/sensu/server/cluster.yml
@@ -6,10 +6,6 @@
- service.sensu.server.single
parameters:
_param:
- rabbitmq_secret_key: secret
- rabbitmq_admin_password: password
- rabbitmq_cold_password: password
- rabbitmq_monitor_password: password
sensu_message_queue_host: ${_param:cluster_vip_address}
cluster_redis_port: 6379
sensu:
diff --git a/sensu/server/dashboard.yml b/sensu/server/dashboard.yml
index 7cabe2b..98f480f 100644
--- a/sensu/server/dashboard.yml
+++ b/sensu/server/dashboard.yml
@@ -5,7 +5,6 @@
- service.sensu.server.single
parameters:
_param:
- rabbitmq_monitor_password: password
sensu_message_queue_host: 127.0.0.1
sensu:
dashboard:
diff --git a/sensu/server/single.yml b/sensu/server/single.yml
index 806b9ef..e3c4df9 100644
--- a/sensu/server/single.yml
+++ b/sensu/server/single.yml
@@ -4,5 +4,4 @@
- service.sensu.server.single
parameters:
_param:
- rabbitmq_monitor_password: password
sensu_message_queue_host: 127.0.0.1