Merge "Add basic Barbican support"
diff --git a/.releasenotes/config.yaml b/.releasenotes/config.yaml
index 28db76e..bf103f9 100644
--- a/.releasenotes/config.yaml
+++ b/.releasenotes/config.yaml
@@ -9,10 +9,11 @@
prelude_section_name: summary
show_source: False
sections:
- - [features, New Features]
- - [upgrade, Upgrade Notes]
- - [fixes, Bug Fixes]
- - [other, Other Notes]
+ - [features, New features]
+ - [upgrades, Upgrade notes]
+ - [deprecations, Deprecation notes]
+ - [fixes, Bug fixes]
+ - [others, Other notes]
template: |
---
# Author the following sections or remove the section if it is not related.
@@ -21,38 +22,66 @@
# If you miss a section from the list below, please first submit a review
# adding it to .releasenotes/config.yaml.
#
+ # Format content with reStructuredText (RST).
+ # **Formatting examples:**
+ # - |
+ # This is a brief description of the feature. It may include a
+ # number of components:
+ #
+ # * List item 1
+ # * List item 2.
+ # This code block below will appear as part of the list item 2:
+ #
+ # .. code-block:: yaml
+ #
+ # classes:
+ # - system.class.to.load
+ #
+ # The code block below will appear on the same level as the feature
+ # description:
+ #
+ # .. code-block:: text
+ #
+ # provide model/formula pillar snippets
+
+
summary: >
This section is not mandatory. Use it to highlight the change.
features:
- - Use list to record summary of features.
- - |
- Provide detailed description with examples.
- Format with reStructuredText.
+ - Use the list to record summary of **NEW** features
+ - Provide detailed description of the feature indicating the use cases
+ when users benefit from using it
+ - Explain how the feature integrates into the overall reference
+ architecture of a deployment.
+ - Provide steps to deploy the feature (if the procedure is complicated
+ indicate during what stage of the deployment workflow it should be
+ deployed).
+ - Indicate limitations or incompatibility with other versions, if applicable.
+ - Provide a brief overview of how to use the feature after installation
+ (Day2 operations).
+ - Provide troubleshooting information, if any.
+ - Provide disaster recovery information (in case of hardware or software
+ failure.)
- .. code-block:: text
+ upgrades:
+ - Use the list to record summary of an **improvement** to an existing
+ functionality/feature
+ - Document how to use a feature.
+ - Document the related upgrade instructions.
+ - Indicate limitations, if applicable.
- provide model/formula pillar snippets
-
- upgrade:
- - |
- Document how to use a feature and related upgrade instructions.
+ deprecations:
+ - Use the list to record deprecated features.
+ - Explain the reason of deprecation.
+ - Point to the functionality that can be used instead.
fixes:
- - Use list to record summary of fixes.
- Quick and dirty `git log --oneline`.
+ - Use the list to record summary of a bug fix for blocker, critical,
+ and/or customer-found issues.
+ - Provide a brief summary of what has been fixed.
- other:
- - Author additional notes for the release.
- - Format with reStructuredText.
- - |
- Use this section if note is not related to one of the common sections:
- features, issues, upgrade, deprecations, security, fixes, api, cli
+ others:
+ - Author any additional notes. Use this section if note is not related to
+ any of the common sections above.
- * list item 1
- * list item 2
-
- .. code-block:: yaml
-
- classes:
- - system.class.to.load
diff --git a/.releasenotes/notes/add-releasenotes-20cce0cea873f011.yaml b/.releasenotes/notes/add-releasenotes-20cce0cea873f011.yaml
index 733776f..45b6749 100644
--- a/.releasenotes/notes/add-releasenotes-20cce0cea873f011.yaml
+++ b/.releasenotes/notes/add-releasenotes-20cce0cea873f011.yaml
@@ -1,18 +1,20 @@
---
summary: >
- Use "reno", an releasenotes configuration tool to record release notes.
- Documentation: https://docs.openstack.org/reno/latest
+ This is the test release of MCP Feature Update notes.
+ These notes are intended to detail the new functionality and
+ bug fixes released for Reclass model on a sprint basis.
- Example usage:
-
- .. code-block:: shell
-
- # to list/create/show release notes, run following commands
- reno -qd .releasenotes list
- reno -qd .releasenotes new releasenote-slug-title --edit
- reno -qd .releasenotes report --no-show-source
-
-other:
+others:
- |
- Added `reno <https://docs.openstack.org/reno/latest>_` configuration to track release notes
- within the reclass-system git repository.
+ Added `Reno <https://docs.openstack.org/reno/latest>_`, a release notes
+ configuration tool, to track release notes within the ``reclass-system``
+ Git repository.
+
+ To list/create/show release notes:
+
+ .. code-block:: shell
+
+ reno -qd .releasenotes list
+ reno -qd .releasenotes new releasenote-slug-title --edit
+ reno -qd .releasenotes report --no-show-source
+
diff --git a/artifactory/client/init.yml b/artifactory/client/init.yml
index 0148879..ef43633 100644
--- a/artifactory/client/init.yml
+++ b/artifactory/client/init.yml
@@ -15,12 +15,121 @@
ldap_searchFilter: ${_param:artifactory_security_ldap_searchFilter}
ssl_verify: False
repo:
- local_artifactory_repo:
- name: local_artifactory_repo
- package_type: generic
+ _genericRepository-local:
+ description: "Used by Jimbo"
repo_type: local
- remote_artifactory_repo:
- name: remote_artifactory_repo
package_type: generic
+ binary-dev-local:
+ description: "None"
+ repo_type: local
+ package_type: generic
+ binary-prod-local:
+ repo_type: local
+ package_type: generic
+ docker-dev-local:
+ repo_type: local
+ package_type: docker
+ docker-prod-local:
+ repo_type: local
+ package_type: docker
+ k8s-tests-images:
+ repo_type: local
+ package_type: docker
+ maven-local:
+ description: "Hosts Java libraries needed to build Docker images"
+ repo_type: local
+ package_type: maven
+ mcp-ci-images:
+ repo_type: local
+ package_type: docker
+ vm-images:
+ repo_type: local
+ package_type: generic
+ _genericRepository-remote:
+ description: "Used by Jimbo"
repo_type: remote
- url: "http://artifactory.mcp.mirantis.net/"
+ package_type: generic
+ url: http://localhost
+ apk-remote:
+ repo_type: remote
+ package_type: generic
+ url: http://dl-cdn.alpinelinux.org/alpine/
+ apt-docker-project:
+ repo_type: remote
+ package_type: debian
+ url: https://apt.dockerproject.org/repo
+ artifactory-pro-debian:
+ repo_type: remote
+ package_type: debian
+ url: https://jfrog.bintray.com/artifactory-pro-debs
+ debian-mariadb-remote:
+ repo_type: remote
+ package_type: debian
+ url: http://sfo1.mirrors.digitalocean.com/mariadb/repo/10.1/debian/
+ debian-nginx:
+ repo_type: remote
+ package_type: debian
+ url: http://nginx.org/packages/debian/
+ debian-percona-remote:
+ repo_type: remote
+ package_type: debian
+ url: http://repo.percona.com/apt
+ debian-rabbitmq-remote:
+ repo_type: remote
+ package_type: debian
+ url: http://www.rabbitmq.com/debian/
+ debian-remote:
+ repo_type: remote
+ package_type: debian
+ url: http://ftp.us.debian.org/debian
+ debian-security-remote:
+ repo_type: remote
+ package_type: debian
+ url: http://security.debian.org/
+ docker-remote:
+ description: "Remote repository for DockerHub"
+ repo_type: remote
+ package_type: docker
+ url: https://registry-1.docker.io/
+ gcs-remote:
+ description: "Has zero downloads. Can be removed."
+ repo_type: remote
+ package_type: generic
+ url: https://storage.googleapis.com
+ gerrit-plugins:
+ description: "Overlaps with maven-local. We should resolve overlap and remove this repo."
+ repo_type: remote
+ package_type: generic
+ url: http://builds.quelltextlich.at/gerrit/nightly
+ jcenter:
+ repo_type: remote
+ package_type: maven
+ url: https://jcenter.bintray.com
+ jenkins-deb-pkgs:
+ repo_type: remote
+ package_type: generic
+ url: https://pkg.jenkins.io/debian-stable/binary
+ jenkins-plugins:
+ repo_type: remote
+ package_type: generic
+ url: http://mirrors.jenkins-ci.org/plugins
+ jenkins-plugins-jars:
+ repo_type: remote
+ package_type: maven
+ url: https://repo.jenkins-ci.org/releases/org/jenkins-ci/plugins/
+ jenkins-updates:
+ repo_type: remote
+ package_type: generic
+ url: https://updates.jenkins.io/
+ mysql-connector-java:
+ repo_type: remote
+ package_type: maven
+ url: http://repo.jfrog.org/artifactory/remote-repos/mysql/mysql-connector-java/
+ pypi-remote:
+ repo_type: remote
+ package_type: pypi
+ url: https://pypi.python.org
+ ubuntu-remote:
+ repo_type: remote
+ package_type: debian
+ url: http://us.archive.ubuntu.com/ubuntu/
diff --git a/ceph/mon/cluster.yml b/ceph/mon/cluster.yml
new file mode 100644
index 0000000..35d5596
--- /dev/null
+++ b/ceph/mon/cluster.yml
@@ -0,0 +1,2 @@
+classes:
+- service.ceph.mon.cluster
diff --git a/ceph/osd/cluster.yml b/ceph/osd/cluster.yml
new file mode 100644
index 0000000..9e98f91
--- /dev/null
+++ b/ceph/osd/cluster.yml
@@ -0,0 +1,2 @@
+classes:
+- service.ceph.osd.cluster
diff --git a/docker/swarm/stack/janitor_monkey.yml b/docker/swarm/stack/janitor_monkey.yml
index 95095e4..de7a218 100644
--- a/docker/swarm/stack/janitor_monkey.yml
+++ b/docker/swarm/stack/janitor_monkey.yml
@@ -4,7 +4,7 @@
docker_image_mongodb: library/mongo:3.4
docker_mongodb_admin_username: admin
docker_mongodb_admin_password: password
- docker_image_janitor_monkey: docker-sandbox.sandbox.mirantis.net/vstoiko/oss/janitor_monkey:6040
+ docker_image_janitor_monkey: docker-prod-local.artifactory.mirantis.com/mirantis/oss/janitor-monkey
janitor_monkey_enabled: true
janitor_monkey_dryrun_mode: false
janitor_monkey_base_url: http://${_param:haproxy_janitor_monkey_bind_host}:${_param:haproxy_janitor_monkey_bind_port}
diff --git a/docker/swarm/stack/jenkins/master.yml b/docker/swarm/stack/jenkins/master.yml
index bc01e92..c8c6b64 100644
--- a/docker/swarm/stack/jenkins/master.yml
+++ b/docker/swarm/stack/jenkins/master.yml
@@ -1,6 +1,6 @@
parameters:
_param:
- docker_image_jenkins: tcpcloud/jenkins:2.71
+ docker_image_jenkins: tcpcloud/jenkins:2.73
jenkins_master_extra_opts: ""
jenkins_master_executors_num: 4
docker:
diff --git a/docker/swarm/stack/monitoring/init.yml b/docker/swarm/stack/monitoring/init.yml
index 347319a..17a3a49 100644
--- a/docker/swarm/stack/monitoring/init.yml
+++ b/docker/swarm/stack/monitoring/init.yml
@@ -95,11 +95,11 @@
- ${prometheus:server:dir:config}:${_param:prometheus_server_config_directory}
- ${prometheus:server:dir:data}:${_param:prometheus_server_data_directory}
environment:
- config_dir: ${_param:prometheus_server_config_directory}
- data_dir: ${_param:prometheus_server_data_directory}
- bind_port: ${prometheus:server:bind:port}
- bind_address: ${prometheus:server:bind:address}
- storage_local_engine: ${prometheus:server:storage:local:engine}
- storage_local_retention: ${prometheus:server:storage:local:retention}
- storage_local_target_heap_size: ${prometheus:server:storage:local:target_heap_size}
- storage_local_num_fingerprint_mutexes: ${prometheus:server:storage:local:num_fingerprint_mutexes}
+ PROMETHEUS_CONFIG_DIR: ${_param:prometheus_server_config_directory}
+ PROMETHEUS_DATA_DIR: ${_param:prometheus_server_data_directory}
+ PROMETHEUS_BIND_PORT: ${prometheus:server:bind:port}
+ PROMETHEUS_BIND_ADDRESS: ${prometheus:server:bind:address}
+ PROMETHEUS_STORAGE_LOCAL_ENGINE: ${prometheus:server:storage:local:engine}
+ PROMETHEUS_STORAGE_LOCAL_RETENTION: ${prometheus:server:storage:local:retention}
+ PROMETHEUS_STORAGE_LOCAL_TARGET_HEAP_SIZE: ${prometheus:server:storage:local:target_heap_size}
+ PROMETHEUS_STORAGE_LOCAL_NUM_FINGERPRINT_MUTEXES: ${prometheus:server:storage:local:num_fingerprint_mutexes}
diff --git a/docker/swarm/stack/pushkin.yml b/docker/swarm/stack/pushkin.yml
index dde8541..106d544 100644
--- a/docker/swarm/stack/pushkin.yml
+++ b/docker/swarm/stack/pushkin.yml
@@ -1,7 +1,7 @@
parameters:
_param:
docker_pushkin_replicas: 1
- docker_image_pushkin: docker-sandbox.sandbox.mirantis.net/vstoiko/oss/pushkin:latest
+ docker_image_pushkin: docker-prod-local.artifactory.mirantis.com/mirantis/oss/pushkin
pushkin_db: pushkin
docker:
client:
diff --git a/docker/swarm/stack/security_monkey.yml b/docker/swarm/stack/security_monkey.yml
index a2249c6..2e1c813 100644
--- a/docker/swarm/stack/security_monkey.yml
+++ b/docker/swarm/stack/security_monkey.yml
@@ -2,8 +2,8 @@
_param:
docker_security_monkey_api_replicas: 1
docker_security_monkey_scheduler_replicas: 1
- docker_image_security_monkey_api: docker-sandbox.sandbox.mirantis.net/vstoiko/oss/security-monkey-api:6700
- docker_image_security_monkey_scheduler: docker-sandbox.sandbox.mirantis.net/vstoiko/oss/security-monkey-scheduler:6700
+ docker_image_security_monkey_api: docker-prod-local.artifactory.mirantis.com/mirantis/oss/security-monkey-api
+ docker_image_security_monkey_scheduler: docker-prod-local.artifactory.mirantis.com/mirantis/oss/security-monkey-scheduler
security_monkey_db: secmonkey
notification_service_url: http://${_param:haproxy_pushkin_bind_host}:${_param:haproxy_pushkin_bind_port}/post_notification_json
security_monkey_user: devopsportal@devopsportal.local
diff --git a/haproxy/proxy/listen/opencontrail/tor.yml b/haproxy/proxy/listen/opencontrail/tor.yml
new file mode 100644
index 0000000..0595ccd
--- /dev/null
+++ b/haproxy/proxy/listen/opencontrail/tor.yml
@@ -0,0 +1,19 @@
+parameters:
+ haproxy:
+ proxy:
+ listen:
+ contrail_tor01:
+ type: contrail-tor
+ service_name: contrail
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 6631
+ servers:
+ - name: sw01
+ host: ${_param:cluster_node01_address}
+ port: 6632
+ params: check
+ - name: sw02
+ host: ${_param:cluster_node02_address}
+ port: 6632
+ params: check backup
diff --git a/helm/analytics_pipeline/hdfs.yml b/helm/analytics_pipeline/hdfs.yml
new file mode 100644
index 0000000..64e0cef
--- /dev/null
+++ b/helm/analytics_pipeline/hdfs.yml
@@ -0,0 +1,15 @@
+parameters:
+ _param:
+ analytics_hdfs_release: ${_param:analytics_release_prefix}hdfs
+ analytics_hdfs_address: hdfs-namenode-${_param:analytics_hdfs_release}-0.hdfs-namenode-${_param:analytics_hdfs_release}
+ helm:
+ client:
+ releases:
+ analytics-pipeline-hdfs:
+ enabled: ${_param:analytics_enabled}
+ name: ${_param:analytics_hdfs_release}
+ chart: ${_param:analytics_repo}/hdfs
+ values:
+ datanode:
+ replicas: 3
+ antiAffinity: soft
diff --git a/helm/analytics_pipeline/init.yml b/helm/analytics_pipeline/init.yml
new file mode 100644
index 0000000..f994efa
--- /dev/null
+++ b/helm/analytics_pipeline/init.yml
@@ -0,0 +1,19 @@
+classes:
+- system.helm.analytics_pipeline.zookeeper
+- system.helm.analytics_pipeline.kafka
+- system.helm.analytics_pipeline.spark
+- system.helm.analytics_pipeline.hdfs
+- system.helm.analytics_pipeline.tweepub
+- system.helm.analytics_pipeline.tweetics
+- system.helm.analytics_pipeline.tweeviz
+- service.helm.client
+parameters:
+ _param:
+ analytics_enabled: true
+ analytics_repo: mirantisworkloads
+ analytics_release_prefix: analytics-pipeline-
+ analytics_kafka_replicas: 3
+ helm:
+ client:
+ repos:
+ mirantisworkloads: https://mirantisworkloads.storage.googleapis.com/
diff --git a/helm/analytics_pipeline/kafka.yml b/helm/analytics_pipeline/kafka.yml
new file mode 100644
index 0000000..3c88299
--- /dev/null
+++ b/helm/analytics_pipeline/kafka.yml
@@ -0,0 +1,17 @@
+parameters:
+ _param:
+ analytics_kafka_release: ${_param:analytics_release_prefix}kafka
+ analytics_kafka_address: kafka-${_param:analytics_kafka_release}-0.kafka-${_param:analytics_kafka_release}:9092,kafka-${_param:analytics_kafka_release}-1.kafka-${_param:analytics_kafka_release}:9092,kafka-${_param:analytics_kafka_release}-2.kafka-${_param:analytics_kafka_release}:9092
+ helm:
+ client:
+ releases:
+ analytics-pipeline-kafka:
+ enabled: ${_param:analytics_enabled}
+ name: ${_param:analytics_kafka_release}
+ chart: ${_param:analytics_repo}/kafka
+ values:
+ replicas: ${_param:analytics_kafka_replicas}
+ antiAffinity: soft
+ zookeeper:
+ deployChart: false
+ externalAddress: ${_param:analytics_zookeeper_address}
diff --git a/helm/analytics_pipeline/spark.yml b/helm/analytics_pipeline/spark.yml
new file mode 100644
index 0000000..aeb2856
--- /dev/null
+++ b/helm/analytics_pipeline/spark.yml
@@ -0,0 +1,20 @@
+parameters:
+ _param:
+ analytics_spark_release: ${_param:analytics_release_prefix}spark
+ analytics_spark_address: spark-master-${_param:analytics_spark_release}-0.spark-master-${_param:analytics_spark_release}:7077,spark-master-${_param:analytics_spark_release}-1.spark-master-${_param:analytics_spark_release}:7077
+ helm:
+ client:
+ releases:
+ analytics-pipeline-spark:
+ enabled: ${_param:analytics_enabled}
+ name: ${_param:analytics_spark_release}
+ chart: ${_param:analytics_repo}/spark
+ values:
+ spark:
+ master:
+ replicas: 1
+ worker:
+ replicas: 3
+ zookeeper:
+ deployChart: false
+ externalAddress: ${_param:analytics_zookeeper_address}
diff --git a/helm/analytics_pipeline/tweepub.yml b/helm/analytics_pipeline/tweepub.yml
new file mode 100644
index 0000000..42678a3
--- /dev/null
+++ b/helm/analytics_pipeline/tweepub.yml
@@ -0,0 +1,23 @@
+parameters:
+ _param:
+ analytics_tweepub_release: ${_param:analytics_release_prefix}tweepub
+ helm:
+ client:
+ releases:
+ analytics-pipeline-tweepub:
+ enabled: ${_param:analytics_enabled}
+ name: ${_param:analytics_tweepub_release}
+ chart: ${_param:analytics_repo}/tweepub
+ values:
+ twitter:
+ appKey: ${_param:analytics_twitter_app_key}
+ appSecret: ${_param:analytics_twitter_app_secret}
+ tokenKey: ${_param:analytics_twitter_token_key}
+ tokenSecret: ${_param:analytics_twitter_token_secret}
+
+ # San Francisco, Boston, New York
+ locations: -71.4415,41.9860,-70.4747,42.9041,-122.75,36.8,-121.75,37.8,-74,40,-73,41
+ kafka:
+ deployChart: false
+ externalAddress: ${_param:analytics_kafka_address}
+ topic: twitter-stream
diff --git a/helm/analytics_pipeline/tweetics.yml b/helm/analytics_pipeline/tweetics.yml
new file mode 100644
index 0000000..de438bf
--- /dev/null
+++ b/helm/analytics_pipeline/tweetics.yml
@@ -0,0 +1,27 @@
+parameters:
+ _param:
+ analytics_tweetics_release: ${_param:analytics_release_prefix}tweetics
+ helm:
+ client:
+ releases:
+ analytics-pipeline-tweetics:
+ enabled: ${_param:analytics_enabled}
+ name: ${_param:analytics_tweetics_release}
+ chart: ${_param:analytics_repo}/tweetics
+ values:
+ minHashtagCounts: 0
+ zookeeper:
+ deployChart: false
+ externalAddress: ${_param:analytics_zookeeper_address}
+ kafka:
+ deployChart: false
+ externalAddress: ${_param:analytics_kafka_address}
+ topic: twitter-stream
+ spark:
+ deployChart: false
+ externalAddress: ${_param:analytics_spark_address}
+ storage: hdfs
+ hdfs:
+ deployChart: false
+ externalAddress: ${_param:analytics_hdfs_address}
+ path: /twitter
diff --git a/helm/analytics_pipeline/tweeviz.yml b/helm/analytics_pipeline/tweeviz.yml
new file mode 100644
index 0000000..d8f7aef
--- /dev/null
+++ b/helm/analytics_pipeline/tweeviz.yml
@@ -0,0 +1,19 @@
+parameters:
+ _param:
+ analytics_tweeviz_release: ${_param:analytics_release_prefix}tweeviz
+ helm:
+ client:
+ releases:
+ analytics-pipeline-tweeviz:
+ enabled: ${_param:analytics_enabled}
+ name: ${_param:analytics_tweeviz_release}
+ chart: ${_param:analytics_repo}/tweeviz
+ values:
+ minPopularity: 1
+ topListSize: 25
+ storage: hdfs
+ hdfs:
+ deployChart: false
+ externalAddress: ${_param:analytics_hdfs_address}
+ path: /
+ externalPort: 8020
diff --git a/helm/analytics_pipeline/zookeeper.yml b/helm/analytics_pipeline/zookeeper.yml
new file mode 100644
index 0000000..698510d
--- /dev/null
+++ b/helm/analytics_pipeline/zookeeper.yml
@@ -0,0 +1,14 @@
+parameters:
+ _param:
+ analytics_zookeeper_release: ${_param:analytics_release_prefix}zookeeper
+ analytics_zookeeper_address: zk-${_param:analytics_zookeeper_release}-0.zk-${_param:analytics_zookeeper_release}:2181,zk-${_param:analytics_zookeeper_release}-1.zk-${_param:analytics_zookeeper_release}:2181,zk-${_param:analytics_zookeeper_release}-2.zk-${_param:analytics_zookeeper_release}:2181
+ helm:
+ client:
+ releases:
+ analytics-pipeline-zookeeper:
+ enabled: ${_param:analytics_enabled}
+ name: ${_param:analytics_zookeeper_release}
+ chart: ${_param:analytics_repo}/zookeeper
+ values:
+ replicas: 3
+ antiAffinity: soft
diff --git a/jenkins/client/approved_scripts.yml b/jenkins/client/approved_scripts.yml
index 5d9a140..b187e26 100644
--- a/jenkins/client/approved_scripts.yml
+++ b/jenkins/client/approved_scripts.yml
@@ -12,6 +12,8 @@
- method groovy.json.JsonSlurperClassic parseText java.lang.String
- method groovy.lang.GString getBytes
- method groovy.lang.GroovyObject getProperty java.lang.String
+ - method groovy.util.Node attributes
+ - method groovy.util.XmlParser parse java.io.File
- method hudson.PluginManager getPlugins
- method hudson.PluginWrapper getShortName
- method hudson.model.Item getName
@@ -68,6 +70,7 @@
- new groovy.json.JsonBuilder
- new groovy.json.JsonBuilder java.lang.Object
- new groovy.json.JsonSlurperClassic
+ - new groovy.util.XmlParser
- new java.io.File java.lang.String
- new java.io.IOException java.lang.String
- new java.io.OutputStreamWriter java.io.OutputStream
@@ -82,6 +85,7 @@
- new java.util.HashMap
- staticField groovy.io.FileType FILES
- staticMethod com.cloudbees.plugins.credentials.CredentialsProvider lookupCredentials java.lang.Class hudson.model.ItemGroup
+ - staticMethod java.lang.Double parseDouble java.lang.String
- staticMethod java.lang.Integer valueOf int
- staticMethod java.lang.Integer valueOf java.lang.String
- staticMethod java.lang.Math min int int
@@ -122,3 +126,6 @@
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods getAt java.lang.Object java.lang.String
- method java.io.File listFiles
- method java.lang.String concat java.lang.String
+ - method org.jenkinsci.plugins.workflow.steps.FlowInterruptedException getCauses
+ - method org.jenkinsci.plugins.workflow.support.steps.build.RunWrapper getRawBuild
+ - method hudson.model.Actionable getAction java.lang.Class
diff --git a/jenkins/client/init.yml b/jenkins/client/init.yml
index b37c48f..7d87ffe 100644
--- a/jenkins/client/init.yml
+++ b/jenkins/client/init.yml
@@ -16,7 +16,6 @@
username: ${_param:jenkins_client_user}
password: ${_param:jenkins_client_password}
plugin:
- ansicolor: {}
artifactory: {}
build-blocker-plugin: {}
build-monitor-plugin: {}
@@ -39,7 +38,6 @@
simple-theme-plugin: {}
slack: {}
test-stability: {}
- timestamper: {}
workflow-cps: {}
workflow-remote-loader: {}
workflow-scm-step:
diff --git a/jenkins/client/job/ceph/init.yml b/jenkins/client/job/ceph/init.yml
new file mode 100644
index 0000000..06dc5eb
--- /dev/null
+++ b/jenkins/client/job/ceph/init.yml
@@ -0,0 +1,3 @@
+classes:
+- system.jenkins.client.job.ceph.remove-osd
+- system.jenkins.client.job.ceph.weights
diff --git a/jenkins/client/job/ceph/remove-osd.yml b/jenkins/client/job/ceph/remove-osd.yml
new file mode 100644
index 0000000..448318a
--- /dev/null
+++ b/jenkins/client/job/ceph/remove-osd.yml
@@ -0,0 +1,43 @@
+parameters:
+ jenkins:
+ client:
+ job:
+ ceph-remove-osd:
+ type: workflow-scm
+ concurrent: true
+ display_name: "Ceph - remove OSD"
+ discard:
+ build:
+ keep_num: 50
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
+ credentials: "gerrit"
+ script: ceph-remove-osd.groovy
+ param:
+ # general parameters
+ SALT_MASTER_URL:
+ type: string
+ description: URL of Salt master
+ default: "http://${_param:salt_master_host}:6969"
+ SALT_MASTER_CREDENTIALS:
+ type: string
+ description: Credentials for login to Salt API
+ default: salt
+ HOST:
+ type: string
+ description: OSDs on this HOST will be removed from cluster
+ OSD:
+ type: string
+ description: These OSDs at HOST will be removed (comma-separated list)
+ default: '*'
+ ADMIN_HOST:
+ type: string
+ description: Host with admin keyring and access to cluster management
+ CLUSTER_FLAGS:
+ type: string
+ description: Flags to be aplied before pipeline and after pipeline (comma-separated list)
+ WAIT_FOR_HEALTHY:
+ type: boolean
+ default: 'false'
+ description: Wait for healthy during pipeline
diff --git a/jenkins/client/job/ceph/weights.yml b/jenkins/client/job/ceph/weights.yml
new file mode 100644
index 0000000..776e16f
--- /dev/null
+++ b/jenkins/client/job/ceph/weights.yml
@@ -0,0 +1,29 @@
+parameters:
+ jenkins:
+ client:
+ job:
+ ceph-enforce-weights:
+ type: workflow-scm
+ concurrent: true
+ display_name: "Ceph - enforce OSD weights"
+ discard:
+ build:
+ keep_num: 50
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
+ credentials: "gerrit"
+ script: ceph-enforce-weights.groovy
+ param:
+ # general parameters
+ SALT_MASTER_URL:
+ type: string
+ description: URL of Salt master
+ default: "http://${_param:salt_master_host}:6969"
+ SALT_MASTER_CREDENTIALS:
+ type: string
+ description: Credentials for login to Salt API
+ default: salt
+ ADMIN_HOST:
+ type: string
+ description: Host with admin keyring and access to cluster management
diff --git a/jenkins/client/job/debian/packages/extra.yml b/jenkins/client/job/debian/packages/extra.yml
index 7371d3b..c7df567 100644
--- a/jenkins/client/job/debian/packages/extra.yml
+++ b/jenkins/client/job/debian/packages/extra.yml
@@ -97,6 +97,10 @@
dist: trusty
build: jmx-exporter
branch: master
+ - package: python-bitstring
+ dist: trusty
+ build: pipeline
+ branch: debian/trusty
- package: librdkafka
dist: xenial
build: pipeline
diff --git a/jenkins/client/job/deploy/lab/component/ceph.yml b/jenkins/client/job/deploy/lab/component/ceph.yml
index b0b3af1..e9e3d64 100644
--- a/jenkins/client/job/deploy/lab/component/ceph.yml
+++ b/jenkins/client/job/deploy/lab/component/ceph.yml
@@ -9,3 +9,9 @@
stack_install: core,ceph
stack_test: "ceph"
job_timer: ""
+ - stack_name: ceph_ha
+ stack_env: devcloud
+ stack_type: aws
+ stack_install: core,ceph
+ stack_test: "ceph"
+ job_timer: "H H * * *"
diff --git a/jenkins/client/job/deploy/lab/release/mcp05.yml b/jenkins/client/job/deploy/lab/release/mcp05.yml
index 5ec2787..05e74d9 100644
--- a/jenkins/client/job/deploy/lab/release/mcp05.yml
+++ b/jenkins/client/job/deploy/lab/release/mcp05.yml
@@ -4,13 +4,13 @@
_param:
jenkins_deploy_jobs:
- stack_name: virtual_mcp05_dvr
- stack_env: virtual_mcp05_dvr/devcloud
+ stack_env: devcloud
stack_install: core,openstack,dvr
stack_type: heat
stack_test: ""
job_timer: ""
- stack_name: virtual_mcp05_ovs
- stack_env: virtual_mcp05_ovs/devcloud
+ stack_env: devcloud
stack_install: core,openstack,ovs
stack_type: heat
stack_test: ""
diff --git a/jenkins/client/job/deploy/lab/release/mcp10.yml b/jenkins/client/job/deploy/lab/release/mcp10.yml
index 516d533..a692378 100644
--- a/jenkins/client/job/deploy/lab/release/mcp10.yml
+++ b/jenkins/client/job/deploy/lab/release/mcp10.yml
@@ -5,25 +5,25 @@
jenkins_deploy_jobs:
# physical
- stack_name: mcp10_contrail
- stack_env: mcp10_contrail/devcloud
+ stack_env: devcloud
stack_install: core,kvm,openstack,contrail
stack_type: physical
stack_test: openstack
job_timer: ""
- stack_name: mcp10_opencontrail_nfv
- stack_env: mcp10_opencontrail_nfv/devcloud
+ stack_env: devcloud
stack_install: core,kvm,openstack,nfv
stack_type: physical
stack_test: openstack
job_timer: ""
- stack_name: mcp10_dvr
- stack_env: mcp10_dvr/devcloud
+ stack_env: devcloud
stack_install: core,kvm,openstack,dvr
stack_type: physical
stack_test: openstack
job_timer: ""
- stack_name: mcp10_non_dvr
- stack_env: mcp10_non_dvr/devcloud
+ stack_env: devcloud
stack_install: core,kvm,openstack
stack_type: physical
stack_test: openstack
@@ -31,19 +31,19 @@
# virtual
- stack_name: virtual_mcp10_contrail
- stack_env: virtual_mcp10_contrail/devcloud
+ stack_env: devcloud
stack_install: core,openstack,contrail
stack_type: heat
stack_test: ""
job_timer: "H H(0-6) * * *"
- stack_name: virtual_mcp10_dvr
- stack_env: virtual_mcp10_dvr/devcloud
+ stack_env: devcloud
stack_install: core,openstack,dvr
stack_type: heat
stack_test: ""
job_timer: "H H(0-6) * * *"
- stack_name: virtual_mcp10_ovs
- stack_env: virtual_mcp10_ovs/devcloud
+ stack_env: devcloud
stack_install: core,openstack,ovs
stack_type: heat
stack_test: ""
diff --git a/jenkins/client/job/deploy/lab/release/mcp11.yml b/jenkins/client/job/deploy/lab/release/mcp11.yml
index 27f2184..b147427 100644
--- a/jenkins/client/job/deploy/lab/release/mcp11.yml
+++ b/jenkins/client/job/deploy/lab/release/mcp11.yml
@@ -4,55 +4,55 @@
_param:
jenkins_deploy_jobs:
- stack_name: virtual_mcp11_contrail
- stack_env: virtual_mcp11_contrail/devcloud
+ stack_env: devcloud
stack_install: core,openstack,contrail
stack_type: heat
stack_test: ""
job_timer: ""
- stack_name: virtual_mcp11_dvr
- stack_env: virtual_mcp11_dvr/devcloud
+ stack_env: devcloud
stack_install: core,openstack,dvr
stack_type: heat
stack_test: ""
job_timer: ""
- stack_name: virtual_mcp11_ovs
- stack_env: virtual_mcp11_ovs/devcloud
+ stack_env: devcloud
stack_install: core,openstack,ovs
stack_type: heat
stack_test: ""
job_timer: ""
- stack_name: virtual_mcp11_ironic_small
- stack_env: virtual_mcp11_ironic_small/devcloud
+ stack_env: devcloud
stack_install: core,openstack
stack_type: heat
stack_test: ""
job_timer: ""
- stack_name: virtual_mcp11_aio
- stack_env: virtual_mcp11_aio/devcloud
- stack_install: core,openstack
+ stack_env: devcloud
+ stack_install: core,openstack,ovs
stack_type: heat
stack_test: ""
job_timer: ""
- stack_name: virtual_mcp11_k8s_calico
- stack_env: virtual_mcp11_k8s_calico/devcloud
+ stack_env: devcloud
stack_install: core,k8s,calico
stack_type: heat
stack_test: k8s
job_timer: "H H(0-6) * * *"
- stack_name: virtual_mcp11_k8s_contrail
- stack_env: virtual_mcp11_k8s_contrail/devcloud
+ stack_env: devcloud
stack_install: core,k8s,contrail
stack_type: heat
stack_test: k8s
job_timer: "H H(0-6) * * *"
- stack_name: virtual_mcp11_contrail_nfv
- stack_env: virtual_mcp11_contrail_nfv/devcloud
+ stack_env: devcloud
stack_install: core,openstack,contrail
stack_type: heat
stack_test: ""
job_timer: "H H(0-6) * * *"
- stack_name: virtual_mcp11_ovs_dpdk
- stack_env: virtual_mcp11_ovs_dpdk/devcloud
+ stack_env: devcloud
stack_install: core,openstack,ovs
stack_type: heat
stack_test: ""
diff --git a/jenkins/client/job/deploy/lab/release/mk.yml b/jenkins/client/job/deploy/lab/release/mk.yml
index 1be1057..4968285 100644
--- a/jenkins/client/job/deploy/lab/release/mk.yml
+++ b/jenkins/client/job/deploy/lab/release/mk.yml
@@ -5,26 +5,26 @@
jenkins_deploy_jobs:
# mk20
- stack_name: virtual_mk20_advanced
- stack_env: virtual_mk20_advanced/devcloud
+ stack_env: devcloud
stack_install: core,openstack
stack_type: heat
stack_test: ""
job_timer: ""
- stack_name: virtual_mk20_basic
- stack_env: virtual_mk20_basic/devcloud
+ stack_env: devcloud
stack_install: core,openstack
stack_type: heat
stack_test: ""
job_timer: ""
# mk22
- stack_name: virtual_mk22_advanced
- stack_env: virtual_mk22_advanced/devcloud
+ stack_env: devcloud
stack_install: core,openstack
stack_type: heat
stack_test: ""
job_timer: ""
- stack_name: virtual_mk22_basic
- stack_env: virtual_mk22_basic/devcloud
+ stack_env: devcloud
stack_install: core,openstack
stack_type: heat
stack_test: ""
diff --git a/jenkins/client/job/deploy/lab/test-devops-portal-cicd.yml b/jenkins/client/job/deploy/lab/test-devops-portal-cicd.yml
index ab84659..8dfc70e 100644
--- a/jenkins/client/job/deploy/lab/test-devops-portal-cicd.yml
+++ b/jenkins/client/job/deploy/lab/test-devops-portal-cicd.yml
@@ -18,6 +18,18 @@
script: test-func-devops-portal-pipeline.groovy
param:
# heat
+ HEAT_STACK_DELETE:
+ type: boolean
+ default: 'true'
+ description: "Delete heat stack at the end of job"
+ HEAT_STACK_REUSE:
+ type: boolean
+ default: 'false'
+ description: "Reuse existing stack and only orchestrate deployment"
+ HEAT_STACK_KEEP_INTACT:
+ type: boolean
+ default: 'false'
+ description: "Save current deployment status without re-orchestrating"
HEAT_TEMPLATE_URL:
type: string
default: "${_param:jenkins_gerrit_url}/mk/heat-templates"
@@ -42,14 +54,6 @@
HEAT_STACK_PUBLIC_NET:
type: string
default: "public"
- HEAT_STACK_DELETE:
- type: boolean
- default: 'true'
- description: "Delete heat stack at the end of job"
- HEAT_STACK_REUSE:
- type: boolean
- default: 'false'
- description: "Reuse existing stack and only orchestrate deployment"
# salt master
SALT_MASTER_CREDENTIALS:
diff --git a/jenkins/client/job/deploy/rollout.yml b/jenkins/client/job/deploy/rollout.yml
new file mode 100644
index 0000000..3f2f835
--- /dev/null
+++ b/jenkins/client/job/deploy/rollout.yml
@@ -0,0 +1,92 @@
+parameters:
+ jenkins:
+ client:
+ job:
+ deploy_rollout_config_change:
+ name: deploy-rollout-config-change
+ type: workflow-scm
+ discard:
+ build:
+ keep_num: 20
+ concurrent: true
+ display_name: "Deploy - Rollout change"
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
+ credentials: "gerrit"
+ script: rollout-config-change.groovy
+ param:
+ TST_SALT_MASTER_CREDENTIALS:
+ type: string
+ TST_SALT_MASTER_URL:
+ type: string
+ PRD_SALT_MASTER_CREDENTIALS:
+ type: string
+ PRD_SALT_MASTER_URL:
+ type: string
+ MODEL_REPO_URL:
+ type: string
+ MODEL_REPO_CREDENTIALS:
+ type: string
+ default: "gerrit"
+ MODEL_REPO_SOURCE_BRANCH:
+ type: string
+ MODEL_REPO_TARGET_BRANCH:
+ type: string
+ TARGET_SERVERS:
+ type: string
+ TARGET_STATES:
+ type: string
+ TARGET_SUBSET_TEST:
+ type: string
+ TARGET_SUBSET_LIVE:
+ type: string
+ TARGET_BATCH_LIVE:
+ type: string
+ # test
+ TEST_SERVICE:
+ type: string
+ TEST_K8S_API_SERVER:
+ type: string
+ default: "http://127.0.0.1:8080"
+ TEST_K8S_CONFORMANCE_IMAGE:
+ type: string
+ default: "docker-dev-virtual.docker.mirantis.net/mirantis/kubernetes/k8s-conformance:v1.5.1-3_1482332392819"
+ TEST_TEMPEST_IMAGE:
+ type: string
+ description: "Tempest docker image"
+ default: "sandbox-docker-prod-local.docker.mirantis.net/mirantis/rally_tempest:0.1"
+ TEST_TEMPEST_TARGET:
+ type: string
+ description: "Node to run tests"
+ default: ""
+ TEST_DOCKER_INSTALL:
+ type: boolean
+ description: "Install docker on the target if true"
+ default: "true"
+ TEST_TEMPEST_PATTERN:
+ type: string
+ description: "Run tests matched to pattern only"
+ git_merge_branches:
+ name: git-merge-branches
+ type: workflow-scm
+ discard:
+ build:
+ keep_num: 20
+ concurrent: true
+ display_name: "Git - Merge branches"
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
+ credentials: "gerrit"
+ script: git-merge-branches-pipeline.groovy
+ param:
+ REPO_URL:
+ type: string
+ CREDENTIALS_ID:
+ type: string
+ default: "gerrit"
+ SOURCE_BRANCH:
+ type: string
+ TARGET_BRANCH:
+ type: string
diff --git a/jenkins/client/job/deploy/test.yml b/jenkins/client/job/deploy/test.yml
index fe79e73..0b5d541 100644
--- a/jenkins/client/job/deploy/test.yml
+++ b/jenkins/client/job/deploy/test.yml
@@ -36,10 +36,10 @@
TEST_TEMPEST_IMAGE:
type: string
description: "Tempest docker image"
- default: "sandbox-docker-prod-local.docker.mirantis.net/mirantis/rally_tempest:0.1"
+ default: "obutenko/rally_tempest_docker"
TEST_TEMPEST_TARGET:
type: string
- description: "Node to run tests"
+ description: "Node to run tests. use FQDN for ctl01 e.g. ctl01.deploy-heat-os_ha_contrail-17.bud-mk.local"
default: ""
TEST_DOCKER_INSTALL:
type: boolean
@@ -47,5 +47,13 @@
default: "true"
TEST_TEMPEST_PATTERN:
type: string
- description: "Run tests matched to pattern only"
- default: ""
+ description: "Run tests matched to pattern only e.g. tempest.api.identity"
+ default: "false"
+ TEST_SERVICE:
+ type: string
+ description: "openstack or k8s"
+ default: "openstack"
+ TEST_JUNIT_RATIO:
+ type: string
+ description: "The amplification factor to apply to test failures when computing the test result contribution to the build health score."
+ default: "1.0"
diff --git a/jenkins/client/job/docker/cleanup.yml b/jenkins/client/job/docker/cleanup.yml
new file mode 100644
index 0000000..eff5754
--- /dev/null
+++ b/jenkins/client/job/docker/cleanup.yml
@@ -0,0 +1,35 @@
+parameters:
+ _param:
+ jenkins_salt_api_url: "http://${_param:salt_master_host}:6969"
+ jenkins_salt_model_name: "salt"
+ jenkins:
+ client:
+ job:
+ docker-cleanup-pipeline:
+ name: docker-cleanup
+ discard:
+ build:
+ keep_num: 3
+ artifact:
+ keep_num: 3
+ type: workflow-scm
+ concurrent: true
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
+ credentials: "gerrit"
+ script: docker-cleanup-pipeline.groovy
+ trigger:
+ timer:
+ spec: "H H * * *"
+ param:
+ SALT_MASTER_URL:
+ type: string
+ default: "${_param:jenkins_salt_api_url}"
+ SALT_MASTER_CREDENTIALS:
+ type: string
+ default: "salt"
+ TEST_DATE_STRING:
+ type: string
+ default: "yesterday"
+ description: "Date string for comparison determining deletion of docker container"
diff --git a/jenkins/client/job/docker/init.yml b/jenkins/client/job/docker/init.yml
index 99e230b..b6bab31 100644
--- a/jenkins/client/job/docker/init.yml
+++ b/jenkins/client/job/docker/init.yml
@@ -23,8 +23,8 @@
tags: "2.32"
dockerfile: "Dockerfile"
- name: jenkins
- branch: "2.71"
- tags: "2.71 latest"
+ branch: "2.73"
+ tags: "2.73 latest"
dockerfile: "Dockerfile"
- name: phpldapadmin
branch: "master"
diff --git a/jenkins/client/job/fake_test.yml b/jenkins/client/job/fake_test.yml
deleted file mode 100644
index 079651c..0000000
--- a/jenkins/client/job/fake_test.yml
+++ /dev/null
@@ -1,37 +0,0 @@
-parameters:
- jenkins:
- client:
- job:
- gerrit-fake-test:
- name: gerrit-fake-test
- discard:
- build:
- keep_num: 25
- artifact:
- keep_num: 25
- type: workflow-scm
- concurrent: true
- scm:
- type: git
- url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
- credentials: "gerrit"
- script: fake-test-pipeline.groovy
- trigger:
- gerrit:
- project:
- "salt-formulas/salt-formulas":
- branches:
- - master
- event:
- patchset:
- - created:
- excludeDrafts: false
- excludeTrivialRebase: false
- excludeNoCodeChange: false
- comment:
- - addedContains:
- commentAddedCommentContains: '(recheck|reverify)'
- param:
- CREDENTIALS_ID:
- type: string
- default: "gerrit"
diff --git a/jenkins/client/job/gating.yml b/jenkins/client/job/gating.yml
index 6886b06..db2033e 100644
--- a/jenkins/client/job/gating.yml
+++ b/jenkins/client/job/gating.yml
@@ -25,9 +25,9 @@
template:
discard:
build:
- keep_num: 5
+ keep_num: 25
artifact:
- keep_num: 5
+ keep_num: 25
type: workflow-scm
concurrent: true
scm:
@@ -38,7 +38,6 @@
quiet_period: 60
trigger:
gerrit:
- silent_start_mode: true
project:
'{{regex}}':
compare_type: REG_EXP
diff --git a/jenkins/client/job/opencontrail/build/dpdk-extra.yml b/jenkins/client/job/opencontrail/build/dpdk-extra.yml
index 156cedb..53e1ae3 100644
--- a/jenkins/client/job/opencontrail/build/dpdk-extra.yml
+++ b/jenkins/client/job/opencontrail/build/dpdk-extra.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ jenkins_contrail_dpdk_kernel_modules_dkms: "${_param:jenkins_gerrit_url}/contrail/contrail-dpdk-kernel-modules-dkms"
jenkins:
client:
job_template:
@@ -84,3 +86,52 @@
description: "binary packages to create"
type: string
default: "{{binary}}"
+ build-opencontrail-dpdk-kernel-modules-dkms:
+ name: build-opencontrail-dpdk-kernel-modules-dkms-{{os}}-{{dist}}-{{dpdk}}
+ jobs:
+ - os: ubuntu
+ dist: xenial
+ branch: contrail_dpdk_2_1
+ dpdk: "21"
+ aptly_repo: ubuntu-xenial-mitaka
+ - os: ubuntu
+ dist: xenial
+ dpdk: "1702"
+ branch: contrail_dpdk_17_02
+ aptly_repo: ubuntu-xenial-oc40-dpdk1702
+ template:
+ discard:
+ build:
+ keep_num: 5
+ artifact:
+ keep_num: 5
+ type: workflow-scm
+ concurrent: false
+ quiet_period: 120
+ scm:
+ type: git
+ url: "${_param:jenkins_contrail_dpdk_kernel_modules_dkms}"
+ credentials: "gerrit"
+ branch: "{{branch}}"
+ param:
+ SOURCE_BRANCH:
+ type: string
+ default: "{{branch}}"
+ SOURCE_CREDENTIALS:
+ type: string
+ default: "gerrit"
+ APTLY_URL:
+ type: string
+ default: "${_param:jenkins_aptly_api_url}"
+ APTLY_REPO:
+ type: string
+ default: "{{aptly_repo}}"
+ OS:
+ type: string
+ default: "{{os}}"
+ DIST:
+ type: string
+ default: "{{dist}}"
+ ARCH:
+ type: string
+ default: "amd64"
diff --git a/jenkins/client/job/opencontrail/git-mirrors/upstream.yml b/jenkins/client/job/opencontrail/git-mirrors/upstream.yml
index 0fa0491..fa9bc5b 100644
--- a/jenkins/client/job/opencontrail/git-mirrors/upstream.yml
+++ b/jenkins/client/job/opencontrail/git-mirrors/upstream.yml
@@ -62,7 +62,19 @@
github:
url: "https://github.com/Mirantis/{{name}}"
trigger:
- github:
+ gerrit:
+ project:
+ contrail/{{name}}:
+ branches:
+ - compare_type: "REG_EXP"
+ name: ".*"
+ message:
+ build_successful: "Build successful"
+ build_unstable: "Build unstable"
+ build_failure: "Build failed"
+ event:
+ ref:
+ - updated
param:
SOURCE_URL:
type: string
diff --git a/jenkins/client/job/opencontrail/init.yml b/jenkins/client/job/opencontrail/init.yml
index 595dcc0..e07adaf 100644
--- a/jenkins/client/job/opencontrail/init.yml
+++ b/jenkins/client/job/opencontrail/init.yml
@@ -27,6 +27,8 @@
naming_rule: "R3.1.1.x"
- group_regex: "build-opencontrail-oc32-.*"
naming_rule: "R3.2"
+ - group_regex: "build-opencontrail-oc323-.*"
+ naming_rule: "R3.2.3.x"
- group_regex: "build-opencontrail-oc40-.*"
naming_rule: "R4.0"
- group_regex: "build-opencontrail-oc666-.*"
diff --git a/jenkins/client/job/salt-models/tests.yml b/jenkins/client/job/salt-models/tests.yml
index 4b6c006..50d1cc8 100644
--- a/jenkins/client/job/salt-models/tests.yml
+++ b/jenkins/client/job/salt-models/tests.yml
@@ -73,6 +73,16 @@
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
credentials: "gerrit"
script: test-system-reclass-pipeline.groovy
+ trigger:
+ gerrit:
+ project:
+ salt-models/{{name}}:
+ branches:
+ - master
+ event:
+ comment:
+ - addedContains:
+ commentAddedCommentContains: '(recheck|reverify)'
concurrent: true
param:
TEST_MODELS:
@@ -85,6 +95,9 @@
DEFAULT_GIT_REF:
type: string
default: master
+ PARALLEL_NODE_GROUP_SIZE:
+ type: string
+ default: "5"
test_salt_model_cookiecutter:
name: test-salt-model-cookiecutter-{{cookiecutter_template}}
jobs:
@@ -148,6 +161,9 @@
NODE_TARGET:
type: string
default: ""
+ CLUSTER_NAME:
+ type: string
+ default: ""
DEFAULT_GIT_URL:
type: string
default: "${_param:jenkins_gerrit_url}/salt-models/{{name}}"
diff --git a/jenkins/client/job/test_pipelines.yml b/jenkins/client/job/test_pipelines.yml
index d0f0a6e..822084d 100644
--- a/jenkins/client/job/test_pipelines.yml
+++ b/jenkins/client/job/test_pipelines.yml
@@ -46,7 +46,7 @@
default: "niaquinto/gradle"
GRADLE_CMD:
type: string
- default: "check"
+ default: "check --info"
DEFAULT_GIT_URL:
type: string
description: "Run against alternate system reclass"
diff --git a/jenkins/client/job/validate.yml b/jenkins/client/job/validate.yml
new file mode 100644
index 0000000..6f22a0c
--- /dev/null
+++ b/jenkins/client/job/validate.yml
@@ -0,0 +1,58 @@
+parameters:
+ jenkins:
+ client:
+ view:
+ Validation:
+ enabled: true
+ type: ListView
+ include_regex: "validate.*"
+ job:
+ validate_openstack:
+ type: workflow-scm
+ name: validate-openstack
+ display_name: "Validate - Openstack"
+ discard:
+ build:
+ keep_num: 20
+ artifact:
+ keep_num: 20
+ concurrent: false
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
+ credentials: "gerrit"
+ script: validate-cloud.groovy
+
+ param:
+ SALT_MASTER_URL:
+ type: string
+ default: ""
+ SALT_MASTER_CREDENTIALS:
+ type: string
+ default: "salt"
+ TEST_IMAGE:
+ type: string
+ default: "docker-prod-local.artifactory.mirantis.com/mirantis/oss/qa-tools"
+ TARGET_NODE:
+ type: string
+ default: ""
+ RUN_RALLY_TESTS:
+ type: boolean
+ default: 'true'
+ RUN_TEMPEST_TESTS:
+ type: boolean
+ default: 'true'
+ RUN_K8S_TESTS:
+ type: boolean
+ default: 'true'
+ TEMPEST_TEST_SET:
+ type: choice
+ choices:
+ - smoke
+ - full
+ TEST_K8S_API_SERVER:
+ type: string
+ default: "http://127.0.0.1:8080"
+ TEST_K8S_CONFORMANCE_IMAGE:
+ type: string
+ default: "docker-dev-virtual.docker.mirantis.net/mirantis/kubernetes/k8s-conformance:v1.5.1-3_1482332392819"
diff --git a/libvirt/server/single.yml b/libvirt/server/single.yml
new file mode 100644
index 0000000..f25f8ed
--- /dev/null
+++ b/libvirt/server/single.yml
@@ -0,0 +1,7 @@
+parameters:
+ linux:
+ system:
+ group:
+ libvirtd:
+ enabled: true
+ name: libvirtd
diff --git a/linux/network/hosts.yml b/linux/network/hosts.yml
new file mode 100644
index 0000000..1b29324
--- /dev/null
+++ b/linux/network/hosts.yml
@@ -0,0 +1,9 @@
+parameters:
+ linux:
+ network:
+ host:
+ localhost_hostname:
+ address: ${_param:single_address}
+ names:
+ - ${linux:network:fqdn}
+ - ${linux:network:hostname}
diff --git a/linux/system/repo/aptly.yml b/linux/system/repo/aptly.yml
new file mode 100644
index 0000000..330ba03
--- /dev/null
+++ b/linux/system/repo/aptly.yml
@@ -0,0 +1,9 @@
+parameters:
+ linux:
+ system:
+ repo:
+ aptly:
+ source: "deb http://repo.aptly.info/ squeeze main"
+ architectures: amd64
+ key_id: 9E3E53F19C7DE460
+ key_server: keys.gnupg.net
diff --git a/linux/system/single.yml b/linux/system/single.yml
index ef23a39..928efda 100644
--- a/linux/system/single.yml
+++ b/linux/system/single.yml
@@ -6,6 +6,11 @@
parameters:
linux:
system:
+ user:
+ root:
+ enabled: true
+ name: root
+ home: /root
package:
python-msgpack:
version: latest
@@ -30,6 +35,8 @@
net.ipv4.neigh.default.gc_thresh2: 8192
net.ipv4.neigh.default.gc_thresh3: 16384
net.core.netdev_max_backlog: 261144
+ net.ipv4.tcp_tw_recycle: 1
+ net.ipv4.tcp_tw_reuse: 1
kernel.panic: 60
cpu:
governor: performance
diff --git a/linux/system/sudo.yml b/linux/system/sudo.yml
index f11accc..68f2b84 100644
--- a/linux/system/sudo.yml
+++ b/linux/system/sudo.yml
@@ -24,20 +24,30 @@
- /usr/bin/sudo
- /bin/bash
sudo_coreutils_safe:
+ - /usr/bin/cat
- /usr/bin/less
+ - /usr/bin/view
+ - /usr/bin/more
- /usr/bin/grep
- /usr/bin/fgrep
- /usr/bin/egrep
- /usr/bin/zgrep
+ - /usr/bin/ack
- /usr/bin/tail
- /usr/bin/socat
- /usr/bin/top
+ - /usr/bin/atop
- /usr/bin/tail
- /usr/bin/lsof
- /usr/bin/virsh
- /bin/ls
- /bin/cp
- /bin/netstat
+ sudo_coreutils_trusted:
+ - /usr/bin/vi*
+ - /usr/bin/vim*
+ - /usr/bin/emacs*
+ - /usr/bin/nano*
sudo_rabbitmq_safe:
- /usr/sbin/rabbitmqctl
- /usr/sbin/rabbitmqctl status
@@ -81,6 +91,9 @@
- /usr/bin/rados*
- /usr/bin/rbd
- /usr/sbin/gluster
+ - /usr/fdisk -l *
+ - /usr/bin/du *
+ - /bin/df *
sudo_openstack_clients:
- /usr/bin/openstack
- /usr/bin/heat*
diff --git a/neutron/compute/cluster.yml b/neutron/compute/cluster.yml
index fc87e84..13ee31c 100644
--- a/neutron/compute/cluster.yml
+++ b/neutron/compute/cluster.yml
@@ -3,6 +3,7 @@
parameters:
_param:
neutron_enable_qos: False
+ neutron_enable_vlan_aware_vms: False
linux:
system:
package:
@@ -13,6 +14,7 @@
compute:
dvr: ${_param:neutron_compute_dvr}
qos: ${_param:neutron_enable_qos}
+ vlan_aware_vms: ${_param:neutron_enable_vlan_aware_vms}
agent_mode: ${_param:neutron_compute_agent_mode}
external_access: ${_param:neutron_compute_external_access}
backend:
diff --git a/neutron/control/openvswitch/cluster.yml b/neutron/control/openvswitch/cluster.yml
index 0587342..c840e9a 100644
--- a/neutron/control/openvswitch/cluster.yml
+++ b/neutron/control/openvswitch/cluster.yml
@@ -10,6 +10,7 @@
neutron_external_mtu: 1500
neutron_tenant_network_types: "flat,vxlan"
neutron_enable_qos: False
+ neutron_enable_vlan_aware_vms: False
neutron:
server:
plugin: ml2
@@ -17,6 +18,7 @@
l3_ha: ${_param:neutron_l3_ha}
dvr: ${_param:neutron_control_dvr}
qos: ${_param:neutron_enable_qos}
+ vlan_aware_vms: ${_param:neutron_enable_vlan_aware_vms}
backend:
engine: ml2
tenant_network_types: "${_param:neutron_tenant_network_types}"
diff --git a/neutron/control/openvswitch/single.yml b/neutron/control/openvswitch/single.yml
index 91db484..1b830f6 100644
--- a/neutron/control/openvswitch/single.yml
+++ b/neutron/control/openvswitch/single.yml
@@ -8,6 +8,7 @@
neutron_external_mtu: 1500
neutron_tenant_network_types: "flat,vxlan"
neutron_enable_qos: False
+ neutron_enable_vlan_aware_vms: False
neutron:
server:
plugin: ml2
@@ -15,6 +16,7 @@
l3_ha: ${_param:neutron_l3_ha}
dvr: ${_param:neutron_control_dvr}
qos: ${_param:neutron_enable_qos}
+ vlan_aware_vms: ${_param:neutron_enable_vlan_aware_vms}
backend:
engine: ml2
tenant_network_types: "${_param:neutron_tenant_network_types}"
diff --git a/neutron/gateway/cluster.yml b/neutron/gateway/cluster.yml
index a4f37b1..c96c6bb 100644
--- a/neutron/gateway/cluster.yml
+++ b/neutron/gateway/cluster.yml
@@ -3,10 +3,12 @@
parameters:
_param:
neutron_enable_qos: False
+ neutron_enable_vlan_aware_vms: False
neutron:
gateway:
dvr: ${_param:neutron_gateway_dvr}
qos: ${_param:neutron_enable_qos}
+ vlan_aware_vms: ${_param:neutron_enable_vlan_aware_vms}
agent_mode: ${_param:neutron_gateway_agent_mode}
backend:
tenant_network_types: ${_param:neutron_tenant_network_types}"
diff --git a/opencontrail/client/resource/k8s_api.yml b/opencontrail/client/resource/k8s_api.yml
index 3c6102b..79d6f0d 100644
--- a/opencontrail/client/resource/k8s_api.yml
+++ b/opencontrail/client/resource/k8s_api.yml
@@ -4,6 +4,6 @@
linklocal_service:
k8s_api:
lls_ip: ${_param:kubernetes_internal_api_address}
- lls_port: 6443
+ lls_port: 443
ipf_addresses: ${_param:kubernetes_control_address}
ipf_port: 443
diff --git a/opencontrail/client/resource/virtual_router.yml b/opencontrail/client/resource/virtual_router.yml
index 0333c8f..c02f8e8 100644
--- a/opencontrail/client/resource/virtual_router.yml
+++ b/opencontrail/client/resource/virtual_router.yml
@@ -1,10 +1,12 @@
parameters:
_param:
contrail_compute_dpdk_enabled: False
+ contrail_client_virtual_router_type: hypervisor
opencontrail:
client:
virtual_router:
local_compute:
name: ${linux:system:name}
ip_address: ${_param:single_address}
- dpdk_enabled: ${_param:contrail_compute_dpdk_enabled}
\ No newline at end of file
+ dpdk_enabled: ${_param:contrail_compute_dpdk_enabled}
+ router_type: ${_param:contrail_client_virtual_router_type}
diff --git a/opencontrail/compute/tor/cluster.yml b/opencontrail/compute/tor/cluster.yml
new file mode 100644
index 0000000..662de03
--- /dev/null
+++ b/opencontrail/compute/tor/cluster.yml
@@ -0,0 +1,4 @@
+classes:
+- service.haproxy.proxy.single
+- service.keepalived.cluster.single
+- service.opencontrail.compute.tor.cluster
diff --git a/openssh/server/team/all.yml b/openssh/server/team/all.yml
new file mode 100644
index 0000000..1fea51d
--- /dev/null
+++ b/openssh/server/team/all.yml
@@ -0,0 +1,21 @@
+classes:
+- system.openssh.server.team.lab
+- system.openssh.server.team.cicd
+- system.openssh.server.team.mcp_qa
+- system.openssh.server.team.mcp_ci
+- system.openssh.server.team.mmo_devops
+- system.openssh.server.team.presales
+- system.openssh.server.team.services
+# avoid teams w/sudo group restrictions, or override restrictions
+#- system.openssh.server.team.support
+- system.openssh.server.team.stacklight
+- system.openssh.server.team.networking
+- system.openssh.server.team.oss_team
+- system.openssh.server.team.services_qa
+- system.openssh.server.team.qa_scale
+- system.openssh.server.team.oscore_devops
+- system.openssh.server.team.k8s_team
+- system.openssh.server.team.k8s_apps_team
+parameters:
+ _param:
+ linux_system_user_sudo: true
diff --git a/openssh/server/team/cicd.yml b/openssh/server/team/cicd.yml
new file mode 100644
index 0000000..99f6bd6
--- /dev/null
+++ b/openssh/server/team/cicd.yml
@@ -0,0 +1,19 @@
+classes:
+- system.openssh.server.team.members.akomarek
+- system.openssh.server.team.members.atengler
+- system.openssh.server.team.members.fpytloun
+- system.openssh.server.team.members.jbroulik
+- system.openssh.server.team.members.jcach
+- system.openssh.server.team.members.jjosef
+- system.openssh.server.team.members.jpavlik
+- system.openssh.server.team.members.mpolreich
+- system.openssh.server.team.members.rfelkl
+- system.openssh.server.team.members.tkukral
+- system.openssh.server.team.members.psvimbersky
+
+parameters:
+ _param:
+ linux_system_user_sudo: true
+ openssh:
+ server:
+ enabled: true
diff --git a/openssh/server/team/members/aepifanov.yml b/openssh/server/team/members/aepifanov.yml
index 3c50dfe..be825bc 100644
--- a/openssh/server/team/members/aepifanov.yml
+++ b/openssh/server/team/members/aepifanov.yml
@@ -5,7 +5,7 @@
aepifanov:
enabled: true
name: aepifanov
- sudo: false
+ sudo: ${_param:linux_system_user_sudo}
full_name: Andrey Epifanov
home: /home/aepifanov
email: aepifanov@mirantis.com
diff --git a/openssh/server/team/members/aleksandrdobdin.yml b/openssh/server/team/members/aleksandrdobdin.yml
index 6c15522..34abcf4 100644
--- a/openssh/server/team/members/aleksandrdobdin.yml
+++ b/openssh/server/team/members/aleksandrdobdin.yml
@@ -5,7 +5,7 @@
adobdin:
enabled: true
name: adobdin
- sudo: false
+ sudo: ${_param:linux_system_user_sudo}
full_name: Aleksandr Dobdin
home: /home/adobdin
email: adobdin@mirantis.com
diff --git a/openssh/server/team/members/aleksandrrubtsov.yml b/openssh/server/team/members/aleksandrrubtsov.yml
index 2746b80..93d26df 100644
--- a/openssh/server/team/members/aleksandrrubtsov.yml
+++ b/openssh/server/team/members/aleksandrrubtsov.yml
@@ -5,7 +5,7 @@
arubtsov:
enabled: true
name: arubtsov
- sudo: false
+ sudo: ${_param:linux_system_user_sudo}
full_name: Aleksandr Rubtsov
home: /home/arubtsov
email: arubtsov@mirantis.com
diff --git a/openssh/server/team/members/anatoliineliubin.yml b/openssh/server/team/members/anatoliineliubin.yml
index 665b997..a8b1f21 100644
--- a/openssh/server/team/members/anatoliineliubin.yml
+++ b/openssh/server/team/members/anatoliineliubin.yml
@@ -5,7 +5,7 @@
aneliubin:
enabled: true
name: aneliubin
- sudo: false
+ sudo: ${_param:linux_system_user_sudo}
full_name: Anatolii Neliubin
home: /home/aneliubin
email: aneliuubin@mirantis.com
diff --git a/openssh/server/team/members/antonrodionov.yml b/openssh/server/team/members/antonrodionov.yml
index 74ac724..3be1f17 100644
--- a/openssh/server/team/members/antonrodionov.yml
+++ b/openssh/server/team/members/antonrodionov.yml
@@ -5,7 +5,7 @@
arodionov:
enabled: true
name: arodionov
- sudo: false
+ sudo: ${_param:linux_system_user_sudo}
full_name: Anton Rodionov
home: /home/arodionov
email: arodionov@mirantis.com
diff --git a/openssh/server/team/members/apetrenko.yml b/openssh/server/team/members/apetrenko.yml
index 7abc8cd..f4fa3d9 100644
--- a/openssh/server/team/members/apetrenko.yml
+++ b/openssh/server/team/members/apetrenko.yml
@@ -5,7 +5,7 @@
apetrenko:
enabled: true
name: apetrenko
- sudo: false
+ sudo: ${_param:linux_system_user_sudo}
full_name: Andrii Petrenko
home: /home/apetrenko
email: apetrenko@mirantis.com
diff --git a/openssh/server/team/members/ashishkin.yml b/openssh/server/team/members/ashishkin.yml
index b85c953..9f74171 100644
--- a/openssh/server/team/members/ashishkin.yml
+++ b/openssh/server/team/members/ashishkin.yml
@@ -5,7 +5,7 @@
ashishkin:
enabled: true
name: ashishkin
- sudo: false
+ sudo: ${_param:linux_system_user_sudo}
full_name: Aleksei Shishkin
home: /home/ashishkin
email: ashishkin@mirantis.com
diff --git a/openssh/server/team/members/atarasov.yml b/openssh/server/team/members/atarasov.yml
index 8ada998..935aa91 100644
--- a/openssh/server/team/members/atarasov.yml
+++ b/openssh/server/team/members/atarasov.yml
@@ -5,7 +5,7 @@
atarasov:
enabled: true
name: atarasov
- sudo: false
+ sudo: ${_param:linux_system_user_sudo}
full_name: Anton Tarasov
home: /home/atarasov
email: atarasov@mirantis.com
diff --git a/openssh/server/team/members/chnyda.yml b/openssh/server/team/members/chnyda.yml
new file mode 100644
index 0000000..2bcecaf
--- /dev/null
+++ b/openssh/server/team/members/chnyda.yml
@@ -0,0 +1,20 @@
+parameters:
+ linux:
+ system:
+ user:
+ chnyda:
+ enabled: true
+ name: chnyda
+ sudo: true
+ full_name: Cedric Hnyda
+ home: /home/chnyda
+ email: chnyda@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ chnyda:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDHmLTwDSFslOUVo4ViT0bqVLhSaweuLt0QNWhnIaSPgqWhHOSkdqt3+Tg4l8Vd4O4Z44Yv/rXqhmO5X1AIytNccA6+nJe4Km3JC6QzG6npS3ghtHWDU3DOGgWd5RrULviEDSIj1w1oG8oHxdycGkbfjApAkiDR/xr7NHhTcPhEuvn/q7i1raj4vpNdIrR+cr6XA3l+I4cmaizpjuWaFrag1q24RS7PVEUmcPRSODrkdwFREsrLkIlIgtIoMIIjtEDdk1RU/loiXrNwuVRI3KTLqhheFlHedQd13uzpn66KF6UVlZAm+k2y2jLdEi5IFKD3g6mmWsNH6xSZYVn6d84/XvLjMsS/UL+WHr5xetHNSi3RtQOkCPYphq1KcRAXLwH0dgtDwfyg2F+5ezG3wMsZAqD3KiaGNmDcA6R19Fpjm0S4SXa+QnX5eZcO9DS5cYTjs8F2T9Vsaspvwc0U80M6+JvOlV1PBNJYQhSxdX1Plf2p1MrrRnYhlgMdzCiPSQHsKp3tei8I+bqCvV9iScLAbLxKaW/yWdeuh74oGitTfI4R0h0HMJ1lqK+rT5wtMXyJSvFMK6Zph0GqJf3QHBhzCfs5PIto1pyNdXbI8KzfgTgyo+3gpIPAQ2VD/pf8mOD218UPNQglYWP6wniTq/hVtC2tl3DW53qx5qv10osGmw== chnyda@mirantis.com
+ user: ${linux:system:user:chnyda}
diff --git a/openssh/server/team/members/collinmay.yml b/openssh/server/team/members/collinmay.yml
index f884652..9b29a34 100644
--- a/openssh/server/team/members/collinmay.yml
+++ b/openssh/server/team/members/collinmay.yml
@@ -5,7 +5,7 @@
cmay:
enabled: true
name: cmay
- sudo: false
+ sudo: ${_param:linux_system_user_sudo}
full_name: Collin May
home: /home/cmay
email: cmay@mirantis.com
diff --git a/openssh/server/team/members/daniillapshin.yml b/openssh/server/team/members/daniillapshin.yml
index 56dfa4c..0098977 100644
--- a/openssh/server/team/members/daniillapshin.yml
+++ b/openssh/server/team/members/daniillapshin.yml
@@ -5,7 +5,7 @@
dlapshin:
enabled: true
name: dlapshin
- sudo: false
+ sudo: ${_param:linux_system_user_sudo}
full_name: Daniil Lapshin
home: /home/dlapshin
email: dlapshin@mirantis.com
diff --git a/openssh/server/team/members/danilakhmetov.yml b/openssh/server/team/members/danilakhmetov.yml
index a883b4e..47e38d6 100644
--- a/openssh/server/team/members/danilakhmetov.yml
+++ b/openssh/server/team/members/danilakhmetov.yml
@@ -5,7 +5,7 @@
dakhmetov:
enabled: true
name: dakhmetov
- sudo: false
+ sudo: ${_param:linux_system_user_sudo}
full_name: Danil Akhmetov
home: /home/dakhmetov
email: dakhmetov@mirantis.com
diff --git a/openssh/server/team/members/deniskostriukov.yml b/openssh/server/team/members/deniskostriukov.yml
index e25514a..26170dc 100644
--- a/openssh/server/team/members/deniskostriukov.yml
+++ b/openssh/server/team/members/deniskostriukov.yml
@@ -5,7 +5,7 @@
dkostriukov:
enabled: true
name: dkostriukov
- sudo: false
+ sudo: ${_param:linux_system_user_sudo}
full_name: Denis Kostriukov
home: /home/dkostriukov
email: dkostryukov@mirantis.com
diff --git a/openssh/server/team/members/dklepikov.yml b/openssh/server/team/members/dklepikov.yml
index 6e989c1..fc7b81a 100644
--- a/openssh/server/team/members/dklepikov.yml
+++ b/openssh/server/team/members/dklepikov.yml
@@ -5,7 +5,7 @@
dklepikov:
enabled: true
name: dklepikov
- sudo: false
+ sudo: ${_param:linux_system_user_sudo}
full_name: Denys Klepikov
home: /home/dklepikov
email: dklepikov@mirantis.com
diff --git a/openssh/server/team/members/dmitrygoloshubov.yml b/openssh/server/team/members/dmitrygoloshubov.yml
index 1870fac..4509f64 100644
--- a/openssh/server/team/members/dmitrygoloshubov.yml
+++ b/openssh/server/team/members/dmitrygoloshubov.yml
@@ -5,7 +5,7 @@
dgoloshubov:
enabled: true
name: dgoloshubov
- sudo: false
+ sudo: ${_param:linux_system_user_sudo}
full_name: Dmitry Goloshubov
home: /home/dgoloshubov
email: dgoloshubov@mirantis.com
diff --git a/openssh/server/team/members/dsutyagin.yml b/openssh/server/team/members/dsutyagin.yml
index 3e332f0..1315772 100644
--- a/openssh/server/team/members/dsutyagin.yml
+++ b/openssh/server/team/members/dsutyagin.yml
@@ -5,7 +5,7 @@
dsutyagin:
enabled: true
name: dsutyagin
- sudo: false
+ sudo: ${_param:linux_system_user_sudo}
full_name: Dmitry Sutyagin
home: /home/dsutyagin
email: dsutyagin@mirantis.com
diff --git a/openssh/server/team/members/ekozhemyakin.yml b/openssh/server/team/members/ekozhemyakin.yml
index 607d3c7..afd36c6 100644
--- a/openssh/server/team/members/ekozhemyakin.yml
+++ b/openssh/server/team/members/ekozhemyakin.yml
@@ -5,7 +5,7 @@
ekozhemyakin:
enabled: true
name: ekozhemyakin
- sudo: false
+ sudo: ${_param:linux_system_user_sudo}
full_name: Evgeny Kozhemyakin
home: /home/ekozhemyakin
email: ekozhemyakin@mirantis.com
diff --git a/openssh/server/team/members/enikanorov.yml b/openssh/server/team/members/enikanorov.yml
index 4a93b8c..2ea5abc 100644
--- a/openssh/server/team/members/enikanorov.yml
+++ b/openssh/server/team/members/enikanorov.yml
@@ -5,7 +5,7 @@
enikanorov:
enabled: true
name: enikanorov
- sudo: false
+ sudo: ${_param:linux_system_user_sudo}
full_name: Eugene Nikanorov
home: /home/enikanorov
email: enikanorov@mirantis.com
diff --git a/openssh/server/team/members/fsoppelsa.yml b/openssh/server/team/members/fsoppelsa.yml
index ec7398a..4478112 100644
--- a/openssh/server/team/members/fsoppelsa.yml
+++ b/openssh/server/team/members/fsoppelsa.yml
@@ -5,7 +5,7 @@
fsoppelsa:
enabled: true
name: fsoppelsa
- sudo: false
+ sudo: ${_param:linux_system_user_sudo}
full_name: Fabrizio Soppelsa
home: /home/fsoppelsa
email: fsoppelsa@mirantis.com
diff --git a/openssh/server/team/members/javierdiaz.yml b/openssh/server/team/members/javierdiaz.yml
index ebdf6dc..8b04645 100644
--- a/openssh/server/team/members/javierdiaz.yml
+++ b/openssh/server/team/members/javierdiaz.yml
@@ -5,7 +5,7 @@
jdiaz:
enabled: true
name: jdiaz
- sudo: false
+ sudo: ${_param:linux_system_user_sudo}
full_name: Javier Diaz
home: /home/jdiaz
email: jdiaz@mirantis.com
diff --git a/openssh/server/team/members/josuepalmerin.yml b/openssh/server/team/members/josuepalmerin.yml
index fdcacbe..3e0d528 100644
--- a/openssh/server/team/members/josuepalmerin.yml
+++ b/openssh/server/team/members/josuepalmerin.yml
@@ -5,7 +5,7 @@
jpalmerin:
enabled: true
name: jpalmerin
- sudo: false
+ sudo: ${_param:linux_system_user_sudo}
full_name: Josue Palmerin
home: /home/jpalmerin
email: jpalmerin@mirantis.com
diff --git a/openssh/server/team/members/krzysztoffranckowski.yml b/openssh/server/team/members/krzysztoffranckowski.yml
index 5158f94..454c833 100644
--- a/openssh/server/team/members/krzysztoffranckowski.yml
+++ b/openssh/server/team/members/krzysztoffranckowski.yml
@@ -5,7 +5,7 @@
kfranckowski:
enabled: true
name: kfranckowski
- sudo: false
+ sudo: ${_param:linux_system_user_sudo}
full_name: Krzysztof Franckowski
home: /home/kfranckowski
email: kfranckowski@mirantis.com
diff --git a/openssh/server/team/members/manashkin.yml b/openssh/server/team/members/manashkin.yml
index a28342b..17da835 100644
--- a/openssh/server/team/members/manashkin.yml
+++ b/openssh/server/team/members/manashkin.yml
@@ -5,7 +5,7 @@
manashkin:
enabled: true
name: manashkin
- sudo: false
+ sudo: ${_param:linux_system_user_sudo}
full_name: Miroslav Anashkin
home: /home/manashkin
email: manashkin@mirantis.com
diff --git a/openssh/server/team/members/matthewroark.yml b/openssh/server/team/members/matthewroark.yml
index 97064db..3dc01a6 100644
--- a/openssh/server/team/members/matthewroark.yml
+++ b/openssh/server/team/members/matthewroark.yml
@@ -5,7 +5,7 @@
mroark:
enabled: true
name: mroark
- sudo: false
+ sudo: ${_param:linux_system_user_sudo}
full_name: Matthew Roark
home: /home/mroark
email: mroark@mirantis.com
diff --git a/openssh/server/team/members/maximefimov.yml b/openssh/server/team/members/maximefimov.yml
index 48d0c90..9baaaaf 100644
--- a/openssh/server/team/members/maximefimov.yml
+++ b/openssh/server/team/members/maximefimov.yml
@@ -5,7 +5,7 @@
mefimov:
enabled: true
name: mefimov
- sudo: false
+ sudo: ${_param:linux_system_user_sudo}
full_name: Maxim Efimov
home: /home/mefimov
email: mefimov@mirantis.com
diff --git a/openssh/server/team/members/michaelpetersen.yml b/openssh/server/team/members/michaelpetersen.yml
index bab536f..4ac6ee6 100644
--- a/openssh/server/team/members/michaelpetersen.yml
+++ b/openssh/server/team/members/michaelpetersen.yml
@@ -5,7 +5,7 @@
mpetersen:
enabled: true
name: mpetersen
- sudo: false
+ sudo: ${_param:linux_system_user_sudo}
full_name: Michael Petersen
home: /home/mpetersen
email: mpetersen@mirantis.com
diff --git a/openssh/server/team/members/mikhailkraynov.yml b/openssh/server/team/members/mikhailkraynov.yml
index 39c58e6..a7a2d95 100644
--- a/openssh/server/team/members/mikhailkraynov.yml
+++ b/openssh/server/team/members/mikhailkraynov.yml
@@ -5,7 +5,7 @@
mkraynov:
enabled: true
name: mkraynov
- sudo: false
+ sudo: ${_param:linux_system_user_sudo}
full_name: Mikhail Kraynov
home: /home/mkraynov
email: mkraynov@mirantis.com
diff --git a/openssh/server/team/members/mniedbala.yml b/openssh/server/team/members/mniedbala.yml
new file mode 100644
index 0000000..30f7f30
--- /dev/null
+++ b/openssh/server/team/members/mniedbala.yml
@@ -0,0 +1,20 @@
+parameters:
+ linux:
+ system:
+ user:
+ mniedbala:
+ enabled: true
+ name: mniedbala
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: Mikolaj Niedbala
+ home: /home/mniedbala
+ email: mniedbala@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ mniedbala:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDNepHgtflir2vNW+h9cr3hP3llsTlg5uIvvmByykfk455Cum0vSO27mWKZJu0ebU4LXfeH+WP4MjR3tKAKvXqzjGhPVGjMO3wo4/NLlel2CDx99w0KotcjQhW6p+iqLv1AT9E5LW4Kr1NuQ65nvGn6y4SevRw2y36bNS4VJBq40HlgQFTW3oNP+5u4TVzu7QQhulsTUdQETgLswZKsarX7whgvcHvFs1dnbriZlkPXvrKhZLA/CUb7ot+ugw6KWOl+g4gTFLjnt0IXjJXMstCOL9R7/juflUku9CYFvSuq4/T67yMW7XntQ89VkwudSCMjjUWg6ilEG0ghd9+b3bPr mniedbala@mirantis.com
+ user: ${linux:system:user:mniedbala}
diff --git a/openssh/server/team/members/nadezhdakabanova.yml b/openssh/server/team/members/nadezhdakabanova.yml
index dee01e0..58d2ed3 100644
--- a/openssh/server/team/members/nadezhdakabanova.yml
+++ b/openssh/server/team/members/nadezhdakabanova.yml
@@ -5,7 +5,7 @@
nkabanova:
enabled: true
name: nkabanova
- sudo: false
+ sudo: ${_param:linux_system_user_sudo}
full_name: Nadezhda Kabanova
home: /home/nkabanova
email: nkabanova@mirantis.com
diff --git a/openssh/server/team/members/nkondra.yml b/openssh/server/team/members/nkondra.yml
index a6437de..b250e2b 100644
--- a/openssh/server/team/members/nkondra.yml
+++ b/openssh/server/team/members/nkondra.yml
@@ -5,7 +5,7 @@
nkondra:
enabled: true
name: nkondra
- sudo: false
+ sudo: ${_param:linux_system_user_sudo}
full_name: Nazarii Kondra
home: /home/nkondra
email: nkondra@mirantis.com
diff --git a/openssh/server/team/members/obryndzii.yml b/openssh/server/team/members/obryndzii.yml
index db0f630..9f7498c 100644
--- a/openssh/server/team/members/obryndzii.yml
+++ b/openssh/server/team/members/obryndzii.yml
@@ -5,7 +5,7 @@
obryndzii:
enabled: true
name: obryndzii
- sudo: false
+ sudo: ${_param:linux_system_user_sudo}
full_name: Oleksandr Bryndzii
home: /home/obryndzii
email: obryndzii@mirantis.com
diff --git a/openssh/server/team/members/oliemieshko.yml b/openssh/server/team/members/oliemieshko.yml
index 5050d53..ec8d8d6 100644
--- a/openssh/server/team/members/oliemieshko.yml
+++ b/openssh/server/team/members/oliemieshko.yml
@@ -5,7 +5,7 @@
oliemieshko:
enabled: true
name: oliemieshko
- sudo: false
+ sudo: ${_param:linux_system_user_sudo}
full_name: Oleksandr Liemieshko
home: /home/oliemieshko
email: oliemieshko@mirantis.com
diff --git a/openssh/server/team/members/renesoto.yml b/openssh/server/team/members/renesoto.yml
index 9fcace6..a9988ed 100644
--- a/openssh/server/team/members/renesoto.yml
+++ b/openssh/server/team/members/renesoto.yml
@@ -5,7 +5,7 @@
rsoto:
enabled: true
name: rsoto
- sudo: false
+ sudo: ${_param:linux_system_user_sudo}
full_name: Rene Soto
home: /home/rsoto
email: rsoto@mirantis.com
diff --git a/openssh/server/team/members/rsafonov.yml b/openssh/server/team/members/rsafonov.yml
index 3409c92..9965a1b 100644
--- a/openssh/server/team/members/rsafonov.yml
+++ b/openssh/server/team/members/rsafonov.yml
@@ -5,7 +5,7 @@
rsafonov:
enabled: true
name: rsafonov
- sudo: false
+ sudo: ${_param:linux_system_user_sudo}
full_name: Roman Safonov
home: /home/rsafonov
email: rsafonov@mirantis.com
diff --git a/openssh/server/team/members/scottmachtmes.yml b/openssh/server/team/members/scottmachtmes.yml
index a08b3a7..369db34 100644
--- a/openssh/server/team/members/scottmachtmes.yml
+++ b/openssh/server/team/members/scottmachtmes.yml
@@ -5,7 +5,7 @@
smachtmes:
enabled: true
name: smachtmes
- sudo: false
+ sudo: ${_param:linux_system_user_sudo}
full_name: Scott Machtmes
home: /home/smachtmes
email: smachtmes@mirantis.com
diff --git a/openssh/server/team/members/sovsianikov.yml b/openssh/server/team/members/sovsianikov.yml
index cb82cc9..d5a2fed 100644
--- a/openssh/server/team/members/sovsianikov.yml
+++ b/openssh/server/team/members/sovsianikov.yml
@@ -5,7 +5,7 @@
sovsianikov:
enabled: true
name: sovsianikov
- sudo: false
+ sudo: ${_param:linux_system_user_sudo}
full_name: Serhii Ovsianikov
home: /home/sovsianikov
email: sovsianikov@mirantis.com
diff --git a/openssh/server/team/members/zahedkhurasani.yml b/openssh/server/team/members/zahedkhurasani.yml
index df1a94d..f5411fd 100644
--- a/openssh/server/team/members/zahedkhurasani.yml
+++ b/openssh/server/team/members/zahedkhurasani.yml
@@ -5,7 +5,7 @@
zkhurasani:
enabled: true
name: zkhurasani
- sudo: false
+ sudo: ${_param:linux_system_user_sudo}
full_name: Zahed Khurasani
home: /home/zkhurasani
email: zkhurasani@mirantis.com
diff --git a/openssh/server/team/networking.yml b/openssh/server/team/networking.yml
index f64d69c..d912490 100644
--- a/openssh/server/team/networking.yml
+++ b/openssh/server/team/networking.yml
@@ -1,3 +1,8 @@
+classes:
+- system.openssh.server.team.members.mceloud
+- system.openssh.server.team.members.pjediny
+- system.openssh.server.team.members.skreys
+- system.openssh.server.team.members.smatov
parameters:
_param:
linux_system_user_sudo: true
diff --git a/openssh/server/team/services.yml b/openssh/server/team/services.yml
new file mode 100644
index 0000000..564fc32
--- /dev/null
+++ b/openssh/server/team/services.yml
@@ -0,0 +1,9 @@
+classes:
+- system.linux.system.sudo
+- system.openssh.server.team.members.mniedbala
+parameters:
+ linux:
+ system:
+ user:
+ mniedbala:
+ sudo: true
diff --git a/openssh/server/team/support.yml b/openssh/server/team/support.yml
index d164d2d..4dd5bdc 100644
--- a/openssh/server/team/support.yml
+++ b/openssh/server/team/support.yml
@@ -34,7 +34,6 @@
- system.openssh.server.team.members.obryndzii
- system.openssh.server.team.members.oliemieshko
- system.openssh.server.team.members.sovsianikov
-# L2OPS SRE Team
- system.openssh.server.team.members.cade
- system.openssh.server.team.members.jmosher
- system.openssh.server.team.members.ecantwell
@@ -56,11 +55,17 @@
enabled: false
name: supportl2
support0:
- enabled: true
+ enabled: false
name: support0
support1:
- enabled: true
+ enabled: false
name: support1
+ support2:
+ enabled: false
+ name: support2
+ support3:
+ enabled: true
+ name: support3
addusers:
# L1
- ${linux:system:user:adobdin:name}
@@ -82,10 +87,6 @@
- ${linux:system:user:rsafonov:name}
- ${linux:system:user:smachtmes:name}
- ${linux:system:user:zkhurasani:name}
- support2:
- enabled: true
- name: support2
- addusers:
# L2OPS
- ${linux:system:user:aepifanov:name}
- ${linux:system:user:apetrenko:name}
@@ -100,19 +101,6 @@
- ${linux:system:user:obryndzii:name}
- ${linux:system:user:oliemieshko:name}
- ${linux:system:user:sovsianikov:name}
- # L2OPS SRE
- - ${linux:system:user:pmichalec:name}
- - ${linux:system:user:pmathews:name}
- - ${linux:system:user:pcizinsky:name}
- - ${linux:system:user:osmola:name}
- - ${linux:system:user:cade:name}
- - ${linux:system:user:jmosher:name}
- - ${linux:system:user:ecantwell:name}
- - ${linux:system:user:lmercl:name}
- support3:
- enabled: false
- name: support3
- addusers:
- ${linux:system:user:pmichalec:name}
- ${linux:system:user:pmathews:name}
- ${linux:system:user:pcizinsky:name}
@@ -174,5 +162,3 @@
# Use with caution.
commands:
- ALL
- - '!SUPPORT_RESTRICTED_SHELLS'
- - '!SUPPORT_RESTRICTED_SU'
diff --git a/openssh/server/team/tcpcloud.yml b/openssh/server/team/tcpcloud.yml
index c7b465a..bcd9327 100644
--- a/openssh/server/team/tcpcloud.yml
+++ b/openssh/server/team/tcpcloud.yml
@@ -20,6 +20,7 @@
- system.openssh.server.team.members.tkukral
- system.openssh.server.team.members.vmikes
- system.openssh.server.team.members.psvimbersky
+- system.openssh.server.team.members.chnyda
parameters:
_param:
diff --git a/prometheus/server/target/kubernetes/endpoint.yml b/prometheus/server/target/kubernetes/endpoint.yml
deleted file mode 100644
index 671f037..0000000
--- a/prometheus/server/target/kubernetes/endpoint.yml
+++ /dev/null
@@ -1,7 +0,0 @@
-parameters:
- prometheus:
- server:
- target:
- kubernetes:
- endpoint:
- enabled: true
diff --git a/prometheus/server/target/kubernetes/init.yml b/prometheus/server/target/kubernetes/init.yml
deleted file mode 100644
index 919c916..0000000
--- a/prometheus/server/target/kubernetes/init.yml
+++ /dev/null
@@ -1,9 +0,0 @@
-parameters:
- prometheus:
- server:
- target:
- kubernetes:
- enabled: true
- api_ip: ${_param:kubernetes_control_address}
- cert_name: prometheus-server.crt
- key_name: prometheus-server.key
diff --git a/prometheus/server/target/kubernetes/pod.yml b/prometheus/server/target/kubernetes/pod.yml
deleted file mode 100644
index 964282f..0000000
--- a/prometheus/server/target/kubernetes/pod.yml
+++ /dev/null
@@ -1,7 +0,0 @@
-parameters:
- prometheus:
- server:
- target:
- kubernetes:
- pod:
- enabled: true
diff --git a/reclass/storage/system/ceph_mon_cluster.yml b/reclass/storage/system/ceph_mon_cluster.yml
new file mode 100644
index 0000000..6b99d21
--- /dev/null
+++ b/reclass/storage/system/ceph_mon_cluster.yml
@@ -0,0 +1,38 @@
+parameters:
+ _param:
+ ceph_mon_node01_hostname: cmn01
+ ceph_mon_node02_hostname: cmn02
+ ceph_mon_node03_hostname: cmn03
+ reclass:
+ storage:
+ node:
+ ceph_mon_node01:
+ name: ${_param:ceph_mon_node01_hostname}
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.ceph.mon
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: xenial
+ single_address: ${_param:ceph_mon_node01_address}
+ keepalived_vip_priority: 103
+ ceph_mon_node02:
+ name: ${_param:ceph_mon_node02_hostname}
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.ceph.mon
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: xenial
+ single_address: ${_param:ceph_mon_node02_address}
+ keepalived_vip_priority: 102
+ ceph_mon_node03:
+ name: ${_param:ceph_mon_node03_hostname}
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.ceph.mon
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: xenial
+ single_address: ${_param:ceph_mon_node03_address}
+ keepalived_vip_priority: 101
diff --git a/reclass/storage/system/ceph_monitor_cluster.yml b/reclass/storage/system/ceph_monitor_cluster.yml
deleted file mode 100644
index ca7e7ff..0000000
--- a/reclass/storage/system/ceph_monitor_cluster.yml
+++ /dev/null
@@ -1,38 +0,0 @@
-parameters:
- _param:
- ceph_monitor_node01_hostname: cmn01
- ceph_monitor_node02_hostname: cmn02
- ceph_monitor_node03_hostname: cmn03
- reclass:
- storage:
- node:
- ceph_monitor_node01:
- name: ${_param:ceph_monitor_node01_hostname}
- domain: ${_param:cluster_domain}
- classes:
- - cluster.${_param:cluster_name}.ceph.monitor
- params:
- salt_master_host: ${_param:reclass_config_master}
- linux_system_codename: xenial
- single_address: ${_param:ceph_monitor_node01_address}
- keepalived_vip_priority: 103
- ceph_monitor_node02:
- name: ${_param:ceph_monitor_node02_hostname}
- domain: ${_param:cluster_domain}
- classes:
- - cluster.${_param:cluster_name}.ceph.monitor
- params:
- salt_master_host: ${_param:reclass_config_master}
- linux_system_codename: xenial
- single_address: ${_param:ceph_monitor_node02_address}
- keepalived_vip_priority: 102
- ceph_monitor_node03:
- name: ${_param:ceph_monitor_node03_hostname}
- domain: ${_param:cluster_domain}
- classes:
- - cluster.${_param:cluster_name}.ceph.monitor
- params:
- salt_master_host: ${_param:reclass_config_master}
- linux_system_codename: xenial
- single_address: ${_param:ceph_monitor_node03_address}
- keepalived_vip_priority: 101
diff --git a/reclass/storage/system/kubernetes_control_cluster.yml b/reclass/storage/system/kubernetes_control_cluster.yml
index 5180ab6..de6a135 100644
--- a/reclass/storage/system/kubernetes_control_cluster.yml
+++ b/reclass/storage/system/kubernetes_control_cluster.yml
@@ -3,6 +3,9 @@
kubernetes_control_node01_hostname: ctl01
kubernetes_control_node02_hostname: ctl02
kubernetes_control_node03_hostname: ctl03
+ kubernetes_control_node01_deploy_address: ${_param:kubernetes_control_node01_address}
+ kubernetes_control_node02_deploy_address: ${_param:kubernetes_control_node02_address}
+ kubernetes_control_node03_deploy_address: ${_param:kubernetes_control_node03_address}
reclass:
storage:
node:
@@ -15,6 +18,7 @@
salt_master_host: ${_param:reclass_config_master}
linux_system_codename: xenial
single_address: ${_param:kubernetes_control_node01_address}
+ deploy_address: ${_param:kubernetes_control_node01_deploy_address}
keepalived_vip_priority: 103
kubernetes_control_node02:
name: ${_param:kubernetes_control_node02_hostname}
@@ -25,6 +29,7 @@
salt_master_host: ${_param:reclass_config_master}
linux_system_codename: xenial
single_address: ${_param:kubernetes_control_node02_address}
+ deploy_address: ${_param:kubernetes_control_node02_deploy_address}
keepalived_vip_priority: 102
kubernetes_control_node03:
name: ${_param:kubernetes_control_node03_hostname}
@@ -35,4 +40,5 @@
salt_master_host: ${_param:reclass_config_master}
linux_system_codename: xenial
single_address: ${_param:kubernetes_control_node03_address}
+ deploy_address: ${_param:kubernetes_control_node03_deploy_address}
keepalived_vip_priority: 101
\ No newline at end of file
diff --git a/reclass/storage/system/opencontrail_tor_cluster.yml b/reclass/storage/system/opencontrail_tor_cluster.yml
new file mode 100644
index 0000000..81d7314
--- /dev/null
+++ b/reclass/storage/system/opencontrail_tor_cluster.yml
@@ -0,0 +1,31 @@
+parameters:
+ _param:
+ opencontrail_tor01_node01_hostname: tor01
+ opencontrail_tor01_node02_hostname: tor02
+ opencontrail_tor01_node01_tenant_address: ${_param:opencontrail_tor01_node01_address}
+ opencontrail_tor01_node02_tenant_address: ${_param:opencontrail_tor01_node02_address}
+ reclass:
+ storage:
+ node:
+ opencontrail_tor01_node01:
+ name: ${_param:opencontrail_tor01_node01_hostname}
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.opencontrail.tor
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: xenial
+ single_address: ${_param:opencontrail_tor01_node01_address}
+ tenant_address: ${_param:opencontrail_tor01_node01_tenant_address}
+ keepalived_vip_priority: 103
+ opencontrail_tor01_node02:
+ name: ${_param:opencontrail_tor01_node02_hostname}
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.opencontrail.tor
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: xenial
+ single_address: ${_param:opencontrail_tor01_node02_address}
+ tenant_address: ${_param:opencontrail_tor01_node02_tenant_address}
+ keepalived_vip_priority: 102
diff --git a/reclass/storage/system/openstack_baremetal_cluster.yml b/reclass/storage/system/openstack_baremetal_cluster.yml
index 8cab119..71f6034 100644
--- a/reclass/storage/system/openstack_baremetal_cluster.yml
+++ b/reclass/storage/system/openstack_baremetal_cluster.yml
@@ -19,6 +19,7 @@
salt_master_host: ${_param:reclass_config_master}
linux_system_codename: ${_param:linux_system_codename}
single_address: ${_param:openstack_baremetal_node01_address}
+ keepalived_vip_priority: 101
baremetal_address: ${_param:openstack_baremetal_node01_baremetal_address}
openstack_baremetal_node02:
name: ${_param:openstack_baremetal_node02_hostname}
@@ -29,6 +30,7 @@
salt_master_host: ${_param:reclass_config_master}
linux_system_codename: ${_param:linux_system_codename}
single_address: ${_param:openstack_baremetal_node02_address}
+ keepalived_vip_priority: 102
baremetal_address: ${_param:openstack_baremetal_node02_baremetal_address}
openstack_baremetal_node03:
name: ${_param:openstack_baremetal_node03_hostname}
@@ -39,6 +41,7 @@
salt_master_host: ${_param:reclass_config_master}
linux_system_codename: ${_param:linux_system_codename}
single_address: ${_param:openstack_baremetal_node03_address}
+ keepalived_vip_priority: 103
baremetal_address: ${_param:openstack_baremetal_node03_baremetal_address}
diff --git a/reclass/storage/system/openstack_dns_cluster.yml b/reclass/storage/system/openstack_dns_cluster.yml
index d134c88..d671e78 100644
--- a/reclass/storage/system/openstack_dns_cluster.yml
+++ b/reclass/storage/system/openstack_dns_cluster.yml
@@ -12,7 +12,7 @@
- cluster.${_param:cluster_name}.openstack.dns
params:
salt_master_host: ${_param:reclass_config_master}
- linux_system_codename: trusty
+ linux_system_codename: xenial
single_address: ${_param:openstack_dns_node01_address}
keepalived_vip_priority: 110
openstack_dns_node02:
@@ -22,6 +22,6 @@
- cluster.${_param:cluster_name}.openstack.dns
params:
salt_master_host: ${_param:reclass_config_master}
- linux_system_codename: trusty
+ linux_system_codename: xenial
single_address: ${_param:openstack_dns_node02_address}
keepalived_vip_priority: 111
diff --git a/salt/master/formula/git/helm.yml b/salt/master/formula/git/helm.yml
new file mode 100644
index 0000000..c25358f
--- /dev/null
+++ b/salt/master/formula/git/helm.yml
@@ -0,0 +1,16 @@
+parameters:
+ salt:
+ master:
+ environment:
+ prd:
+ formula:
+ helm:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-helm.git'
+ revision: ${_param:salt_master_environment_revision}
+ module:
+ helm.py:
+ enabled: true
+ state:
+ helm_release.py:
+ enabled: true
diff --git a/salt/master/formula/git/kubernetes.yml b/salt/master/formula/git/kubernetes.yml
index fe8ad5d..3d9d89e 100644
--- a/salt/master/formula/git/kubernetes.yml
+++ b/salt/master/formula/git/kubernetes.yml
@@ -12,11 +12,7 @@
source: git
address: '${_param:salt_master_environment_repository}/salt-formula-etcd.git'
revision: ${_param:salt_master_environment_revision}
- bird:
- source: git
- address: '${_param:salt_master_environment_repository}/salt-formula-bird.git'
- revision: ${_param:salt_master_environment_revision}
docker:
source: git
address: '${_param:salt_master_environment_repository}/salt-formula-docker.git'
- revision: ${_param:salt_master_environment_revision}
\ No newline at end of file
+ revision: ${_param:salt_master_environment_revision}
diff --git a/salt/master/formula/pkg/helm.yml b/salt/master/formula/pkg/helm.yml
new file mode 100644
index 0000000..8b68bfe
--- /dev/null
+++ b/salt/master/formula/pkg/helm.yml
@@ -0,0 +1,9 @@
+parameters:
+ salt:
+ master:
+ environment:
+ prd:
+ formula:
+ helm:
+ source: pkg
+ name: salt-formula-helm
diff --git a/salt/master/formula/pkg/kubernetes.yml b/salt/master/formula/pkg/kubernetes.yml
index 7b3af30..d442ab0 100644
--- a/salt/master/formula/pkg/kubernetes.yml
+++ b/salt/master/formula/pkg/kubernetes.yml
@@ -10,9 +10,6 @@
etcd:
source: pkg
name: salt-formula-etcd
- bird:
- source: pkg
- name: salt-formula-bird
docker:
source: pkg
- name: salt-formula-docker
\ No newline at end of file
+ name: salt-formula-docker
diff --git a/salt/master/git.yml b/salt/master/git.yml
index 267bdb1..4562a74 100644
--- a/salt/master/git.yml
+++ b/salt/master/git.yml
@@ -8,6 +8,7 @@
- system.salt.master.formula.git.saltstack
- system.salt.master.formula.git.stacklight
- system.salt.master.formula.git.monitoring
+- system.salt.master.formula.git.helm
parameters:
_param:
salt_master_environment_repository: "https://github.com/salt-formulas"
diff --git a/salt/master/pkg.yml b/salt/master/pkg.yml
index 1001d49..62854f1 100644
--- a/salt/master/pkg.yml
+++ b/salt/master/pkg.yml
@@ -8,4 +8,5 @@
- system.salt.master.formula.pkg.saltstack
- system.salt.master.formula.pkg.stacklight
- system.salt.master.formula.pkg.monitoring
+- system.salt.master.formula.pkg.helm
- system.linux.system.repo.mcp.salt
diff --git a/salt/minion/cert/etcd_client_single.yml b/salt/minion/cert/etcd_client_single.yml
new file mode 100644
index 0000000..a14e106
--- /dev/null
+++ b/salt/minion/cert/etcd_client_single.yml
@@ -0,0 +1,18 @@
+parameters:
+ salt:
+ minion:
+ cert:
+ etcd_client:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: ${linux:system:name}
+ signing_policy: cert_open
+ alternative_names: DNS:${linux:system:name},DNS:${linux:network:fqdn}
+ extended_key_usage: clientAuth
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: /var/lib/etcd/etcd-client.key
+ cert_file: /var/lib/etcd/etcd-client.crt
+ all_file: /var/lib/etcd/etcd-client.pem
+ ca_file: /var/lib/etcd/ca.pem
+ user: etcd
+ group: etcd
diff --git a/salt/minion/cert/etcd_server_single.yml b/salt/minion/cert/etcd_server_single.yml
new file mode 100644
index 0000000..f9fc585
--- /dev/null
+++ b/salt/minion/cert/etcd_server_single.yml
@@ -0,0 +1,18 @@
+parameters:
+ salt:
+ minion:
+ cert:
+ etcd_server:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: ${linux:system:name}
+ signing_policy: cert_open
+ alternative_names: IP:127.0.0.1,DNS:${linux:system:name},DNS:${linux:network:fqdn}
+ extended_key_usage: serverAuth,clientAuth
+ key_usage: "digitalSignature,nonRepudiation,keyEncipherment"
+ key_file: /var/lib/etcd/etcd-server.key
+ cert_file: /var/lib/etcd/etcd-server.crt
+ all_file: /var/lib/etcd/etcd-server.pem
+ ca_file: /var/lib/etcd/ca.pem
+ user: etcd
+ group: etcd
diff --git a/salt/minion/cert/opencontrail/tor.yml b/salt/minion/cert/opencontrail/tor.yml
new file mode 100644
index 0000000..eb9c704
--- /dev/null
+++ b/salt/minion/cert/opencontrail/tor.yml
@@ -0,0 +1,14 @@
+parameters:
+ _param:
+ salt_minion_ca_authority: salt_master_ca
+ salt:
+ minion:
+ cert:
+ opencontrail_tor:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: opencontrail_tor
+ key_file: /etc/contrail/ssl/certs/tor.key
+ cert_file: /etc/contrail/ssl/certs/tor.crt
+ ca_file: /etc/contrail/ssl/certs/ca.crt
+ signing_policy: cert_open