Merge "Add VNF onboarding gerrit projects"
diff --git a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/docker-legacy.yml b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/docker-legacy.yml
index f9a0ecf..03a5fae 100644
--- a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/docker-legacy.yml
+++ b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/docker-legacy.yml
@@ -1,7 +1,7 @@
parameters:
_param:
apt_mk_version: stable
- mirror_mirantis_openstack_xenial_docker_legacy_source: https://mirror.mirantis.com/${_param:apt_mk_version}/docker-1.x/
+ mirror_mirantis_openstack_xenial_docker_legacy_source: http://mirror.mirantis.com/${_param:apt_mk_version}/docker-1.x/
mirror_mirantis_openstack_xenial_docker_legacy_distribution: ubuntu-xenial
mirror_mirantis_openstack_xenial_docker_legacy_components: main
mirror_mirantis_openstack_xenial_docker_legacy_gpgkeys:
diff --git a/docker/swarm/stack/monitoring/init.yml b/docker/swarm/stack/monitoring/init.yml
index 925a10a..57d7a5a 100644
--- a/docker/swarm/stack/monitoring/init.yml
+++ b/docker/swarm/stack/monitoring/init.yml
@@ -5,6 +5,12 @@
- system.prometheus.server.container
- system.docker.swarm.stack.monitoring.remote_agent
parameters:
+ _param:
+ # Backward compatibility for Prometheus 1.7
+ prometheus_storage_local_engine: "persisted"
+ prometheus_storage_heap_size: 3221225472
+ prometheus_storage_num_fingerprint_mutexes: 4096
+
docker:
client:
stack:
@@ -118,3 +124,8 @@
PROMETHEUS_BIND_ADDRESS: ${prometheus:server:bind:address}
PROMETHEUS_STORAGE_LOCAL_RETENTION: ${prometheus:server:storage:local:retention}
PROMETHEUS_EXTERNAL_URL: "http://${_param:stacklight_monitor_address}:15010"
+ # Backward compatibility for Prometheus 1.7
+ PROMETHEUS_STORAGE_LOCAL_ENGINE: ${_param:prometheus_storage_local_engine}
+ PROMETHEUS_STORAGE_LOCAL_TARGET_HEAP_SIZE: ${_param:prometheus_storage_heap_size}
+ PROMETHEUS_STORAGE_LOCAL_NUM_FINGERPRINT_MUTEXES: ${_param:prometheus_storage_num_fingerprint_mutexes}
+
\ No newline at end of file
diff --git a/jenkins/client/approved_scripts.yml b/jenkins/client/approved_scripts.yml
index c672e25..80cfd95 100644
--- a/jenkins/client/approved_scripts.yml
+++ b/jenkins/client/approved_scripts.yml
@@ -58,6 +58,7 @@
- method java.util.List subList int int
- method java.util.Map remove java.lang.Object
- method java.util.Map size
+ - method java.util.Map isEmpty
- method java.util.regex.MatchResult group int
- method java.util.regex.MatchResult groupCount
- method java.util.regex.Matcher find
diff --git a/jenkins/client/job/debian/packages/ceph.yml b/jenkins/client/job/debian/packages/ceph.yml
new file mode 100644
index 0000000..5307b4b
--- /dev/null
+++ b/jenkins/client/job/debian/packages/ceph.yml
@@ -0,0 +1,77 @@
+parameters:
+ jenkins:
+ client:
+ job_template:
+ build-debian-ceph-package:
+ name: build-debian-{{package}}-{{version}}-ubuntu-{{dist}}
+ jobs:
+ # Xenial
+ - package: ceph
+ dist: xenial
+ branch: debian/xenial-luminous
+ version: luminous
+ - package: ceph
+ dist: xenial
+ branch: debian/xenial-jewel
+ version: jewel
+ template:
+ discard:
+ build:
+ keep_num: 10
+ artifact:
+ keep_num: 10
+ type: workflow-scm
+ concurrent: false
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
+ branch: "${_param:jenkins_pipelines_branch}"
+ credentials: "gerrit"
+ script: build-debian-packages-pipeline.groovy
+ trigger:
+ gerrit:
+ project:
+ debian/{{package}}:
+ branches:
+ - "{{branch}}"
+ message:
+ build_successful: "Build successful"
+ build_unstable: "Build unstable"
+ build_failure: "Build failed"
+ event:
+ ref:
+ - updated
+ param:
+ SOURCE_URL:
+ type: string
+ default: "${_param:jenkins_gerrit_url}/debian/{{package}}.git"
+ SOURCE_BRANCH:
+ type: string
+ default: "{{branch}}"
+ SOURCE_CREDENTIALS:
+ type: string
+ default: "gerrit"
+ EXTRA_REPO_URL:
+ type: string
+ default: "deb ${_param:jenkins_aptly_url}/{{dist}}/ testing ceph"
+ EXTRA_REPO_KEY_URL:
+ type: string
+ default: "${_param:jenkins_aptly_url}/public.gpg"
+ APTLY_URL:
+ type: string
+ default: "${_param:jenkins_aptly_api_url}"
+ APTLY_REPO:
+ type: string
+ default: "ubuntu-{{dist}}-{{package}}-{{version}}"
+ OS:
+ type: string
+ default: "ubuntu"
+ DIST:
+ type: string
+ default: "{{dist}}"
+ ARCH:
+ type: string
+ default: "amd64"
+ UPLOAD_APTLY:
+ type: boolean
+ default: 'true'
\ No newline at end of file
diff --git a/jenkins/client/job/debian/packages/init.yml b/jenkins/client/job/debian/packages/init.yml
index 2fff22c..4196f95 100644
--- a/jenkins/client/job/debian/packages/init.yml
+++ b/jenkins/client/job/debian/packages/init.yml
@@ -4,6 +4,7 @@
- system.jenkins.client.job.debian.packages.salt-multi
- system.jenkins.client.job.debian.packages.horizon
- system.jenkins.client.job.debian.packages.heat.resources
+ - system.jenkins.client.job.debian.packages.ceph
parameters:
jenkins:
client:
diff --git a/jenkins/client/job/debian/packages/salt-multi.yml b/jenkins/client/job/debian/packages/salt-multi.yml
index 90e6f02..f7a87c7 100644
--- a/jenkins/client/job/debian/packages/salt-multi.yml
+++ b/jenkins/client/job/debian/packages/salt-multi.yml
@@ -142,3 +142,6 @@
UPLOAD_APTLY:
type: boolean
default: '{{upload_source_package}}'
+ DEBUG:
+ type: boolean
+ default: 'false'
diff --git a/jenkins/client/job/debian/packages/salt.yml b/jenkins/client/job/debian/packages/salt.yml
index a497c83..0a34447 100644
--- a/jenkins/client/job/debian/packages/salt.yml
+++ b/jenkins/client/job/debian/packages/salt.yml
@@ -5,6 +5,9 @@
build-debian-salt-formula:
name: build-debian-salt-formula-{{name}}-ubuntu-{{dist}}
jobs:
+ - name: aide
+ upload_source_package: false
+ dist: trusty
- name: aodh
upload_source_package: false
dist: trusty
@@ -320,6 +323,9 @@
- name: zookeeper
upload_source_package: false
dist: trusty
+ - name: aide
+ upload_source_package: true
+ dist: xenial
- name: aodh
upload_source_package: true
dist: xenial
@@ -723,3 +729,6 @@
UPLOAD_APTLY:
type: boolean
default: 'true'
+ DEBUG:
+ type: boolean
+ default: 'false'
diff --git a/jenkins/client/job/oscore/tests.yml b/jenkins/client/job/oscore/tests.yml
index e185455..e4f8009 100644
--- a/jenkins/client/job/oscore/tests.yml
+++ b/jenkins/client/job/oscore/tests.yml
@@ -533,6 +533,9 @@
credentials: "gerrit"
branch: 'master'
script: oscc-ci-pipeline.groovy
+ trigger:
+ timer:
+ spec: "0 1 * * *"
param:
# general
DEPLOY_JOB_NAME:
@@ -574,6 +577,10 @@
type: string
description: "OpenStack related components list"
default: "{{openstack_components_list}}"
+ AUTO_PROMOTE:
+ type: boolean
+ default: "{{auto_promote}}"
+ description: Enable to autopromote repo
build-salt-formula-refspec-template:
name: "{{job_prefix}}-build-salt-formula-refspec"
template:
diff --git a/jenkins/client/job/salt-formulas/git-mirrors/2way.yml b/jenkins/client/job/salt-formulas/git-mirrors/2way.yml
index 0ad96bf..06117f1 100644
--- a/jenkins/client/job/salt-formulas/git-mirrors/2way.yml
+++ b/jenkins/client/job/salt-formulas/git-mirrors/2way.yml
@@ -7,240 +7,359 @@
git-mirror-2way-salt-formula:
name: git-mirror-2way-salt-formula-{{name}}
jobs:
+ - name: aide
+ branches: ${_param:salt_formulas_branches}
- name: aodh
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: apache
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: aptcacher
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: aptly
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: artifactory
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: auditd
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: avinetworks
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: backupninja
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: barbican
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: billometer
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: bind
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: bird
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: cadf
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: calico
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: cassandra
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: ccp
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: ceilometer
branches: ${_param:salt_formulas_extra_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: ceph
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: chrony
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: cinder
branches: ${_param:salt_formulas_extra_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: collectd
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: dekapod
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: debmirror
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: devops-portal
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: docker
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: dovecot
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: elasticsearch
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: etcd
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: fluentbit
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: fluentd
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: foreman
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: freeipa
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: galera
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: gerrit
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: git
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: gitlab
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: glance
branches: ${_param:salt_formulas_extra_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: glusterfs
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: gnocchi
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: grafana
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: graphite
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: haproxy
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: heat
branches: ${_param:salt_formulas_extra_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: heka
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: helm
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: horizon
branches: ${_param:salt_formulas_extra_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: influxdb
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: iptables
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: ironic
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: isc-dhcp
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: java
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: jenkins
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: kedb
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: keepalived
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: keystone
branches: ${_param:salt_formulas_extra_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: kibana
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: kubernetes
branches: ${_param:salt_formulas_extra_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: letsencrypt
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: libvirt
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: linux
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: lldp
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: logrotate
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: maas
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: magnum
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: manila
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: memcached
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: midonet
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: monasca
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: mongodb
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: murano
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: mysql
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: nagios
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: network
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: neutron
branches: ${_param:salt_formulas_extra_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: nfs
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: nginx
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: nodejs
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: nova
branches: ${_param:salt_formulas_extra_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: ntp
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: octavia
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: opencontrail
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: openldap
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: openssh
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: openvpn
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: openvstorage
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: owncloud
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: panko
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: postfix
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: postgresql
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: powerdns
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: pritunl
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: prometheus
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: python
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: rabbitmq
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: reclass
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: redis
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: roundcube
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: rsync
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: rsyslog
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: rundeck
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: runtest
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: sahara
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: salt
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: sensu
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: sentry
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: sphinx
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: spinnaker
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: statsd
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: supervisor
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: swift
branches: ${_param:salt_formulas_extra_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: taiga
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: telegraf
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: tinyproxy
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: varnish
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: watchdog
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: xtrabackup
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: zookeeper
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
template:
discard:
build:
@@ -282,6 +401,9 @@
BRANCHES:
type: string
default: "{{branches}}"
+ NOTIFICATION_RECIPIENTS:
+ type: string
+ default: "{{notification_recipients}}"
job:
git-mirror-2way-salt-formulas-scripts:
discard:
diff --git a/jenkins/client/job/salt-formulas/git-mirrors/init.yml b/jenkins/client/job/salt-formulas/git-mirrors/init.yml
index b46aebc..676fe4e 100644
--- a/jenkins/client/job/salt-formulas/git-mirrors/init.yml
+++ b/jenkins/client/job/salt-formulas/git-mirrors/init.yml
@@ -4,3 +4,4 @@
_param:
salt_formulas_branches: "master"
salt_formulas_extra_branches: "master,debian/xenial,debian/trusty"
+ salt_formulas_notification_recipients: "ci-notifications@mirantis.com"
diff --git a/jenkins/client/job/salt-formulas/tests.yml b/jenkins/client/job/salt-formulas/tests.yml
index 0fdb502..d8f21ce 100644
--- a/jenkins/client/job/salt-formulas/tests.yml
+++ b/jenkins/client/job/salt-formulas/tests.yml
@@ -5,6 +5,7 @@
test-salt-formula:
name: test-salt-formula-{{name}}-latest
jobs:
+ - name: aide
- name: aodh
- name: apache
- name: aptcacher
@@ -153,7 +154,8 @@
param:
SALT_VERSION:
type: string
- default: "latest"
+ default: ""
+ description: "Version of salt for use in test, empty string means latest (default)"
SALT_OPTS:
type: string
default: "--force-color"
@@ -182,6 +184,12 @@
keep_num: 10
type: workflow-scm
concurrent: true
+ plugin_properties:
+ throttleconcurrents:
+ enabled: true
+ throttle_option: category
+ categories:
+ - test-formula
scm:
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
diff --git a/jenkins/client/job/salt-models/tests.yml b/jenkins/client/job/salt-models/tests.yml
index 6bf8e5a..c496b61 100644
--- a/jenkins/client/job/salt-models/tests.yml
+++ b/jenkins/client/job/salt-models/tests.yml
@@ -188,6 +188,12 @@
keep_num: 10
type: workflow-scm
concurrent: true
+ plugin_properties:
+ throttleconcurrents:
+ enabled: true
+ throttle_option: category
+ categories:
+ - test-model
scm:
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
diff --git a/jenkins/client/job/vnf-onboarding/init.yml b/jenkins/client/job/vnf-onboarding/init.yml
new file mode 100644
index 0000000..cd97fef
--- /dev/null
+++ b/jenkins/client/job/vnf-onboarding/init.yml
@@ -0,0 +1,11 @@
+classes:
+ - system.jenkins.client.job.vnf-onboarding.test_avi_loadbalancer
+ - system.jenkins.client.job.vnf-onboarding.test_nginx_vnf
+
+parameters:
+ _param:
+ cluster_public_protocol: https
+ vnf_gerrit_credentials: "gerrit"
+ vnf_openstack_api_url: "${_param:cluster_public_protocol}://${_param:cluster_public_host}:5000/v2.0"
+ vnf_openstack_api_credentials: "test-openstack"
+ vnf_elastic_url: "${_param:stacklight_log_address}:${_param:cluster_elasticsearch_port}"
diff --git a/jenkins/client/job/vnf-onboarding/test_avi_loadbalancer.yml b/jenkins/client/job/vnf-onboarding/test_avi_loadbalancer.yml
new file mode 100644
index 0000000..f30b2b7
--- /dev/null
+++ b/jenkins/client/job/vnf-onboarding/test_avi_loadbalancer.yml
@@ -0,0 +1,81 @@
+parameters:
+ jenkins:
+ client:
+ plugin:
+ gerrit-trigger: {}
+ job:
+ test_avi_loadbalancer:
+ type: workflow-scm
+ name: test-avi-loadbalancer
+ display_name: "Onboarding tests for the AVI Loadbalancer VNF"
+ discard:
+ build:
+ keep_num: 20
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/vnf-onboarding/pipelines"
+ credentials: "${_param:vnf_gerrit_credentials}"
+ script: test_vnf_onboarding.groovy
+ trigger:
+ gerrit:
+ project:
+ "vnf-onboarding/avi-loadbalancer":
+ branches:
+ - compare_type: "ANT"
+ name: "**"
+ event:
+ patchset:
+ - created:
+ excludeDrafts: false
+ excludeTrivialRebase: false
+ excludeNoCodeChange: false
+ change:
+ - merged
+ comment:
+ - addedContains:
+ commentAddedCommentContains: '(retest|recheck|reverify)'
+ message:
+ build_successful: "Build successful"
+ build_unstable: "Build unstable"
+ build_failure: "Build failed"
+ param:
+ DEFAULT_GIT_URL:
+ type: string
+ default: "${_param:jenkins_gerrit_url}/vnf-onboarding/avi-loadbalancer"
+ DEFAULT_GIT_REF:
+ type: string
+ default: master
+ OPENSTACK_API_URL:
+ type: string
+ default: "${_param:vnf_openstack_api_url}"
+ OPENSTACK_API_CREDENTIALS:
+ type: string
+ default: "${_param:vnf_openstack_api_credentials}"
+ OPENSTACK_API_TENANT:
+ type: string
+ default: "test-avi"
+ GERRIT_CREDENTIALS:
+ type: string
+ default: "${_param:vnf_gerrit_credentials}"
+ ELASTIC_URL:
+ type: string
+ default: "${_param:vnf_elastic_url}"
+ DEBUG_OPTIONS:
+ type: string
+ description: "Example: skip_all=1 skip_deploy=1 skip_inspection=1"
+ NFV_PLATFORM_REPO:
+ type: string
+ description: "Take Cloudify blueprints, Dockerfile and CI scripts from this repo"
+ default: "${_param:jenkins_gerrit_url}/vnf-onboarding/nfv-platform"
+ NFV_PLATFORM_REPO_BRANCH:
+ type: string
+ default: "master"
+ NFV_PLATFORM_REPO_CREDENTIALS:
+ type: string
+ default: "${_param:vnf_gerrit_credentials}"
+ CI_OPTIONS:
+ type: string
+ default: "CFY_AGENT_NET=cfm-net CFY_AGENT_FLAVOR=cfy.agent CFY_AGENT_IMAGE=ubuntu1 CFY_AGENT_USER=cfyuser CFY_SG=cfm-sg CFY_SSH_KEY_ID=openstack_key"
+ VNF_OPTIONS:
+ type: string
+ default: "AVI_VERSION=17.2.3 AVI_USERNAME=admin AVI_PASSWORD=Swordfish1234 AVI_IMAGE_PASSWORD=58NFaGDJm(PJH0G AVI_OS_FLAVOR=avi_ctrl.small AVI_OS_IMAGE=avi-control-17.2.3"
diff --git a/jenkins/client/job/vnf-onboarding/test_nginx_vnf.yml b/jenkins/client/job/vnf-onboarding/test_nginx_vnf.yml
new file mode 100644
index 0000000..8a86363
--- /dev/null
+++ b/jenkins/client/job/vnf-onboarding/test_nginx_vnf.yml
@@ -0,0 +1,82 @@
+parameters:
+ jenkins:
+ client:
+ plugin:
+ gerrit-trigger: {}
+ job:
+ test_nginx_vnf:
+ type: workflow-scm
+ name: test-nginx-vnf
+ display_name: "Onboarding tests for the NGINX VNF"
+ discard:
+ build:
+ keep_num: 20
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/vnf-onboarding/pipelines"
+ credentials: "${_param:vnf_gerrit_credentials}"
+ script: test_vnf_onboarding.groovy
+ trigger:
+ gerrit:
+ project:
+ "vnf-onboarding/nginx-vnf":
+ branches:
+ - compare_type: "ANT"
+ name: "**"
+ event:
+ patchset:
+ - created:
+ excludeDrafts: false
+ excludeTrivialRebase: false
+ excludeNoCodeChange: false
+ change:
+ - merged
+ comment:
+ - addedContains:
+ commentAddedCommentContains: '(retest|recheck|reverify)'
+ message:
+ build_successful: "Build successful"
+ build_unstable: "Build unstable"
+ build_failure: "Build failed"
+ param:
+ DEFAULT_GIT_URL:
+ type: string
+ default: "${_param:jenkins_gerrit_url}/vnf-onboarding/nginx-vnf"
+ DEFAULT_GIT_REF:
+ type: string
+ default: master
+ OPENSTACK_API_URL:
+ type: string
+ default: "${_param:vnf_openstack_api_url}"
+ OPENSTACK_API_CREDENTIALS:
+ type: string
+ default: "${_param:vnf_openstack_api_credentials}"
+ OPENSTACK_API_TENANT:
+ type: string
+ default: "test-nginx"
+ GERRIT_CREDENTIALS:
+ type: string
+ default: "${_param:vnf_gerrit_credentials}"
+ ELASTIC_URL:
+ type: string
+ default: "${_param:vnf_elastic_url}"
+ DEBUG_OPTIONS:
+ type: string
+ default: "skip_inspection=1"
+ description: "Example: skip_all=1 skip_deploy=1 skip_inspection=1"
+ NFV_PLATFORM_REPO:
+ type: string
+ description: "Take Cloudify blueprints, Dockerfile and CI scripts from this repo"
+ default: "${_param:jenkins_gerrit_url}/vnf-onboarding/nfv-platform"
+ NFV_PLATFORM_REPO_BRANCH:
+ type: string
+ default: "master"
+ NFV_PLATFORM_REPO_CREDENTIALS:
+ type: string
+ default: "${_param:vnf_gerrit_credentials}"
+ CI_OPTIONS:
+ type: string
+ default: "CFY_AGENT_NET=cfm-net CFY_AGENT_FLAVOR=cfy.agent CFY_AGENT_IMAGE=ubuntu1 CFY_AGENT_USER=cfyuser CFY_SG=cfm-sg CFY_SSH_KEY_ID=openstack_key"
+ VNF_OPTIONS:
+ type: string
+ default: ""
diff --git a/linux/network/interface/single_ovs_dvr.yml b/linux/network/interface/single_ovs_dvr.yml
index 482bd02..2f4cf2a 100644
--- a/linux/network/interface/single_ovs_dvr.yml
+++ b/linux/network/interface/single_ovs_dvr.yml
@@ -39,7 +39,7 @@
type: ovs_port
mtu: 65000
bridge: br-floating
- br-mgmt:
+ br-mgm:
enabled: true
type: bridge
mtu: ${_param:interface_mtu}
@@ -64,4 +64,4 @@
use_interfaces:
- ${_param:external_interface}
use_ovs_ports:
- - float-to-ex
\ No newline at end of file
+ - float-to-ex
diff --git a/linux/system/repo/mcp/apt_mirantis/docker_legacy.yml b/linux/system/repo/mcp/apt_mirantis/docker_legacy.yml
index 287dc27..cf49630 100644
--- a/linux/system/repo/mcp/apt_mirantis/docker_legacy.yml
+++ b/linux/system/repo/mcp/apt_mirantis/docker_legacy.yml
@@ -6,7 +6,7 @@
system:
repo:
mcp_docker_legacy:
- source: "deb [arch=amd64] https://mirror.mirantis.com/${_param:linux_system_repo_mcp_docker_legacy_version}/docker-1.x/ ubuntu-${_param:linux_system_codename} main"
+ source: "deb [arch=amd64] http://mirror.mirantis.com/${_param:linux_system_repo_mcp_docker_legacy_version}/docker-1.x/ ubuntu-${_param:linux_system_codename} main"
architectures: amd64
key_id: 58118E89F3A912897C070ADBF76221572C52609D
key_server: keyserver.ubuntu.com
\ No newline at end of file
diff --git a/nova/control/cluster.yml b/nova/control/cluster.yml
index 3b8877d..f583156 100644
--- a/nova/control/cluster.yml
+++ b/nova/control/cluster.yml
@@ -24,7 +24,7 @@
vncproxy_url: ${_param:nova_vncproxy_url}
security_group: false
dhcp_domain: novalocal
- scheduler_default_filters: "DifferentHostFilter,RetryFilter,AvailabilityZoneFilter,RamFilter,CoreFilter,DiskFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter,PciPassthroughFilter,NUMATopologyFilter,AggregateInstanceExtraSpecsFilter"
+ scheduler_default_filters: "DifferentHostFilter,SameHostFilter,RetryFilter,AvailabilityZoneFilter,RamFilter,CoreFilter,DiskFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter,PciPassthroughFilter,NUMATopologyFilter,AggregateInstanceExtraSpecsFilter"
cpu_allocation_ratio: ${_param:nova_cpu_allocation_ratio}
ram_allocation_ratio: ${_param:nova_ram_allocation_ratio}
disk_allocation_ratio: ${_param:nova_disk_allocation_ratio}
diff --git a/openssh/server/team/members/alugovoi.yml b/openssh/server/team/members/alugovoi.yml
new file mode 100644
index 0000000..4a5c0d8
--- /dev/null
+++ b/openssh/server/team/members/alugovoi.yml
@@ -0,0 +1,19 @@
+parameters:
+ linux:
+ system:
+ user:
+ alugovoi:
+ enabled: true
+ name: alugovoi
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: Alexei Lugovoi
+ home: /home/alugovoi
+ email: alugovoi@mirantis.com
+ openssh:
+ server:
+ user:
+ alugovoi:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQChbsvFGG96lVcXrKWiJuFkrKSYR+lv/0kWQw6NugJMfem4XycbC85J7op6WtjlbZPTEKLJUkF2WFRyY6sHlFNwuSNqEgQhxUwYT+TpbCXlW837fuykjBFR/XQH4FvOAH8X4Pd+jy+WRk0UN9rt2QZWFu1znzB1brB6OZBBHZooaSQjnbBPbnepvl6gOtCRMK/3qRqKaHe5at4cTML4UOwRn25eCwmbS1Tm2bVfRiabShIS2WA02Eit+Wme3M6J9l/iJ8vC9Y36cOSWD4sPmxRm4Lwv0TAN3eqJ2fqCVpKULYtsVQihsHgrmovkRzEMdhiEKvvjB3zNRUKtSqyo6Nox alugovoi@alugovoi-pc
+ user: ${linux:system:user:alugovoi}
diff --git a/openssh/server/team/members/osergiyuk.yml b/openssh/server/team/members/osergiyuk.yml
new file mode 100644
index 0000000..01fe7f9
--- /dev/null
+++ b/openssh/server/team/members/osergiyuk.yml
@@ -0,0 +1,19 @@
+parameters:
+ linux:
+ system:
+ user:
+ osergiyuk:
+ enabled: true
+ name: osergiyuk
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: Oleg Sergiyuk
+ home: /home/osergiyuk
+ email: osergiyuk@mirantis.com
+ openssh:
+ server:
+ user:
+ osergiyuk:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCmdJA5DWI9BQuvIzaPSdLDoK1QwUOI0Z1XjlXlaySFUuknDpYOZpBCi8SyNxS3uR8G1iO069tQ7e72cTxwP3lBJGSjgo0sg3lBuaXfunZo4D1dcjpOgKSIRMVZSB2W1pWzVuk5wjLSxePj6yaUUcCemWuELzMix3Ew8GBeWYVfgcAZPtXy4l5slxvK7lRxZZGwX1HTja0uN3UbR3J3pGDDsFN+qLdqnAtbofu9wlpXd7ffshB5dWUXHk9SEh20V/HVk1K7mDCEpKTYRC/vRlPaovauoldHEzwGcEnToXmWSmS8wrCYCTAmCw3jVHDNcYJ+kjDkaJsyTQ+KrLcSYzgMc2efRE5L98ShLZCWQMEd8ldSZ5FIynbTPhJ+9KzS4fnwoX+wCpwYGwpYKkw6zs/N+oXw2CTk5tmc2br84qHkY6spr2+ydTn0cbsMxN/XlPIz5Zn6A5O4yBZA0LRf4A+bKMijn596/XH/TPuy+LdTwEbhA13v2o6beA5xlt1TSxmvumzwXfvzMpmzWlyC+xjUR/2x6ak1RxIi1zlDnULyZRtrHdAxz/SiEgRUVmet8uGhwYKno/GMa45UfzzAX+6w2M6rFBfqvia5Wmg19UheVVvVP08ssm4Cb6l7I58sMkFcLnazf918T8uxqE+1E82ZhbkXi2X3c6C7jY2UkVf3dw== osergiyuk@mirantis.com
+ user: ${linux:system:user:osergiyuk}
diff --git a/openssh/server/team/members/tjaroszyk.yml b/openssh/server/team/members/tjaroszyk.yml
new file mode 100644
index 0000000..537d5e2
--- /dev/null
+++ b/openssh/server/team/members/tjaroszyk.yml
@@ -0,0 +1,19 @@
+parameters:
+ linux:
+ system:
+ user:
+ tjaroszyk:
+ enabled: true
+ name: tjaroszyk
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: Tomek Jaroszyk
+ home: /home/tjaroszyk
+ email: tjaroszyk@mirantis.com
+ openssh:
+ server:
+ user:
+ tjaroszyk:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDIl9Jhv6t99Ek1qaKxnVZwNpPq+ueZ257PHxkfMBYD62r5KXtJM93mYiul5FaK+YH4u7wHaI3onMQzf0BVqj1/TfTgFJVHkB332ZLq6DNwpcF5rv4NeLHKAZKTsJ6RR/cVLmIHtZBUsJwsUShN4p1ESIYVfdaaLse9SxOzUeaL/qz0MxGvjydUVNkegH4jfi/9lMgRrNGDSU9dsiKO4gFLZaLNU3pl/JyuqH++xEksbxQZ2BNUvZV5H4HWaHPuMQ31u0OrmUnVF8UrquwrVxE7f4FNZVJNdzCHhsYr6vCV2m+C/KN8LdnHSln+sG+P6QKu4MlETiFRbraKqLzUPrUvrYckIZiU4LTo6NRB2G7ioVnycYyZFLAzoajCt2MQowAmrpuLjM6RXUhbZilfWfwHxnKlR8LmJRBS3Q+h7i55fvhoReZ3IrzPGNqC8QlEdNdLX9gXuZ+e8BtbxUuAB4wi2yRYrEBnQoqUEB7kj64W8YdBsM0ftKJJu44DLcY7djrMHuF6QFvxezEGIfIPsuE96DCyzFoQZtvJ11x7kjSJ1dQuycsWSRvsfpxTj87iQvHKR9aZXIoVtqxHefosaKoIhTZnI53HsPR50g6r4NwXPzcCpR1SOC3lpIDyK4rwkoze85aLVjaKWMgXY1GlMbMIhOk/mlVGZiezmFdgGTtCMQ== blady@figa
+ user: ${linux:system:user:tjaroszyk}
diff --git a/openssh/server/team/services.yml b/openssh/server/team/services.yml
index 40694d2..9de3a31 100644
--- a/openssh/server/team/services.yml
+++ b/openssh/server/team/services.yml
@@ -11,6 +11,8 @@
- system.openssh.server.team.members.dbogaczyk
- system.openssh.server.team.members.dkruglov
- system.openssh.server.team.members.sflorczak
+- system.openssh.server.team.members.alugovoi
+- system.openssh.server.team.members.tjaroszyk
parameters:
_param:
linux_system_user_sudo: true
diff --git a/salt/minion/cert/k8s_client.yml b/salt/minion/cert/k8s_client.yml
index be262b5..53ff3ba 100644
--- a/salt/minion/cert/k8s_client.yml
+++ b/salt/minion/cert/k8s_client.yml
@@ -21,21 +21,3 @@
common_name: system:kube-proxy
signing_policy: cert_client
alternative_names: IP:${_param:cluster_vip_address},IP:${_param:cluster_node01_address},IP:${_param:cluster_node02_address},IP:${_param:cluster_node03_address},IP:${_param:kubernetes_internal_api_address}
- k8s_scheduler:
- host: ${_param:salt_minion_ca_host}
- authority: ${_param:salt_minion_ca_authority}
- key_file: /etc/kubernetes/ssl/kube-scheduler-client.key
- cert_file: /etc/kubernetes/ssl/kube-scheduler-client.crt
- ca_file: /etc/kubernetes/ssl/ca-kubernetes.crt
- common_name: system:kube-scheduler
- signing_policy: cert_client
- alternative_names: IP:${_param:cluster_vip_address},IP:${_param:cluster_node01_address},IP:${_param:cluster_node02_address},IP:${_param:cluster_node03_address},IP:${_param:kubernetes_internal_api_address}
- k8s_controller_manager:
- host: ${_param:salt_minion_ca_host}
- authority: ${_param:salt_minion_ca_authority}
- key_file: /etc/kubernetes/ssl/kube-controller-manager-client.key
- cert_file: /etc/kubernetes/ssl/kube-controller-manager-client.crt
- ca_file: /etc/kubernetes/ssl/ca-kubernetes.crt
- common_name: system:kube-controller-manager
- signing_policy: cert_client
- alternative_names: IP:${_param:cluster_vip_address},IP:${_param:cluster_node01_address},IP:${_param:cluster_node02_address},IP:${_param:cluster_node03_address},IP:${_param:kubernetes_internal_api_address}
diff --git a/salt/minion/cert/k8s_client_single.yml b/salt/minion/cert/k8s_client_single.yml
index e9c7d79..eb7b21c 100644
--- a/salt/minion/cert/k8s_client_single.yml
+++ b/salt/minion/cert/k8s_client_single.yml
@@ -21,21 +21,3 @@
common_name: system:kube-proxy
signing_policy: cert_client
alternative_names: IP:${_param:control_address},IP:${_param:kubernetes_internal_api_address}
- k8s_scheduler:
- host: ${_param:salt_minion_ca_host}
- authority: ${_param:salt_minion_ca_authority}
- key_file: /etc/kubernetes/ssl/kube-scheduler-client.key
- cert_file: /etc/kubernetes/ssl/kube-scheduler-client.crt
- ca_file: /etc/kubernetes/ssl/ca-kubernetes.crt
- common_name: system:kube-scheduler
- signing_policy: cert_client
- alternative_names: IP:${_param:control_address},IP:${_param:kubernetes_internal_api_address}
- k8s_controller_manager:
- host: ${_param:salt_minion_ca_host}
- authority: ${_param:salt_minion_ca_authority}
- key_file: /etc/kubernetes/ssl/kube-controller-manager-client.key
- cert_file: /etc/kubernetes/ssl/kube-controller-manager-client.crt
- ca_file: /etc/kubernetes/ssl/ca-kubernetes.crt
- common_name: system:kube-controller-manager
- signing_policy: cert_client
- alternative_names: IP:${_param:control_address},IP:${_param:kubernetes_internal_api_address}
diff --git a/salt/minion/cert/k8s_server.yml b/salt/minion/cert/k8s_server.yml
index 603d369..d81f5a5 100644
--- a/salt/minion/cert/k8s_server.yml
+++ b/salt/minion/cert/k8s_server.yml
@@ -11,3 +11,30 @@
all_file: /srv/salt/env/${_param:salt_master_base_environment}/_certs/kubernetes/kubernetes-server.pem
signing_policy: cert_server
alternative_names: IP:${_param:cluster_vip_address},IP:${_param:cluster_node01_address},IP:${_param:cluster_node02_address},IP:${_param:cluster_node03_address},IP:${_param:kubernetes_internal_api_address},DNS:kubernetes.default,DNS:kubernetes.default.svc
+ k8s_scheduler:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ key_file: /etc/kubernetes/ssl/kube-scheduler-client.key
+ cert_file: /etc/kubernetes/ssl/kube-scheduler-client.crt
+ ca_file: /etc/kubernetes/ssl/ca-kubernetes.crt
+ common_name: system:kube-scheduler
+ signing_policy: cert_client
+ alternative_names: IP:${_param:cluster_vip_address},IP:${_param:cluster_node01_address},IP:${_param:cluster_node02_address},IP:${_param:cluster_node03_address},IP:${_param:kubernetes_internal_api_address}
+ k8s_controller_manager:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ key_file: /etc/kubernetes/ssl/kube-controller-manager-client.key
+ cert_file: /etc/kubernetes/ssl/kube-controller-manager-client.crt
+ ca_file: /etc/kubernetes/ssl/ca-kubernetes.crt
+ common_name: system:kube-controller-manager
+ signing_policy: cert_client
+ alternative_names: IP:${_param:cluster_vip_address},IP:${_param:cluster_node01_address},IP:${_param:cluster_node02_address},IP:${_param:cluster_node03_address},IP:${_param:kubernetes_internal_api_address}
+ k8s_admin:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ key_file: /etc/kubernetes/ssl/admin.key
+ cert_file: /etc/kubernetes/ssl/admin.crt
+ ca_file: /etc/kubernetes/ssl/ca-kubernetes.crt
+ common_name: admin
+ organization_name: system:masters
+ signing_policy: cert_client
diff --git a/salt/minion/cert/k8s_server_single.yml b/salt/minion/cert/k8s_server_single.yml
index 33637e4..fa3a008 100644
--- a/salt/minion/cert/k8s_server_single.yml
+++ b/salt/minion/cert/k8s_server_single.yml
@@ -11,3 +11,30 @@
all_file: /srv/salt/env/${_param:salt_master_base_environment}/_certs/kubernetes/kubernetes-server.pem
signing_policy: cert_server
alternative_names: IP:${_param:control_address},IP:${_param:kubernetes_internal_api_address}
+ k8s_scheduler:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ key_file: /etc/kubernetes/ssl/kube-scheduler-client.key
+ cert_file: /etc/kubernetes/ssl/kube-scheduler-client.crt
+ ca_file: /etc/kubernetes/ssl/ca-kubernetes.crt
+ common_name: system:kube-scheduler
+ signing_policy: cert_client
+ alternative_names: IP:${_param:control_address},IP:${_param:kubernetes_internal_api_address}
+ k8s_controller_manager:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ key_file: /etc/kubernetes/ssl/kube-controller-manager-client.key
+ cert_file: /etc/kubernetes/ssl/kube-controller-manager-client.crt
+ ca_file: /etc/kubernetes/ssl/ca-kubernetes.crt
+ common_name: system:kube-controller-manager
+ signing_policy: cert_client
+ alternative_names: IP:${_param:control_address},IP:${_param:kubernetes_internal_api_address}
+ k8s_admin:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ key_file: /etc/kubernetes/ssl/admin.key
+ cert_file: /etc/kubernetes/ssl/admin.crt
+ ca_file: /etc/kubernetes/ssl/ca-kubernetes.crt
+ common_name: admin
+ organization_name: system:masters
+ signing_policy: cert_client