Merge "lmercl: add new key"
diff --git a/.releasenotes/notes/check-ssl-k8s-api-42ea701f38268c1c.yaml b/.releasenotes/notes/check-ssl-k8s-api-42ea701f38268c1c.yaml
new file mode 100644
index 0000000..3cff198
--- /dev/null
+++ b/.releasenotes/notes/check-ssl-k8s-api-42ea701f38268c1c.yaml
@@ -0,0 +1,11 @@
+---
+summary: >
+ Changed the SSL check type to ``check-ssl`` in HAProxy
+ for the Kubernetes ``apiserver``
+
+features:
+ - Replaced the SSL check type from ``ssl-hello-chk`` to
+ ``check-ssl`` in HAProxy for the Kubernetes
+ ``apiserver``. This prevents the TLS errors in logs
+ occurring during the check of SSLv3 that is not supported
+ by the Kubernetes ``apiserver``.
diff --git a/.releasenotes/notes/k8s-sched-controller-to-server-c6aca59f3c4d1379.yaml b/.releasenotes/notes/k8s-sched-controller-to-server-c6aca59f3c4d1379.yaml
new file mode 100644
index 0000000..b32ada6
--- /dev/null
+++ b/.releasenotes/notes/k8s-sched-controller-to-server-c6aca59f3c4d1379.yaml
@@ -0,0 +1,10 @@
+---
+summary: >
+ Moved the ``k8s_scheduler`` and ``k8s_controller_manager``
+ options to ``k8s_server`` and added the ``k8s_admin``
+ option to ``k8s_server``
+
+features:
+ - Moved the ``k8s_scheduler`` and ``k8s_controller_manager``
+ options from ``k8s_client`` to ``k8s_server``. Also added
+ the ``k8s_admin`` option to ``k8s_server``.
diff --git a/.releasenotes/notes/multi-tenancy-contrail-f0bb049c99cddeda.yaml b/.releasenotes/notes/multi-tenancy-contrail-f0bb049c99cddeda.yaml
new file mode 100644
index 0000000..b01c9bb
--- /dev/null
+++ b/.releasenotes/notes/multi-tenancy-contrail-f0bb049c99cddeda.yaml
@@ -0,0 +1,9 @@
+---
+summary: >
+ Enabled the ``multi_tenancy`` option for Mirantis
+ OpenContrail
+
+features:
+ - Enabled the ``multi_tenancy`` option for Mirantis
+ OpenContrail to prevent unauthorized sending
+ of queries to the OpenContrail API.
diff --git a/.releasenotes/notes/parametric-telemetry-hostnames-06e14467d9a9077d.yaml b/.releasenotes/notes/parametric-telemetry-hostnames-06e14467d9a9077d.yaml
new file mode 100644
index 0000000..e75d549
--- /dev/null
+++ b/.releasenotes/notes/parametric-telemetry-hostnames-06e14467d9a9077d.yaml
@@ -0,0 +1,15 @@
+---
+upgrades:
+ - mongodb.server.cluster no longer hardcodes the telemetry nodes' hostnames
+ in favor of using `openstack_telemetry_node{01,02,03}_hostname` params,
+ allowing custom hostnames to be used.
+
+ Configuration example:
+
+ .. code-block:: yaml
+
+ parameters:
+ _param:
+ openstack_telemetry_node01_hostname: mdb01
+ openstack_telemetry_node02_hostname: mdb02
+ openstack_telemetry_node03_hostname: mdb03
diff --git a/.releasenotes/notes/proxy-prometheus-b48f1787735ae9d9.yaml b/.releasenotes/notes/proxy-prometheus-b48f1787735ae9d9.yaml
new file mode 100644
index 0000000..2dc0994
--- /dev/null
+++ b/.releasenotes/notes/proxy-prometheus-b48f1787735ae9d9.yaml
@@ -0,0 +1,10 @@
+---
+
+summary: >
+ Fixed the :guilabel:`Heatmaps` page in the DevOps Portal
+
+fixes:
+ - Fixed the issue with the DevOps Portal :guilabel:`Heatmaps` page
+ that was not available due to the disabled proxy for the
+ ``stacklight-prometeus`` endpoint and due to wrong
+ Prometheus URL configuration.
\ No newline at end of file
diff --git a/.releasenotes/notes/samehostfiler-nova-dc7e81cffcbff462.yaml b/.releasenotes/notes/samehostfiler-nova-dc7e81cffcbff462.yaml
new file mode 100644
index 0000000..93c2617
--- /dev/null
+++ b/.releasenotes/notes/samehostfiler-nova-dc7e81cffcbff462.yaml
@@ -0,0 +1,8 @@
+---
+summary: >
+ Added ``SameHostFilter`` to the default Nova filters
+
+features:
+ - Added ``SameHostFilter`` to the default Nova filters
+ to allow users scheduling instances that are based
+ on the ``same_host`` hint.
diff --git a/.releasenotes/notes/smtp_tls-907be4451c86b669.yaml b/.releasenotes/notes/smtp_tls-907be4451c86b669.yaml
new file mode 100644
index 0000000..3e79c8f
--- /dev/null
+++ b/.releasenotes/notes/smtp_tls-907be4451c86b669.yaml
@@ -0,0 +1,18 @@
+---
+summary: >
+ Additional option for push notification service to work with SMTP server
+
+features:
+ - Earlier the push notification service considered SMTP server working only under TLS.
+ In case of custom SMPT servers which use non-TLS connection the push notification service is
+ not working properly. This patch added the explicit definition of TLS using.
+ To define this parameter you need to set 'pushkin_smtp_use_tls' variable on cluster level metadata.
+
+ Example:
+ .. code-block:: yaml
+ parameters:
+ _param:
+ pushkin_smtp_use_tls: true
+
+fixes:
+ - related US: https://mirantis.jira.com/browse/PROD-14976
diff --git a/.releasenotes/notes/ssl-galera-b19bcada86dab036.yaml b/.releasenotes/notes/ssl-galera-b19bcada86dab036.yaml
new file mode 100644
index 0000000..41fe1b3
--- /dev/null
+++ b/.releasenotes/notes/ssl-galera-b19bcada86dab036.yaml
@@ -0,0 +1,9 @@
+---
+summary: >
+ Added a possibility to configure the SSL ``GRANT`` options
+ when creating the Galera databases
+
+features:
+ - Added a possibility to set the SSL ``GRANT`` options when
+ creating the Galera databases using the
+ ``mysql_{service}_ssl_option`` parameter.
diff --git a/apache/server/proxy/openstack/cinder.yml b/apache/server/proxy/openstack/cinder.yml
new file mode 100644
index 0000000..8b3fb4f
--- /dev/null
+++ b/apache/server/proxy/openstack/cinder.yml
@@ -0,0 +1,24 @@
+parameters:
+ _param:
+ apache_proxy_ssl:
+ enabled: false
+ apache_proxy_openstack_api_host: ${_param:cluster_public_host}
+ apache_proxy_openstack_api_address: 0.0.0.0
+ apache_proxy_openstack_cinder_host: ${_param:cinder_service_host}
+ apache:
+ server:
+ site:
+ apache_proxy_openstack_api_cinder:
+ enabled: true
+ type: proxy
+ name: openstack_api_cinder
+ check: false
+ proxy:
+ host: ${_param:apache_proxy_openstack_cinder_host}
+ port: 8776
+ protocol: http
+ host:
+ name: ${_param:apache_proxy_openstack_api_host}
+ port: 8776
+ address: ${_param:apache_proxy_openstack_api_address}
+ ssl: ${_param:apache_proxy_ssl}
diff --git a/apache/server/proxy/openstack/designate.yml b/apache/server/proxy/openstack/designate.yml
new file mode 100644
index 0000000..b681cf7
--- /dev/null
+++ b/apache/server/proxy/openstack/designate.yml
@@ -0,0 +1,28 @@
+parameters:
+ _param:
+ apache_proxy_ssl:
+ enabled: false
+ apache_proxy_openstack_api_host: ${_param:cluster_public_host}
+ apache_proxy_openstack_api_address: 0.0.0.0
+ apache_proxy_openstack_designate_host: ${_param:designate_service_host}
+ apache:
+ server:
+ modules:
+ - proxy
+ - proxy_http
+ - headers
+ enabled: true
+ site:
+ apache_proxy_openstack_api_designate:
+ enabled: true
+ type: proxy
+ name: openstack_api_designate
+ proxy:
+ host: ${_param:apache_proxy_openstack_designate_host}
+ port: 9001
+ protocol: http
+ host:
+ name: ${_param:apache_proxy_openstack_api_host}
+ port: 9001
+ address: ${_param:apache_proxy_openstack_api_address}
+ ssl: ${_param:apache_proxy_ssl}
diff --git a/apache/server/proxy/openstack/glance.yml b/apache/server/proxy/openstack/glance.yml
new file mode 100644
index 0000000..91bedea
--- /dev/null
+++ b/apache/server/proxy/openstack/glance.yml
@@ -0,0 +1,24 @@
+parameters:
+ _param:
+ apache_proxy_ssl:
+ enabled: false
+ apache_proxy_openstack_api_host: ${_param:cluster_public_host}
+ apache_proxy_openstack_api_address: 0.0.0.0
+ apache_proxy_openstack_glance_host: ${_param:glance_service_host}
+ apache:
+ server:
+ enabled: true
+ site:
+ apache_proxy_openstack_api_glance:
+ enabled: true
+ type: proxy
+ name: openstack_api_glance
+ proxy:
+ host: ${_param:apache_proxy_openstack_glance_host}
+ port: 9292
+ protocol: http
+ host:
+ name: ${_param:apache_proxy_openstack_api_host}
+ port: 9292
+ address: ${_param:apache_proxy_openstack_api_address}
+ ssl: ${_param:apache_proxy_ssl}
diff --git a/apache/server/proxy/openstack/heat.yml b/apache/server/proxy/openstack/heat.yml
new file mode 100644
index 0000000..b844c45
--- /dev/null
+++ b/apache/server/proxy/openstack/heat.yml
@@ -0,0 +1,52 @@
+parameters:
+ _param:
+ apache_proxy_ssl:
+ enabled: false
+ apache_proxy_openstack_api_host: ${_param:cluster_public_host}
+ apache_proxy_openstack_api_address: 0.0.0.0
+ apache_proxy_openstack_heat_host: ${_param:heat_service_host}
+ apache:
+ server:
+ site:
+ apache_proxy_openstack_api_heat:
+ enabled: true
+ type: proxy
+ name: openstack_api_heat
+ check: false
+ proxy:
+ host: ${_param:apache_proxy_openstack_heat_host}
+ port: 8004
+ protocol: http
+ host:
+ name: ${_param:apache_proxy_openstack_api_host}
+ port: 8004
+ address: ${_param:apache_proxy_openstack_api_address}
+ ssl: ${_param:apache_proxy_ssl}
+ apache_proxy_openstack_api_heat_cfn:
+ enabled: true
+ type: proxy
+ name: openstack_api_heat_cfn
+ check: false
+ proxy:
+ host: ${_param:apache_proxy_openstack_heat_host}
+ port: 8000
+ protocol: http
+ host:
+ name: ${_param:apache_proxy_openstack_api_host}
+ port: 8000
+ address: ${_param:apache_proxy_openstack_api_address}
+ ssl: ${_param:apache_proxy_ssl}
+ apache_proxy_openstack_api_heat_cloudwatch:
+ enabled: true
+ type: proxy
+ name: openstack_api_heat_cloudwatch
+ check: false
+ proxy:
+ host: ${_param:apache_proxy_openstack_heat_host}
+ port: 8003
+ protocol: http
+ host:
+ name: ${_param:apache_proxy_openstack_api_host}
+ port: 8003
+ address: ${_param:apache_proxy_openstack_api_address}
+ ssl: ${_param:apache_proxy_ssl}
diff --git a/apache/server/proxy/openstack/neutron.yml b/apache/server/proxy/openstack/neutron.yml
new file mode 100644
index 0000000..dd18c40
--- /dev/null
+++ b/apache/server/proxy/openstack/neutron.yml
@@ -0,0 +1,24 @@
+parameters:
+ _param:
+ apache_proxy_ssl:
+ enabled: false
+ apache_proxy_openstack_api_host: ${_param:cluster_public_host}
+ apache_proxy_openstack_api_address: 0.0.0.0
+ apache_proxy_openstack_neutron_host: ${_param:neutron_service_host}
+ apache:
+ server:
+ site:
+ apache_proxy_openstack_api_neutron:
+ enabled: true
+ type: proxy
+ name: openstack_api_neutron
+ check: false
+ proxy:
+ host: ${_param:apache_proxy_openstack_neutron_host}
+ port: 9696
+ protocol: http
+ host:
+ name: ${_param:apache_proxy_openstack_api_host}
+ port: 9696
+ address: ${_param:apache_proxy_openstack_api_address}
+ ssl: ${_param:apache_proxy_ssl}
diff --git a/apache/server/proxy/openstack/nova.yml b/apache/server/proxy/openstack/nova.yml
new file mode 100644
index 0000000..66a0107
--- /dev/null
+++ b/apache/server/proxy/openstack/nova.yml
@@ -0,0 +1,24 @@
+parameters:
+ _param:
+ apache_proxy_ssl:
+ enabled: false
+ apache_proxy_openstack_api_host: ${_param:cluster_public_host}
+ apache_proxy_openstack_api_address: 0.0.0.0
+ apache_proxy_openstack_nova_host: ${_param:nova_service_host}
+ apache:
+ server:
+ site:
+ apache_proxy_openstack_api_nova:
+ enabled: true
+ type: proxy
+ name: openstack_api_nova
+ check: false
+ proxy:
+ host: ${_param:apache_proxy_openstack_nova_host}
+ port: 8774
+ protocol: http
+ host:
+ name: ${_param:apache_proxy_openstack_api_host}
+ port: 8774
+ address: ${_param:apache_proxy_openstack_api_address}
+ ssl: ${_param:apache_proxy_ssl}
diff --git a/apache/server/proxy/openstack/placement.yml b/apache/server/proxy/openstack/placement.yml
new file mode 100644
index 0000000..9e256b2
--- /dev/null
+++ b/apache/server/proxy/openstack/placement.yml
@@ -0,0 +1,25 @@
+parameters:
+ _param:
+ apache_proxy_ssl:
+ enabled: false
+ placement_service_host: ${_param:nova_service_host}
+ apache_proxy_openstack_api_host: ${_param:cluster_public_host}
+ apache_proxy_openstack_api_address: 0.0.0.0
+ apache_proxy_openstack_placement_host: ${_param:placement_service_host}
+ apache:
+ server:
+ site:
+ apache_proxy_openstack_api_placement:
+ enabled: true
+ type: proxy
+ name: openstack_api_placement
+ check: false
+ proxy:
+ host: ${_param:apache_proxy_openstack_placement_host}
+ port: 8778
+ protocol: http
+ host:
+ name: ${_param:apache_proxy_openstack_api_host}
+ port: 8778
+ address: ${_param:apache_proxy_openstack_api_address}
+ ssl: ${_param:apache_proxy_ssl}
diff --git a/apache/server/site/barbican.yml b/apache/server/site/barbican.yml
new file mode 100644
index 0000000..78c9f02
--- /dev/null
+++ b/apache/server/site/barbican.yml
@@ -0,0 +1,50 @@
+parameters:
+ _param:
+ apache_barbican_ssl:
+ enabled: false
+ apache_barbican_api_address: 0.0.0.0
+ apache_barbican_api_host: ${linux:network:fqdn}
+ apache:
+ server:
+ enabled: true
+ site:
+ barbican:
+ enabled: false
+ available: true
+ type: wsgi
+ name: barbican
+ ssl: ${_param:apache_barbican_ssl}
+ wsgi:
+ daemon_process: barbican-api
+ processes: 3
+ threads: 10
+ user: barbican
+ group: barbican
+ display_name: '%{GROUP}'
+ script_alias: '/ /usr/bin/barbican-wsgi-api'
+ application_group: '%{GLOBAL}'
+ authorization: 'On'
+ host:
+ address: ${_param:apache_barbican_api_address}
+ name: ${_param:apache_barbican_api_host}
+ port: 9311
+ log:
+ custom:
+ format: >-
+ %v:%p %{X-Forwarded-For}i %h %l %u %t \"%r\" %>s %D %O \"%{Referer}i\" \"%{User-Agent}i\"
+ error:
+ enabled: true
+ format: '%M'
+ barbican_admin:
+ enabled: false
+ available: true
+ type: wsgi
+ name: barbican_admin
+ ssl: ${_param:apache_barbican_ssl}
+ wsgi:
+ daemon_process: barbican-api-admin
+ processes: 3
+ threads: 10
+ user: barbican
+ group: barbican
+ display_name: '%{GROUP}'
diff --git a/apache/server/site/cinder.yml b/apache/server/site/cinder.yml
new file mode 100644
index 0000000..7338b6e
--- /dev/null
+++ b/apache/server/site/cinder.yml
@@ -0,0 +1,42 @@
+parameters:
+ _param:
+ apache_cinder_ssl:
+ enabled: false
+ apache_cinder_api_address: 0.0.0.0
+ apache_cinder_api_host: ${linux:network:fqdn}
+ cinder:
+ server:
+ service_name: apache2
+ apache:
+ server:
+ enabled: true
+ default_mpm: event
+ site:
+ cinder:
+ enabled: false
+ available: true
+ type: wsgi
+ name: cinder
+ ssl: ${_param:apache_cinder_ssl}
+ wsgi:
+ daemon_process: cinder-wsgi
+ processes: 5
+ threads: 1
+ user: cinder
+ group: cinder
+ display_name: '%{GROUP}'
+ script_alias: '/ /usr/bin/cinder-wsgi'
+ application_group: '%{GLOBAL}'
+ authorization: 'On'
+ host:
+ address: ${_param:apache_cinder_api_address}
+ name: ${_param:apache_cinder_api_host}
+ port: 8776
+ log:
+ custom:
+ format: >-
+ %v:%p %{X-Forwarded-For}i %h %l %u %t \"%r\" %>s %D %O \"%{Referer}i\" \"%{User-Agent}i\"
+ error:
+ enabled: true
+ format: '%M'
+ file: '/var/log/apache2/cinder_error.log'
diff --git a/apache/server/site/gnocchi.yml b/apache/server/site/gnocchi.yml
new file mode 100644
index 0000000..a3d6def
--- /dev/null
+++ b/apache/server/site/gnocchi.yml
@@ -0,0 +1,35 @@
+parameters:
+ _param:
+ gnocchi_api_workers: 2
+ apache_gnocchi_ssl:
+ enabled: false
+ apache_gnocchi_api_host: ${linux:network:fqdn}
+ apache_gnocchi_api_address: ${_param:single_address}
+ apache_gnocchi_api_port: 8041
+ apache:
+ server:
+ site:
+ gnocchi:
+ enabled: false
+ available: true
+ type: wsgi
+ name: gnocchi
+ ssl: ${_param:apache_gnocchi_ssl}
+ host:
+ name: ${_param:apache_gnocchi_api_host}
+ address: ${_param:apache_gnocchi_api_address}
+ port: ${_param:apache_gnocchi_api_port}
+ log:
+ custom:
+ format: >-
+ %v:%p %{X-Forwarded-For}i %h %l %u %t \"%r\" %>s %D %O \"%{Referer}i\" \"%{User-Agent}i\"
+ wsgi:
+ daemon_process: gnocchi-api
+ processes: ${_param:gnocchi_api_workers}
+ threads: 10
+ user: gnocchi
+ group: gnocchi
+ display_name: '%{GROUP}'
+ script_alias: '/ /usr/bin/gnocchi-api'
+ application_group: '%{GLOBAL}'
+ authorization: 'On'
diff --git a/apache/server/site/manila.yml b/apache/server/site/manila.yml
new file mode 100644
index 0000000..2161882
--- /dev/null
+++ b/apache/server/site/manila.yml
@@ -0,0 +1,44 @@
+parameters:
+ _param:
+ apache_manila_ssl:
+ enabled: false
+ apache_manila_api_address: 0.0.0.0
+ apache_manila_api_host: ${linux:network:fqdn}
+ manila:
+ server:
+ service_name: apache2
+ apache:
+ server:
+ enabled: true
+ default_mpm: event
+ site:
+ manila:
+ enabled: false
+ available: true
+ type: wsgi
+ name: manila
+ ssl: ${_param:apache_manila_ssl}
+ wsgi:
+ daemon_process: manila-api
+ threads: 2
+ user: manila
+ group: manila
+ display_name: '%{GROUP}'
+ script_alias: '/ /usr/bin/manila-wsgi'
+ application_group: '%{GLOBAL}'
+ authorization: 'On'
+ limits:
+ request_body: 114688
+ host:
+ address: ${_param:apache_manila_api_address}
+ name: ${_param:apache_manila_api_host}
+ port: 8786
+ log:
+ custom:
+ format: >-
+ %v:%p %{X-Forwarded-For}i %h %l %u %t \"%r\" %>s %D %O \"%{Referer}i\" \"%{User-Agent}i\"
+ error:
+ enabled: true
+ level: debug
+ format: '%M'
+ file: '/var/log/manila/manila-api.log'
diff --git a/apache/server/site/nova-placement.yml b/apache/server/site/nova-placement.yml
new file mode 100644
index 0000000..9eeeae4
--- /dev/null
+++ b/apache/server/site/nova-placement.yml
@@ -0,0 +1,45 @@
+parameters:
+ _param:
+ apache_nova_placement_ssl:
+ enabled: false
+ apache_nova_placement_api_address: 0.0.0.0
+ apache_nova_placement_api_host: ${linux:network:fqdn}
+ nova_placement:
+ server:
+ service_name: apache2
+ apache:
+ server:
+ enabled: true
+ default_mpm: event
+ site:
+ nova_placement:
+ enabled: false
+ available: true
+ type: wsgi
+ name: nova_placement
+ ssl: ${_param:apache_nova_placement_ssl}
+ wsgi:
+ daemon_process: nova-placement
+ processes: 5
+ threads: 1
+ user: nova
+ group: nova
+ display_name: '%{GROUP}'
+ script_alias: '/ /usr/bin/nova-placement-api'
+ application_group: '%{GLOBAL}'
+ authorization: 'On'
+ limits:
+ request_body: 114688
+ host:
+ address: ${_param:apache_nova_placement_api_address}
+ name: ${_param:apache_nova_placement_api_host}
+ port: 8778
+ log:
+ custom:
+ format: >-
+ %v:%p %{X-Forwarded-For}i %h %l %u %t \"%r\" %>s %D %O \"%{Referer}i\" \"%{User-Agent}i\"
+ file: '/var/log/apache2/nova_placement_access.log'
+ error:
+ enabled: true
+ format: '%M'
+ file: '/var/log/apache2/nova_placement_error.log'
diff --git a/apache/server/site/panko.yml b/apache/server/site/panko.yml
new file mode 100644
index 0000000..d052c37
--- /dev/null
+++ b/apache/server/site/panko.yml
@@ -0,0 +1,35 @@
+parameters:
+ _param:
+ apache_panko_ssl:
+ enabled: false
+ panko_api_workers: 2
+ apache_panko_api_host: ${linux:network:fqdn}
+ apache_panko_api_address: ${_param:single_address}
+ apache_panko_api_port: 8977
+ apache:
+ server:
+ site:
+ panko:
+ enabled: false
+ available: true
+ type: wsgi
+ name: panko
+ ssl: ${_param:apache_panko_ssl}
+ host:
+ name: ${_param:apache_panko_api_host}
+ address: ${_param:apache_panko_api_address}
+ port: ${_param:apache_panko_api_port}
+ log:
+ custom:
+ format: >-
+ %v:%p %{X-Forwarded-For}i %h %l %u %t \"%r\" %>s %D %O \"%{Referer}i\" \"%{User-Agent}i\"
+ wsgi:
+ daemon_process: panko-api
+ processes: ${_param:panko_api_workers}
+ threads: 1
+ user: panko
+ group: panko
+ display_name: '%{GROUP}'
+ script_alias: '/ /usr/bin/panko-api'
+ application_group: '%{GLOBAL}'
+ authorization: 'On'
diff --git a/aptly/server/mirror/ubuntu/trusty/mcp/apt_mk/fluentd.yml b/aptly/server/mirror/ubuntu/trusty/mcp/apt_mk/fluentd.yml
new file mode 100644
index 0000000..ee765d4
--- /dev/null
+++ b/aptly/server/mirror/ubuntu/trusty/mcp/apt_mk/fluentd.yml
@@ -0,0 +1,21 @@
+parameters:
+ _param:
+ apt_mk_version: stable
+ mirror_mirantis_openstack_trusty_fluentd_source: http://mirror.mirantis.com/${_param:apt_mk_version}/td-agent/trusty
+ mirror_mirantis_openstack_trusty_fluentd_distribution: trusty
+ mirror_mirantis_openstack_trusty_fluentd_components: contrib
+ mirror_mirantis_openstack_trusty_fluentd_gpgkeys:
+ - 901F9177AB97ACBE
+ aptly:
+ server:
+ mirror:
+ mirantis_openstack_trusty_fluentd:
+ source: ${_param:mirror_mirantis_openstack_trusty_fluentd_source}
+ distribution: ${_param:mirror_mirantis_openstack_trusty_fluentd_distribution}
+ components: ${_param:mirror_mirantis_openstack_trusty_fluentd_components}
+ architectures: amd64
+ gpgkeys: ${_param:mirror_mirantis_openstack_trusty_fluentd_gpgkeys}
+ publisher:
+ component: contrib
+ distributions:
+ - ubuntu-trusty/fluentd/${_param:apt_mk_version}
diff --git a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/aptly.yml b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/aptly.yml
index 507ed5e..72c20cb 100644
--- a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/aptly.yml
+++ b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/aptly.yml
@@ -1,12 +1,11 @@
parameters:
_param:
apt_mk_version: stable
- mirror_mirantis_openstack_xenial_aptly_source: http://apt.mirantis.com/xenial/aptly/
- mirror_mirantis_openstack_xenial_aptly_distribution: ${_param:apt_mk_version}
+ mirror_mirantis_openstack_xenial_aptly_source: http://mirror.mirantis.com/${_param:apt_mk_version}/aptly/xenial/
+ mirror_mirantis_openstack_xenial_aptly_distribution: squeeze
mirror_mirantis_openstack_xenial_aptly_components: main
- mirror_mirantis_openstack_xenial_aptly_key_url: "http://apt.mirantis.com/public.gpg"
mirror_mirantis_openstack_xenial_aptly_gpgkeys:
- - A76882D3
+ - 9C7DE460
aptly:
server:
mirror:
@@ -15,9 +14,8 @@
distribution: ${_param:mirror_mirantis_openstack_xenial_aptly_distribution}
components: ${_param:mirror_mirantis_openstack_xenial_aptly_components}
architectures: amd64
- key_url: ${_param:mirror_mirantis_openstack_xenial_aptly_key_url}
gpgkeys: ${_param:mirror_mirantis_openstack_xenial_aptly_gpgkeys}
publisher:
- component: ${_param:mirror_mirantis_openstack_xenial_aptly_components}
+ component: main
distributions:
- ubuntu-xenial/aptly/${_param:apt_mk_version}
\ No newline at end of file
diff --git a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/cassandra.yml b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/cassandra.yml
index 5afbf77..c34a904 100644
--- a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/cassandra.yml
+++ b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/cassandra.yml
@@ -1,12 +1,14 @@
parameters:
_param:
apt_mk_version: stable
- mirror_mirantis_openstack_xenial_cassandra_source: http://apt.mirantis.com/xenial/cassandra/
- mirror_mirantis_openstack_xenial_cassandra_distribution: ${_param:apt_mk_version}
- mirror_mirantis_openstack_xenial_cassandra_components: 21x
- mirror_mirantis_openstack_xenial_cassandra_key_url: "http://apt.mirantis.com/public.gpg"
+ mirror_mirantis_openstack_xenial_cassandra_source: http://mirror.mirantis.com/${_param:apt_mk_version}/cassandra/xenial/
+ mirror_mirantis_openstack_xenial_cassandra_distribution: 21x
+ mirror_mirantis_openstack_xenial_cassandra_components: main
mirror_mirantis_openstack_xenial_cassandra_gpgkeys:
- - A76882D3
+ - A278B781FE4B2BDA
+ - F758CE318D77295D
+ - 2B5C1B00
+ - 0353B12C
aptly:
server:
mirror:
@@ -15,9 +17,8 @@
distribution: ${_param:mirror_mirantis_openstack_xenial_cassandra_distribution}
components: ${_param:mirror_mirantis_openstack_xenial_cassandra_components}
architectures: amd64
- key_url: ${_param:mirror_mirantis_openstack_xenial_cassandra_key_url}
gpgkeys: ${_param:mirror_mirantis_openstack_xenial_cassandra_gpgkeys}
publisher:
- component: ${_param:mirror_mirantis_openstack_xenial_cassandra_components}
+ component: 21x
distributions:
- ubuntu-xenial/cassandra/${_param:apt_mk_version}
\ No newline at end of file
diff --git a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/ceph.yml b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/ceph.yml
index a0b1293..d997485 100644
--- a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/ceph.yml
+++ b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/ceph.yml
@@ -1,10 +1,9 @@
parameters:
_param:
apt_mk_version: stable
- mirror_mirantis_openstack_xenial_ceph_source: http://apt.mirantis.com/xenial/ceph/
+ mirror_mirantis_openstack_xenial_ceph_source: http://apt.mirantis.com/xenial/
mirror_mirantis_openstack_xenial_ceph_distribution: ${_param:apt_mk_version}
- mirror_mirantis_openstack_xenial_ceph_components: luminous
- mirror_mirantis_openstack_xenial_ceph_key_url: "http://apt.mirantis.com/public.gpg"
+ mirror_mirantis_openstack_xenial_ceph_components: ceph-luminous
mirror_mirantis_openstack_xenial_ceph_gpgkeys:
- A76882D3
aptly:
@@ -15,9 +14,8 @@
distribution: ${_param:mirror_mirantis_openstack_xenial_ceph_distribution}
components: ${_param:mirror_mirantis_openstack_xenial_ceph_components}
architectures: amd64
- key_url: ${_param:mirror_mirantis_openstack_xenial_ceph_key_url}
gpgkeys: ${_param:mirror_mirantis_openstack_xenial_ceph_gpgkeys}
publisher:
- component: ${_param:mirror_mirantis_openstack_xenial_ceph_components}
+ component: luminous
distributions:
- ubuntu-xenial/ceph/${_param:apt_mk_version}
\ No newline at end of file
diff --git a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/docker-legacy.yml b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/docker-legacy.yml
index c71c543..c6814b7 100644
--- a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/docker-legacy.yml
+++ b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/docker-legacy.yml
@@ -1,12 +1,11 @@
parameters:
_param:
apt_mk_version: stable
- mirror_mirantis_openstack_xenial_docker_legacy_source: http://apt.mirantis.com/xenial/docker/
- mirror_mirantis_openstack_xenial_docker_legacy_distribution: ${_param:apt_mk_version}
- mirror_mirantis_openstack_xenial_docker_legacy_components: legacy
- mirror_mirantis_openstack_xenial_docker_legacy_key_url: "http://apt.mirantis.com/public.gpg"
+ mirror_mirantis_openstack_xenial_docker_legacy_source: http://mirror.mirantis.com/${_param:apt_mk_version}/docker-1.x/xenial/
+ mirror_mirantis_openstack_xenial_docker_legacy_distribution: ubuntu-xenial
+ mirror_mirantis_openstack_xenial_docker_legacy_components: main
mirror_mirantis_openstack_xenial_docker_legacy_gpgkeys:
- - A76882D3
+ - 58118E89F3A912897C070ADBF76221572C52609D
aptly:
server:
mirror:
@@ -15,9 +14,8 @@
distribution: ${_param:mirror_mirantis_openstack_xenial_docker_legacy_distribution}
components: ${_param:mirror_mirantis_openstack_xenial_docker_legacy_components}
architectures: amd64
- key_url: ${_param:mirror_mirantis_openstack_xenial_docker_legacy_key_url}
gpgkeys: ${_param:mirror_mirantis_openstack_xenial_docker_legacy_gpgkeys}
publisher:
- component: ${_param:mirror_mirantis_openstack_xenial_docker_legacy_components}
+ component: legacy
distributions:
- ubuntu-xenial/docker/${_param:apt_mk_version}
\ No newline at end of file
diff --git a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/docker.yml b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/docker.yml
index 703d202..2ae01f9 100644
--- a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/docker.yml
+++ b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/docker.yml
@@ -1,12 +1,11 @@
parameters:
_param:
apt_mk_version: stable
- mirror_mirantis_openstack_xenial_docker_source: http://apt.mirantis.com/xenial/docker/
- mirror_mirantis_openstack_xenial_docker_distribution: ${_param:apt_mk_version}
+ mirror_mirantis_openstack_xenial_docker_source: http://mirror.mirantis.com/${_param:apt_mk_version}/docker/xenial/
+ mirror_mirantis_openstack_xenial_docker_distribution: xenial
mirror_mirantis_openstack_xenial_docker_components: stable
- mirror_mirantis_openstack_xenial_docker_key_url: "http://apt.mirantis.com/public.gpg"
mirror_mirantis_openstack_xenial_docker_gpgkeys:
- - A76882D3
+ - 9DC858229FC7DD38854AE2D88D81803C0EBFCD88
aptly:
server:
mirror:
@@ -15,9 +14,8 @@
distribution: ${_param:mirror_mirantis_openstack_xenial_docker_distribution}
components: ${_param:mirror_mirantis_openstack_xenial_docker_components}
architectures: amd64
- key_url: ${_param:mirror_mirantis_openstack_xenial_docker_key_url}
gpgkeys: ${_param:mirror_mirantis_openstack_xenial_docker_gpgkeys}
publisher:
- component: ${_param:mirror_mirantis_openstack_xenial_docker_components}
+ component: stable
distributions:
- ubuntu-xenial/docker/${_param:apt_mk_version}
\ No newline at end of file
diff --git a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/elastic/2x.yml b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/elastic/2x.yml
index 6b1c006..1bf92ed 100644
--- a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/elastic/2x.yml
+++ b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/elastic/2x.yml
@@ -1,12 +1,11 @@
parameters:
_param:
apt_mk_version: stable
- mirror_mirantis_openstack_xenial_elastic_2x_source: http://apt.mirantis.com/xenial/elastic/2.x/
- mirror_mirantis_openstack_xenial_elastic_2x_distribution: ${_param:apt_mk_version}
+ mirror_mirantis_openstack_xenial_elastic_2x_source: http://mirror.mirantis.com/${_param:apt_mk_version}/elasticsearch-2.x/xenial/
+ mirror_mirantis_openstack_xenial_elastic_2x_distribution: stable
mirror_mirantis_openstack_xenial_elastic_2x_components: main
- mirror_mirantis_openstack_xenial_elastic_2x_key_url: "http://apt.mirantis.com/public.gpg"
mirror_mirantis_openstack_xenial_elastic_2x_gpgkeys:
- - A76882D3
+ - D88E42B4
aptly:
server:
mirror:
@@ -15,9 +14,8 @@
distribution: ${_param:mirror_mirantis_openstack_xenial_elastic_2x_distribution}
components: ${_param:mirror_mirantis_openstack_xenial_elastic_2x_components}
architectures: amd64
- key_url: ${_param:mirror_mirantis_openstack_xenial_elastic_2x_key_url}
gpgkeys: ${_param:mirror_mirantis_openstack_xenial_elastic_2x_gpgkeys}
publisher:
- component: ${_param:mirror_mirantis_openstack_xenial_elastic_2x_components}
+ component: main
distributions:
- ubuntu-xenial/elastic/2.x/${_param:apt_mk_version}
\ No newline at end of file
diff --git a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/elastic/5x.yml b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/elastic/5x.yml
index d7e92c6..1281c30 100644
--- a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/elastic/5x.yml
+++ b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/elastic/5x.yml
@@ -1,12 +1,11 @@
parameters:
_param:
apt_mk_version: stable
- mirror_mirantis_openstack_xenial_elastic_5x_source: http://apt.mirantis.com/xenial/elastic/5.x/
- mirror_mirantis_openstack_xenial_elastic_5x_distribution: ${_param:apt_mk_version}
+ mirror_mirantis_openstack_xenial_elastic_5x_source: http://mirror.mirantis.com/${_param:apt_mk_version}/elasticsearch-5.x/xenial/
+ mirror_mirantis_openstack_xenial_elastic_5x_distribution: stable
mirror_mirantis_openstack_xenial_elastic_5x_components: main
- mirror_mirantis_openstack_xenial_elastic_5x_key_url: "http://apt.mirantis.com/public.gpg"
mirror_mirantis_openstack_xenial_elastic_5x_gpgkeys:
- - A76882D3
+ - D88E42B4
aptly:
server:
mirror:
@@ -15,9 +14,8 @@
distribution: ${_param:mirror_mirantis_openstack_xenial_elastic_5x_distribution}
components: ${_param:mirror_mirantis_openstack_xenial_elastic_5x_components}
architectures: amd64
- key_url: ${_param:mirror_mirantis_openstack_xenial_elastic_5x_key_url}
gpgkeys: ${_param:mirror_mirantis_openstack_xenial_elastic_5x_gpgkeys}
publisher:
- component: ${_param:mirror_mirantis_openstack_xenial_elastic_5x_components}
+ component: main
distributions:
- ubuntu-xenial/elastic/5.x/${_param:apt_mk_version}
diff --git a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/fluentd.yml b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/fluentd.yml
new file mode 100644
index 0000000..bba5d9c
--- /dev/null
+++ b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/fluentd.yml
@@ -0,0 +1,21 @@
+parameters:
+ _param:
+ apt_mk_version: stable
+ mirror_mirantis_openstack_xenial_fluentd_source: http://mirror.mirantis.com/${_param:apt_mk_version}/td-agent/xenial
+ mirror_mirantis_openstack_xenial_fluentd_distribution: xenial
+ mirror_mirantis_openstack_xenial_fluentd_components: contrib
+ mirror_mirantis_openstack_xenial_fluentd_gpgkeys:
+ - 901F9177AB97ACBE
+ aptly:
+ server:
+ mirror:
+ mirantis_openstack_xenial_fluentd:
+ source: ${_param:mirror_mirantis_openstack_xenial_fluentd_source}
+ distribution: ${_param:mirror_mirantis_openstack_xenial_fluentd_distribution}
+ components: ${_param:mirror_mirantis_openstack_xenial_fluentd_components}
+ architectures: amd64
+ gpgkeys: ${_param:mirror_mirantis_openstack_xenial_fluentd_gpgkeys}
+ publisher:
+ component: contrib
+ distributions:
+ - ubuntu-xenial/fluentd/${_param:apt_mk_version}
diff --git a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/glusterfs.yml b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/glusterfs.yml
index cfec221..c38aa6f 100644
--- a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/glusterfs.yml
+++ b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/glusterfs.yml
@@ -1,12 +1,11 @@
parameters:
_param:
apt_mk_version: stable
- mirror_mirantis_openstack_xenial_glusterfs_source: http://apt.mirantis.com/xenial/glusterfs/
- mirror_mirantis_openstack_xenial_glusterfs_distribution: ${_param:apt_mk_version}
- mirror_mirantis_openstack_xenial_glusterfs_components: '"3.12"'
- mirror_mirantis_openstack_xenial_glusterfs_key_url: "http://apt.mirantis.com/public.gpg"
+ mirror_mirantis_openstack_xenial_glusterfs_source: http://mirror.mirantis.com/${_param:apt_mk_version}/glusterfs-3.8/xenial/
+ mirror_mirantis_openstack_xenial_glusterfs_distribution: xenial
+ mirror_mirantis_openstack_xenial_glusterfs_components: main
mirror_mirantis_openstack_xenial_glusterfs_gpgkeys:
- - A76882D3
+ - 3FE869A9
aptly:
server:
mirror:
@@ -15,9 +14,8 @@
distribution: ${_param:mirror_mirantis_openstack_xenial_glusterfs_distribution}
components: ${_param:mirror_mirantis_openstack_xenial_glusterfs_components}
architectures: amd64
- key_url: ${_param:mirror_mirantis_openstack_xenial_glusterfs_key_url}
gpgkeys: ${_param:mirror_mirantis_openstack_xenial_glusterfs_gpgkeys}
publisher:
- component: ${_param:mirror_mirantis_openstack_xenial_glusterfs_components}
+ component: '"3.8"'
distributions:
- ubuntu-xenial/glusterfs/${_param:apt_mk_version}
\ No newline at end of file
diff --git a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/grafana.yml b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/grafana.yml
index e09ba61..7c159b8 100644
--- a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/grafana.yml
+++ b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/grafana.yml
@@ -1,12 +1,11 @@
parameters:
_param:
apt_mk_version: stable
- mirror_mirantis_openstack_xenial_grafana_source: http://apt.mirantis.com/xenial/grafana/
- mirror_mirantis_openstack_xenial_grafana_distribution: ${_param:apt_mk_version}
+ mirror_mirantis_openstack_xenial_grafana_source: http://mirror.mirantis.com/${_param:apt_mk_version}/grafana/xenial/
+ mirror_mirantis_openstack_xenial_grafana_distribution: jessie
mirror_mirantis_openstack_xenial_grafana_components: main
- mirror_mirantis_openstack_xenial_grafana_key_url: "http://apt.mirantis.com/public.gpg"
mirror_mirantis_openstack_xenial_grafana_gpgkeys:
- - A76882D3
+ - D59097AB
aptly:
server:
mirror:
@@ -15,9 +14,8 @@
distribution: ${_param:mirror_mirantis_openstack_xenial_grafana_distribution}
components: ${_param:mirror_mirantis_openstack_xenial_grafana_components}
architectures: amd64
- key_url: ${_param:mirror_mirantis_openstack_xenial_grafana_key_url}
gpgkeys: ${_param:mirror_mirantis_openstack_xenial_grafana_gpgkeys}
publisher:
- component: ${_param:mirror_mirantis_openstack_xenial_grafana_components}
+ component: main
distributions:
- ubuntu-xenial/grafana/${_param:apt_mk_version}
\ No newline at end of file
diff --git a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/influxdb.yml b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/influxdb.yml
index 01093fe..e8838d9 100644
--- a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/influxdb.yml
+++ b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/influxdb.yml
@@ -1,12 +1,11 @@
parameters:
_param:
apt_mk_version: stable
- mirror_mirantis_openstack_xenial_influxdb_source: http://apt.mirantis.com/xenial/influxdb/
- mirror_mirantis_openstack_xenial_influxdb_distribution: ${_param:apt_mk_version}
- mirror_mirantis_openstack_xenial_influxdb_components: main
- mirror_mirantis_openstack_xenial_influxdb_key_url: "http://apt.mirantis.com/public.gpg"
+ mirror_mirantis_openstack_xenial_influxdb_source: http://mirror.mirantis.com/${_param:apt_mk_version}/influxdb/xenial/
+ mirror_mirantis_openstack_xenial_influxdb_distribution: xenial
+ mirror_mirantis_openstack_xenial_influxdb_components: stable
mirror_mirantis_openstack_xenial_influxdb_gpgkeys:
- - A76882D3
+ - 2582E0C5
aptly:
server:
mirror:
@@ -15,9 +14,8 @@
distribution: ${_param:mirror_mirantis_openstack_xenial_influxdb_distribution}
components: ${_param:mirror_mirantis_openstack_xenial_influxdb_components}
architectures: amd64
- key_url: ${_param:mirror_mirantis_openstack_xenial_influxdb_key_url}
gpgkeys: ${_param:mirror_mirantis_openstack_xenial_influxdb_gpgkeys}
publisher:
- component: ${_param:mirror_mirantis_openstack_xenial_influxdb_components}
+ component: main
distributions:
- ubuntu-xenial/influxdb/${_param:apt_mk_version}
\ No newline at end of file
diff --git a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/kibana/46.yml b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/kibana/46.yml
index 815185b..253c007 100644
--- a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/kibana/46.yml
+++ b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/kibana/46.yml
@@ -1,12 +1,11 @@
parameters:
_param:
apt_mk_version: stable
- mirror_mirantis_openstack_xenial_kibana_46_source: http://apt.mirantis.com/xenial/kibana/4.6/
- mirror_mirantis_openstack_xenial_kibana_46_distribution: ${_param:apt_mk_version}
- mirror_mirantis_openstack_xenial_kibana_46_components: "kibana-46"
- mirror_mirantis_openstack_xenial_kibana_46_key_url: "http://apt.mirantis.com/public.gpg"
+ mirror_mirantis_openstack_xenial_kibana_46_source: http://mirror.mirantis.com/${_param:apt_mk_version}/kibana-4.6/xenial/
+ mirror_mirantis_openstack_xenial_kibana_46_distribution: stable
+ mirror_mirantis_openstack_xenial_kibana_46_components: main
mirror_mirantis_openstack_xenial_kibana_46_gpgkeys:
- - A76882D3
+ - D88E42B4
aptly:
server:
mirror:
@@ -15,9 +14,8 @@
distribution: ${_param:mirror_mirantis_openstack_xenial_kibana_46_distribution}
components: ${_param:mirror_mirantis_openstack_xenial_kibana_46_components}
architectures: amd64
- key_url: ${_param:mirror_mirantis_openstack_xenial_kibana_46_key_url}
gpgkeys: ${_param:mirror_mirantis_openstack_xenial_kibana_46_gpgkeys}
publisher:
- component: ${_param:mirror_mirantis_openstack_xenial_kibana_46_components}
+ component: kibana-46
distributions:
- ubuntu-xenial/kibana/4.6/${_param:apt_mk_version}
\ No newline at end of file
diff --git a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/kibana/5x.yml b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/kibana/5x.yml
index c1b061e..58d26aa 100644
--- a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/kibana/5x.yml
+++ b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/kibana/5x.yml
@@ -1,12 +1,11 @@
parameters:
_param:
apt_mk_version: stable
- mirror_mirantis_openstack_xenial_kibana_5x_source: http://apt.mirantis.com/xenial/kibana/5.x/
- mirror_mirantis_openstack_xenial_kibana_5x_distribution: ${_param:apt_mk_version}
- mirror_mirantis_openstack_xenial_kibana_5x_components: "kibana-5x"
- mirror_mirantis_openstack_xenial_kibana_5x_key_url: "http://apt.mirantis.com/public.gpg"
+ mirror_mirantis_openstack_xenial_kibana_5x_source: http://mirror.mirantis.com/${_param:apt_mk_version}/elasticsearch-5.x/xenial/
+ mirror_mirantis_openstack_xenial_kibana_5x_distribution: stable
+ mirror_mirantis_openstack_xenial_kibana_5x_components: main
mirror_mirantis_openstack_xenial_kibana_5x_gpgkeys:
- - A76882D3
+ - D88E42B4
aptly:
server:
mirror:
@@ -15,9 +14,8 @@
distribution: ${_param:mirror_mirantis_openstack_xenial_kibana_5x_distribution}
components: ${_param:mirror_mirantis_openstack_xenial_kibana_5x_components}
architectures: amd64
- key_url: ${_param:mirror_mirantis_openstack_xenial_kibana_5x_key_url}
gpgkeys: ${_param:mirror_mirantis_openstack_xenial_kibana_5x_gpgkeys}
publisher:
- component: ${_param:mirror_mirantis_openstack_xenial_kibana_5x_components}
+ component: kibana-5x
distributions:
- ubuntu-xenial/kibana/5.x/${_param:apt_mk_version}
\ No newline at end of file
diff --git a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/maas.yml b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/maas.yml
index 3d63b00..acf5a63 100644
--- a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/maas.yml
+++ b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/maas.yml
@@ -1,12 +1,11 @@
parameters:
_param:
apt_mk_version: stable
- mirror_mirantis_openstack_xenial_maas_source: http://apt.mirantis.com/xenial/maas/
- mirror_mirantis_openstack_xenial_maas_distribution: ${_param:apt_mk_version}
+ mirror_mirantis_openstack_xenial_maas_source: http://mirror.mirantis.com/${_param:apt_mk_version}/maas/xenial/
+ mirror_mirantis_openstack_xenial_maas_distribution: xenial
mirror_mirantis_openstack_xenial_maas_components: main
- mirror_mirantis_openstack_xenial_maas_key_url: "http://apt.mirantis.com/public.gpg"
mirror_mirantis_openstack_xenial_maas_gpgkeys:
- - A76882D3
+ - 684D4A1C
aptly:
server:
mirror:
@@ -15,9 +14,8 @@
distribution: ${_param:mirror_mirantis_openstack_xenial_maas_distribution}
components: ${_param:mirror_mirantis_openstack_xenial_maas_components}
architectures: amd64
- key_url: ${_param:mirror_mirantis_openstack_xenial_maas_key_url}
gpgkeys: ${_param:mirror_mirantis_openstack_xenial_maas_gpgkeys}
publisher:
- component: ${_param:mirror_mirantis_openstack_xenial_maas_components}
+ component: main
distributions:
- ubuntu-xenial/maas/${_param:apt_mk_version}
\ No newline at end of file
diff --git a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/openstack/pike.yml b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/openstack/pike.yml
new file mode 100644
index 0000000..971e8fa
--- /dev/null
+++ b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/openstack/pike.yml
@@ -0,0 +1,25 @@
+parameters:
+ _param:
+ apt_mk_version: stable
+
+ mirror_mirantis_openstack_pike_xenial_source: http://apt.mirantis.com/xenial/openstack/pike/
+ mirror_mirantis_openstack_pike_xenial_distribution: ${_param:apt_mk_version}
+ mirror_mirantis_openstack_pike_xenial_components: main
+ mirror_mirantis_openstack_pike_xenial_key_url: "http://apt.mirantis.com/public.gpg"
+ mirror_mirantis_openstack_pike_xenial_gpgkeys:
+ - A76882D3
+ aptly:
+ server:
+ mirror:
+ mirantis_openstack_pike_xenial:
+ source: ${_param:mirror_mirantis_openstack_pike_xenial_source}
+ distribution: ${_param:mirror_mirantis_openstack_pike_xenial_distribution}
+ components: ${_param:mirror_mirantis_openstack_pike_xenial_components}
+ architectures: amd64
+ key_url: ${_param:mirror_mirantis_openstack_pike_xenial_key_url}
+ gpgkeys: ${_param:mirror_mirantis_openstack_pike_xenial_gpgkeys}
+ publisher:
+ component: main
+ distributions:
+ - ubuntu-xenial/openstack/pike/${_param:apt_mk_version}
+
diff --git a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/saltstack/salt-2016-3.yml b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/saltstack/salt-2016-3.yml
index 86a33e6..bd6b440 100644
--- a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/saltstack/salt-2016-3.yml
+++ b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/saltstack/salt-2016-3.yml
@@ -1,12 +1,11 @@
parameters:
_param:
apt_mk_version: stable
- mirror_mirantis_openstack_xenial_saltstack_2016_3_source: http://apt.mirantis.com/xenial/salt/2016.3/
- mirror_mirantis_openstack_xenial_saltstack_2016_3_distribution: ${_param:apt_mk_version}
+ mirror_mirantis_openstack_xenial_saltstack_2016_3_source: http://mirror.mirantis.com/${_param:apt_mk_version}/saltstack-2016.3/xenial/
+ mirror_mirantis_openstack_xenial_saltstack_2016_3_distribution: xenial
mirror_mirantis_openstack_xenial_saltstack_2016_3_components: main
- mirror_mirantis_openstack_xenial_saltstack_2016_3_key_url: "http://apt.mirantis.com/public.gpg"
mirror_mirantis_openstack_xenial_saltstack_2016_3_gpgkeys:
- - A76882D3
+ - DE57BFBE
aptly:
server:
mirror:
@@ -15,9 +14,8 @@
distribution: ${_param:mirror_mirantis_openstack_xenial_saltstack_2016_3_distribution}
components: ${_param:mirror_mirantis_openstack_xenial_saltstack_2016_3_components}
architectures: amd64
- key_url: ${_param:mirror_mirantis_openstack_xenial_saltstack_2016_3_key_url}
gpgkeys: ${_param:mirror_mirantis_openstack_xenial_saltstack_2016_3_gpgkeys}
publisher:
- component: ${_param:mirror_mirantis_openstack_xenial_saltstack_2016_3_components}
+ component: main
distributions:
- ubuntu-xenial/salt/2016.3/${_param:apt_mk_version}
\ No newline at end of file
diff --git a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/saltstack/salt-2017-7.yml b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/saltstack/salt-2017-7.yml
index 0478cde..019161b 100644
--- a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/saltstack/salt-2017-7.yml
+++ b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/saltstack/salt-2017-7.yml
@@ -1,12 +1,11 @@
parameters:
_param:
apt_mk_version: stable
- mirror_mirantis_openstack_xenial_saltstack_2017_7_source: http://apt.mirantis.com/xenial/salt/2017.7/
- mirror_mirantis_openstack_xenial_saltstack_2017_7_distribution: ${_param:apt_mk_version}
+ mirror_mirantis_openstack_xenial_saltstack_2017_7_source: http://mirror.mirantis.com/${_param:apt_mk_version}/saltstack-2017.7/xenial/
+ mirror_mirantis_openstack_xenial_saltstack_2017_7_distribution: xenial
mirror_mirantis_openstack_xenial_saltstack_2017_7_components: main
- mirror_mirantis_openstack_xenial_saltstack_2017_7_key_url: "http://apt.mirantis.com/public.gpg"
mirror_mirantis_openstack_xenial_saltstack_2017_7_gpgkeys:
- - A76882D3
+ - DE57BFBE
aptly:
server:
mirror:
@@ -15,9 +14,8 @@
distribution: ${_param:mirror_mirantis_openstack_xenial_saltstack_2017_7_distribution}
components: ${_param:mirror_mirantis_openstack_xenial_saltstack_2017_7_components}
architectures: amd64
- key_url: ${_param:mirror_mirantis_openstack_xenial_saltstack_2017_7_key_url}
gpgkeys: ${_param:mirror_mirantis_openstack_xenial_saltstack_2017_7_gpgkeys}
publisher:
- component: ${_param:mirror_mirantis_openstack_xenial_saltstack_2017_7_components}
+ component: main
distributions:
- ubuntu-xenial/salt/2017.7/${_param:apt_mk_version}
\ No newline at end of file
diff --git a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/sensu.yml b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/sensu.yml
index 505ec97..ce42857 100644
--- a/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/sensu.yml
+++ b/aptly/server/mirror/ubuntu/xenial/mcp/apt_mk/sensu.yml
@@ -1,12 +1,12 @@
parameters:
_param:
apt_mk_version: stable
- mirror_mirantis_openstack_xenial_sensu_source: http://apt.mirantis.com/xenial/sensu/
- mirror_mirantis_openstack_xenial_sensu_distribution: ${_param:apt_mk_version}
+ mirror_mirantis_openstack_xenial_sensu_source: http://mirror.mirantis.com/${_param:apt_mk_version}/sensu/xenial/
+ mirror_mirantis_openstack_xenial_sensu_distribution: sensu
mirror_mirantis_openstack_xenial_sensu_components: main
mirror_mirantis_openstack_xenial_sensu_key_url: "http://apt.mirantis.com/public.gpg"
mirror_mirantis_openstack_xenial_sensu_gpgkeys:
- - A76882D3
+ - EB9C94BB
aptly:
server:
mirror:
@@ -15,9 +15,8 @@
distribution: ${_param:mirror_mirantis_openstack_xenial_sensu_distribution}
components: ${_param:mirror_mirantis_openstack_xenial_sensu_components}
architectures: amd64
- key_url: ${_param:mirror_mirantis_openstack_xenial_sensu_key_url}
gpgkeys: ${_param:mirror_mirantis_openstack_xenial_sensu_gpgkeys}
publisher:
- component: ${_param:mirror_mirantis_openstack_xenial_sensu_components}
+ component: main
distributions:
- ubuntu-xenial/sensu/${_param:apt_mk_version}
\ No newline at end of file
diff --git a/barbican/server/cluster.yml b/barbican/server/cluster.yml
index 5b5bc5e..ed45b47 100644
--- a/barbican/server/cluster.yml
+++ b/barbican/server/cluster.yml
@@ -1,3 +1,10 @@
classes:
- service.barbican.server.cluster
-- system.haproxy.proxy.listen.openstack.barbican
\ No newline at end of file
+- system.haproxy.proxy.listen.openstack.barbican
+parameters:
+ _param:
+ cluster_internal_protocol: 'http'
+ barbican:
+ server:
+ identity:
+ protocol: ${_param:cluster_internal_protocol}
diff --git a/barbican/server/single.yml b/barbican/server/single.yml
index eb2b30b..aab0b18 100644
--- a/barbican/server/single.yml
+++ b/barbican/server/single.yml
@@ -1,2 +1,9 @@
classes:
- service.barbican.server.single
+parameters:
+ _param:
+ internal_protocol: 'http'
+ barbican:
+ server:
+ identity:
+ protocol: ${_param:internal_protocol}
diff --git a/ceilometer/agent/polling/default.yml b/ceilometer/agent/polling/default.yml
new file mode 100644
index 0000000..47b2d1d
--- /dev/null
+++ b/ceilometer/agent/polling/default.yml
@@ -0,0 +1,8 @@
+parameters:
+ ceilometer:
+ agent:
+ polling:
+ sources:
+ default_pollsters:
+ meters: ${_param:ceilometer_agent_default_polling_meters}
+ interval: ${_param:ceilometer_agent_default_polling_interval}
\ No newline at end of file
diff --git a/ceilometer/server/backend/default.yml b/ceilometer/server/backend/default.yml
new file mode 100644
index 0000000..8842e11
--- /dev/null
+++ b/ceilometer/server/backend/default.yml
@@ -0,0 +1,12 @@
+classes:
+- service.ceilometer.server.publisher.gnocchi
+- service.ceilometer.server.publisher.panko
+parameters:
+ # gnocchi and panko are default backends for Ceilometer since Pike
+ # they are incompatible with any legacy database publisher backends
+ ceilometer:
+ server:
+ database: ~
+ publisher:
+ default:
+ enabled: false
diff --git a/ceilometer/server/coordination/redis.yml b/ceilometer/server/coordination/redis.yml
index e013e0f..e8610f3 100644
--- a/ceilometer/server/coordination/redis.yml
+++ b/ceilometer/server/coordination/redis.yml
@@ -1,7 +1,7 @@
classes:
- service.redis.server.single
parameters:
- aodh:
+ ceilometer:
server:
coordination_backend:
url: redis://${_param:single_address}:6379/${_param:cluster_node01_address}
diff --git a/cinder/control/backend/solidfire.yml b/cinder/control/backend/solidfire.yml
index 20d708c..b2fbee6 100644
--- a/cinder/control/backend/solidfire.yml
+++ b/cinder/control/backend/solidfire.yml
@@ -1,8 +1,8 @@
parameters:
cinder:
controller:
- defaul_volume_type: normal-storage
- backend:
+ default_volume_type: normal-storage
+ backend:
solidfire:
engine: solidfire
type_name: normal-storage
@@ -11,4 +11,4 @@
san_login: ${_param:san_login}
san_password: ${_param:san_password}
clustername: ${_param:san_cluster_name}
- sf_emulate_512: true
\ No newline at end of file
+ sf_emulate_512: true
diff --git a/cinder/control/cluster.yml b/cinder/control/cluster.yml
index c130e97..1110c63 100644
--- a/cinder/control/cluster.yml
+++ b/cinder/control/cluster.yml
@@ -4,13 +4,15 @@
- service.keepalived.cluster.single
- system.haproxy.proxy.listen.openstack.cinder
parameters:
+ _param:
+ cluster_internal_protocol: 'http'
linux:
system:
package:
python-pymysql:
fromrepo: ${_param:openstack_version}
version: latest
- cinder:
+ cinder:
volume:
enabled: false
default_volume_type: ""
@@ -40,9 +42,11 @@
tenant: service
user: cinder
password: ${_param:keystone_cinder_password}
+ protocol: ${_param:cluster_internal_protocol}
glance:
host: ${_param:cluster_vip_address}
port: 9292
+ protocol: ${_param:cluster_internal_protocol}
message_queue:
engine: rabbitmq
members:
diff --git a/cinder/control/single.yml b/cinder/control/single.yml
index 2d7f179..66aea6d 100644
--- a/cinder/control/single.yml
+++ b/cinder/control/single.yml
@@ -1,6 +1,8 @@
classes:
- service.cinder.control.single
parameters:
+ _param:
+ internal_protocol: 'http'
linux:
system:
package:
@@ -15,4 +17,6 @@
default_volume_type: ''
database:
host: ${_param:single_address}
+ identity:
+ protocol: ${_param:internal_protocol}
diff --git a/cinder/volume/single.yml b/cinder/volume/single.yml
index de468ba..1b9948d 100644
--- a/cinder/volume/single.yml
+++ b/cinder/volume/single.yml
@@ -1,6 +1,8 @@
classes:
- service.cinder.volume.single
parameters:
+ _param:
+ cluster_internal_protocol: 'http'
linux:
system:
package:
@@ -21,3 +23,4 @@
- host: ${_param:openstack_message_queue_node03_address}
identity:
host: ${_param:openstack_control_address}
+ protocol: ${_param:cluster_internal_protocol}
diff --git a/debmirror/mirror_mirantis_com/ubuntu/xenial.yml b/debmirror/mirror_mirantis_com/ubuntu/xenial.yml
new file mode 100644
index 0000000..a0f8657
--- /dev/null
+++ b/debmirror/mirror_mirantis_com/ubuntu/xenial.yml
@@ -0,0 +1,67 @@
+parameters:
+ _param:
+ apt_mk_version: 'stable'
+ mirror_mirantis_com_ubuntu_xenial_force: False
+ debmirror:
+ client:
+ enabled: true
+ mirrors:
+ mirror_mirantis_com_ubuntu_xenial:
+ force: ${_param:mirror_mirantis_com_ubuntu_xenial_force}
+ lock_target: True
+ extra_flags: [ '--verbose', '--progress', '--nosource', '--no-check-gpg', '--rsync-extra=none' ]
+ method: "rsync"
+ arch: [ 'amd64' ]
+ mirror_host: "mirror.mirantis.com"
+ mirror_root: ":mirror/${_param:apt_mk_version}/ubuntu/"
+ target_dir: "/srv/volumes/aptly/public/ubuntu/"
+ log_file: "/var/log/debmirror/mirror_mirantis_com_ubuntu_xenial.log"
+ dist: [ xenial , xenial-security, xenial-updates ]
+ section: [ main , multiverse, restricted, universe ]
+ exclude_deb_section: [ games, gnome, Xfce, sound, electronics, graphics, hamradio , doc, localization, kde, video, translations, news, x11,
+ multiverse/games, multiverse/gnome, multiverse/Xfce, multiverse/sound, multiverse/electronics, multiverse/graphics,
+ multiverse/hamradio , multiverse/doc, multiverse/localization, multiverse/kde, multiverse/video, multiverse/translations, multiverse/news, multiverse/x11,
+ universe/games, universe/gnome, universe/Xfce, universe/sound, universe/electronics, universe/hamradio , universe/doc, universe/localization, universe/kde,
+ universe/video, universe/translations, universe/news, universe/x11, universe/graphics,
+ restricted/games, restricted/gnome, restricted/Xfce, restricted/sound, restricted/electronics, restricted/graphics, restricted/hamradio , restricted/doc,
+ restricted/localization, restricted/kde, restricted/video, restricted/translations, restricted/news, restricted/x11 ]
+ filter:
+ 1: "--exclude='android*'"
+ 2: "--exclude='/firefox*'"
+ 3: "--exclude='/chromium-browser*'"
+ 4: "--exclude='/ceph*'"
+ 5: "--exclude='/*-wallpapers*'"
+ 6: "--exclude='/language-pack-(?!en)'"
+ 7: "--exclude='thunderbird*'"
+ 8: "--exclude='libreoffice*'"
+ 9: "--exclude='openoffice*'"
+ 10: "--exclude='live-image-*-desktop*'"
+ 11: "--exclude='lubuntu-*'"
+ 12: "--exclude='kubuntu-*'"
+ 13: "--exclude='cinnamon-*'"
+ 14: "--exclude='mate-*'"
+ 15: "--exclude='desktop-*'"
+ 16: "--exclude='flashplugin*'"
+ 17: "--exclude='gnome*'"
+ 18: "--exclude='/unity*'"
+ 20: "--exclude='openjdk-*-(dbg|demo|source).*'"
+ 22: "--exclude='(kde|ubuntu|xfce4|sabily).*artwork*'"
+ 23: "--exclude='ubuntu-touch*'"
+ 24: "--exclude='remmina*'"
+ 25: "--exclude='/libbluetooth*'"
+ 26: "--exclude='/libandroid*'"
+ 27: "--exclude='/banshee*'"
+ 27: "--exclude='/*(.xorg)*joystick'"
+ 28: "--exclude='/xserver-xorg-video(.*vivid|.*wily|.*utopic)'"
+ 30: "--exclude='/*universe.*bluez.*'"
+ 92: "--exclude='/(llvm-toolchain|address-book|amule|openclipart|rhythmbox|gimp|sonic-visualiser|games|bsdgame|gazebo|arduino|webkitgtk|widelands|wxwidget|warzone|wings3d).*'"
+ 93: "--exclude='/(asterisk|abiword|webbrowser-app|imagemagick|.*clamav|wireshar|vlc|.*transmission|tryton-modules|trilinos|tomboy|wine1|wine-dev|compiz|mythtv|ubuntustudio).*'"
+ 94: "--exclude='/(ceilometer|nova).*'"
+ 95: "--exclude='/gcc-.*-cross.*'"
+ 96: "--exclude='/(nvidia).*'"
+ 97: "--exclude='linux-*-(.*azure|.*aws|gke|.*azure-edge|.*linux-oem)'"
+ 98: "--exclude='/.*(arm64|powerpc|s390x|armel|armhf|sparc64|mips64|ppc64el|mipsn32)(?!.*amd64)'"
+ 99: "--exclude='/*universe.*(-armel-|-arm-)(?!.*amd64)'"
+ 100: "--include='/main(.*)manpages'"
+ 101: "--include='/main(.*)python-(.*)doc'"
+ 102: "--include='/main(.*)python-(.*)network'"
diff --git a/designate/server/cluster.yml b/designate/server/cluster.yml
index 1030861..afbb7df 100644
--- a/designate/server/cluster.yml
+++ b/designate/server/cluster.yml
@@ -6,6 +6,7 @@
parameters:
_param:
designate_admin_api_enabled: false
+ cluster_internal_protocol: 'http'
linux:
system:
package:
@@ -41,6 +42,7 @@
tenant: service
user: designate
password: ${_param:keystone_designate_password}
+ protocol: ${_param:cluster_internal_protocol}
bind:
api:
address: ${_param:single_address}
diff --git a/designate/server/single.yml b/designate/server/single.yml
index 765dcf8..3fdd448 100644
--- a/designate/server/single.yml
+++ b/designate/server/single.yml
@@ -3,6 +3,7 @@
parameters:
_param:
designate_admin_api_enabled: false
+ internal_protocol: 'http'
linux:
system:
package:
@@ -38,6 +39,7 @@
tenant: service
user: designate
password: ${_param:keystone_designate_password}
+ protocol: ${_param:internal_protocol}
message_queue:
engine: rabbitmq
host: ${_param:cluster_vip_address}
diff --git a/devops_portal/service/stacklight-prometheus.yml b/devops_portal/service/stacklight-prometheus.yml
index 119c13f..9b5a74f 100644
--- a/devops_portal/service/stacklight-prometheus.yml
+++ b/devops_portal/service/stacklight-prometheus.yml
@@ -6,7 +6,7 @@
config:
service:
stacklight-prometheus:
- configure_proxy: false
+ configure_proxy: true
enabled: true
endpoint:
address: ${_param:grafana_prometheus_address}
diff --git a/docker/swarm/stack/aptly.yml b/docker/swarm/stack/aptly.yml
index 36c719b..89ec5ec 100644
--- a/docker/swarm/stack/aptly.yml
+++ b/docker/swarm/stack/aptly.yml
@@ -2,6 +2,7 @@
- system.docker
parameters:
_param:
+ docker_stack_aptly_public_replicas: 3
docker_image_aptly:
api: tcpcloud/aptly-api
public: tcpcloud/aptly-public
@@ -25,7 +26,7 @@
- /srv/volumes/aptly:/var/lib/aptly
public:
deploy:
- replicas: 3
+ replicas: ${_param:docker_stack_aptly_public_replicas}
restart_policy:
condition: any
image: ${_param:docker_image_aptly:public}
diff --git a/docker/swarm/stack/docker.yml b/docker/swarm/stack/docker.yml
index 7f8c153..f861718 100644
--- a/docker/swarm/stack/docker.yml
+++ b/docker/swarm/stack/docker.yml
@@ -2,6 +2,7 @@
_param:
docker_image_registry: registry:2
docker_image_visualizer: dockersamples/visualizer
+ docker_stack_registry_replicas: 3
docker:
client:
stack:
@@ -11,7 +12,7 @@
environment:
REGISTRY_HTTP_SECRET: ${_param:docker_registry_http_secret}
deploy:
- replicas: 3
+ replicas: ${_param:docker_stack_registry_replicas}
restart_policy:
condition: any
image: ${_param:docker_image_registry}
diff --git a/docker/swarm/stack/janitor_monkey.yml b/docker/swarm/stack/janitor_monkey.yml
index 1152841..2849554 100644
--- a/docker/swarm/stack/janitor_monkey.yml
+++ b/docker/swarm/stack/janitor_monkey.yml
@@ -32,10 +32,11 @@
auth_url: http://yourcloud.com:5000/v3/auth/tokens
username: admin
password: password
- ssl_verify: False
endpoint_type: public
- source_credentials: /srv/volumes/rundeck/storage/content/cis/openstack
- service_credentials: /opt/os_creds
+ ssl_verify: False
+ source_credentials_dir: /srv/volumes/rundeck/storage
+ destination_credentials_dir: /opt/os_creds
+ cacert_path: ${_param:janitor_monkey_openstack:destination_credentials_dir}/content/keys/cis/openstack/cert.pem
docker:
client:
stack:
@@ -63,7 +64,7 @@
simianarmy.client.cloudfire.domain: ${_param:janitor_monkey_openstack:project_domain_name}
simianarmy.client.cloudfire.project: ${_param:janitor_monkey_openstack:project_name}
simianarmy.client.cloudfire.SSLVerify: ${_param:janitor_monkey_openstack:ssl_verify}
- simianarmy.client.cloudfire.cafile: ${_param:janitor_monkey_openstack:service_credentials}/cert.pem
+ simianarmy.client.cloudfire.cafile: ${_param:janitor_monkey_openstack:cacert_path}
simianarmy.janitor.rule.stoppedInstanceRule.instanceAgeThreshold: ${_param:janitor_monkey_instance_age_threshold}
simianarmy.janitor.notification.oss.url: ${_param:janitor_monkey_notification_oss_url}
simianarmy.janitor.notification.oss.login_id: ${_param:janitor_monkey_notification_oss_login_id}
@@ -88,7 +89,7 @@
ports:
- ${_param:haproxy_janitor_monkey_exposed_port}:${_param:janitor_monkey_bind_port}
volumes:
- - ${_param:janitor_monkey_openstack:source_credentials}:${_param:janitor_monkey_openstack:service_credentials}:ro
+ - ${_param:janitor_monkey_openstack:source_credentials_dir}:${_param:janitor_monkey_openstack:destination_credentials_dir}:ro
network:
default:
external:
diff --git a/docker/swarm/stack/monitoring/alertmanager.yml b/docker/swarm/stack/monitoring/alertmanager.yml
new file mode 100644
index 0000000..662baf4
--- /dev/null
+++ b/docker/swarm/stack/monitoring/alertmanager.yml
@@ -0,0 +1,37 @@
+classes:
+- system.prometheus.alertmanager.container
+parameters:
+ docker:
+ client:
+ stack:
+ monitoring:
+ network:
+ monitoring:
+ driver: overlay
+ driver_opts:
+ encrypted: 1
+ service:
+ alertmanager:
+ networks:
+ - monitoring
+ deploy:
+ replicas: 2
+ labels:
+ com.mirantis.monitoring: "alertmanager"
+ restart_policy:
+ condition: any
+ labels:
+ com.mirantis.monitoring: "alertmanager"
+ image: ${_param:docker_image_alertmanager}
+ ports:
+ - 15011:${prometheus:alertmanager:bind:port}
+ volumes:
+ - ${prometheus:alertmanager:dir:config}:${_param:prometheus_alertmanager_config_directory}
+ - ${prometheus:alertmanager:dir:data}:${_param:prometheus_alertmanager_data_directory}
+ environment:
+ ALERTMANAGER_CONFIG_DIR: ${_param:prometheus_alertmanager_config_directory}
+ ALERTMANAGER_DATA_DIR: ${_param:prometheus_alertmanager_data_directory}
+ ALERTMANAGER_BIND_PORT: ${prometheus:alertmanager:bind:port}
+ ALERTMANAGER_BIND_ADDRESS: ${prometheus:alertmanager:bind:address}
+ ALERTMANAGER_DISCOVERY_DOMAIN: 'monitoring_alertmanager'
+ ALERTMANAGER_EXTERNAL_URL: "http://${_param:stacklight_monitor_address}:15011"
diff --git a/docker/swarm/stack/monitoring/init.yml b/docker/swarm/stack/monitoring/init.yml
index 925a10a..134efdc 100644
--- a/docker/swarm/stack/monitoring/init.yml
+++ b/docker/swarm/stack/monitoring/init.yml
@@ -1,120 +1,8 @@
classes:
-- system.prometheus.alertmanager.container
-- system.prometheus.pushgateway.container
-- system.prometheus.remote_storage_adapter.container
-- system.prometheus.server.container
+- system.docker.swarm.stack.monitoring.prometheus
+- system.docker.swarm.stack.monitoring.prometheus.replicated
+- system.docker.swarm.stack.monitoring.alertmanager
+- system.docker.swarm.stack.monitoring.prometheus_relay
+- system.docker.swarm.stack.monitoring.pushgateway
- system.docker.swarm.stack.monitoring.remote_agent
-parameters:
- docker:
- client:
- stack:
- monitoring:
- network:
- monitoring:
- driver: overlay
- driver_opts:
- encrypted: 1
- service:
- relay:
- networks:
- - monitoring
- deploy:
- replicas: 2
- labels:
- com.mirantis.monitoring: "relay"
- restart_policy:
- condition: any
- labels:
- com.mirantis.monitoring: "relay"
- image: ${_param:docker_image_prometheus_relay}
- ports:
- - 15016:8080
- environment:
- PROMETHEUS_RELAY_DNS: 'tasks.monitoring_server'
- remote_storage_adapter:
- networks:
- - monitoring
- deploy:
- replicas: 1
- labels:
- com.mirantis.monitoring: "remote_storage_adapter"
- restart_policy:
- condition: any
- labels:
- com.mirantis.monitoring: "remote_storage_adapter"
- image: ${_param:docker_image_remote_storage_adapter}
- ports:
- - 15015:${prometheus:remote_storage_adapter:bind:port}
- environment:
- RSA_BIND_PORT: ${prometheus:remote_storage_adapter:bind:port}
- RSA_BIND_ADDRESS: ${prometheus:remote_storage_adapter:bind:address}
- RSA_INFLUXDB_RETENTION_POLICY: 'lma'
- RSA_INFLUXDB_URL: ${_param:prometheus_influxdb_url}
- RSA_INFLUXDB_DB: ${_param:prometheus_influxdb_db}
- RSA_INFLUXDB_USERNAME: ${_param:prometheus_influxdb_username}
- RSA_INFLUXDB_PASSWORD: ${_param:prometheus_influxdb_password}
- alertmanager:
- networks:
- - monitoring
- deploy:
- replicas: 2
- labels:
- com.mirantis.monitoring: "alertmanager"
- restart_policy:
- condition: any
- labels:
- com.mirantis.monitoring: "alertmanager"
- image: ${_param:docker_image_alertmanager}
- ports:
- - 15011:${prometheus:alertmanager:bind:port}
- volumes:
- - ${prometheus:alertmanager:dir:config}:${_param:prometheus_alertmanager_config_directory}
- - ${prometheus:alertmanager:dir:data}:${_param:prometheus_alertmanager_data_directory}
- environment:
- ALERTMANAGER_CONFIG_DIR: ${_param:prometheus_alertmanager_config_directory}
- ALERTMANAGER_DATA_DIR: ${_param:prometheus_alertmanager_data_directory}
- ALERTMANAGER_BIND_PORT: ${prometheus:alertmanager:bind:port}
- ALERTMANAGER_BIND_ADDRESS: ${prometheus:alertmanager:bind:address}
- ALERTMANAGER_DISCOVERY_DOMAIN: 'monitoring_alertmanager'
- ALERTMANAGER_EXTERNAL_URL: "http://${_param:stacklight_monitor_address}:15011"
- pushgateway:
- networks:
- - monitoring
- deploy:
- replicas: 2
- labels:
- com.mirantis.monitoring: "pushgateway"
- restart_policy:
- condition: any
- environment:
- PUSHGATEWAY_BIND_PORT: ${prometheus:pushgateway:bind:port}
- PUSHGATEWAY_BIND_ADDRESS: ${prometheus:pushgateway:bind:address}
- labels:
- com.mirantis.monitoring: "pushgateway"
- image: ${_param:docker_image_pushgateway}
- ports:
- - 15012:${prometheus:pushgateway:bind:port}
- server:
- networks:
- - monitoring
- deploy:
- replicas: 2
- labels:
- com.mirantis.monitoring: "prometheus"
- restart_policy:
- condition: any
- labels:
- com.mirantis.monitoring: "prometheus"
- image: ${_param:docker_image_prometheus}
- ports:
- - 15010:${prometheus:server:bind:port}
- volumes:
- - ${prometheus:server:dir:config}:${_param:prometheus_server_config_directory}
- - ${prometheus:server:dir:data}:${_param:prometheus_server_data_directory}
- environment:
- PROMETHEUS_CONFIG_DIR: ${_param:prometheus_server_config_directory}
- PROMETHEUS_DATA_DIR: ${_param:prometheus_server_data_directory}
- PROMETHEUS_BIND_PORT: ${prometheus:server:bind:port}
- PROMETHEUS_BIND_ADDRESS: ${prometheus:server:bind:address}
- PROMETHEUS_STORAGE_LOCAL_RETENTION: ${prometheus:server:storage:local:retention}
- PROMETHEUS_EXTERNAL_URL: "http://${_param:stacklight_monitor_address}:15010"
+- system.docker.swarm.stack.monitoring.remote_storage_adapter
diff --git a/docker/swarm/stack/monitoring/prometheus/global.yml b/docker/swarm/stack/monitoring/prometheus/global.yml
new file mode 100644
index 0000000..d86f456
--- /dev/null
+++ b/docker/swarm/stack/monitoring/prometheus/global.yml
@@ -0,0 +1,9 @@
+parameters:
+ docker:
+ client:
+ stack:
+ monitoring:
+ service:
+ server:
+ deploy:
+ mode: global
diff --git a/docker/swarm/stack/monitoring/prometheus/init.yml b/docker/swarm/stack/monitoring/prometheus/init.yml
new file mode 100644
index 0000000..2d455f7
--- /dev/null
+++ b/docker/swarm/stack/monitoring/prometheus/init.yml
@@ -0,0 +1,45 @@
+classes:
+- system.prometheus.server.container
+parameters:
+ _param:
+ # Backward compatibility for Prometheus 1.7
+ prometheus_storage_local_engine: "persisted"
+ prometheus_storage_heap_size: 3221225472
+ prometheus_storage_num_fingerprint_mutexes: 4096
+ docker:
+ client:
+ stack:
+ monitoring:
+ network:
+ monitoring:
+ driver: overlay
+ driver_opts:
+ encrypted: 1
+ service:
+ server:
+ networks:
+ - monitoring
+ deploy:
+ labels:
+ com.mirantis.monitoring: "prometheus"
+ restart_policy:
+ condition: any
+ labels:
+ com.mirantis.monitoring: "prometheus"
+ image: ${_param:docker_image_prometheus}
+ ports:
+ - 15010:${prometheus:server:bind:port}
+ volumes:
+ - ${prometheus:server:dir:config}:${_param:prometheus_server_config_directory}
+ - ${prometheus:server:dir:data}:${_param:prometheus_server_data_directory}
+ environment:
+ PROMETHEUS_CONFIG_DIR: ${_param:prometheus_server_config_directory}
+ PROMETHEUS_DATA_DIR: ${_param:prometheus_server_data_directory}
+ PROMETHEUS_BIND_PORT: ${prometheus:server:bind:port}
+ PROMETHEUS_BIND_ADDRESS: ${prometheus:server:bind:address}
+ PROMETHEUS_STORAGE_LOCAL_RETENTION: ${prometheus:server:storage:local:retention}
+ PROMETHEUS_EXTERNAL_URL: "http://${_param:stacklight_monitor_address}:15010"
+ # Backward compatibility for Prometheus 1.7
+ PROMETHEUS_STORAGE_LOCAL_ENGINE: ${_param:prometheus_storage_local_engine}
+ PROMETHEUS_STORAGE_LOCAL_TARGET_HEAP_SIZE: ${_param:prometheus_storage_heap_size}
+ PROMETHEUS_STORAGE_LOCAL_NUM_FINGERPRINT_MUTEXES: ${_param:prometheus_storage_num_fingerprint_mutexes}
diff --git a/docker/swarm/stack/monitoring/prometheus/replicated.yml b/docker/swarm/stack/monitoring/prometheus/replicated.yml
new file mode 100644
index 0000000..c201172
--- /dev/null
+++ b/docker/swarm/stack/monitoring/prometheus/replicated.yml
@@ -0,0 +1,9 @@
+parameters:
+ docker:
+ client:
+ stack:
+ monitoring:
+ service:
+ server:
+ deploy:
+ replicas: 2
diff --git a/docker/swarm/stack/monitoring/prometheus_global.yml b/docker/swarm/stack/monitoring/prometheus_global.yml
new file mode 100644
index 0000000..6d8e4ba
--- /dev/null
+++ b/docker/swarm/stack/monitoring/prometheus_global.yml
@@ -0,0 +1,8 @@
+classes:
+- system.docker.swarm.stack.monitoring.prometheus
+- system.docker.swarm.stack.monitoring.prometheus.global
+- system.docker.swarm.stack.monitoring.alertmanager
+- system.docker.swarm.stack.monitoring.prometheus_relay
+- system.docker.swarm.stack.monitoring.pushgateway
+- system.docker.swarm.stack.monitoring.remote_agent
+- system.docker.swarm.stack.monitoring.remote_storage_adapter
diff --git a/docker/swarm/stack/monitoring/prometheus_relay.yml b/docker/swarm/stack/monitoring/prometheus_relay.yml
new file mode 100644
index 0000000..315ba1d
--- /dev/null
+++ b/docker/swarm/stack/monitoring/prometheus_relay.yml
@@ -0,0 +1,27 @@
+parameters:
+ docker:
+ client:
+ stack:
+ monitoring:
+ network:
+ monitoring:
+ driver: overlay
+ driver_opts:
+ encrypted: 1
+ service:
+ relay:
+ networks:
+ - monitoring
+ deploy:
+ replicas: 2
+ labels:
+ com.mirantis.monitoring: "relay"
+ restart_policy:
+ condition: any
+ labels:
+ com.mirantis.monitoring: "relay"
+ image: ${_param:docker_image_prometheus_relay}
+ ports:
+ - 15016:8080
+ environment:
+ PROMETHEUS_RELAY_DNS: 'tasks.monitoring_server'
diff --git a/docker/swarm/stack/monitoring/pushgateway.yml b/docker/swarm/stack/monitoring/pushgateway.yml
new file mode 100644
index 0000000..af108a6
--- /dev/null
+++ b/docker/swarm/stack/monitoring/pushgateway.yml
@@ -0,0 +1,30 @@
+classes:
+- system.prometheus.pushgateway.container
+parameters:
+ docker:
+ client:
+ stack:
+ monitoring:
+ network:
+ monitoring:
+ driver: overlay
+ driver_opts:
+ encrypted: 1
+ service:
+ pushgateway:
+ networks:
+ - monitoring
+ deploy:
+ replicas: 2
+ labels:
+ com.mirantis.monitoring: "pushgateway"
+ restart_policy:
+ condition: any
+ environment:
+ PUSHGATEWAY_BIND_PORT: ${prometheus:pushgateway:bind:port}
+ PUSHGATEWAY_BIND_ADDRESS: ${prometheus:pushgateway:bind:address}
+ labels:
+ com.mirantis.monitoring: "pushgateway"
+ image: ${_param:docker_image_pushgateway}
+ ports:
+ - 15012:${prometheus:pushgateway:bind:port}
diff --git a/docker/swarm/stack/monitoring/remote_storage_adapter.yml b/docker/swarm/stack/monitoring/remote_storage_adapter.yml
new file mode 100644
index 0000000..04ffb90
--- /dev/null
+++ b/docker/swarm/stack/monitoring/remote_storage_adapter.yml
@@ -0,0 +1,35 @@
+classes:
+- system.prometheus.remote_storage_adapter.container
+parameters:
+ docker:
+ client:
+ stack:
+ monitoring:
+ network:
+ monitoring:
+ driver: overlay
+ driver_opts:
+ encrypted: 1
+ service:
+ remote_storage_adapter:
+ networks:
+ - monitoring
+ deploy:
+ replicas: 1
+ labels:
+ com.mirantis.monitoring: "remote_storage_adapter"
+ restart_policy:
+ condition: any
+ labels:
+ com.mirantis.monitoring: "remote_storage_adapter"
+ image: ${_param:docker_image_remote_storage_adapter}
+ ports:
+ - 15015:${prometheus:remote_storage_adapter:bind:port}
+ environment:
+ RSA_BIND_PORT: ${prometheus:remote_storage_adapter:bind:port}
+ RSA_BIND_ADDRESS: ${prometheus:remote_storage_adapter:bind:address}
+ RSA_INFLUXDB_RETENTION_POLICY: 'lma'
+ RSA_INFLUXDB_URL: ${_param:prometheus_influxdb_url}
+ RSA_INFLUXDB_DB: ${_param:prometheus_influxdb_db}
+ RSA_INFLUXDB_USERNAME: ${_param:prometheus_influxdb_username}
+ RSA_INFLUXDB_PASSWORD: ${_param:prometheus_influxdb_password}
diff --git a/docker/swarm/stack/pushkin.yml b/docker/swarm/stack/pushkin.yml
index 22a921d..55f1fd6 100644
--- a/docker/swarm/stack/pushkin.yml
+++ b/docker/swarm/stack/pushkin.yml
@@ -11,6 +11,7 @@
pushkin_db_host: ${_param:haproxy_postgresql_bind_host}
pushkin_smtp_host: smtp.gmail.com
pushkin_smtp_port: 587
+ pushkin_smtp_use_tls: true
webhook_from: your_sender@mail.com
pushkin_email_sender_password: your_sender_password
webhook_recipients: "recepient1@mail.com,recepient2@mail.com"
@@ -38,6 +39,7 @@
EMAIL_SENDER_PASSWORD: ${_param:pushkin_email_sender_password}
SMTP_HOST: ${_param:pushkin_smtp_host}
SMTP_PORT: ${_param:pushkin_smtp_port}
+ SMTP_USE_TLS: ${_param:pushkin_smtp_use_tls}
WEBHOOK_RECIPIENTS: ${_param:webhook_recipients}
WEBHOOK_LOGIN_ID: ${_param:webhook_login_id}
WEBHOOK_APPLICATION_ID: ${_param:webhook_application_id}
diff --git a/docker/swarm/stack/security_monkey.yml b/docker/swarm/stack/security_monkey.yml
index 3b9c272..2f844c0 100644
--- a/docker/swarm/stack/security_monkey.yml
+++ b/docker/swarm/stack/security_monkey.yml
@@ -30,10 +30,11 @@
project_domain_name: Default
project_name: admin
user_domain_name: Default
- source_credentials: /srv/volumes/rundeck/storage/content/cis/openstack
- service_credentials: /opt/os_creds
endpoint_type: public
ssl_verify: False
+ source_credentials_dir: /srv/volumes/rundeck/storage
+ destination_credentials_dir: /opt/os_creds
+ cacert_path: ${_param:security_monkey_openstack:destination_credentials_dir}/content/keys/cis/openstack/cert.pem
docker:
client:
stack:
@@ -62,7 +63,7 @@
OS_PROJECT_NAME: ${_param:security_monkey_openstack:project_name}
OS_SSL_VERIFY: ${_param:security_monkey_openstack:ssl_verify}
OS_ENDPOINT_TYPE: ${_param:security_monkey_openstack:endpoint_type}
- CACERT_PATH: ${_param:security_monkey_openstack:service_credentials}/cert.pem
+ CACERT_PATH: ${_param:security_monkey_openstack:cacert_path}
USER_DOMAIN_NAME: ${_param:security_monkey_openstack:user_domain_name}
SM_WTF_CSRF_ENABLED: ${_param:devops_portal_sm_wtf_csrf_enabled}
SECURITY_MONKEY_SYNC_INTERVAL: ${_param:security_monkey_sync_interval}
@@ -79,7 +80,7 @@
- ${_param:haproxy_security_monkey_exposed_port}:${_param:haproxy_security_monkey_bind_port}
volumes:
- /srv/volumes/security_monkey/logs:/var/log/security_monkey/logs
- - ${_param:security_monkey_openstack:source_credentials}:${_param:security_monkey_openstack:service_credentials}:ro
+ - ${_param:security_monkey_openstack:source_credentials_dir}:${_param:security_monkey_openstack:destination_credentials_dir}:ro
security-audit-scheduler:
image: ${_param:docker_image_security_monkey_scheduler}
deploy:
@@ -88,7 +89,7 @@
condition: any
volumes:
- /srv/volumes/security_monkey/logs:/var/log/security_monkey/logs
- - ${_param:security_monkey_openstack:source_credentials}:${_param:security_monkey_openstack:service_credentials}:ro
+ - ${_param:security_monkey_openstack:source_credentials_dir}:${_param:security_monkey_openstack:destination_credentials_dir}:ro
network:
default:
external:
diff --git a/dogtag/server/cluster.yml b/dogtag/server/cluster.yml
new file mode 100644
index 0000000..5ef3f4c
--- /dev/null
+++ b/dogtag/server/cluster.yml
@@ -0,0 +1,3 @@
+classes:
+- service.dogtag.server.cluster
+- system.haproxy.proxy.listen.dogtag
diff --git a/fluentd/label/default_output/elasticsearch.yml b/fluentd/label/default_output/elasticsearch.yml
index 3c26d15..5960c49 100644
--- a/fluentd/label/default_output/elasticsearch.yml
+++ b/fluentd/label/default_output/elasticsearch.yml
@@ -9,6 +9,32 @@
config:
label:
default_output:
+ filter:
+ drop_nested_timestamp_and_sensitive_data:
+ tag: "openstack.**"
+ type: record_transformer
+ enable_ruby: true
+ remove_keys: '["_dummy_1", "_dummy_2", "_dummy_3"]'
+ record:
+ - name: _dummy_1
+ value: ${fluentd:dollar}{if record.has_key?("context"); record["context"].delete("timestamp") ; end; nil }
+ - name: _dummy_2
+ value: ${fluentd:dollar}{if record.has_key?("context"); record["context"].delete("auth_token"); end; nil}
+ - name: _dummy_3
+ value: ${fluentd:dollar}{if record.has_key?("context"); record["context"].delete("auth_token_info"); end; nil}
+ drop_hostname_field:
+ tag: "openstack.**"
+ type: record_transformer
+ enable_ruby: true
+ remove_keys: '["hostname"]'
+ change_pid_field_value:
+ tag: "haproxy.**"
+ type: record_transformer
+ enable_ruby: true
+ record:
+ - name: Pid
+ value: ${fluentd:dollar}{record["pid"]}
+ remove_keys: '["pid"]'
match:
elasticsearch_output:
host: ${_param:fluentd_elasticsearch_host}
diff --git a/galera/server/database/aodh.yml b/galera/server/database/aodh.yml
index f5095d2..c7cdfdc 100644
--- a/galera/server/database/aodh.yml
+++ b/galera/server/database/aodh.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ mysql_aodh_ssl_option: []
mysql:
server:
database:
@@ -9,7 +11,9 @@
password: ${_param:mysql_aodh_password}
host: '%'
rights: all
+ ssl_option: ${_param:mysql_aodh_ssl_option}
- name: aodh
password: ${_param:mysql_aodh_password}
host: ${_param:cluster_vip_address}
rights: all
+ ssl_option: ${_param:mysql_aodh_ssl_option}
diff --git a/galera/server/database/barbican.yml b/galera/server/database/barbican.yml
index 4759439..a292660 100644
--- a/galera/server/database/barbican.yml
+++ b/galera/server/database/barbican.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ mysql_barbican_ssl_option: []
mysql:
server:
database:
@@ -9,7 +11,9 @@
password: ${_param:mysql_barbican_password}
host: '%'
rights: all
+ ssl_option: ${_param:mysql_barbican_ssl_option}
- name: barbican
password: ${_param:mysql_barbican_password}
host: ${_param:cluster_vip_address}
rights: all
+ ssl_option: ${_param:mysql_barbican_ssl_option}
diff --git a/galera/server/database/ceilometer.yml b/galera/server/database/ceilometer.yml
index b33c8f9..08a7f8b 100644
--- a/galera/server/database/ceilometer.yml
+++ b/galera/server/database/ceilometer.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ mysql_ceilometer_ssl_option: []
mysql:
server:
database:
@@ -9,7 +11,9 @@
password: ${_param:mysql_ceilometer_password}
host: '%'
rights: all
+ ssl_option: ${_param:mysql_ceilometer_ssl_option}
- name: ceilometer
password: ${_param:mysql_ceilometer_password}
host: ${_param:cluster_local_address}
rights: all
+ ssl_option: ${_param:mysql_ceilometer_ssl_option}
diff --git a/galera/server/database/cinder.yml b/galera/server/database/cinder.yml
index 08b6ddb..6478cb8 100644
--- a/galera/server/database/cinder.yml
+++ b/galera/server/database/cinder.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ mysql_cinder_ssl_option: []
mysql:
server:
database:
@@ -9,7 +11,9 @@
password: ${_param:mysql_cinder_password}
host: '%'
rights: all
+ ssl_option: ${_param:mysql_cinder_ssl_option}
- name: cinder
password: ${_param:mysql_cinder_password}
host: ${_param:cluster_local_address}
rights: all
+ ssl_option: ${_param:mysql_cinder_ssl_option}
diff --git a/galera/server/database/designate.yml b/galera/server/database/designate.yml
index 107e3ae..43a76f9 100644
--- a/galera/server/database/designate.yml
+++ b/galera/server/database/designate.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ mysql_designate_ssl_option: []
mysql:
server:
database:
@@ -9,10 +11,12 @@
password: ${_param:mysql_designate_password}
host: '%'
rights: all
+ ssl_option: ${_param:mysql_designate_ssl_option}
- name: designate
password: ${_param:mysql_designate_password}
host: ${_param:cluster_vip_address}
rights: all
+ ssl_option: ${_param:mysql_designate_ssl_option}
designate_pool_manager:
encoding: utf8
users:
@@ -20,7 +24,9 @@
password: ${_param:mysql_designate_password}
host: '%'
rights: all
+ ssl_option: ${_param:mysql_designate_ssl_option}
- name: designate
password: ${_param:mysql_designate_password}
host: ${_param:cluster_vip_address}
rights: all
+ ssl_option: ${_param:mysql_designate_ssl_option}
diff --git a/galera/server/database/glance.yml b/galera/server/database/glance.yml
index 7e5e443..7af81d8 100644
--- a/galera/server/database/glance.yml
+++ b/galera/server/database/glance.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ mysql_glance_ssl_option: []
mysql:
server:
database:
@@ -9,7 +11,9 @@
password: ${_param:mysql_glance_password}
host: '%'
rights: all
+ ssl_option: ${_param:mysql_glance_ssl_option}
- name: glance
password: ${_param:mysql_glance_password}
host: ${_param:cluster_local_address}
rights: all
+ ssl_option: ${_param:mysql_glance_ssl_option}
diff --git a/galera/server/database/gnocchi.yml b/galera/server/database/gnocchi.yml
new file mode 100644
index 0000000..1ee36da
--- /dev/null
+++ b/galera/server/database/gnocchi.yml
@@ -0,0 +1,19 @@
+parameters:
+ _param:
+ mysql_gnocchi_ssl_option: []
+ mysql:
+ server:
+ database:
+ gnocchi:
+ encoding: utf8
+ users:
+ - name: gnocchi
+ password: ${_param:mysql_gnocchi_password}
+ host: '%'
+ rights: all
+ ssl_option: ${_param:mysql_gnocchi_ssl_option}
+ - name: gnocchi
+ password: ${_param:mysql_gnocchi_password}
+ host: ${_param:cluster_local_address}
+ rights: all
+ ssl_option: ${_param:mysql_gnocchi_ssl_option}
diff --git a/galera/server/database/grafana.yml b/galera/server/database/grafana.yml
index fa4742e..3bfee87 100644
--- a/galera/server/database/grafana.yml
+++ b/galera/server/database/grafana.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ mysql_grafana_ssl_option: []
mysql:
server:
database:
@@ -9,8 +11,10 @@
password: ${_param:mysql_grafana_password}
host: '%'
rights: all
+ ssl_option: ${_param:mysql_grafana_ssl_option}
- name: grafana
password: ${_param:mysql_grafana_password}
host: ${_param:cluster_local_address}
rights: all
+ ssl_option: ${_param:mysql_grafana_ssl_option}
diff --git a/galera/server/database/graphite.yml b/galera/server/database/graphite.yml
index 8ba6efd..595c16b 100644
--- a/galera/server/database/graphite.yml
+++ b/galera/server/database/graphite.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ mysql_graphite_ssl_option: []
mysql:
server:
database:
@@ -9,3 +11,4 @@
password: '${_param:mysql_graphite_password}'
host: '%'
rights: 'all'
+ ssl_option: ${_param:mysql_graphite_ssl_option}
diff --git a/galera/server/database/heat.yml b/galera/server/database/heat.yml
index 0d716d8..31b3968 100644
--- a/galera/server/database/heat.yml
+++ b/galera/server/database/heat.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ mysql_heat_ssl_option: []
mysql:
server:
database:
@@ -9,7 +11,9 @@
password: ${_param:mysql_heat_password}
host: '%'
rights: all
+ ssl_option: ${_param:mysql_heat_ssl_option}
- name: heat
password: ${_param:mysql_heat_password}
host: ${_param:cluster_local_address}
rights: all
+ ssl_option: ${_param:mysql_heat_ssl_option}
diff --git a/galera/server/database/ironic.yml b/galera/server/database/ironic.yml
index 8cb14a3..a478aeb 100644
--- a/galera/server/database/ironic.yml
+++ b/galera/server/database/ironic.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ mysql_ironic_ssl_option: []
mysql:
server:
database:
@@ -9,7 +11,9 @@
password: ${_param:mysql_ironic_password}
host: '%'
rights: all
+ ssl_option: ${_param:mysql_ironic_ssl_option}
- name: ironic
password: ${_param:mysql_ironic_password}
host: ${_param:cluster_local_address}
rights: all
+ ssl_option: ${_param:mysql_ironic_ssl_option}
diff --git a/galera/server/database/keystone.yml b/galera/server/database/keystone.yml
index fc2c5eb..d6483cd 100644
--- a/galera/server/database/keystone.yml
+++ b/galera/server/database/keystone.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ mysql_keystone_ssl_option: []
mysql:
server:
database:
@@ -9,7 +11,9 @@
password: ${_param:mysql_keystone_password}
host: '%'
rights: all
+ ssl_option: ${_param:mysql_keystone_ssl_option}
- name: keystone
password: ${_param:mysql_keystone_password}
host: ${_param:cluster_local_address}
rights: all
+ ssl_option: ${_param:mysql_keystone_ssl_option}
diff --git a/galera/server/database/manila.yml b/galera/server/database/manila.yml
new file mode 100644
index 0000000..3339b83
--- /dev/null
+++ b/galera/server/database/manila.yml
@@ -0,0 +1,15 @@
+parameters:
+ mysql:
+ server:
+ database:
+ manila:
+ encoding: utf8
+ users:
+ - name: manila
+ password: ${_param:mysql_manila_password}
+ host: '%'
+ rights: all
+ - name: manila
+ password: ${_param:mysql_manila_password}
+ host: ${_param:cluster_local_address}
+ rights: all
diff --git a/galera/server/database/neutron.yml b/galera/server/database/neutron.yml
index 58dd012..b5ee606 100644
--- a/galera/server/database/neutron.yml
+++ b/galera/server/database/neutron.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ mysql_neutron_ssl_option: []
mysql:
server:
database:
@@ -9,7 +11,9 @@
password: '${_param:mysql_neutron_password}'
host: '%'
rights: 'all'
+ ssl_option: ${_param:mysql_neutron_ssl_option}
- name: 'neutron'
password: '${_param:mysql_neutron_password}'
host: '${_param:cluster_local_address}'
rights: 'all'
+ ssl_option: ${_param:mysql_neutron_ssl_option}
diff --git a/galera/server/database/nova.yml b/galera/server/database/nova.yml
index 86d4821..d2ffc4a 100644
--- a/galera/server/database/nova.yml
+++ b/galera/server/database/nova.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ mysql_nova_ssl_option: []
mysql:
server:
database:
@@ -9,10 +11,12 @@
password: ${_param:mysql_nova_password}
host: '%'
rights: all
+ ssl_option: ${_param:mysql_nova_ssl_option}
- name: nova
password: ${_param:mysql_nova_password}
host: ${_param:cluster_local_address}
rights: all
+ ssl_option: ${_param:mysql_nova_ssl_option}
nova_api:
encoding: utf8
users:
@@ -20,10 +24,12 @@
password: ${_param:mysql_nova_password}
host: '%'
rights: all
+ ssl_option: ${_param:mysql_nova_ssl_option}
- name: nova
password: ${_param:mysql_nova_password}
host: ${_param:cluster_local_address}
rights: all
+ ssl_option: ${_param:mysql_nova_ssl_option}
nova_cell0:
encoding: utf8
users:
@@ -31,7 +37,9 @@
password: ${_param:mysql_nova_password}
host: '%'
rights: all
+ ssl_option: ${_param:mysql_nova_ssl_option}
- name: nova
password: ${_param:mysql_nova_password}
host: ${_param:cluster_local_address}
rights: all
+ ssl_option: ${_param:mysql_nova_ssl_option}
diff --git a/galera/server/database/octavia.yml b/galera/server/database/octavia.yml
index dfefb9c..7b4eaaf 100644
--- a/galera/server/database/octavia.yml
+++ b/galera/server/database/octavia.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ mysql_octavia_ssl_option: []
mysql:
server:
database:
@@ -9,7 +11,9 @@
password: '${_param:mysql_octavia_password}'
host: '%'
rights: 'all'
+ ssl_option: ${_param:mysql_octavia_ssl_option}
- name: 'octavia'
password: '${_param:mysql_octavia_password}'
host: '${_param:cluster_local_address}'
rights: 'all'
+ ssl_option: ${_param:mysql_octavia_ssl_option}
diff --git a/galera/server/database/panko.yml b/galera/server/database/panko.yml
new file mode 100644
index 0000000..c4c455a
--- /dev/null
+++ b/galera/server/database/panko.yml
@@ -0,0 +1,19 @@
+parameters:
+ _param:
+ mysql_panko_ssl_option: []
+ mysql:
+ server:
+ database:
+ panko:
+ encoding: utf8
+ users:
+ - name: panko
+ password: ${_param:mysql_panko_password}
+ host: '%'
+ rights: all
+ ssl_option: ${_param:mysql_panko_ssl_option}
+ - name: panko
+ password: ${_param:mysql_panko_password}
+ host: ${_param:cluster_local_address}
+ rights: all
+ ssl_option: ${_param:mysql_panko_ssl_option}
diff --git a/gerrit/client/project/vnf_onboarding.yml b/gerrit/client/project/vnf_onboarding.yml
new file mode 100644
index 0000000..9cefb95
--- /dev/null
+++ b/gerrit/client/project/vnf_onboarding.yml
@@ -0,0 +1,44 @@
+parameters:
+ gerrit:
+ client:
+ project:
+ vnf-onboarding/avi-loadbalancer:
+ enabled: true
+ description: AVI VNF
+ upstream: https://gerrit.mcp.mirantis.net/vnf-onboarding/avi-loadbalancer
+ access: ${gerrit:client:default_access}
+ require_change_id: true
+ require_agreement: false
+ merge_content: true
+ vnf-onboarding/metaswitch-vsbc:
+ enabled: true
+ description: Metaswitch vSBC VNF
+ upstream: https://gerrit.mcp.mirantis.net/vnf-onboarding/metaswitch-vsbc
+ access: ${gerrit:client:default_access}
+ require_change_id: true
+ require_agreement: false
+ merge_content: true
+ vnf-onboarding/nfv-platform:
+ enabled: true
+ description: Onboarding platform blueprints and tools
+ upstream: https://gerrit.mcp.mirantis.net/vnf-onboarding/nfv-platform
+ access: ${gerrit:client:default_access}
+ require_change_id: true
+ require_agreement: false
+ merge_content: true
+ vnf-onboarding/nginx-vnf:
+ enabled: true
+ description: NGINX VNF
+ upstream: https://gerrit.mcp.mirantis.net/vnf-onboarding/nginx-vnf
+ access: ${gerrit:client:default_access}
+ require_change_id: true
+ require_agreement: false
+ merge_content: true
+ vnf-onboarding/pipelines:
+ enabled: true
+ description: VNF onboarding pipelines
+ upstream: https://gerrit.mcp.mirantis.net/vnf-onboarding/pipelines
+ access: ${gerrit:client:default_access}
+ require_change_id: true
+ require_agreement: false
+ merge_content: true
diff --git a/glusterfs/client/volume/backup.yml b/glusterfs/client/volume/backup.yml
new file mode 100644
index 0000000..eded1ac
--- /dev/null
+++ b/glusterfs/client/volume/backup.yml
@@ -0,0 +1,13 @@
+parameters:
+ _param:
+ backup_glusterfs_service_host: ${_param:glusterfs_service_host}
+ glusterfs_node01_address: ${_param:cluster_node01_address}
+ glusterfs_node02_address: ${_param:cluster_node02_address}
+ glusterfs_node03_address: ${_param:cluster_node03_address}
+ glusterfs:
+ client:
+ volumes:
+ backup:
+ path: /srv/volumes/backup
+ server: ${_param:backup_glusterfs_service_host}
+ opts: "defaults,backup-volfile-servers=${_param:glusterfs_node01_address}:${_param:glusterfs_node02_address}:${_param:glusterfs_node03_address}"
diff --git a/glusterfs/client/volume/gnocchi.yml b/glusterfs/client/volume/gnocchi.yml
new file mode 100644
index 0000000..f6c3351
--- /dev/null
+++ b/glusterfs/client/volume/gnocchi.yml
@@ -0,0 +1,32 @@
+parameters:
+ _param:
+ gnocchi_glusterfs_service_host: ${_param:glusterfs_service_host}
+ glusterfs_node01_address: ${_param:cluster_node01_address}
+ glusterfs_node02_address: ${_param:cluster_node02_address}
+ glusterfs_node03_address: ${_param:cluster_node03_address}
+ glusterfs:
+ client:
+ volumes:
+ gnocchi:
+ path: /var/lib/gnocchi/
+ server: ${_param:gnocchi_glusterfs_service_host}
+ user: gnocchi
+ group: gnocchi
+ opts: "defaults,backup-volfile-servers=${_param:glusterfs_node01_address}:${_param:glusterfs_node02_address}:${_param:glusterfs_node03_address}"
+ linux:
+ system:
+ user:
+ gnocchi:
+ enabled: true
+ name: gnocchi
+ uid: 305
+ gid: 305
+ home: /var/lib/gnocchi
+ shell: /bin/false
+ system: True
+ group:
+ gnocchi:
+ enabled: true
+ name: gnocchi
+ gid: 305
+ system: True
diff --git a/glusterfs/server/volume/backup.yml b/glusterfs/server/volume/backup.yml
new file mode 100644
index 0000000..22e59e2
--- /dev/null
+++ b/glusterfs/server/volume/backup.yml
@@ -0,0 +1,18 @@
+parameters:
+ glusterfs:
+ server:
+ volumes:
+ backup:
+ storage: /srv/glusterfs/backup
+ replica: 3
+ bricks:
+ - ${_param:cluster_node01_address}:/srv/glusterfs/backup
+ - ${_param:cluster_node02_address}:/srv/glusterfs/backup
+ - ${_param:cluster_node03_address}:/srv/glusterfs/backup
+ options:
+ cluster.readdir-optimize: On
+ nfs.disable: On
+ network.remote-dio: On
+ diagnostics.client-log-level: WARNING
+ diagnostics.brick-log-level: WARNING
+ cluster.favorite-child-policy: mtime
diff --git a/glusterfs/server/volume/gnocchi.yml b/glusterfs/server/volume/gnocchi.yml
new file mode 100644
index 0000000..f8f5b6a
--- /dev/null
+++ b/glusterfs/server/volume/gnocchi.yml
@@ -0,0 +1,18 @@
+parameters:
+ glusterfs:
+ server:
+ volumes:
+ gnocchi:
+ storage: /srv/glusterfs/gnocchi
+ replica: 3
+ bricks:
+ - ${_param:cluster_node01_address}:/srv/glusterfs/gnocchi
+ - ${_param:cluster_node02_address}:/srv/glusterfs/gnocchi
+ - ${_param:cluster_node03_address}:/srv/glusterfs/gnocchi
+ options:
+ cluster.readdir-optimize: On
+ nfs.disable: On
+ network.remote-dio: On
+ diagnostics.client-log-level: WARNING
+ diagnostics.brick-log-level: WARNING
+ cluster.favorite-child-policy: mtime
diff --git a/gnocchi/common/coordination/redis.yml b/gnocchi/common/coordination/redis.yml
new file mode 100644
index 0000000..673d9bd
--- /dev/null
+++ b/gnocchi/common/coordination/redis.yml
@@ -0,0 +1,7 @@
+parameters:
+ _param:
+ gnocchi_coordination_url: redis://${_param:single_address}:6379
+ gnocchi:
+ common:
+ coordination_backend:
+ url: ${_param:gnocchi_coordination_url}
diff --git a/gnocchi/common/storage/file.yml b/gnocchi/common/storage/file.yml
new file mode 100644
index 0000000..c035723
--- /dev/null
+++ b/gnocchi/common/storage/file.yml
@@ -0,0 +1,9 @@
+parameters:
+ _param:
+ gnocchi_storage_file_basepath: /var/lib/gnocchi
+ gnocchi_storage_driver: file
+ gnocchi:
+ common:
+ storage:
+ driver: ${_param:gnocchi_storage_driver}
+ file_basepath: ${_param:gnocchi_storage_file_basepath}
diff --git a/gnocchi/common/storage/incoming/file.yml b/gnocchi/common/storage/incoming/file.yml
new file mode 100644
index 0000000..52d57f7
--- /dev/null
+++ b/gnocchi/common/storage/incoming/file.yml
@@ -0,0 +1,10 @@
+parameters:
+ _param:
+ gnocchi_storage_incoming_file_basepath: /var/lib/gnocchi
+ gnocchi_storage_incoming_driver: file
+ gnocchi:
+ common:
+ storage:
+ incoming:
+ driver: ${_param:gnocchi_storage_incoming_driver}
+ file_basepath: ${_param:gnocchi_storage_incoming_file_basepath}
diff --git a/gnocchi/common/storage/incoming/redis.yml b/gnocchi/common/storage/incoming/redis.yml
new file mode 100644
index 0000000..d0f04d7
--- /dev/null
+++ b/gnocchi/common/storage/incoming/redis.yml
@@ -0,0 +1,10 @@
+parameters:
+ _param:
+ gnocchi_storage_incoming_redis_url: redis://${_param:single_address}:6379
+ gnocchi_storage_incoming_driver: redis
+ gnocchi:
+ common:
+ storage:
+ incoming:
+ driver: ${_param:gnocchi_storage_incoming_driver}
+ redis_url: ${_param:gnocchi_storage_incoming_redis_url}
\ No newline at end of file
diff --git a/gnocchi/common/storage/redis.yml b/gnocchi/common/storage/redis.yml
new file mode 100644
index 0000000..d71fcf0
--- /dev/null
+++ b/gnocchi/common/storage/redis.yml
@@ -0,0 +1,9 @@
+parameters:
+ _param:
+ gnocchi_storage_redis_url: redis://${_param:single_address}:6379
+ gnocchi_storage_driver: redis
+ gnocchi:
+ common:
+ storage:
+ driver: ${_param:gnocchi_storage_driver}
+ redis_url: ${_param:gnocchi_storage_redis_url}
\ No newline at end of file
diff --git a/gnocchi/server/cluster.yml b/gnocchi/server/cluster.yml
new file mode 100644
index 0000000..bbae551
--- /dev/null
+++ b/gnocchi/server/cluster.yml
@@ -0,0 +1,10 @@
+classes:
+- service.gnocchi.server.cluster
+- service.haproxy.proxy.single
+- system.apache.server.site.gnocchi
+- system.haproxy.proxy.listen.openstack.gnocchi
+- system.keepalived.cluster.instance.openstack_telemetry_vip
+parameters:
+ gnocchi:
+ server:
+ enable_proxy_headers_parsing: true
diff --git a/gnocchi/server/single.yml b/gnocchi/server/single.yml
new file mode 100644
index 0000000..035491e
--- /dev/null
+++ b/gnocchi/server/single.yml
@@ -0,0 +1,2 @@
+classes:
+- service.gnocchi.server.single
diff --git a/gnocchi/statsd/single.yml b/gnocchi/statsd/single.yml
new file mode 100644
index 0000000..4be519f
--- /dev/null
+++ b/gnocchi/statsd/single.yml
@@ -0,0 +1,2 @@
+classes:
+- service.gnocchi.statsd.single
\ No newline at end of file
diff --git a/haproxy/proxy/listen/dogtag.yml b/haproxy/proxy/listen/dogtag.yml
new file mode 100644
index 0000000..90761c0
--- /dev/null
+++ b/haproxy/proxy/listen/dogtag.yml
@@ -0,0 +1,25 @@
+parameters:
+ _param:
+ haproxy_dogtag_bind_port: ${_param:cluster_dogtag_port}
+ haproxy_dogtag_source_port: ${_param:cluster_dogtag_port}
+ haproxy:
+ proxy:
+ listen:
+ dogtag:
+ mode: tcp
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: ${_param:haproxy_dogtag_bind_port}
+ servers:
+ - name: ${_param:cluster_node01_hostname}
+ host: ${_param:cluster_node01_address}
+ port: ${_param:haproxy_dogtag_source_port}
+ params: check
+ - name: ${_param:cluster_node02_hostname}
+ host: ${_param:cluster_node02_address}
+ port: ${_param:haproxy_dogtag_source_port}
+ params: check
+ - name: ${_param:cluster_node03_hostname}
+ host: ${_param:cluster_node03_address}
+ port: ${_param:haproxy_dogtag_source_port}
+ params: check
\ No newline at end of file
diff --git a/haproxy/proxy/listen/kubernetes/apiserver.yml b/haproxy/proxy/listen/kubernetes/apiserver.yml
index 8dfcb35..950765f 100644
--- a/haproxy/proxy/listen/kubernetes/apiserver.yml
+++ b/haproxy/proxy/listen/kubernetes/apiserver.yml
@@ -4,8 +4,6 @@
listen:
k8s_secure:
type: kubernetes
- options:
- - ssl-hello-chk
binds:
- address: ${_param:cluster_vip_address}
port: 443
@@ -13,15 +11,15 @@
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
port: 6443
- params: check
+ params: check check-ssl verify none
- name: ${_param:cluster_node02_hostname}
host: ${_param:cluster_node02_address}
port: 6443
- params: check
+ params: check check-ssl verify none
- name: ${_param:cluster_node03_hostname}
host: ${_param:cluster_node03_address}
port: 6443
- params: check
+ params: check check-ssl verify none
timeout:
server: 10m
client: 10m
diff --git a/haproxy/proxy/listen/openstack/gnocchi.yml b/haproxy/proxy/listen/openstack/gnocchi.yml
new file mode 100644
index 0000000..ec2bb20
--- /dev/null
+++ b/haproxy/proxy/listen/openstack/gnocchi.yml
@@ -0,0 +1,23 @@
+parameters:
+ haproxy:
+ proxy:
+ listen:
+ gnocchi_api:
+ type: openstack-service
+ service_name: gnocchi
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 8041
+ servers:
+ - name: ${_param:cluster_node01_hostname}
+ host: ${_param:cluster_node01_address}
+ port: 8041
+ params: check
+ - name: ${_param:cluster_node02_hostname}
+ host: ${_param:cluster_node02_address}
+ port: 8041
+ params: check
+ - name: ${_param:cluster_node03_hostname}
+ host: ${_param:cluster_node03_address}
+ port: 8041
+ params: check
\ No newline at end of file
diff --git a/haproxy/proxy/listen/openstack/manila.yml b/haproxy/proxy/listen/openstack/manila.yml
new file mode 100644
index 0000000..a28f365
--- /dev/null
+++ b/haproxy/proxy/listen/openstack/manila.yml
@@ -0,0 +1,23 @@
+parameters:
+ haproxy:
+ proxy:
+ listen:
+ manila_api:
+ type: openstack-service
+ service_name: manila
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 8786
+ servers:
+ - name: ${_param:cluster_node01_hostname}
+ host: ${_param:cluster_node01_address}
+ port: 8786
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node02_hostname}
+ host: ${_param:cluster_node02_address}
+ port: 8786
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node03_hostname}
+ host: ${_param:cluster_node03_address}
+ port: 8786
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
diff --git a/haproxy/proxy/listen/openstack/nova-placement.yml b/haproxy/proxy/listen/openstack/nova-placement.yml
index 9fec963..58c9dd2 100644
--- a/haproxy/proxy/listen/openstack/nova-placement.yml
+++ b/haproxy/proxy/listen/openstack/nova-placement.yml
@@ -2,18 +2,21 @@
haproxy:
proxy:
listen:
+ # Nova placement API returns 401 when doing GET to root URL, while
+ # other serivces normally returns 200 and API versions data.
nova_placement_api:
mode: http
- binds:
- - address: ${_param:cluster_vip_address}
- port: 8778
+ service_name: nova_placement
options:
- - httpclose
- - httplog
+ - httpclose
+ - httplog
health-check:
http:
options:
- expect status 401
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 8778
servers:
- name: ${_param:cluster_node01_hostname}
host: ${_param:cluster_node01_address}
diff --git a/haproxy/proxy/listen/openstack/panko.yml b/haproxy/proxy/listen/openstack/panko.yml
new file mode 100644
index 0000000..51eb030
--- /dev/null
+++ b/haproxy/proxy/listen/openstack/panko.yml
@@ -0,0 +1,23 @@
+parameters:
+ haproxy:
+ proxy:
+ listen:
+ panko_api:
+ type: general-service
+ check: false
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 8977
+ servers:
+ - name: ${_param:cluster_node01_hostname}
+ host: ${_param:cluster_node01_address}
+ port: 8977
+ params: check
+ - name: ${_param:cluster_node02_hostname}
+ host: ${_param:cluster_node02_address}
+ port: 8977
+ params: check
+ - name: ${_param:cluster_node03_hostname}
+ host: ${_param:cluster_node03_address}
+ port: 8977
+ params: check
\ No newline at end of file
diff --git a/haproxy/proxy/listen/openstack/placement.yml b/haproxy/proxy/listen/openstack/placement.yml
new file mode 100644
index 0000000..f3b2b99
--- /dev/null
+++ b/haproxy/proxy/listen/openstack/placement.yml
@@ -0,0 +1,26 @@
+# Starting with Nova (17.0.0) Queens - accessing to / of placement service
+# returns 200 with version data instead of 401 as it was before.
+# This file should be included for nova/placement higher than Queens.
+parameters:
+ haproxy:
+ proxy:
+ listen:
+ placement_api:
+ type: openstack-service
+ service_name: placement
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 8778
+ servers:
+ - name: ${_param:cluster_node01_hostname}
+ host: ${_param:cluster_node01_address}
+ port: 8778
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node02_hostname}
+ host: ${_param:cluster_node02_address}
+ port: 8778
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
+ - name: ${_param:cluster_node03_hostname}
+ host: ${_param:cluster_node03_address}
+ port: 8778
+ params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
diff --git a/heat/server/cluster.yml b/heat/server/cluster.yml
index 8e38f4f..5829aee 100644
--- a/heat/server/cluster.yml
+++ b/heat/server/cluster.yml
@@ -5,7 +5,8 @@
- system.haproxy.proxy.listen.openstack.heat
parameters:
_param:
- cluster_public_protocol: https
+ cluster_public_protocol: 'https'
+ cluster_internal_protocol: 'http'
linux:
system:
package:
@@ -54,6 +55,7 @@
tenant: service
user: heat
password: ${_param:keystone_heat_password}
+ protocol: ${_param:cluster_internal_protocol}
message_queue:
engine: rabbitmq
port: 5672
diff --git a/heat/server/resource/networking_bgpvpn.yml b/heat/server/resource/networking_bgpvpn.yml
new file mode 100644
index 0000000..4fbd851
--- /dev/null
+++ b/heat/server/resource/networking_bgpvpn.yml
@@ -0,0 +1,11 @@
+parameters:
+ linux:
+ system:
+ package:
+ python-networking-bgpvpn:
+ version: latest
+ heat:
+ server:
+ dir:
+ plugins:
+ - /usr/lib/python2.7/dist-packages/networking_bgpvpn_heat
\ No newline at end of file
diff --git a/helm/analytics_pipeline/hdfs.yml b/helm/analytics_pipeline/hdfs.yml
index 64e0cef..2b1382b 100644
--- a/helm/analytics_pipeline/hdfs.yml
+++ b/helm/analytics_pipeline/hdfs.yml
@@ -1,7 +1,7 @@
parameters:
_param:
analytics_hdfs_release: ${_param:analytics_release_prefix}hdfs
- analytics_hdfs_address: hdfs-namenode-${_param:analytics_hdfs_release}-0.hdfs-namenode-${_param:analytics_hdfs_release}
+ analytics_hdfs_address: hdfs-namenode-${_param:analytics_hdfs_release}-0.hdfs-namenode-${_param:analytics_hdfs_release}:8020
helm:
client:
releases:
diff --git a/helm/analytics_pipeline/kafka.yml b/helm/analytics_pipeline/kafka.yml
index 3c88299..3911bd0 100644
--- a/helm/analytics_pipeline/kafka.yml
+++ b/helm/analytics_pipeline/kafka.yml
@@ -14,4 +14,5 @@
antiAffinity: soft
zookeeper:
deployChart: false
- externalAddress: ${_param:analytics_zookeeper_address}
+ addresses:
+ zookeeper: ${_param:analytics_zookeeper_address}
diff --git a/helm/analytics_pipeline/spark.yml b/helm/analytics_pipeline/spark.yml
index aeb2856..5533df5 100644
--- a/helm/analytics_pipeline/spark.yml
+++ b/helm/analytics_pipeline/spark.yml
@@ -1,7 +1,7 @@
parameters:
_param:
analytics_spark_release: ${_param:analytics_release_prefix}spark
- analytics_spark_address: spark-master-${_param:analytics_spark_release}-0.spark-master-${_param:analytics_spark_release}:7077,spark-master-${_param:analytics_spark_release}-1.spark-master-${_param:analytics_spark_release}:7077
+ analytics_spark_address: spark-master-${_param:analytics_spark_release}-0:7077
helm:
client:
releases:
@@ -17,4 +17,5 @@
replicas: 3
zookeeper:
deployChart: false
- externalAddress: ${_param:analytics_zookeeper_address}
+ addresses:
+ zookeeper: ${_param:analytics_zookeeper_address}
diff --git a/helm/analytics_pipeline/tweepub.yml b/helm/analytics_pipeline/tweepub.yml
index 42678a3..daa62ca 100644
--- a/helm/analytics_pipeline/tweepub.yml
+++ b/helm/analytics_pipeline/tweepub.yml
@@ -19,5 +19,6 @@
locations: -71.4415,41.9860,-70.4747,42.9041,-122.75,36.8,-121.75,37.8,-74,40,-73,41
kafka:
deployChart: false
- externalAddress: ${_param:analytics_kafka_address}
topic: twitter-stream
+ addresses:
+ kafka: ${_param:analytics_kafka_address}
diff --git a/helm/analytics_pipeline/tweetics.yml b/helm/analytics_pipeline/tweetics.yml
index de438bf..0a6bebb 100644
--- a/helm/analytics_pipeline/tweetics.yml
+++ b/helm/analytics_pipeline/tweetics.yml
@@ -12,16 +12,20 @@
minHashtagCounts: 0
zookeeper:
deployChart: false
- externalAddress: ${_param:analytics_zookeeper_address}
+ addresses:
+ zookeeper: ${_param:analytics_zookeeper_address}
kafka:
deployChart: false
- externalAddress: ${_param:analytics_kafka_address}
topic: twitter-stream
+ addresses:
+ kafka: ${_param:analytics_kafka_address}
spark:
deployChart: false
- externalAddress: ${_param:analytics_spark_address}
+ addresses:
+ spark: ${_param:analytics_spark_address}
storage: hdfs
hdfs:
deployChart: false
- externalAddress: ${_param:analytics_hdfs_address}
path: /twitter
+ addresses:
+ namenode: ${_param:analytics_hdfs_address}
diff --git a/helm/analytics_pipeline/tweeviz.yml b/helm/analytics_pipeline/tweeviz.yml
index d8f7aef..e264031 100644
--- a/helm/analytics_pipeline/tweeviz.yml
+++ b/helm/analytics_pipeline/tweeviz.yml
@@ -14,6 +14,6 @@
storage: hdfs
hdfs:
deployChart: false
- externalAddress: ${_param:analytics_hdfs_address}
path: /
- externalPort: 8020
+ addresses:
+ namenode: ${_param:analytics_hdfs_address}
diff --git a/horizon/server/plugin/manila.yml b/horizon/server/plugin/manila.yml
new file mode 100644
index 0000000..ec00da6
--- /dev/null
+++ b/horizon/server/plugin/manila.yml
@@ -0,0 +1,17 @@
+parameters:
+ horizon:
+ server:
+ plugin:
+ manila:
+ source:
+ engine: pkg
+ name: python-manila-ui
+ policy:
+ share:
+ source: file
+ name: manila_policy.json
+ enabled: true
+ sharev2:
+ source: file
+ name: manila_policy.json
+ enabled: true
diff --git a/horizon/server/plugin/neutron_bgpvpn.yml b/horizon/server/plugin/neutron_bgpvpn.yml
new file mode 100644
index 0000000..7ad75ff
--- /dev/null
+++ b/horizon/server/plugin/neutron_bgpvpn.yml
@@ -0,0 +1,8 @@
+parameters:
+ horizon:
+ server:
+ plugin:
+ bgpvpn:
+ source:
+ engine: pkg
+ name: python-networking-bgpvpn
diff --git a/jenkins/client/approved_scripts.yml b/jenkins/client/approved_scripts.yml
index 1973906..80cfd95 100644
--- a/jenkins/client/approved_scripts.yml
+++ b/jenkins/client/approved_scripts.yml
@@ -54,9 +54,11 @@
- method java.util.Collection stream
- method java.util.Date getTime
- method java.util.LinkedHashMap$LinkedHashIterator hasNext
+ - method java.util.List add int java.lang.Object
- method java.util.List subList int int
- method java.util.Map remove java.lang.Object
- method java.util.Map size
+ - method java.util.Map isEmpty
- method java.util.regex.MatchResult group int
- method java.util.regex.MatchResult groupCount
- method java.util.regex.Matcher find
@@ -139,3 +141,5 @@
- method hudson.model.Actionable getAction java.lang.Class
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods toSorted java.lang.Iterable
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods intersect java.util.List java.lang.Iterable
+ - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods reverse java.util.List
+ - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods getAt java.util.Collection java.lang.String
diff --git a/jenkins/client/job/debian/packages/ceph.yml b/jenkins/client/job/debian/packages/ceph.yml
new file mode 100644
index 0000000..5307b4b
--- /dev/null
+++ b/jenkins/client/job/debian/packages/ceph.yml
@@ -0,0 +1,77 @@
+parameters:
+ jenkins:
+ client:
+ job_template:
+ build-debian-ceph-package:
+ name: build-debian-{{package}}-{{version}}-ubuntu-{{dist}}
+ jobs:
+ # Xenial
+ - package: ceph
+ dist: xenial
+ branch: debian/xenial-luminous
+ version: luminous
+ - package: ceph
+ dist: xenial
+ branch: debian/xenial-jewel
+ version: jewel
+ template:
+ discard:
+ build:
+ keep_num: 10
+ artifact:
+ keep_num: 10
+ type: workflow-scm
+ concurrent: false
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
+ branch: "${_param:jenkins_pipelines_branch}"
+ credentials: "gerrit"
+ script: build-debian-packages-pipeline.groovy
+ trigger:
+ gerrit:
+ project:
+ debian/{{package}}:
+ branches:
+ - "{{branch}}"
+ message:
+ build_successful: "Build successful"
+ build_unstable: "Build unstable"
+ build_failure: "Build failed"
+ event:
+ ref:
+ - updated
+ param:
+ SOURCE_URL:
+ type: string
+ default: "${_param:jenkins_gerrit_url}/debian/{{package}}.git"
+ SOURCE_BRANCH:
+ type: string
+ default: "{{branch}}"
+ SOURCE_CREDENTIALS:
+ type: string
+ default: "gerrit"
+ EXTRA_REPO_URL:
+ type: string
+ default: "deb ${_param:jenkins_aptly_url}/{{dist}}/ testing ceph"
+ EXTRA_REPO_KEY_URL:
+ type: string
+ default: "${_param:jenkins_aptly_url}/public.gpg"
+ APTLY_URL:
+ type: string
+ default: "${_param:jenkins_aptly_api_url}"
+ APTLY_REPO:
+ type: string
+ default: "ubuntu-{{dist}}-{{package}}-{{version}}"
+ OS:
+ type: string
+ default: "ubuntu"
+ DIST:
+ type: string
+ default: "{{dist}}"
+ ARCH:
+ type: string
+ default: "amd64"
+ UPLOAD_APTLY:
+ type: boolean
+ default: 'true'
\ No newline at end of file
diff --git a/jenkins/client/job/debian/packages/extra.yml b/jenkins/client/job/debian/packages/extra.yml
index 61d7ee2..0a21a55 100644
--- a/jenkins/client/job/debian/packages/extra.yml
+++ b/jenkins/client/job/debian/packages/extra.yml
@@ -205,6 +205,10 @@
dist: xenial
build: pipeline
branch: debian/xenial
+ - package: python-backports.ssl-match-hostname
+ dist: xenial
+ build: pipeline
+ branch: debian/xenial
template:
type: workflow-scm
concurrent: false
diff --git a/jenkins/client/job/debian/packages/init.yml b/jenkins/client/job/debian/packages/init.yml
index 2fff22c..4196f95 100644
--- a/jenkins/client/job/debian/packages/init.yml
+++ b/jenkins/client/job/debian/packages/init.yml
@@ -4,6 +4,7 @@
- system.jenkins.client.job.debian.packages.salt-multi
- system.jenkins.client.job.debian.packages.horizon
- system.jenkins.client.job.debian.packages.heat.resources
+ - system.jenkins.client.job.debian.packages.ceph
parameters:
jenkins:
client:
diff --git a/jenkins/client/job/debian/packages/salt-multi.yml b/jenkins/client/job/debian/packages/salt-multi.yml
index 90e6f02..e185b60 100644
--- a/jenkins/client/job/debian/packages/salt-multi.yml
+++ b/jenkins/client/job/debian/packages/salt-multi.yml
@@ -56,9 +56,6 @@
- name: kubernetes
upload_source_package: true
dist: xenial
- - name: mirascan
- upload_source_package: true
- dist: xenial
- name: neutron
upload_source_package: true
dist: xenial
@@ -114,10 +111,10 @@
default: 'true'
EXTRA_REPO_URL:
type: string
- default: "deb ${_param:jenkins_aptly_url}/{{dist}}/ testing salt salt-latest"
+ default: "deb http://repo.saltstack.com/apt/ubuntu/16.04/amd64/2016.3 xenial main; deb ${_param:jenkins_aptly_url}/{{dist}}/ testing salt"
EXTRA_REPO_KEY_URL:
type: string
- default: "${_param:jenkins_aptly_url}/public.gpg"
+ default: "https://repo.saltstack.com/apt/ubuntu/16.04/amd64/2016.3/SALTSTACK-GPG-KEY.pub; ${_param:jenkins_aptly_url}/public.gpg"
APTLY_URL:
type: string
default: "${_param:jenkins_aptly_api_url}"
@@ -142,3 +139,6 @@
UPLOAD_APTLY:
type: boolean
default: '{{upload_source_package}}'
+ DEBUG:
+ type: boolean
+ default: 'false'
diff --git a/jenkins/client/job/debian/packages/salt.yml b/jenkins/client/job/debian/packages/salt.yml
index 7b0dc68..8bb7c79 100644
--- a/jenkins/client/job/debian/packages/salt.yml
+++ b/jenkins/client/job/debian/packages/salt.yml
@@ -59,6 +59,9 @@
- name: collectd
upload_source_package: false
dist: trusty
+ - name: debmirror
+ upload_source_package: true
+ dist: trusty
- name: dekapod
upload_source_package: false
dist: trusty
@@ -122,6 +125,9 @@
- name: heka
upload_source_package: false
dist: trusty
+ - name: heketi
+ upload_source_package: true
+ dist: trusty
- name: influxdb
upload_source_package: false
dist: trusty
@@ -170,9 +176,15 @@
- name: magnum
upload_source_package: false
dist: trusty
+ - name: manila
+ upload_source_package: false
+ dist: trusty
- name: memcached
upload_source_package: false
dist: trusty
+ - name: mirascan
+ upload_source_package: false
+ dist: trusty
- name: midonet
upload_source_package: false
dist: trusty
@@ -224,6 +236,9 @@
- name: openvstorage
upload_source_package: false
dist: trusty
+ - name: oslo-templates
+ upload_source_package: false
+ dist: trusty
- name: owncloud
upload_source_package: false
dist: trusty
@@ -281,6 +296,9 @@
- name: sentry
upload_source_package: false
dist: trusty
+ - name: shibboleth
+ upload_source_package: false
+ dist: trusty
- name: sphinx
upload_source_package: false
dist: trusty
@@ -371,6 +389,9 @@
- name: collectd
upload_source_package: true
dist: xenial
+ - name: debmirror
+ upload_source_package: true
+ dist: xenial
- name: dekapod
upload_source_package: true
dist: xenial
@@ -437,6 +458,9 @@
- name: heka
upload_source_package: true
dist: xenial
+ - name: heketi
+ upload_source_package: true
+ dist: xenial
- name: helm
upload_source_package: true
dist: xenial
@@ -488,9 +512,15 @@
- name: magnum
upload_source_package: true
dist: xenial
+ - name: manila
+ upload_source_package: true
+ dist: xenial
- name: memcached
upload_source_package: true
dist: xenial
+ - name: mirascan
+ upload_source_package: true
+ dist: xenial
- name: midonet
upload_source_package: true
dist: xenial
@@ -542,6 +572,9 @@
- name: openvstorage
upload_source_package: true
dist: xenial
+ - name: oslo-templates
+ upload_source_package: true
+ dist: xenial
- name: owncloud
upload_source_package: true
dist: xenial
@@ -602,6 +635,9 @@
- name: sentry
upload_source_package: true
dist: xenial
+ - name: shibboleth
+ upload_source_package: true
+ dist: xenial
- name: sphinx
upload_source_package: true
dist: xenial
@@ -629,6 +665,9 @@
- name: varnish
upload_source_package: true
dist: xenial
+ - name: watchdog
+ upload_source_package: true
+ dist: xenial
- name: xtrabackup
upload_source_package: true
dist: xenial
@@ -680,10 +719,10 @@
default: '~{{dist}}1'
EXTRA_REPO_URL:
type: string
- default: "deb ${_param:jenkins_aptly_url}/{{dist}}/ testing salt salt-latest"
+ default: "deb http://repo.saltstack.com/apt/ubuntu/16.04/amd64/2016.3 xenial main; deb ${_param:jenkins_aptly_url}/{{dist}}/ testing salt"
EXTRA_REPO_KEY_URL:
type: string
- default: "${_param:jenkins_aptly_url}/public.gpg"
+ default: "https://repo.saltstack.com/apt/ubuntu/16.04/amd64/2016.3/SALTSTACK-GPG-KEY.pub; ${_param:jenkins_aptly_url}/public.gpg"
APTLY_URL:
type: string
default: "${_param:jenkins_aptly_api_url}"
@@ -708,3 +747,6 @@
UPLOAD_APTLY:
type: boolean
default: 'true'
+ DEBUG:
+ type: boolean
+ default: 'false'
diff --git a/jenkins/client/job/deploy/k8s_control.yml b/jenkins/client/job/deploy/k8s_control.yml
index f851176..4dba2e7 100644
--- a/jenkins/client/job/deploy/k8s_control.yml
+++ b/jenkins/client/job/deploy/k8s_control.yml
@@ -8,7 +8,7 @@
display_name: "Deploy - k8s control"
discard:
build:
- keep_num: 20
+ keep_num: 50
concurrent: false
scm:
type: git
diff --git a/jenkins/client/job/deploy/kqueen.yml b/jenkins/client/job/deploy/kqueen.yml
index 817eb8f..0214da7 100644
--- a/jenkins/client/job/deploy/kqueen.yml
+++ b/jenkins/client/job/deploy/kqueen.yml
@@ -7,7 +7,7 @@
type: workflow-scm
discard:
build:
- keep_num: 20
+ keep_num: 50
concurrent: true
display_name: "Deploy AWS K8S using kqueen"
scm:
@@ -58,4 +58,70 @@
default: "jenkins-mk"
KQUEEN_BUILD_ID:
type: string
+ deploy_heat_k8s_kqueen_job:
+ name: deploy-heat-k8s-kqueen
+ type: workflow-scm
+ discard:
+ build:
+ keep_num: 50
+ concurrent: true
+ display_name: "Deploy Heat K8S using kqueen"
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
+ branch: "${_param:jenkins_pipelines_branch}"
+ credentials: "gerrit"
+ script: deploy-heat-k8s-kqueen-pipeline.groovy
+ param:
+ # deployments
+ STACK_NAME:
+ type: string
+ description: "AWS stack name - mandatory param, will be used as is"
+ STACK_COMPUTE_COUNT:
+ type: string
+ default: '2'
+ STACK_TEMPLATE:
+ type: string
+ default: "k8s_ha_calico"
+ STACK_TEMPLATE_URL:
+ type: string
+ default: "${_param:jenkins_gerrit_url}/mk/heat-templates"
+ STACK_TEMPLATE_CREDENTIALS:
+ type: string
+ default: "gerrit"
+ STACK_TEMPLATE_BRANCH:
+ type: string
+ default: "master"
+
+ # salt
+ SALT_MASTER_CREDENTIALS:
+ type: string
+ default: "salt-qa-credentials"
+ SALT_MASTER_URL:
+ type: string
+ default: ""
+
+ # heat
+ HEAT_STACK_ENVIRONMENT:
+ type: string
+ default: "devcloud"
+ HEAT_STACK_ZONE:
+ type: string
+ default: "mcp-mk"
+ HEAT_STACK_PUBLIC_NET:
+ type: string
+ default: "public"
+
+ # openstack api
+ OPENSTACK_API_URL:
+ type: string
+ default: "https://cloud-cz.bud.mirantis.net:5000"
+ OPENSTACK_API_CREDENTIALS:
+ type: string
+ default: "openstack-devcloud-credentials"
+ OPENSTACK_API_PROJECT:
+ type: string
+ default: "mcp-mk"
+ KQUEEN_BUILD_ID:
+ type: string
diff --git a/jenkins/client/job/deploy/lab/cleanup.yml b/jenkins/client/job/deploy/lab/cleanup.yml
index 93a0818..6ecaeee 100644
--- a/jenkins/client/job/deploy/lab/cleanup.yml
+++ b/jenkins/client/job/deploy/lab/cleanup.yml
@@ -8,7 +8,7 @@
display_name: "Deploy - stack cleanup"
discard:
build:
- keep_num: 20
+ keep_num: 50
scm:
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
@@ -59,7 +59,7 @@
default: "aws-credentials"
AWS_DEFAULT_REGION:
type: string
- default: "us-west-2"
+ default: "eu-central-1"
delete-failed-stacks:
type: workflow-scm
@@ -87,7 +87,7 @@
default: "openstack-devcloud-credentials"
OPENSTACK_API_PROJECT:
type: string
- default: "mcp-mk"
+ default: "mcp-k8s, mcp-maintenance, mcp-mk, mcp-networking, mcp-opencontrail, mcp-oss, mcp-platform, mcp-scale, mcp-stacklight, mcp-support"
OPENSTACK_API_CLIENT:
type: string
default: ""
diff --git a/jenkins/client/job/deploy/lab/component/aaa.yml b/jenkins/client/job/deploy/lab/component/aaa.yml
index 1c640d5..26a66fd 100644
--- a/jenkins/client/job/deploy/lab/component/aaa.yml
+++ b/jenkins/client/job/deploy/lab/component/aaa.yml
@@ -8,4 +8,4 @@
stack_type: heat
stack_install: core,aaa
stack_test: ""
- job_timer: ""
+ job_timer: "H H(0-6) * * *"
diff --git a/jenkins/client/job/deploy/lab/component/drivetrain.yml b/jenkins/client/job/deploy/lab/component/drivetrain.yml
index 945ac4a..6d05945 100644
--- a/jenkins/client/job/deploy/lab/component/drivetrain.yml
+++ b/jenkins/client/job/deploy/lab/component/drivetrain.yml
@@ -8,7 +8,7 @@
stack_type: heat
stack_install: core
stack_test: ""
- job_timer: ""
+ job_timer: "H H(0-6) * * *"
- stack_name: drivetrain_ha_clusters
stack_env: devcloud
stack_type: heat
diff --git a/jenkins/client/job/deploy/lab/deploy.yml b/jenkins/client/job/deploy/lab/deploy.yml
index b6bbc71..76a077d 100644
--- a/jenkins/client/job/deploy/lab/deploy.yml
+++ b/jenkins/client/job/deploy/lab/deploy.yml
@@ -11,7 +11,7 @@
type: workflow-scm
discard:
build:
- keep_num: 20
+ keep_num: 100
concurrent: true
display_name: "Deploy - {{stack_name}} {{stack_type}}"
scm:
@@ -55,6 +55,10 @@
STACK_COMPUTE_COUNT:
type: string
default: '2'
+ STACK_CLUSTER_NAME:
+ type: string
+ default: ""
+ description: "Cluster name to use from reclass"
STACK_TEMPLATE:
type: string
@@ -100,7 +104,7 @@
description: "Formulas revision to install on Salt Master bootstrap stage"
EXTRA_FORMULAS:
type: string
- default: "maas memcached ntp nginx collectd sensu heka sphinx mysql grafana libvirt rsyslog glusterfs postfix xtrabackup freeipa prometheus telegraf elasticsearch kibana rundeck devops-portal rsync docker keepalived aptly jenkins gerrit artifactory influxdb horizon ceph"
+ default: ""
STATIC_MGMT_NETWORK:
type: boolean
default: 'false'
@@ -180,3 +184,32 @@
description: "Run tests matched to pattern only"
default: ""
+ # TestRail vars
+ TESTRAIL_REPORT:
+ type: boolean
+ description: "Report test results to TestRail if true"
+ default: "false"
+ TESTRAIL_REPORTER_IMAGE:
+ type: string
+ description: "Testrail reporter docker image"
+ default: "alrem/xunit2testrail"
+ TESTRAIL_QA_CREDENTIALS:
+ type: string
+ description: "Credentials for results upload to testrail"
+ default: "oscore-qa-credentials"
+ TESTRAIL_MILESTONE:
+ type: string
+ description: "TestRail milestone"
+ default: "MCP1.1"
+ TESTRAIL_PLAN:
+ type: string
+ description: "TestRail test plan name. Will be generated if missing."
+ default: ""
+ TESTRAIL_GROUP:
+ type: string
+ description: "TestRail test group name."
+ default: "{{stack_name}}"
+ TESTRAIL_SUITE:
+ type: string
+ description: "TestRail test suite name"
+ default: "Tempest 16.0.0 with designate tests"
diff --git a/jenkins/client/job/deploy/lab/release/mcp10.yml b/jenkins/client/job/deploy/lab/release/mcp10.yml
index 34fb940..66f08af 100644
--- a/jenkins/client/job/deploy/lab/release/mcp10.yml
+++ b/jenkins/client/job/deploy/lab/release/mcp10.yml
@@ -37,13 +37,13 @@
stack_test: ""
job_timer: "H H(0-6) * * *"
- stack_name: virtual_mcp10_ovs_dvr
- stack_env: devcloud_virtual_mcp10_dvr
+ stack_env: devcloud
stack_install: core,openstack,dvr
stack_type: heat
stack_test: ""
job_timer: "H H(0-6) * * *"
- stack_name: virtual_mcp10_ovs
- stack_env: devcloud_virtual_mcp10_ovs
+ stack_env: devcloud
stack_install: core,openstack,ovs
stack_type: heat
stack_test: ""
diff --git a/jenkins/client/job/deploy/lab/release/mcp11.yml b/jenkins/client/job/deploy/lab/release/mcp11.yml
index 8e61e8e..789dd53 100644
--- a/jenkins/client/job/deploy/lab/release/mcp11.yml
+++ b/jenkins/client/job/deploy/lab/release/mcp11.yml
@@ -9,14 +9,14 @@
stack_type: heat
stack_test: ""
job_timer: ""
- - stack_name: virtual_mcp11_ovs_dvr
- stack_env: devcloud_virtual_mcp11_dvr
+ - stack_name: virtual_mcp11_dvr
+ stack_env: devcloud
stack_install: core,openstack,dvr
stack_type: heat
stack_test: ""
job_timer: ""
- stack_name: virtual_mcp11_ovs
- stack_env: devcloud_virtual_mcp11_ovs
+ stack_env: devcloud
stack_install: core,openstack,ovs
stack_type: heat
stack_test: ""
@@ -27,6 +27,24 @@
stack_type: heat
stack_test: ""
job_timer: ""
+ - stack_name: virtual_mcp11_ironic_ssl_small
+ stack_env: devcloud
+ stack_install: core,openstack
+ stack_type: heat
+ stack_test: ""
+ job_timer: ""
+ - stack_name: virtual_mcp11_aio_manila
+ stack_env: devcloud
+ stack_install: core,openstack,ovs
+ stack_type: heat
+ stack_test: ""
+ job_timer: ""
+ - stack_name: virtual_mcp11_aio_telemetry
+ stack_env: devcloud
+ stack_install: core,openstack,ovs
+ stack_type: heat
+ stack_test: ""
+ job_timer: ""
- stack_name: virtual_mcp11_aio
stack_env: devcloud
stack_install: core,openstack,ovs
@@ -57,3 +75,45 @@
stack_type: heat
stack_test: ""
job_timer: "H H(0-6) * * *"
+ - stack_name: virtual_mcp_mitaka_ovs
+ stack_env: devcloud
+ stack_install: core,openstack,ovs
+ stack_type: heat
+ stack_test: ""
+ job_timer: ""
+ - stack_name: virtual_mcp_mitaka_dvr
+ stack_env: devcloud
+ stack_install: core,openstack,dvr
+ stack_type: heat
+ stack_test: ""
+ job_timer: ""
+ - stack_name: virtual_mcp_newton_ovs
+ stack_env: devcloud
+ stack_install: core,openstack,ovs
+ stack_type: heat
+ stack_test: ""
+ job_timer: ""
+ - stack_name: virtual_mcp_newton_dvr
+ stack_env: devcloud
+ stack_install: core,openstack,dvr
+ stack_type: heat
+ stack_test: ""
+ job_timer: ""
+ - stack_name: virtual_mcp_pike_dvr
+ stack_env: devcloud
+ stack_install: core,openstack,dvr
+ stack_type: heat
+ stack_test: ""
+ job_timer: ""
+ - stack_name: virtual_mcp_pike_dvr_ssl
+ stack_env: devcloud
+ stack_install: core,openstack,dvr
+ stack_type: heat
+ stack_test: ""
+ job_timer: ""
+ - stack_name: virtual_mcp_pike_ovs
+ stack_env: devcloud
+ stack_install: core,openstack,ovs
+ stack_type: heat
+ stack_test: ""
+ job_timer: ""
diff --git a/jenkins/client/job/deploy/openstack.yml b/jenkins/client/job/deploy/openstack.yml
index 3595e01..a9f2007 100644
--- a/jenkins/client/job/deploy/openstack.yml
+++ b/jenkins/client/job/deploy/openstack.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ jenkins_salt_api_url: "http://${_param:salt_master_host}:6969"
jenkins:
client:
job:
@@ -8,7 +10,7 @@
display_name: "Deploy - OpenStack"
discard:
build:
- keep_num: 20
+ keep_num: 50
concurrent: true
scm:
type: git
@@ -24,14 +26,14 @@
STACK_INSTALL:
type: string
default: "core,kvm,openstack,stacklight"
-
+ description: "Components to be installed. Valid values are 'core,kvm,k8s,openstack,contrail,ovs,ceph,oss,cicd,stacklight,sl-legacy,finalize'. For all deployments it's recommended to run 'finalize' as a final step as Salt highstate on all nodes will be run."
# salt master
SALT_MASTER_CREDENTIALS:
type: string
default: "salt"
SALT_MASTER_URL:
type: string
- default: ""
+ default: "${_param:jenkins_salt_api_url}"
ASK_ON_ERROR:
type: boolean
default: 'false'
diff --git a/jenkins/client/job/deploy/test.yml b/jenkins/client/job/deploy/test.yml
index c226fbc..acf6fa3 100644
--- a/jenkins/client/job/deploy/test.yml
+++ b/jenkins/client/job/deploy/test.yml
@@ -7,7 +7,7 @@
type: workflow-scm
discard:
build:
- keep_num: 20
+ keep_num: 50
concurrent: true
display_name: "Deploy - Test services in environment"
scm:
diff --git a/jenkins/client/job/deploy/update/init.yml b/jenkins/client/job/deploy/update/init.yml
index 4e6f460..0b10ff2 100644
--- a/jenkins/client/job/deploy/update/init.yml
+++ b/jenkins/client/job/deploy/update/init.yml
@@ -13,3 +13,4 @@
- system.jenkins.client.job.deploy.update.restore_mysql
- system.jenkins.client.job.deploy.update.restore_cassandra
- system.jenkins.client.job.deploy.update.restore_zookeeper
+ - system.jenkins.client.job.deploy.update.virt_snapshot
diff --git a/jenkins/client/job/deploy/update/upgrade.yml b/jenkins/client/job/deploy/update/upgrade.yml
index 2c76753..7e94c10 100644
--- a/jenkins/client/job/deploy/update/upgrade.yml
+++ b/jenkins/client/job/deploy/update/upgrade.yml
@@ -36,6 +36,10 @@
type: boolean
default: 'true'
description: "Rollback if control upgrade fails"
+ OPERATING_SYSTEM_RELEASE_UPGRADE:
+ type: boolean
+ default: 'false'
+ description: "Set to true if operating system release upgrade is desired. For ex. from Ubuntu 14.04 currently running on ctl and prx nodes to Ubuntu 16.04"
SKIP_VM_RELAUNCH:
type: boolean
default: 'false'
diff --git a/jenkins/client/job/deploy/update/virt_snapshot.yml b/jenkins/client/job/deploy/update/virt_snapshot.yml
new file mode 100644
index 0000000..0388ed1
--- /dev/null
+++ b/jenkins/client/job/deploy/update/virt_snapshot.yml
@@ -0,0 +1,62 @@
+#
+# Job to manage libvirt live snapshots
+#
+parameters:
+ _param:
+ jenkins_salt_api_url: "http://${_param:salt_master_host}:6969"
+ jenkins:
+ client:
+ job:
+ manage-virt-snapshot:
+ type: workflow-scm
+ concurrent: true
+ display_name: "Deploy - virt snapshot VM"
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
+ branch: "${_param:jenkins_pipelines_branch}"
+ credentials: "gerrit"
+ script: libvirt-live-snapshots.groovy
+ param:
+ SALT_MASTER_URL:
+ type: string
+ default: "${_param:jenkins_salt_api_url}"
+ SALT_MASTER_CREDENTIALS:
+ type: string
+ default: "salt"
+ CREATE_LIVE_SNAPSHOT:
+ type: boolean
+ default: 'true'
+ description: "Ensures that the live snapshot exists"
+ ROLLBACK_LIVE_SNAPSHOT:
+ type: boolean
+ default: 'false'
+ description: "Rollback the VM to a state before live snapshot was taken"
+ REMOVE_LIVE_SNAPSHOT:
+ type: boolean
+ default: 'false'
+ description: "Ensures that the live snapshot does not exist"
+ MERGE_LIVE_SNAPSHOT:
+ type: boolean
+ default: 'false'
+ description: "Ensures that the live snapshot is merged into it's base image"
+ NODE_PROVIDER:
+ type: string
+ default: "kvm01"
+ description: "KVM node that hosts the VM (for ex. kvm02)"
+ TARGET:
+ type: string
+ default: "ctl01"
+ description: "Unique identification of the VM being snapshoted without domain name (for ex. ctl01)"
+ SNAPSHOT_NAME:
+ type: string
+ default: "snapshot1"
+ description: "Snapshot name"
+ PATH:
+ type: string
+ default: "/var/lib/libvirt/images"
+ description: "Path where snapshot image and dumpxml are being put"
+ DISK_NAME:
+ type: string
+ default: "vda"
+ description: "Disk name of the snapshot"
diff --git a/jenkins/client/job/docker/cicd/init.yml b/jenkins/client/job/docker/cicd/init.yml
new file mode 100644
index 0000000..5b1df1d
--- /dev/null
+++ b/jenkins/client/job/docker/cicd/init.yml
@@ -0,0 +1,3 @@
+classes:
+ - system.jenkins.client.job.docker.cicd.rally
+ - system.jenkins.client.job.docker.cicd.tempest
diff --git a/jenkins/client/job/docker/cicd/rally.yml b/jenkins/client/job/docker/cicd/rally.yml
new file mode 100644
index 0000000..849d453
--- /dev/null
+++ b/jenkins/client/job/docker/cicd/rally.yml
@@ -0,0 +1,56 @@
+parameters:
+ jenkins:
+ client:
+ job:
+ docker-build-images-docker-ci-rally:
+ name: docker-build-images-docker-ci-rally
+ discard:
+ build:
+ keep_num: 30
+ artifact:
+ keep_num: 30
+ type: workflow-scm
+ concurrent: true
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/oss/jenkins/pipelines"
+ credentials: "gerrit"
+ script: docker-build-image-pipeline.groovy
+ trigger:
+ gerrit:
+ project:
+ "mcp/docker-ci-rally":
+ branches:
+ - master
+ event:
+ patchset:
+ - created:
+ excludeDrafts: false
+ excludeNoCodeChange: false
+ change:
+ - merged
+ comment:
+ - addedContains:
+ commentAddedCommentContains: 'rebuild'
+ param:
+ IMAGE_NAME:
+ type: string
+ default: "ci-rally"
+ IMAGE_TAGS:
+ type: string
+ default: ""
+ CREDENTIALS_ID:
+ type: string
+ default: "gerrit"
+ DOCKER_REGISTRY:
+ type: string
+ default: "docker-dev-virtual.docker.mirantis.net"
+ PROJECT_NAMESPACE:
+ type: string
+ default: "cicd"
+ DOCKERFILE_PATH:
+ type: string
+ default: "Dockerfile"
+ CONTEXT_PATH:
+ type: string
+ default: "."
diff --git a/jenkins/client/job/docker/cicd/tempest.yml b/jenkins/client/job/docker/cicd/tempest.yml
new file mode 100644
index 0000000..7b68403
--- /dev/null
+++ b/jenkins/client/job/docker/cicd/tempest.yml
@@ -0,0 +1,56 @@
+parameters:
+ jenkins:
+ client:
+ job:
+ docker-build-images-docker-ci-tempest:
+ name: docker-build-images-docker-ci-tempest
+ discard:
+ build:
+ keep_num: 30
+ artifact:
+ keep_num: 30
+ type: workflow-scm
+ concurrent: true
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/oss/jenkins/pipelines"
+ credentials: "gerrit"
+ script: docker-build-image-pipeline.groovy
+ trigger:
+ gerrit:
+ project:
+ "mcp/docker-ci-tempest":
+ branches:
+ - master
+ event:
+ patchset:
+ - created:
+ excludeDrafts: false
+ excludeNoCodeChange: false
+ change:
+ - merged
+ comment:
+ - addedContains:
+ commentAddedCommentContains: 'rebuild'
+ param:
+ IMAGE_NAME:
+ type: string
+ default: "ci-tempest"
+ IMAGE_TAGS:
+ type: string
+ default: ""
+ CREDENTIALS_ID:
+ type: string
+ default: "gerrit"
+ DOCKER_REGISTRY:
+ type: string
+ default: "docker-dev-virtual.docker.mirantis.net"
+ PROJECT_NAMESPACE:
+ type: string
+ default: "cicd"
+ DOCKERFILE_PATH:
+ type: string
+ default: "Dockerfile"
+ CONTEXT_PATH:
+ type: string
+ default: "."
diff --git a/jenkins/client/job/docker/init.yml b/jenkins/client/job/docker/init.yml
index c5f7d44..d4c15b6 100644
--- a/jenkins/client/job/docker/init.yml
+++ b/jenkins/client/job/docker/init.yml
@@ -16,7 +16,11 @@
dockerfile: "Dockerfile"
- name: gerrit
branch: "2.13.6"
- tags: "2.13.6 latest"
+ tags: "2.13.6"
+ dockerfile: "Dockerfile"
+ - name: gerrit
+ branch: "2.14.6"
+ tags: "2.14.6 latest"
dockerfile: "Dockerfile"
- name: jenkins
branch: "master"
@@ -28,7 +32,7 @@
dockerfile: "Dockerfile"
- name: jenkins
branch: "2.73"
- tags: "2.73 latest"
+ tags: "2.73"
dockerfile: "Dockerfile"
- name: phpldapadmin
branch: "master"
diff --git a/jenkins/client/job/gating.yml b/jenkins/client/job/gating.yml
index f9e9b1a..1ed093e 100644
--- a/jenkins/client/job/gating.yml
+++ b/jenkins/client/job/gating.yml
@@ -25,9 +25,9 @@
template:
discard:
build:
- keep_num: 25
+ keep_num: 150
artifact:
- keep_num: 25
+ keep_num: 150
type: workflow-scm
concurrent: true
scm:
diff --git a/jenkins/client/job/git-mirrors/2way.yml b/jenkins/client/job/git-mirrors/2way.yml
index 3b1a62f..4b4d0a3 100644
--- a/jenkins/client/job/git-mirrors/2way.yml
+++ b/jenkins/client/job/git-mirrors/2way.yml
@@ -11,6 +11,14 @@
source: mcp/mcp-common-scripts
target: Mirantis/mcp-common-scripts
branches: "master"
+ - name: mcp-local-repo-model
+ source: mcp/mcp-local-repo-model
+ target: Mirantis/mcp-local-repo-model
+ branches: "master"
+ - name: mcp-offline-model
+ source: mcp/mcp-offline-model
+ target: Mirantis/mcp-offline-model
+ branches: "master"
template:
discard:
build:
diff --git a/jenkins/client/job/k8s-test/mcp-k8s-test-pipeline.yml b/jenkins/client/job/k8s-test/mcp-k8s-test-pipeline.yml
index 8490ee7..36e1dc0 100644
--- a/jenkins/client/job/k8s-test/mcp-k8s-test-pipeline.yml
+++ b/jenkins/client/job/k8s-test/mcp-k8s-test-pipeline.yml
@@ -8,7 +8,7 @@
display_name: "Kubernetes tests pipeline"
discard:
build:
- keep_num: 20
+ keep_num: 50
concurrent: false
scm:
type: git
diff --git a/jenkins/client/job/opencontrail/build/generic.yml b/jenkins/client/job/opencontrail/build/generic.yml
index 699222e..d9be124 100644
--- a/jenkins/client/job/opencontrail/build/generic.yml
+++ b/jenkins/client/job/opencontrail/build/generic.yml
@@ -53,7 +53,7 @@
branch: R3.2
ppa: mirantis-opencontrail/opencontrail-3.2
upload_source_package: true
- dpdk: contrail_dpdk_2_1
+ dpdk: contrail_dpdk_17_02
build_trigger: ""
- buildname: oc32
os: ubuntu
@@ -61,7 +61,7 @@
branch: R3.2
ppa: mirantis-opencontrail/opencontrail-3.2
upload_source_package: true
- dpdk: contrail_dpdk_2_1
+ dpdk: contrail_dpdk_17_02
build_trigger: ""
- buildname: oc323
os: ubuntu
diff --git a/jenkins/client/job/oscore/qa.yml b/jenkins/client/job/oscore/qa.yml
index a8d4fae..258baa7 100644
--- a/jenkins/client/job/oscore/qa.yml
+++ b/jenkins/client/job/oscore/qa.yml
@@ -168,10 +168,18 @@
type: string
description: Tempest configuration file path inside container
default: "{{tempest_conf}}"
+ TEST_CONF:
+ type: string
+ description: Tempest configuration file path inside container
+ default: "{{test_conf}}"
TEST_TEMPEST_TARGET:
type: string
description: Node to run tests
default: "{{tempest_target}}"
+ TEST_TARGET:
+ type: string
+ description: Node to run tests
+ default: "{{test_target}}"
TEST_MODEL:
type: string
description: Environment salt model
diff --git a/jenkins/client/job/oscore/tests.yml b/jenkins/client/job/oscore/tests.yml
index bab8804..3000d71 100644
--- a/jenkins/client/job/oscore/tests.yml
+++ b/jenkins/client/job/oscore/tests.yml
@@ -12,6 +12,12 @@
keep_num: 30
type: workflow-scm
concurrent: true
+ plugin_properties:
+ throttleconcurrents:
+ enabled: true
+ throttle_option: category
+ categories:
+ - oscore-ci-builds
scm:
type: git
url: "${_param:jenkins_gerrit_url}/openstack-ci/openstack-pipelines.git"
@@ -58,6 +64,10 @@
type: string
default: '{{stack_reclass_branch}}'
description: 'Branch of repository with stack salt models'
+ STACK_CLUSTER_NAME:
+ type: string
+ default: ""
+ description: "Cluster name to use from reclass"
# salt
SALT_OVERRIDES:
type: text
@@ -97,14 +107,26 @@
type: string
description: Tempest configuration file path inside container
default: "{{tempest_conf}}"
+ TEST_CONF:
+ type: string
+ description: Tempest configuration file path inside container
+ default: "{{test_conf}}"
TEST_TEMPEST_TARGET:
type: string
description: Node to run tests
default: "{{tempest_target}}"
+ TEST_TARGET:
+ type: string
+ description: Node to run tests
+ default: "{{test_target}}"
TEST_TEMPEST_PATTERN:
type: string
description: Run tests matched to pattern only
default: "tempest"
+ TEST_PATTERN:
+ type: string
+ description: Run tests matched to pattern only
+ default: "tempest"
TEST_MODEL:
type: string
description: Environment salt model
@@ -125,6 +147,14 @@
type: string
default: ""
description: "Defines a list of extra repos with parameters, format: repo 1, repo priority 1, repo pin 1; repo 2, repo priority 2, repo pin 2"
+ ARTIFACTORY_CREDENTIALS:
+ type: string
+ default: "artifactory"
+ description: Jenkins credential ID for Artifactory
+ SALT_MASTER_CREDENTIALS:
+ type: string
+ default: "salt-qa-credentials"
+ description: Jenkins credential ID for Salt master
test-openstack-component-periodic:
name: "{{job_prefix}}-{{milestone}}-{{model}}-{{openstack_version}}-{{formula_pkg_revision}}"
template:
@@ -143,7 +173,7 @@
script: test-openstack-component-pipeline.groovy
trigger:
timer:
- spec: "0 21 * * *"
+ spec: "H 03 * * *"
param:
# general
HEAT_STACK_ZONE:
@@ -239,14 +269,26 @@
type: string
description: Tempest configuration file path inside container
default: "{{tempest_conf}}"
+ TEST_CONF:
+ type: string
+ description: Tempest configuration file path inside container
+ default: "{{test_conf}}"
TEST_TEMPEST_TARGET:
type: string
description: Node to run tests
default: "{{tempest_target}}"
+ TEST_TARGET:
+ type: string
+ description: Node to run tests
+ default: "{{test_target}}"
TEST_TEMPEST_PATTERN:
type: string
description: Run tests matched to pattern only
- default: "tempest"
+ default: "{{test_pattern}}"
+ TEST_PATTERN:
+ type: string
+ description: Run tests matched to pattern only
+ default: "{{test_pattern}}"
TEST_MODEL:
type: string
description: Environment salt model
@@ -259,6 +301,10 @@
type: boolean
default: 'true'
description: Whether to fail build on test results
+ RUN_SMOKE:
+ type: boolean
+ default: "{{run_smoke}}"
+ description: Enabling of running smoke tests
test-runner-template:
name: "{{job_prefix}}-{{test_type}}-runner"
template:
@@ -294,6 +340,10 @@
type: string
description: Job for results processing
default: "{{proc_results_job}}"
+ TEST_TYPE:
+ type: string
+ description: Name of test type
+ default: "{{test_type}}"
SLAVE_NODE:
type: string
default: 'python'
@@ -312,10 +362,17 @@
TEST_TEMPEST_TARGET:
type: string
description: Salt target to run tests
+ TEST_TARGET:
+ type: string
+ description: Salt target to run tests
TEST_TEMPEST_IMAGE:
type: string
description: Url to tempest docker image
- default: 'docker-prod-local.artifactory.mirantis.com/mirantis/oscore/rally-tempest'
+ default: "{{test_image}}"
+ TEST_IMAGE:
+ type: string
+ description: Url to tempest docker image
+ default: "{{test_image}}"
LOCAL_TEMPEST_IMAGE:
type: string
description: Path to local docker image
@@ -323,17 +380,31 @@
TEST_TEMPEST_PATTERN:
type: string
description: Run tests matched to pattern only
+ TEST_PATTERN:
+ type: string
+ description: Run tests matched to pattern only
TEST_TEMPEST_SET:
type: string
description: Run tests matched by tempest set only
+ TEST_SET:
+ type: string
+ description: Run tests matched by tempest set only
TEST_TEMPEST_CONCURRENCY:
type: string
description: How much test threads to run
default: "2"
+ TEST_CONCURRENCY:
+ type: string
+ description: How much test threads to run
+ default: "2"
TEST_TEMPEST_CONF:
type: string
description: Tempest configuration file path inside container
default: "mcp.conf"
+ TEST_CONF:
+ type: string
+ description: Tempest configuration file path inside container
+ default: "mcp.conf"
TEST_MODEL:
type: string
description: Environment salt model
@@ -392,14 +463,16 @@
TEST_TEMPEST_TARGET:
type: string
description: Node to run tests
+ TEST_TARGET:
+ type: string
+ description: Node to run tests
TEST_MILESTONE:
type: string
description: Product milestone
TEST_SUITE:
type: string
description: Testrail test suite
- default: >-
- 'Tempest 16.0.0 with designate tests'
+ default: "{{test_suite}}"
TEST_PLAN:
type: string
description: Testrail test plan
@@ -519,6 +592,9 @@
credentials: "gerrit"
branch: 'master'
script: oscc-ci-pipeline.groovy
+ trigger:
+ timer:
+ spec: "H 01 * * *"
param:
# general
DEPLOY_JOB_NAME:
@@ -560,6 +636,10 @@
type: string
description: "OpenStack related components list"
default: "{{openstack_components_list}}"
+ AUTO_PROMOTE:
+ type: boolean
+ default: "{{auto_promote}}"
+ description: Enable to autopromote repo
build-salt-formula-refspec-template:
name: "{{job_prefix}}-build-salt-formula-refspec"
template:
@@ -599,11 +679,11 @@
description: Whether to make a snapshot build
EXTRA_REPO_URL:
type: string
- default: "deb ${_param:jenkins_aptly_url}/{{dist}}/ testing salt salt-latest"
+ default: "deb http://repo.saltstack.com/apt/ubuntu/16.04/amd64/2016.3 xenial main; deb ${_param:jenkins_aptly_url}/{{dist}}/ testing salt"
description: Extra repo for building process
EXTRA_REPO_KEY_URL:
type: string
- default: "${_param:jenkins_aptly_url}/public.gpg"
+ default: "https://repo.saltstack.com/apt/ubuntu/16.04/amd64/2016.3/SALTSTACK-GPG-KEY.pub; ${_param:jenkins_aptly_url}/public.gpg"
description: Extra repo GPG public key URL
OS:
type: string
@@ -638,7 +718,7 @@
artifact:
keep_num: 30
type: workflow-scm
- concurrent: false
+ concurrent: true
scm:
type: git
url: "${_param:jenkins_gerrit_url}/openstack-ci/openstack-pipelines.git"
@@ -648,7 +728,7 @@
trigger:
gerrit:
project:
- "^salt-formulas/(nova|cinder|glance|keystone|horizon|neutron|designate|heat|ironic|barbican)$":
+ "^salt-formulas/(nova|cinder|glance|keystone|horizon|neutron|designate|heat|ironic|barbican|salt|linux|reclass|galera|memcached|rabbitmq|bind|apache)$":
compare_type: 'REG_EXP'
branches:
- master
@@ -713,3 +793,60 @@
type: string
default: "{{systestJobPrefix}}"
description: "Systest job prefix. I.e. oscore-formula-systest-virtual_mcp11_aio-"
+ OPENSTACK_COMPONENTS_LIST:
+ type: string
+ description: "OpenStack related components list"
+ default: "{{openstack_components_list}}"
+ SOURCE_REPO_NAME:
+ type: string
+ description: "Name of the repo where packages are stored"
+ default: "{{source_repo_name}}"
+ test-deploy-virtual-model-change-template:
+ name: "{{job_prefix}}-deploy-virtual-model-change-{{job_suffix}}"
+ template:
+ discard:
+ build:
+ keep_num: 30
+ artifact:
+ keep_num: 30
+ type: workflow-scm
+ concurrent: true
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/openstack-ci/openstack-pipelines.git"
+ credentials: "gerrit"
+ branch: 'master'
+ script: deploy-virtual-model-change-pipeline.groovy
+ trigger:
+ gerrit:
+ project:
+ "^salt-models/mcp-virtual-aio$":
+ compare_type: 'REG_EXP'
+ branches:
+ - master
+ - stable/pike
+ - stable/ocata
+ - stable/newton
+ - stable/mitaka
+ skip_vote:
+ - successful
+ - failed
+ - unstable
+ - not_built
+ event:
+ comment:
+ - addedContains:
+ commentAddedCommentContains: '^(?s:Patch Set \d+:.*(test|recheck|reverify)\s*)$'
+ param:
+ CREDENTIALS_ID:
+ type: string
+ default: "{{credentials_id}}"
+ STACK_RECLASS_ADDRESS:
+ type: string
+ default: "{{stack_reclass_address}}"
+ STACK_RECLASS_BRANCH:
+ type: string
+ default: "{{stack_reclass_branch}}"
+ TEST_CLUSTER_NAMES:
+ type: string
+ default: "{{test_cluster_names}}"
diff --git a/jenkins/client/job/saas/init.yml b/jenkins/client/job/saas/init.yml
new file mode 100644
index 0000000..5ec05c1
--- /dev/null
+++ b/jenkins/client/job/saas/init.yml
@@ -0,0 +1,2 @@
+classes:
+ - system.jenkins.client.job.saas.test_saas_ui
diff --git a/jenkins/client/job/saas/test_saas_ui.yml b/jenkins/client/job/saas/test_saas_ui.yml
new file mode 100644
index 0000000..f49dd7f
--- /dev/null
+++ b/jenkins/client/job/saas/test_saas_ui.yml
@@ -0,0 +1,43 @@
+parameters:
+ jenkins:
+ client:
+ job:
+ test-saas-ui:
+ name: test-saas-ui
+ discard:
+ build:
+ keep_num: 15
+ artifact:
+ keep_num: 15
+ type: workflow-scm
+ concurrent: true
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/oss/jenkins/pipelines"
+ credentials: "gerrit"
+ script: test-saas-ui-pipeline.groovy
+ trigger:
+ gerrit:
+ project:
+ "saas/frontend/ui":
+ branches:
+ - master
+ event:
+ patchset:
+ - created:
+ excludeDrafts: false
+ excludeTrivialRebase: false
+ excludeNoCodeChange: false
+ comment:
+ - addedContains:
+ commentAddedCommentContains: '^(?s:Patch Set \d+:.*(test|recheck|reverify)\s*)$'
+ param:
+ CREDENTIALS_ID:
+ type: string
+ default: "gerrit"
+ DEFAULT_GIT_URL:
+ type: string
+ default: "${_param:jenkins_gerrit_url}/saas/frontend/ui"
+ DEFAULT_GIT_REF:
+ type: string
+ default: master
diff --git a/jenkins/client/job/salt-formulas/git-mirrors/2way.yml b/jenkins/client/job/salt-formulas/git-mirrors/2way.yml
index 87f1b89..a23f4d0 100644
--- a/jenkins/client/job/salt-formulas/git-mirrors/2way.yml
+++ b/jenkins/client/job/salt-formulas/git-mirrors/2way.yml
@@ -9,230 +9,364 @@
jobs:
- name: aodh
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: apache
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: aptcacher
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: aptly
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: artifactory
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: avinetworks
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: backupninja
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: barbican
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
+ - name: baremetal-simulator
+ branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: billometer
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: bind
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: bird
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: cadf
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: calico
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: cassandra
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: ccp
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: ceilometer
branches: ${_param:salt_formulas_extra_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: ceph
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: chrony
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: cinder
branches: ${_param:salt_formulas_extra_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: collectd
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
+ - name: debmirror
+ branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: dekapod
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: devops-portal
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: docker
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
+ - name: dogtag
+ branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: dovecot
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: elasticsearch
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: etcd
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: fluentbit
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: fluentd
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: foreman
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: freeipa
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: galera
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: gerrit
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: git
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: gitlab
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: glance
branches: ${_param:salt_formulas_extra_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: glusterfs
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: gnocchi
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: grafana
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: graphite
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: haproxy
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: heat
branches: ${_param:salt_formulas_extra_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: heka
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
+ - name: heketi
+ branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: helm
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: horizon
branches: ${_param:salt_formulas_extra_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: influxdb
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: iptables
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: ironic
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: isc-dhcp
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: java
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: jenkins
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: kedb
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: keepalived
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: keystone
branches: ${_param:salt_formulas_extra_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: kibana
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: kubernetes
branches: ${_param:salt_formulas_extra_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: letsencrypt
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: libvirt
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: linux
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: lldp
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: logrotate
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: maas
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: magnum
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
+ - name: manila
+ branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: memcached
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
+ - name: mirascan
+ branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: midonet
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: monasca
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: mongodb
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: murano
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: mysql
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: nagios
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: network
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: neutron
branches: ${_param:salt_formulas_extra_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: nfs
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: nginx
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: nodejs
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: nova
branches: ${_param:salt_formulas_extra_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: ntp
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: octavia
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: opencontrail
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: openldap
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: openssh
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: openvpn
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: openvstorage
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: owncloud
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: panko
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: postfix
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: postgresql
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: powerdns
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: pritunl
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: prometheus
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: python
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: rabbitmq
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: reclass
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: redis
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: roundcube
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: rsync
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: rsyslog
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: rundeck
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: runtest
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: sahara
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: salt
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: sensu
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: sentry
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: sphinx
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: spinnaker
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: statsd
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: supervisor
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: swift
branches: ${_param:salt_formulas_extra_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: taiga
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: telegraf
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: tinyproxy
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: varnish
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
+ - name: watchdog
+ branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: xtrabackup
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
- name: zookeeper
branches: ${_param:salt_formulas_branches}
+ notification_recipients: ${_param:salt_formulas_notification_recipients}
template:
discard:
build:
@@ -274,6 +408,9 @@
BRANCHES:
type: string
default: "{{branches}}"
+ NOTIFICATION_RECIPIENTS:
+ type: string
+ default: "{{notification_recipients}}"
job:
git-mirror-2way-salt-formulas-scripts:
discard:
@@ -331,10 +468,10 @@
param:
SOURCE_URL:
type: string
- default: "${_param:jenkins_gerrit_url}/salt-formulas/salt-formulas-cookiecutter.git"
+ default: "${_param:jenkins_gerrit_url}/salt-formulas/cookiecutter-salt-formula"
TARGET_URL:
type: string
- default: "git@github.com:salt-formulas/salt-formulas-cookiecutter.git"
+ default: "git@github.com:salt-formulas/cookiecutter-salt-formula"
CREDENTIALS_ID:
type: string
default: "gerrit"
diff --git a/jenkins/client/job/salt-formulas/git-mirrors/init.yml b/jenkins/client/job/salt-formulas/git-mirrors/init.yml
index b46aebc..676fe4e 100644
--- a/jenkins/client/job/salt-formulas/git-mirrors/init.yml
+++ b/jenkins/client/job/salt-formulas/git-mirrors/init.yml
@@ -4,3 +4,4 @@
_param:
salt_formulas_branches: "master"
salt_formulas_extra_branches: "master,debian/xenial,debian/trusty"
+ salt_formulas_notification_recipients: "ci-notifications@mirantis.com"
diff --git a/jenkins/client/job/salt-formulas/tests.yml b/jenkins/client/job/salt-formulas/tests.yml
index 3dd77bf..73d9083 100644
--- a/jenkins/client/job/salt-formulas/tests.yml
+++ b/jenkins/client/job/salt-formulas/tests.yml
@@ -27,6 +27,7 @@
- name: cinder
- name: collectd
- name: designate
+ - name: debmirror
- name: dekapod
- name: devops-portal
- name: docker
@@ -50,6 +51,7 @@
- name: haproxy
- name: heat
- name: heka
+ - name: heketi
- name: helm
- name: horizon
- name: influxdb
@@ -70,6 +72,7 @@
- name: logrotate
- name: maas
- name: magnum
+ - name: manila
- name: memcached
- name: midonet
- name: mirascan
@@ -91,6 +94,7 @@
- name: openssh
- name: openvpn
- name: openvstorage
+ - name: oslo-templates
- name: owncloud
- name: panko
- name: postfix
@@ -121,6 +125,7 @@
- name: tinyproxy
- name: tftpd-hpa
- name: varnish
+ - name: watchdog
- name: xtrabackup
- name: zookeeper
template:
@@ -150,7 +155,8 @@
param:
SALT_VERSION:
type: string
- default: "latest"
+ default: ""
+ description: "Version of salt for use in test, empty string means latest (default)"
SALT_OPTS:
type: string
default: "--force-color"
@@ -179,6 +185,12 @@
keep_num: 10
type: workflow-scm
concurrent: true
+ plugin_properties:
+ throttleconcurrents:
+ enabled: true
+ throttle_option: category
+ categories:
+ - test-formula
scm:
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
diff --git a/jenkins/client/job/salt-models/generate.yml b/jenkins/client/job/salt-models/generate.yml
index b2ef4e5..686e74d 100644
--- a/jenkins/client/job/salt-models/generate.yml
+++ b/jenkins/client/job/salt-models/generate.yml
@@ -19,25 +19,10 @@
script: generate-cookiecutter-products.groovy
param:
# Cookiecutter
- COOKIECUTTER_TEMPLATE_URL:
- type: string
- default: "${_param:jenkins_gerrit_url}/mk/cookiecutter-templates.git"
- COOKIECUTTER_TEMPLATE_CREDENTIALS:
- type: string
- default: gerrit
- COOKIECUTTER_TEMPLATE_BRANCH:
- type: string
- default: master
- COOKIECUTTER_TEMPLATE_PATH:
- type: string
- default: "./"
COOKIECUTTER_TEMPLATE_CONTEXT:
type: text
# Other
- SHARED_RECLASS_URL:
- type: string
- default: "${_param:jenkins_gerrit_url}/salt-models/reclass-system.git"
EMAIL_ADDRESS:
type: string
TEST_MODEL:
diff --git a/jenkins/client/job/salt-models/tests.yml b/jenkins/client/job/salt-models/tests.yml
index 879a1f1..57e15b8 100644
--- a/jenkins/client/job/salt-models/tests.yml
+++ b/jenkins/client/job/salt-models/tests.yml
@@ -8,6 +8,11 @@
name: test-salt-model-{{name}}
template:
type: workflow-scm
+ discard:
+ build:
+ keep_num: 50
+ artifact:
+ keep_num: 50
scm:
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
@@ -32,7 +37,7 @@
default: "--force-color"
DEFAULT_GIT_URL:
type: string
- description: "Run against alternate system reclass"
+ description: "Salt model repo URL"
default: "${_param:jenkins_gerrit_url}/salt-models/{{name}}"
DEFAULT_GIT_REF:
type: string
@@ -77,10 +82,122 @@
APT_REPOSITORY_GPG:
type: string
default: ""
+ test_customers_salt_models:
+ name: test-customers-salt-models
+ template:
+ type: workflow-scm
+ discard:
+ build:
+ keep_num: 50
+ artifact:
+ keep_num: 50
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
+ branch: "${_param:jenkins_pipelines_branch}"
+ credentials: "gerrit"
+ script: test-customers-salt-models.groovy
+ concurrent: false
+ trigger:
+ timer:
+ spec: "{{job_timer}}"
+ param:
+ CUSTOMERS:
+ type: string
+ description: "Comma separated list of customer model names"
+ default: "{{customers}}"
+
+ test_salt_model_customer:
+ name: test-salt-model-customer-{{name}}
+ template:
+ type: workflow-scm
+ discard:
+ build:
+ keep_num: 50
+ artifact:
+ keep_num: 50
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
+ branch: "${_param:jenkins_pipelines_branch}"
+ credentials: "gerrit"
+ script: test-salt-models-pipeline.groovy
+ concurrent: true
+ trigger:
+ gerrit:
+ project:
+ salt-models/{{name}}:
+ branches:
+ - compare_type: "REG_EXP"
+ name: "{{branch}}"
+ event:
+ comment:
+ - addedContains:
+ commentAddedCommentContains: '^(?s:Patch Set \d+:.*(test|recheck|reverify)\s*)$'
+ param:
+ TEST_CLUSTER_NAMES:
+ type: string
+ description: "Comma separated list of cluster names, empty string means all valid clusters"
+ default: "{{test_cluster_names}}"
+ SALT_OPTS:
+ type: string
+ default: "--force-color"
+ DEFAULT_GIT_URL:
+ type: string
+ description: "Salt model repo URL"
+ default: "{{source}}"
+ DEFAULT_GIT_REF:
+ type: string
+ default: master
+ CREDENTIALS_ID:
+ type: string
+ default: "gerrit"
+ PARALLEL_NODE_GROUP_SIZE:
+ type: string
+ default: "9"
+ # Salt master setup extra formulas
+ EXTRA_FORMULAS:
+ type: string
+ default: "{{extra_formulas}}"
+ FORMULAS_SOURCE:
+ type: string
+ default: "{{formulas_src}}"
+ FORMULAS_REVISION:
+ type: string
+ default: "{{formulas_revision}}"
+ SYSTEM_GIT_URL:
+ type: string
+ default: ""
+ SYSTEM_GIT_REF:
+ type: string
+ default: ""
+ CONFIG_NODE_NAME_PATTERN:
+ type: string
+ default: "{{config_node_name}}"
+ MAX_CPU_PER_JOB:
+ type: string
+ default: "2"
+ RECLASS_IGNORE_CLASS_NOTFOUND:
+ type: boolean
+ default: "{{reclass_ignore_class_notfound}}"
+ LEGACY_TEST_MODE:
+ type: boolean
+ default: "{{legacy_test_mode}}"
+ APT_REPOSITORY:
+ type: string
+ default: ""
+ APT_REPOSITORY_GPG:
+ type: string
+ default: ""
test_system_reclass:
name: test-salt-model-{{name}}
template:
type: workflow-scm
+ discard:
+ build:
+ keep_num: 50
+ artifact:
+ keep_num: 50
scm:
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
@@ -119,9 +236,9 @@
template:
discard:
build:
- keep_num: 20
+ keep_num: 50
artifact:
- keep_num: 20
+ keep_num: 50
type: workflow-scm
concurrent: true
scm:
@@ -178,6 +295,12 @@
keep_num: 10
type: workflow-scm
concurrent: true
+ plugin_properties:
+ throttleconcurrents:
+ enabled: true
+ throttle_option: category
+ categories:
+ - test-model
scm:
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
diff --git a/jenkins/client/job/validate.yml b/jenkins/client/job/validate.yml
index ab2dd38..b0546c3 100644
--- a/jenkins/client/job/validate.yml
+++ b/jenkins/client/job/validate.yml
@@ -15,9 +15,9 @@
display_name: "Validate - Openstack"
discard:
build:
- keep_num: 20
+ keep_num: 50
artifact:
- keep_num: 20
+ keep_num: 50
concurrent: false
scm:
type: git
@@ -187,6 +187,69 @@
type: string
default: ""
description: Proxy address to clone repo and install python requirements
+ cvp-func:
+ type: workflow-scm
+ name: cvp-func
+ display_name: "CVP - Functional tests"
+ discard:
+ build:
+ keep_num: 20
+ artifact:
+ keep_num: 20
+ concurrent: false
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
+ credentials: "gerrit"
+ script: cvp-func.groovy
+ param:
+ DEBUG_MODE:
+ type: boolean
+ default: 'false'
+ description: Enable if you need to keep container after the test and debug
+ SKIP_LIST_PATH:
+ type: string
+ default: "cvp-configuration/tempest/skip-list.yaml"
+ description: Path to skip list in container
+ SALT_MASTER_URL:
+ type: string
+ default: "${_param:jenkins_salt_api_url}"
+ description: Full Salt API address [e.g. https://10.10.10.2:6969]
+ SALT_MASTER_CREDENTIALS:
+ type: string
+ default: "salt"
+ description: Credentials to the Salt API
+ TEST_IMAGE:
+ type: string
+ default: "xrally/xrally-openstack:0.9.1"
+ description: Docker image to use for running Rally/Tempest
+ TARGET_NODE:
+ type: string
+ default: "${_param:cicd_control_node03_hostname}.${_param:cluster_domain}"
+ description: Node where container with Tempest will be run
+ PROXY:
+ type: string
+ default: ""
+ description: Proxy address to clone repo and install python requirements
+ TEMPEST_TEST_PATTERN:
+ type: string
+ default: "set=smoke"
+ description: Use set=smoke (or identity,full...] or just test name
+ TEMPEST_ENDPOINT_TYPE:
+ type: choice
+ choices:
+ - internalURL
+ - adminURL
+ - publicURL
+ description: Openstack endpoint type to use during test run
+ TEMPEST_REPO:
+ type: string
+ default: "https://github.com/openstack/tempest"
+ description: URL to Tempest repo (local or remote) or path to tempest folder in container
+ TOOLS_REPO:
+ type: string
+ default: "https://github.com/Mirantis/cvp-configuration"
+ description: URL of repo where testing tools, scenarios, configs are located.
cvp-ha:
type: workflow-scm
name: cvp-ha
@@ -255,3 +318,49 @@
type: string
default: "${_param:gerrit_public_host}/cvp-configuration"
description: URL of repo where testing tools, scenarios, configs are located.
+ cvp-perf:
+ type: workflow-scm
+ name: cvp-perf
+ display_name: "CVP - Performance tests"
+ discard:
+ build:
+ keep_num: 20
+ artifact:
+ keep_num: 20
+ concurrent: false
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
+ credentials: "gerrit"
+ script: cvp-perf.groovy
+ param:
+ DEBUG_MODE:
+ type: boolean
+ default: 'false'
+ description: Enable if you need to keep container after the test and debug
+ RALLY_SCENARIO_FILE:
+ type: string
+ default: "cvp-configuration/rally/rally_scenarios.json"
+ description: Path to scenario file in container
+ TEST_IMAGE:
+ type: string
+ default: "xrally/xrally-openstack:0.9.1"
+ description: Docker image to use for running Rally/Tempest
+ SALT_MASTER_URL:
+ type: string
+ default: "${_param:jenkins_salt_api_url}"
+ description: Full Salt API address [e.g. https://10.10.10.2:6969]
+ SALT_MASTER_CREDENTIALS:
+ type: string
+ default: "salt"
+ description: Credentials to the Salt API
+ TARGET_NODE:
+ type: string
+ default: "${_param:cicd_control_node03_hostname}.${_param:cluster_domain}"
+ description: Node where docker container with Rally will be run
+ TOOLS_REPO:
+ type: string
+ default: "https://github.com/Mirantis/cvp-configuration"
+ PROXY:
+ type: string
+ default: ""
diff --git a/jenkins/client/job/vnf-onboarding/init.yml b/jenkins/client/job/vnf-onboarding/init.yml
new file mode 100644
index 0000000..cd97fef
--- /dev/null
+++ b/jenkins/client/job/vnf-onboarding/init.yml
@@ -0,0 +1,11 @@
+classes:
+ - system.jenkins.client.job.vnf-onboarding.test_avi_loadbalancer
+ - system.jenkins.client.job.vnf-onboarding.test_nginx_vnf
+
+parameters:
+ _param:
+ cluster_public_protocol: https
+ vnf_gerrit_credentials: "gerrit"
+ vnf_openstack_api_url: "${_param:cluster_public_protocol}://${_param:cluster_public_host}:5000/v2.0"
+ vnf_openstack_api_credentials: "test-openstack"
+ vnf_elastic_url: "${_param:stacklight_log_address}:${_param:cluster_elasticsearch_port}"
diff --git a/jenkins/client/job/vnf-onboarding/test_avi_loadbalancer.yml b/jenkins/client/job/vnf-onboarding/test_avi_loadbalancer.yml
new file mode 100644
index 0000000..f30b2b7
--- /dev/null
+++ b/jenkins/client/job/vnf-onboarding/test_avi_loadbalancer.yml
@@ -0,0 +1,81 @@
+parameters:
+ jenkins:
+ client:
+ plugin:
+ gerrit-trigger: {}
+ job:
+ test_avi_loadbalancer:
+ type: workflow-scm
+ name: test-avi-loadbalancer
+ display_name: "Onboarding tests for the AVI Loadbalancer VNF"
+ discard:
+ build:
+ keep_num: 20
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/vnf-onboarding/pipelines"
+ credentials: "${_param:vnf_gerrit_credentials}"
+ script: test_vnf_onboarding.groovy
+ trigger:
+ gerrit:
+ project:
+ "vnf-onboarding/avi-loadbalancer":
+ branches:
+ - compare_type: "ANT"
+ name: "**"
+ event:
+ patchset:
+ - created:
+ excludeDrafts: false
+ excludeTrivialRebase: false
+ excludeNoCodeChange: false
+ change:
+ - merged
+ comment:
+ - addedContains:
+ commentAddedCommentContains: '(retest|recheck|reverify)'
+ message:
+ build_successful: "Build successful"
+ build_unstable: "Build unstable"
+ build_failure: "Build failed"
+ param:
+ DEFAULT_GIT_URL:
+ type: string
+ default: "${_param:jenkins_gerrit_url}/vnf-onboarding/avi-loadbalancer"
+ DEFAULT_GIT_REF:
+ type: string
+ default: master
+ OPENSTACK_API_URL:
+ type: string
+ default: "${_param:vnf_openstack_api_url}"
+ OPENSTACK_API_CREDENTIALS:
+ type: string
+ default: "${_param:vnf_openstack_api_credentials}"
+ OPENSTACK_API_TENANT:
+ type: string
+ default: "test-avi"
+ GERRIT_CREDENTIALS:
+ type: string
+ default: "${_param:vnf_gerrit_credentials}"
+ ELASTIC_URL:
+ type: string
+ default: "${_param:vnf_elastic_url}"
+ DEBUG_OPTIONS:
+ type: string
+ description: "Example: skip_all=1 skip_deploy=1 skip_inspection=1"
+ NFV_PLATFORM_REPO:
+ type: string
+ description: "Take Cloudify blueprints, Dockerfile and CI scripts from this repo"
+ default: "${_param:jenkins_gerrit_url}/vnf-onboarding/nfv-platform"
+ NFV_PLATFORM_REPO_BRANCH:
+ type: string
+ default: "master"
+ NFV_PLATFORM_REPO_CREDENTIALS:
+ type: string
+ default: "${_param:vnf_gerrit_credentials}"
+ CI_OPTIONS:
+ type: string
+ default: "CFY_AGENT_NET=cfm-net CFY_AGENT_FLAVOR=cfy.agent CFY_AGENT_IMAGE=ubuntu1 CFY_AGENT_USER=cfyuser CFY_SG=cfm-sg CFY_SSH_KEY_ID=openstack_key"
+ VNF_OPTIONS:
+ type: string
+ default: "AVI_VERSION=17.2.3 AVI_USERNAME=admin AVI_PASSWORD=Swordfish1234 AVI_IMAGE_PASSWORD=58NFaGDJm(PJH0G AVI_OS_FLAVOR=avi_ctrl.small AVI_OS_IMAGE=avi-control-17.2.3"
diff --git a/jenkins/client/job/vnf-onboarding/test_nginx_vnf.yml b/jenkins/client/job/vnf-onboarding/test_nginx_vnf.yml
new file mode 100644
index 0000000..8a86363
--- /dev/null
+++ b/jenkins/client/job/vnf-onboarding/test_nginx_vnf.yml
@@ -0,0 +1,82 @@
+parameters:
+ jenkins:
+ client:
+ plugin:
+ gerrit-trigger: {}
+ job:
+ test_nginx_vnf:
+ type: workflow-scm
+ name: test-nginx-vnf
+ display_name: "Onboarding tests for the NGINX VNF"
+ discard:
+ build:
+ keep_num: 20
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/vnf-onboarding/pipelines"
+ credentials: "${_param:vnf_gerrit_credentials}"
+ script: test_vnf_onboarding.groovy
+ trigger:
+ gerrit:
+ project:
+ "vnf-onboarding/nginx-vnf":
+ branches:
+ - compare_type: "ANT"
+ name: "**"
+ event:
+ patchset:
+ - created:
+ excludeDrafts: false
+ excludeTrivialRebase: false
+ excludeNoCodeChange: false
+ change:
+ - merged
+ comment:
+ - addedContains:
+ commentAddedCommentContains: '(retest|recheck|reverify)'
+ message:
+ build_successful: "Build successful"
+ build_unstable: "Build unstable"
+ build_failure: "Build failed"
+ param:
+ DEFAULT_GIT_URL:
+ type: string
+ default: "${_param:jenkins_gerrit_url}/vnf-onboarding/nginx-vnf"
+ DEFAULT_GIT_REF:
+ type: string
+ default: master
+ OPENSTACK_API_URL:
+ type: string
+ default: "${_param:vnf_openstack_api_url}"
+ OPENSTACK_API_CREDENTIALS:
+ type: string
+ default: "${_param:vnf_openstack_api_credentials}"
+ OPENSTACK_API_TENANT:
+ type: string
+ default: "test-nginx"
+ GERRIT_CREDENTIALS:
+ type: string
+ default: "${_param:vnf_gerrit_credentials}"
+ ELASTIC_URL:
+ type: string
+ default: "${_param:vnf_elastic_url}"
+ DEBUG_OPTIONS:
+ type: string
+ default: "skip_inspection=1"
+ description: "Example: skip_all=1 skip_deploy=1 skip_inspection=1"
+ NFV_PLATFORM_REPO:
+ type: string
+ description: "Take Cloudify blueprints, Dockerfile and CI scripts from this repo"
+ default: "${_param:jenkins_gerrit_url}/vnf-onboarding/nfv-platform"
+ NFV_PLATFORM_REPO_BRANCH:
+ type: string
+ default: "master"
+ NFV_PLATFORM_REPO_CREDENTIALS:
+ type: string
+ default: "${_param:vnf_gerrit_credentials}"
+ CI_OPTIONS:
+ type: string
+ default: "CFY_AGENT_NET=cfm-net CFY_AGENT_FLAVOR=cfy.agent CFY_AGENT_IMAGE=ubuntu1 CFY_AGENT_USER=cfyuser CFY_SG=cfm-sg CFY_SSH_KEY_ID=openstack_key"
+ VNF_OPTIONS:
+ type: string
+ default: ""
diff --git a/jenkins/slave/debmirror.yml b/jenkins/slave/debmirror.yml
new file mode 100644
index 0000000..6cd7829
--- /dev/null
+++ b/jenkins/slave/debmirror.yml
@@ -0,0 +1,8 @@
+classes:
+ - system.jenkins.slave
+parameters:
+ linux:
+ system:
+ package:
+ debmirror:
+ version: latest
diff --git a/jenkins/slave/libvirt.yml b/jenkins/slave/libvirt.yml
index e40b841..4ebaae2 100644
--- a/jenkins/slave/libvirt.yml
+++ b/jenkins/slave/libvirt.yml
@@ -14,6 +14,9 @@
version: latest
libvirt-bin:
version: latest
+ # Reguired to simplify building custom cloud-init.iso
+ cloud-image-utils:
+ version: latest
# Ensure FORWARD chain to be ACCEPT to avoid issue when running with docker
# 1.13 and newer that sets chain to DROP, see:
# https://github.com/docker/docker/pull/28257
diff --git a/keepalived/cluster/instance/cicd_control_vip.yml b/keepalived/cluster/instance/cicd_control_vip.yml
index ab7f413..462cbd6 100644
--- a/keepalived/cluster/instance/cicd_control_vip.yml
+++ b/keepalived/cluster/instance/cicd_control_vip.yml
@@ -5,6 +5,12 @@
parameters:
keepalived:
cluster:
+ vrrp_scripts:
+ vip:
+ content: "pidof haproxy && docker service ls"
+ interval: 30
+ rise: 1
+ fall: 1
enabled: true
instance:
cicd_control_vip:
@@ -13,3 +19,4 @@
interface: ${_param:keepalived_vip_interface}
virtual_router_id: ${_param:keepalived_vip_virtual_router_id}
priority: ${_param:keepalived_vip_priority}
+ track_script: vip
diff --git a/keepalived/cluster/instance/openstack_baremetal_vip.yml b/keepalived/cluster/instance/openstack_baremetal_vip.yml
index c3141b6..355cf53 100644
--- a/keepalived/cluster/instance/openstack_baremetal_vip.yml
+++ b/keepalived/cluster/instance/openstack_baremetal_vip.yml
@@ -11,6 +11,12 @@
keepalived_openstack_baremetal_vip_priority: ${_param:keepalived_vip_priority}
keepalived:
cluster:
+ vrrp_scripts:
+ check_pidof:
+ args: "haproxy"
+ interval: 10
+ rise: 1
+ fall: 1
enabled: true
instance:
openstack_baremetal_vip:
@@ -19,3 +25,4 @@
interface: ${_param:keepalived_openstack_baremetal_vip_interface}
virtual_router_id: ${_param:keepalived_openstack_baremetal_vip_virtual_router_id}
priority: ${_param:keepalived_openstack_baremetal_vip_priority}
+ track_script: check_pidof
diff --git a/keepalived/cluster/instance/openstack_web_public_vip.yml b/keepalived/cluster/instance/openstack_web_public_vip.yml
index 8279b65..1080e62 100644
--- a/keepalived/cluster/instance/openstack_web_public_vip.yml
+++ b/keepalived/cluster/instance/openstack_web_public_vip.yml
@@ -9,6 +9,12 @@
keepalived_openstack_web_public_vip_interface: eth1
keepalived:
cluster:
+ vrrp_scripts:
+ check_pidof:
+ args: "haproxy"
+ interval: 10
+ rise: 1
+ fall: 1
enabled: true
instance:
openstack_web_public_vip:
@@ -17,3 +23,4 @@
interface: ${_param:keepalived_openstack_web_public_vip_interface}
virtual_router_id: 132
priority: ${_param:keepalived_vip_priority}
+ track_script: check_pidof
diff --git a/keepalived/cluster/instance/prometheus_server_vip.yml b/keepalived/cluster/instance/prometheus_server_vip.yml
index 7bde702..aea8b55 100644
--- a/keepalived/cluster/instance/prometheus_server_vip.yml
+++ b/keepalived/cluster/instance/prometheus_server_vip.yml
@@ -5,8 +5,15 @@
parameters:
_param:
keepalived_vip_priority: 101
+ keepalived_prometheus_vrrp_script_content: "pidof haproxy && docker service ls"
keepalived:
cluster:
+ vrrp_scripts:
+ vip:
+ content: ${_param:keepalived_prometheus_vrrp_script_content}
+ interval: 30
+ rise: 1
+ fall: 1
enabled: true
instance:
prometheus_server_vip:
@@ -15,4 +22,4 @@
interface: ${_param:keepalived_prometheus_vip_interface}
virtual_router_id: 105
priority: ${_param:keepalived_vip_priority}
-
+ track_script: vip
diff --git a/keepalived/cluster/instance/stacklight_log_vip.yml b/keepalived/cluster/instance/stacklight_log_vip.yml
index caa6754..44d3527 100644
--- a/keepalived/cluster/instance/stacklight_log_vip.yml
+++ b/keepalived/cluster/instance/stacklight_log_vip.yml
@@ -5,6 +5,12 @@
parameters:
keepalived:
cluster:
+ vrrp_scripts:
+ check_pidof:
+ args: "haproxy"
+ interval: 10
+ rise: 1
+ fall: 1
enabled: true
instance:
stacklight_log_vip:
@@ -13,3 +19,4 @@
interface: ${_param:keepalived_stacklight_log_vip_interface}
virtual_router_id: 110
priority: 101
+ track_script: check_pidof
diff --git a/keepalived/cluster/instance/stacklight_monitor_vip.yml b/keepalived/cluster/instance/stacklight_monitor_vip.yml
index 28a6b69..51283b2 100644
--- a/keepalived/cluster/instance/stacklight_monitor_vip.yml
+++ b/keepalived/cluster/instance/stacklight_monitor_vip.yml
@@ -3,8 +3,16 @@
classes:
- service.keepalived.support
parameters:
+ _param:
+ keepalived_docker_vrrp_script_content: "docker service ls"
keepalived:
cluster:
+ vrrp_scripts:
+ docker_service_ls:
+ content: ${_param:keepalived_docker_vrrp_script_content}
+ interval: 10
+ rise: 1
+ fall: 1
enabled: true
instance:
stacklight_monitor_vip:
@@ -13,3 +21,4 @@
interface: ${_param:keepalived_stacklight_monitor_vip_interface}
virtual_router_id: 100
priority: 101
+ track_script: docker_service_ls
diff --git a/keepalived/cluster/instance/stacklight_telemetry_vip.yml b/keepalived/cluster/instance/stacklight_telemetry_vip.yml
index e7d31a5..95d4d80 100644
--- a/keepalived/cluster/instance/stacklight_telemetry_vip.yml
+++ b/keepalived/cluster/instance/stacklight_telemetry_vip.yml
@@ -5,6 +5,12 @@
parameters:
keepalived:
cluster:
+ vrrp_scripts:
+ check_pidof:
+ args: "haproxy"
+ interval: 10
+ rise: 1
+ fall: 1
enabled: true
instance:
stacklight_telemetry_vip:
@@ -13,3 +19,4 @@
interface: ${_param:keepalived_stacklight_telemetry_vip_interface}
virtual_router_id: 120
priority: 101
+ track_script: check_pidof
diff --git a/keystone/client/core.yml b/keystone/client/core.yml
index 39d28de..f869059 100644
--- a/keystone/client/core.yml
+++ b/keystone/client/core.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ keystone_service_protocol: http
linux:
system:
job:
@@ -16,6 +18,7 @@
host: ${_param:keystone_service_host}
port: 35357
token: ${_param:keystone_service_token}
+ protocol: ${_param:keystone_service_protocol}
roles:
- admin
- Member
@@ -38,3 +41,4 @@
port: 5000
region_name: ${_param:openstack_region}
use_keystoneauth: true
+ protocol: ${_param:keystone_service_protocol}
diff --git a/keystone/client/image_manager.yml b/keystone/client/image_manager.yml
index 024b0c4..becd512 100644
--- a/keystone/client/image_manager.yml
+++ b/keystone/client/image_manager.yml
@@ -1,6 +1,7 @@
parameters:
_param:
keystone_image_manager_email: 'root@localhost'
+ keystone_service_protocol: http
keystone:
client:
enabled: true
@@ -10,6 +11,7 @@
host: ${_param:keystone_service_host}
port: 35357
token: ${_param:keystone_service_token}
+ protocol: ${_param:keystone_service_protocol}
roles:
- image_manager
project:
diff --git a/keystone/client/service/aodh.yml b/keystone/client/service/aodh.yml
index 51de0ca..c4d49b8 100644
--- a/keystone/client/service/aodh.yml
+++ b/keystone/client/service/aodh.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ aodh_service_protocol: http
keystone:
client:
server:
@@ -25,6 +26,8 @@
internal_address: ${_param:aodh_service_host}
internal_port: 8042
internal_path: '/'
+ internal_protocol: ${_param:aodh_service_protocol}
+ admin_protocol: ${_param:aodh_service_protocol}
admin_address: ${_param:aodh_service_host}
admin_port: 8042
admin_path: '/'
diff --git a/keystone/client/service/barbican.yml b/keystone/client/service/barbican.yml
index 497eb50..d222fb6 100644
--- a/keystone/client/service/barbican.yml
+++ b/keystone/client/service/barbican.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ barbican_service_protocol: http
keystone:
client:
server:
@@ -31,6 +32,8 @@
internal_address: ${_param:barbican_service_host}
internal_port: 9311
internal_path: '/'
+ internal_protocol: ${_param:barbican_service_protocol}
admin_address: ${_param:barbican_service_host}
admin_port: 9311
admin_path: '/'
+ admin_protocol: ${_param:barbican_service_protocol}
diff --git a/keystone/client/service/billometer.yml b/keystone/client/service/billometer.yml
index 3728aa5..6100dc9 100644
--- a/keystone/client/service/billometer.yml
+++ b/keystone/client/service/billometer.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ billometer_service_protocol: http
keystone:
client:
server:
@@ -25,6 +26,8 @@
internal_address: ${_param:billometer_service_host}
internal_port: 9753
internal_path: '/v1'
+ internal_protocol: ${_param:billometer_service_protocol}
+ admin_protocol: ${_param:billometer_service_protocol}
admin_address: ${_param:billometer_service_host}
admin_port: 9753
admin_path: '/v1'
diff --git a/keystone/client/service/ceilometer.yml b/keystone/client/service/ceilometer.yml
index 4c59f80..90e0d3e 100644
--- a/keystone/client/service/ceilometer.yml
+++ b/keystone/client/service/ceilometer.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ ceilometer_service_protocol: http
keystone:
client:
server:
@@ -25,6 +26,8 @@
internal_address: ${_param:ceilometer_service_host}
internal_port: 8777
internal_path: '/'
+ internal_protocol: ${_param:ceilometer_service_protocol}
+ admin_protocol: ${_param:ceilometer_service_protocol}
admin_address: ${_param:ceilometer_service_host}
admin_port: 8777
admin_path: '/'
diff --git a/keystone/client/service/cinder.yml b/keystone/client/service/cinder.yml
index ffb5510..64705e3 100644
--- a/keystone/client/service/cinder.yml
+++ b/keystone/client/service/cinder.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ cinder_service_protocol: http
keystone:
client:
server:
@@ -25,6 +26,8 @@
internal_address: ${_param:cinder_service_host}
internal_port: 8776
internal_path: '/v1/$(project_id)s'
+ internal_protocol: ${_param:cinder_service_protocol}
+ admin_protocol: ${_param:cinder_service_protocol}
admin_address: ${_param:cinder_service_host}
admin_port: 8776
admin_path: '/v1/$(project_id)s'
diff --git a/keystone/client/service/cinder2.yml b/keystone/client/service/cinder2.yml
index e0e2636..cb289e1 100644
--- a/keystone/client/service/cinder2.yml
+++ b/keystone/client/service/cinder2.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ cinder_service_protocol: http
keystone:
client:
server:
@@ -25,6 +26,8 @@
internal_address: ${_param:cinder_service_host}
internal_port: 8776
internal_path: '/v2/$(project_id)s'
+ internal_protocol: ${_param:cinder_service_protocol}
+ admin_protocol: ${_param:cinder_service_protocol}
admin_address: ${_param:cinder_service_host}
admin_port: 8776
admin_path: '/v2/$(project_id)s'
diff --git a/keystone/client/service/cinder3.yml b/keystone/client/service/cinder3.yml
index 43a805c..d5e0ae1 100644
--- a/keystone/client/service/cinder3.yml
+++ b/keystone/client/service/cinder3.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ cinder_service_protocol: http
keystone:
client:
server:
@@ -25,6 +26,8 @@
internal_address: ${_param:cinder_service_host}
internal_port: 8776
internal_path: '/v3/$(project_id)s'
+ internal_protocol: ${_param:cinder_service_protocol}
+ admin_protocol: ${_param:cinder_service_protocol}
admin_address: ${_param:cinder_service_host}
admin_port: 8776
admin_path: '/v3/$(project_id)s'
diff --git a/keystone/client/service/congress.yml b/keystone/client/service/congress.yml
index 529d3ee..49e8337 100644
--- a/keystone/client/service/congress.yml
+++ b/keystone/client/service/congress.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ congress_service_protocol: http
keystone:
client:
server:
@@ -25,6 +26,8 @@
internal_address: ${_param:congress_service_host}
internal_port: 1789
internal_path: '/'
+ internal_protocol: ${_param:congress_service_protocol}
+ admin_protocol: ${_param:congress_service_protocol}
admin_address: ${_param:congress_service_host}
admin_port: 1789
admin_path: '/'
diff --git a/keystone/client/service/designate.yml b/keystone/client/service/designate.yml
index 4018712..75a588e 100644
--- a/keystone/client/service/designate.yml
+++ b/keystone/client/service/designate.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ designate_service_protocol: http
keystone:
client:
server:
@@ -25,6 +26,8 @@
internal_address: ${_param:designate_service_host}
internal_port: 9001
internal_path: '/'
+ internal_protocol: ${_param:designate_service_protocol}
+ admin_protocol: ${_param:designate_service_protocol}
admin_address: ${_param:designate_service_host}
admin_port: 9001
admin_path: '/'
diff --git a/keystone/client/service/glance.yml b/keystone/client/service/glance.yml
index 365917b..3c0db9c 100644
--- a/keystone/client/service/glance.yml
+++ b/keystone/client/service/glance.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ glance_service_protocol: http
keystone:
client:
server:
@@ -25,6 +26,8 @@
internal_address: ${_param:glance_service_host}
internal_port: 9292
internal_path: ''
+ internal_protocol: ${_param:glance_service_protocol}
+ admin_protocol: ${_param:glance_service_protocol}
admin_address: ${_param:glance_service_host}
admin_port: 9292
admin_path: ''
diff --git a/keystone/client/service/glare.yml b/keystone/client/service/glare.yml
index 78c7d1f..4534b0e 100644
--- a/keystone/client/service/glare.yml
+++ b/keystone/client/service/glare.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ glare_service_protocol: http
keystone:
client:
server:
@@ -25,6 +26,8 @@
internal_address: ${_param:glance_service_host}
internal_port: 9494
internal_path: ''
+ internal_protocol: ${_param:glare_service_protocol}
+ admin_protocol: ${_param:glare_service_protocol}
admin_address: ${_param:glance_service_host}
admin_port: 9494
admin_path: ''
diff --git a/keystone/client/service/gnocchi.yml b/keystone/client/service/gnocchi.yml
new file mode 100644
index 0000000..dec6b83
--- /dev/null
+++ b/keystone/client/service/gnocchi.yml
@@ -0,0 +1,33 @@
+parameters:
+ _param:
+ cluster_public_protocol: https
+ gnocchi_service_protocol: http
+ keystone:
+ client:
+ server:
+ identity:
+ project:
+ service:
+ user:
+ gnocchi:
+ is_admin: true
+ password: ${_param:keystone_gnocchi_password}
+ email: ${_param:admin_email}
+ service:
+ gnocchi:
+ type: metric
+ description: OpenStack Metric Service
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:cluster_public_host}
+ public_protocol: ${_param:cluster_public_protocol}
+ public_port: 8041
+ public_path: '/'
+ internal_address: ${_param:gnocchi_service_host}
+ internal_port: 8041
+ internal_path: '/'
+ internal_protocol: ${_param:gnocchi_service_protocol}
+ admin_protocol: ${_param:gnocchi_service_protocol}
+ admin_address: ${_param:gnocchi_service_host}
+ admin_port: 8041
+ admin_path: '/'
diff --git a/keystone/client/service/heat-cfn.yml b/keystone/client/service/heat-cfn.yml
index 343ff46..1a2486a 100644
--- a/keystone/client/service/heat-cfn.yml
+++ b/keystone/client/service/heat-cfn.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ heat_service_protocol: http
keystone:
client:
server:
@@ -18,6 +19,8 @@
internal_address: ${_param:heat_service_host}
internal_port: 8000
internal_path: '/v1'
+ internal_protocol: ${_param:heat_service_protocol}
+ admin_protocol: ${_param:heat_service_protocol}
admin_address: ${_param:heat_service_host}
admin_port: 8000
admin_path: '/v1'
diff --git a/keystone/client/service/heat.yml b/keystone/client/service/heat.yml
index d7eadd5..c8882dd 100644
--- a/keystone/client/service/heat.yml
+++ b/keystone/client/service/heat.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ heat_service_protocol: http
keystone:
client:
server:
@@ -28,6 +29,8 @@
internal_address: ${_param:heat_service_host}
internal_port: 8004
internal_path: '/v1/%(project_id)s'
+ internal_protocol: ${_param:heat_service_protocol}
+ admin_protocol: ${_param:heat_service_protocol}
admin_address: ${_param:heat_service_host}
admin_port: 8004
admin_path: '/v1/%(project_id)s'
diff --git a/keystone/client/service/ironic.yml b/keystone/client/service/ironic.yml
index 1ab9872..e4c384c 100644
--- a/keystone/client/service/ironic.yml
+++ b/keystone/client/service/ironic.yml
@@ -1,6 +1,8 @@
parameters:
_param:
cluster_public_protocol: https
+ keystone_service_protocol: http
+ ironic_service_protocol: http
keystone:
client:
server:
@@ -25,6 +27,8 @@
internal_address: ${_param:ironic_service_host}
internal_port: 6385
internal_path: ''
+ internal_protocol: ${_param:ironic_service_protocol}
+ admin_protocol: ${_param:ironic_service_protocol}
admin_address: ${_param:ironic_service_host}
admin_port: 6385
admin_path: ''
@@ -36,3 +40,4 @@
host: ${_param:keystone_service_host}
port: 5000
region_name: ${_param:openstack_region}
+ protocol: ${_param:keystone_service_protocol}
diff --git a/keystone/client/service/keystone.yml b/keystone/client/service/keystone.yml
index af3acfc..ba116f8 100644
--- a/keystone/client/service/keystone.yml
+++ b/keystone/client/service/keystone.yml
@@ -1,6 +1,10 @@
parameters:
_param:
cluster_public_protocol: https
+ keystone_service_protocol: http
+ keystone_public_path: "/v2.0"
+ keystone_internal_path: "/v2.0"
+ keystone_admin_path: "/v2.0"
keystone:
client:
server:
@@ -14,10 +18,12 @@
public_address: ${_param:cluster_public_host}
public_protocol: ${_param:cluster_public_protocol}
public_port: 5000
- public_path: '/v2.0'
+ public_path: ${_param:keystone_public_path}
internal_address: ${_param:keystone_service_host}
internal_port: 5000
- internal_path: '/v2.0'
+ internal_path: ${_param:keystone_internal_path}
+ internal_protocol: ${_param:keystone_service_protocol}
admin_address: ${_param:keystone_service_host}
admin_port: 35357
- admin_path: '/v2.0'
+ admin_path: ${_param:keystone_admin_path}
+ admin_protocol: ${_param:keystone_service_protocol}
diff --git a/keystone/client/service/keystone3.yml b/keystone/client/service/keystone3.yml
index bd0c63b..5138c4f 100644
--- a/keystone/client/service/keystone3.yml
+++ b/keystone/client/service/keystone3.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ keystone_service_protocol: http
keystone:
client:
server:
@@ -18,6 +19,8 @@
internal_address: ${_param:keystone_service_host}
internal_port: 5000
internal_path: '/v3'
+ internal_protocol: ${_param:keystone_service_protocol}
admin_address: ${_param:keystone_service_host}
admin_port: 35357
admin_path: '/v2.0'
+ admin_protocol: ${_param:keystone_service_protocol}
diff --git a/keystone/client/service/manila.yml b/keystone/client/service/manila.yml
new file mode 100644
index 0000000..07e88b2
--- /dev/null
+++ b/keystone/client/service/manila.yml
@@ -0,0 +1,33 @@
+parameters:
+ _param:
+ cluster_public_protocol: https
+ manila_service_protocol: http
+ keystone:
+ client:
+ server:
+ identity:
+ project:
+ service:
+ user:
+ manila:
+ is_admin: true
+ password: ${_param:keystone_manila_password}
+ email: ${_param:admin_email}
+ service:
+ manila:
+ type: share
+ description: OpenStack Shared File Systems V1
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:cluster_public_host}
+ public_protocol: ${_param:cluster_public_protocol}
+ public_port: 8786
+ public_path: '/v1/$(tenant_id)s'
+ internal_address: ${_param:manila_service_host}
+ internal_port: 8786
+ internal_path: '/v1/$(tenant_id)s'
+ internal_protocol: ${_param:manila_service_protocol}
+ admin_protocol: ${_param:manila_service_protocol}
+ admin_address: ${_param:manila_service_host}
+ admin_port: 8786
+ admin_path: '/v1/$(tenant_id)s'
diff --git a/keystone/client/service/manila2.yml b/keystone/client/service/manila2.yml
new file mode 100644
index 0000000..1a3a125
--- /dev/null
+++ b/keystone/client/service/manila2.yml
@@ -0,0 +1,33 @@
+parameters:
+ _param:
+ cluster_public_protocol: https
+ manila_service_protocol: http
+ keystone:
+ client:
+ server:
+ identity:
+ project:
+ service:
+ user:
+ manila:
+ is_admin: true
+ password: ${_param:keystone_manila_password}
+ email: ${_param:admin_email}
+ service:
+ manilav2:
+ type: sharev2
+ description: OpenStack Shared File Systems V2
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:cluster_public_host}
+ public_protocol: ${_param:cluster_public_protocol}
+ public_port: 8786
+ public_path: '/v2/$(tenant_id)s'
+ internal_address: ${_param:manila_service_host}
+ internal_port: 8786
+ internal_path: '/v2/$(tenant_id)s'
+ internal_protocol: ${_param:manila_service_protocol}
+ admin_protocol: ${_param:manila_service_protocol}
+ admin_address: ${_param:manila_service_host}
+ admin_port: 8786
+ admin_path: '/v2/$(tenant_id)s'
diff --git a/keystone/client/service/murano.yml b/keystone/client/service/murano.yml
index 5e65038..e6c70f1 100644
--- a/keystone/client/service/murano.yml
+++ b/keystone/client/service/murano.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ murano_service_protocol: http
keystone:
client:
server:
@@ -25,6 +26,8 @@
internal_address: ${_param:murano_service_host}
internal_port: 8082
internal_path: ''
+ internal_protocol: ${_param:murano_service_protocol}
+ admin_protocol: ${_param:murano_service_protocol}
admin_address: ${_param:murano_service_host}
admin_port: 8082
admin_path: ''
diff --git a/keystone/client/service/neutron.yml b/keystone/client/service/neutron.yml
index 12fe9fe..8bec7f2 100644
--- a/keystone/client/service/neutron.yml
+++ b/keystone/client/service/neutron.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ neutron_service_protocol: http
keystone:
client:
server:
@@ -25,6 +26,8 @@
internal_address: ${_param:neutron_service_host}
internal_port: 9696
internal_path: '/'
+ internal_protocol: ${_param:neutron_service_protocol}
+ admin_protocol: ${_param:neutron_service_protocol}
admin_address: ${_param:neutron_service_host}
admin_port: 9696
admin_path: '/'
diff --git a/keystone/client/service/nova-placement.yml b/keystone/client/service/nova-placement.yml
index 61b5455..3ed0654 100644
--- a/keystone/client/service/nova-placement.yml
+++ b/keystone/client/service/nova-placement.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ nova_service_protocol: http
keystone:
client:
server:
@@ -18,6 +19,8 @@
internal_address: ${_param:nova_service_host}
internal_port: '8778'
internal_path: ''
+ internal_protocol: ${_param:nova_service_protocol}
+ admin_protocol: ${_param:nova_service_protocol}
admin_address: ${_param:nova_service_host}
admin_port: '8778'
admin_path: ''
diff --git a/keystone/client/service/nova.yml b/keystone/client/service/nova.yml
index a0d698b..ca20106 100644
--- a/keystone/client/service/nova.yml
+++ b/keystone/client/service/nova.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ nova_service_protocol: http
keystone:
client:
server:
@@ -25,6 +26,8 @@
internal_address: ${_param:nova_service_host}
internal_port: 8774
internal_path: '/v2/$(project_id)s'
+ internal_protocol: ${_param:nova_service_protocol}
+ admin_protocol: ${_param:nova_service_protocol}
admin_address: ${_param:nova_service_host}
admin_port: 8774
admin_path: '/v2/$(project_id)s'
diff --git a/keystone/client/service/nova21.yml b/keystone/client/service/nova21.yml
index 328aefd..2782ec2 100644
--- a/keystone/client/service/nova21.yml
+++ b/keystone/client/service/nova21.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ nova_service_protocol: http
keystone:
client:
server:
@@ -25,6 +26,8 @@
internal_address: ${_param:nova_service_host}
internal_port: 8774
internal_path: '/v2/$(project_id)s'
+ internal_protocol: ${_param:nova_service_protocol}
+ admin_protocol: ${_param:nova_service_protocol}
admin_address: ${_param:nova_service_host}
admin_port: 8774
admin_path: '/v2/$(project_id)s'
@@ -40,6 +43,8 @@
internal_address: ${_param:nova_service_host}
internal_port: 8774
internal_path: '/v2.1/$(project_id)s'
+ internal_protocol: ${_param:nova_service_protocol}
+ admin_protocol: ${_param:nova_service_protocol}
admin_address: ${_param:nova_service_host}
admin_port: 8774
admin_path: '/v2.1/$(project_id)s'
diff --git a/keystone/client/service/octavia.yml b/keystone/client/service/octavia.yml
index 0382345..c08312e 100644
--- a/keystone/client/service/octavia.yml
+++ b/keystone/client/service/octavia.yml
@@ -1,6 +1,8 @@
parameters:
_param:
cluster_public_protocol: https
+ keystone_service_protocol: http
+ octavia_service_protocol: http
keystone:
client:
server:
@@ -25,6 +27,8 @@
internal_address: ${_param:octavia_service_host}
internal_port: 9876
internal_path: '/'
+ internal_protocol: ${_param:octavia_service_protocol}
+ admin_protocol: ${_param:octavia_service_protocol}
admin_address: ${_param:octavia_service_host}
admin_port: 9876
admin_path: '/'
@@ -37,3 +41,4 @@
port: 5000
region_name: ${_param:openstack_region}
use_keystoneauth: true
+ protocol: ${_param:keystone_service_protocol}
diff --git a/keystone/client/service/panko.yml b/keystone/client/service/panko.yml
new file mode 100644
index 0000000..b7c9fc3
--- /dev/null
+++ b/keystone/client/service/panko.yml
@@ -0,0 +1,33 @@
+parameters:
+ _param:
+ cluster_public_protocol: https
+ panko_service_protocol: http
+ keystone:
+ client:
+ server:
+ identity:
+ project:
+ service:
+ user:
+ panko:
+ is_admin: true
+ password: ${_param:keystone_panko_password}
+ email: ${_param:admin_email}
+ service:
+ panko:
+ type: event
+ description: OpenStack Event Service
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:cluster_public_host}
+ public_protocol: ${_param:cluster_public_protocol}
+ public_port: 8977
+ public_path: '/'
+ internal_address: ${_param:panko_service_host}
+ internal_port: 8977
+ internal_path: '/'
+ internal_protocol: ${_param:panko_service_protocol}
+ admin_protocol: ${_param:panko_service_protocol}
+ admin_address: ${_param:panko_service_host}
+ admin_port: 8977
+ admin_path: '/'
diff --git a/keystone/client/service/radosgw-s3.yml b/keystone/client/service/radosgw-s3.yml
index 06d8299..c97c812 100644
--- a/keystone/client/service/radosgw-s3.yml
+++ b/keystone/client/service/radosgw-s3.yml
@@ -2,6 +2,7 @@
_param:
cluster_public_protocol: https
radosgw_s3_cluster_port: 8081
+ radosgw_service_protocol: http
keystone:
client:
server:
@@ -26,6 +27,8 @@
internal_address: ${_param:radosgw_service_host}
internal_port: ${_param:radosgw_s3_cluster_port}
internal_path: '/'
+ internal_protocol: ${_param:radosgw_service_protocol}
+ admin_protocol: ${_param:radosgw_service_protocol}
admin_address: ${_param:radosgw_service_host}
admin_port: ${_param:radosgw_s3_cluster_port}
admin_path: '/'
diff --git a/keystone/client/service/radosgw-swift.yml b/keystone/client/service/radosgw-swift.yml
index 3bf9b27..14a24af 100644
--- a/keystone/client/service/radosgw-swift.yml
+++ b/keystone/client/service/radosgw-swift.yml
@@ -2,6 +2,7 @@
_param:
cluster_public_protocol: https
radosgw_swift_cluster_port: 8081
+ radosgw_service_protocol: http
keystone:
client:
server:
@@ -26,6 +27,8 @@
internal_address: ${_param:radosgw_service_host}
internal_port: ${_param:radosgw_swift_cluster_port}
internal_path: '/swift/v1'
+ internal_protocol: ${_param:radosgw_service_protocol}
+ admin_protocol: ${_param:radosgw_service_protocol}
admin_address: ${_param:radosgw_service_host}
admin_port: ${_param:radosgw_swift_cluster_port}
admin_path: '/swift/v1'
diff --git a/keystone/client/service/sahara.yml b/keystone/client/service/sahara.yml
index 84a0b96..b635137 100644
--- a/keystone/client/service/sahara.yml
+++ b/keystone/client/service/sahara.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ sahara_internal_protocol: http
keystone:
client:
server:
@@ -25,6 +26,8 @@
internal_address: ${_param:sahara_service_host}
internal_port: 8386
internal_path: '/v1.1/%(project_id)s'
+ internal_protocol: ${_param:sahara_internal_protocol}
+ admin_protocol: ${_param:sahara_internal_protocol}
admin_address: ${_param:sahara_service_host}
admin_port: 8386
admin_path: '/v1.1/%(project_id)s'
diff --git a/keystone/client/service/swift-s3.yml b/keystone/client/service/swift-s3.yml
index 5880487c9..b2769a0 100644
--- a/keystone/client/service/swift-s3.yml
+++ b/keystone/client/service/swift-s3.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ swift_service_protocol: http
keystone:
client:
server:
@@ -26,6 +27,8 @@
internal_address: ${_param:swift_service_host}
internal_port: 8080
internal_path: '/v1/AUTH_%(project_id)s'
+ internal_protocol: ${_param:swift_service_protocol}
+ admin_protocol: ${_param:swift_service_protocol}
admin_address: ${_param:swift_service_host}
admin_port: 8080
admin_path: '/'
diff --git a/keystone/client/service/swift.yml b/keystone/client/service/swift.yml
index 781fab9..6f558fb 100644
--- a/keystone/client/service/swift.yml
+++ b/keystone/client/service/swift.yml
@@ -1,6 +1,7 @@
parameters:
_param:
cluster_public_protocol: https
+ swift_service_protocol: http
keystone:
client:
server:
@@ -25,6 +26,8 @@
internal_address: ${_param:swift_service_host}
internal_port: 8080
internal_path: '/v1/AUTH_%(project_id)s'
+ internal_protocol: ${_param:swift_service_protocol}
+ admin_protocol: ${_param:swift_service_protocol}
admin_address: ${_param:swift_service_host}
admin_port: 8080
admin_path: '/'
diff --git a/keystone/client/single.yml b/keystone/client/single.yml
index ebf5b5f..a79ed7e 100644
--- a/keystone/client/single.yml
+++ b/keystone/client/single.yml
@@ -7,6 +7,8 @@
- system.keystone.client.service.keystone
- system.keystone.client.service.neutron
parameters:
+ _param:
+ keystone_service_protocol: http
linux:
system:
job:
@@ -24,6 +26,7 @@
host: ${_param:keystone_service_host}
port: 35357
token: ${_param:keystone_service_token}
+ protocol: ${_param:keystone_service_protocol}
roles:
- admin
- Member
@@ -46,3 +49,4 @@
port: 5000
region_name: ${_param:openstack_region}
use_keystoneauth: true
+ protocol: ${_param:keystone_service_protocol}
diff --git a/keystone/server/wsgi.yml b/keystone/server/wsgi.yml
index f62c1cc..333cb76 100644
--- a/keystone/server/wsgi.yml
+++ b/keystone/server/wsgi.yml
@@ -1,6 +1,10 @@
classes:
- system.apache.server.single
parameters:
+ _param:
+ apache_keystone_ssl:
+ enabled: false
+ apache_keystone_api_host: ${linux:network:fqdn}
keystone:
server:
service_name: apache2
@@ -14,7 +18,8 @@
type: keystone
name: wsgi
host:
- name: ${linux:network:fqdn}
+ name: ${_param:apache_keystone_api_host}
+ ssl: ${_param:apache_keystone_ssl}
log:
custom:
format: >-
diff --git a/kubernetes/master/cluster.yml b/kubernetes/master/cluster.yml
index f21f003..78e91a0 100644
--- a/kubernetes/master/cluster.yml
+++ b/kubernetes/master/cluster.yml
@@ -11,7 +11,6 @@
master:
container: false
network:
- engine: calico
- private_ip_range: ${_param:calico_private_network}/${_param:calico_private_netmask}
- prometheus:
- enabled: true
+ calico:
+ prometheus:
+ enabled: true
diff --git a/kubernetes/master/single.yml b/kubernetes/master/single.yml
index cc8d8ab..684af64 100644
--- a/kubernetes/master/single.yml
+++ b/kubernetes/master/single.yml
@@ -7,5 +7,3 @@
kubernetes:
master:
container: false
- network:
- engine: calico
diff --git a/kubernetes/pool/cluster.yml b/kubernetes/pool/cluster.yml
index 3dd0c40..d223d57 100644
--- a/kubernetes/pool/cluster.yml
+++ b/kubernetes/pool/cluster.yml
@@ -4,7 +4,7 @@
parameters:
_param:
# component docker images
- kubernetes_calicoctl_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/ctl:latest
+ kubernetes_calico_calicoctl_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/ctl:latest
kubernetes_calico_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/node:latest
kubernetes_calico_cni_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/cni:latest
kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.6.2-2
@@ -15,9 +15,9 @@
pool:
container: false
network:
- engine: calico
- prometheus:
- enabled: true
+ calico:
+ prometheus:
+ enabled: true
docker:
host:
options:
diff --git a/kubernetes/pool/single.yml b/kubernetes/pool/single.yml
index 67363a6..d6282c3 100644
--- a/kubernetes/pool/single.yml
+++ b/kubernetes/pool/single.yml
@@ -4,7 +4,7 @@
parameters:
_param:
# component docker images
- kubernetes_calicoctl_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/ctl:latest
+ kubernetes_calico_calicoctl_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/ctl:latest
kubernetes_calico_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/node:latest
kubernetes_calico_cni_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/cni:latest
kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.6.2-2
@@ -14,8 +14,6 @@
kubernetes:
pool:
container: false
- network:
- engine: calico
docker:
host:
options:
diff --git a/libvirt/server/init.yml b/libvirt/server/init.yml
new file mode 100644
index 0000000..9374c84
--- /dev/null
+++ b/libvirt/server/init.yml
@@ -0,0 +1,2 @@
+classes:
+- service.libvirt.server
diff --git a/libvirt/server/single.yml b/libvirt/server/single.yml
index f25f8ed..dbf9177 100644
--- a/libvirt/server/single.yml
+++ b/libvirt/server/single.yml
@@ -1,3 +1,5 @@
+classes:
+- service.libvirt.server
parameters:
linux:
system:
diff --git a/linux/network/interface/single_ovs_dvr.yml b/linux/network/interface/single_ovs_dvr.yml
index 482bd02..2f4cf2a 100644
--- a/linux/network/interface/single_ovs_dvr.yml
+++ b/linux/network/interface/single_ovs_dvr.yml
@@ -39,7 +39,7 @@
type: ovs_port
mtu: 65000
bridge: br-floating
- br-mgmt:
+ br-mgm:
enabled: true
type: bridge
mtu: ${_param:interface_mtu}
@@ -64,4 +64,4 @@
use_interfaces:
- ${_param:external_interface}
use_ovs_ports:
- - float-to-ex
\ No newline at end of file
+ - float-to-ex
diff --git a/linux/storage/loopback_manila.yml b/linux/storage/loopback_manila.yml
new file mode 100644
index 0000000..6a9986c
--- /dev/null
+++ b/linux/storage/loopback_manila.yml
@@ -0,0 +1,8 @@
+parameters:
+ linux:
+ storage:
+ enabled: true
+ loopback:
+ loop1:
+ file: "/srv/disk1"
+ size: ${_param:loopback_device1_size}G
diff --git a/linux/system/repo/mcp/apt_mirantis/aptly.yml b/linux/system/repo/mcp/apt_mirantis/aptly.yml
index b0cf536..5a023a5 100644
--- a/linux/system/repo/mcp/apt_mirantis/aptly.yml
+++ b/linux/system/repo/mcp/apt_mirantis/aptly.yml
@@ -6,11 +6,8 @@
system:
repo:
mcp_aptly:
- source: "deb [arch=amd64] http://apt.mirantis.com/${_param:linux_system_codename}/aptly/ ${_param:linux_system_repo_mcp_aptly_version} main"
+ source: "deb [arch=amd64] http://mirror.mirantis.com/${_param:linux_system_repo_mcp_aptly_version}/aptly/${_param:linux_system_codename}/ squeeze main"
architectures: amd64
- key_url: "http://apt.mirantis.com/public.gpg"
+ key_id: 9E3E53F19C7DE460
+ key_server: keys.gnupg.net
clean_file: true
- pin:
- - pin: 'release a=${_param:linux_system_repo_mcp_aptly_version}'
- priority: 1100
- package: '*'
diff --git a/linux/system/repo/mcp/apt_mirantis/cassandra.yml b/linux/system/repo/mcp/apt_mirantis/cassandra.yml
index 308f555..8bf3583 100644
--- a/linux/system/repo/mcp/apt_mirantis/cassandra.yml
+++ b/linux/system/repo/mcp/apt_mirantis/cassandra.yml
@@ -7,11 +7,8 @@
system:
repo:
mcp_cassandra:
- source: "deb [arch=amd64] http://apt.mirantis.com/${_param:linux_system_codename}/cassandra/ ${_param:linux_system_repo_mcp_cassandra_version} ${_param:linux_system_repo_mcp_cassandra_version_number}"
+ source: "deb [arch=amd64] http://mirror.mirantis.com/${_param:linux_system_repo_mcp_cassandra_version}/cassandra/${_param:linux_system_codename}/ ${_param:linux_system_repo_mcp_cassandra_version_number} main"
architectures: amd64
- key_url: "http://apt.mirantis.com/public.gpg"
+ key_id: F8358FA2F2833C93
+ key_server: keyserver.ubuntu.com
clean_file: true
- pin:
- - pin: 'release a=${_param:linux_system_repo_mcp_cassandra_version}'
- priority: 1100
- package: '*'
diff --git a/linux/system/repo/mcp/apt_mirantis/ceph.yml b/linux/system/repo/mcp/apt_mirantis/ceph.yml
index 2532f86..40c8d87 100644
--- a/linux/system/repo/mcp/apt_mirantis/ceph.yml
+++ b/linux/system/repo/mcp/apt_mirantis/ceph.yml
@@ -7,11 +7,11 @@
system:
repo:
mcp_ceph:
- source: "deb [arch=amd64] http://apt.mirantis.com/${_param:linux_system_codename}/ceph/ ${_param:linux_system_repo_mcp_ceph_version} ${_param:linux_system_repo_mcp_ceph_codename}"
+ source: "deb [arch=amd64] http://apt.mirantis.com/${_param:linux_system_codename}/ ${_param:linux_system_repo_mcp_ceph_version} ceph-${_param:linux_system_repo_mcp_ceph_codename}"
architectures: amd64
key_url: "http://apt.mirantis.com/public.gpg"
clean_file: true
pin:
- pin: 'release a=${_param:linux_system_repo_mcp_ceph_version}'
priority: 1100
- package: '*'
\ No newline at end of file
+ package: '*'
diff --git a/linux/system/repo/mcp/apt_mirantis/docker.yml b/linux/system/repo/mcp/apt_mirantis/docker.yml
index cbd3097..d3314a9 100644
--- a/linux/system/repo/mcp/apt_mirantis/docker.yml
+++ b/linux/system/repo/mcp/apt_mirantis/docker.yml
@@ -6,11 +6,8 @@
system:
repo:
mcp_docker:
- source: "deb [arch=amd64] http://apt.mirantis.com/${_param:linux_system_codename}/docker/ ${_param:linux_system_repo_mcp_docker_version} stable"
+ source: "deb [arch=amd64] http://mirror.mirantis.com/${_param:linux_system_repo_mcp_docker_version}/docker/${_param:linux_system_codename}/ ${_param:linux_system_codename} stable"
architectures: amd64
- key_url: "http://apt.mirantis.com/public.gpg"
- clean_file: true
- pin:
- - pin: 'release a=${_param:linux_system_repo_mcp_docker_version}'
- priority: 1100
- package: '*'
+ key_id: 8D81803C0EBFCD88
+ key_server: keyserver.ubuntu.com
+ clean_file: true
\ No newline at end of file
diff --git a/linux/system/repo/mcp/apt_mirantis/docker_legacy.yml b/linux/system/repo/mcp/apt_mirantis/docker_legacy.yml
index 86c6426..2689869 100644
--- a/linux/system/repo/mcp/apt_mirantis/docker_legacy.yml
+++ b/linux/system/repo/mcp/apt_mirantis/docker_legacy.yml
@@ -6,11 +6,7 @@
system:
repo:
mcp_docker_legacy:
- source: "deb [arch=amd64] http://apt.mirantis.com/${_param:linux_system_codename}/docker/ ${_param:linux_system_repo_mcp_docker_legacy_version} legacy"
+ source: "deb [arch=amd64] http://mirror.mirantis.com/${_param:linux_system_repo_mcp_docker_legacy_version}/docker-1.x/${_param:linux_system_codename}/ ubuntu-${_param:linux_system_codename} main"
architectures: amd64
- key_url: "http://apt.mirantis.com/public.gpg"
- clean_file: true
- pin:
- - pin: 'release a=${_param:linux_system_repo_mcp_docker_legacy_version}'
- priority: 1100
- package: '*'
+ key_id: 58118E89F3A912897C070ADBF76221572C52609D
+ key_server: keyserver.ubuntu.com
\ No newline at end of file
diff --git a/linux/system/repo/mcp/apt_mirantis/elastic/2x.yml b/linux/system/repo/mcp/apt_mirantis/elastic/2x.yml
index 4add81e..1db8267 100644
--- a/linux/system/repo/mcp/apt_mirantis/elastic/2x.yml
+++ b/linux/system/repo/mcp/apt_mirantis/elastic/2x.yml
@@ -6,11 +6,8 @@
system:
repo:
mcp_elastic_2x:
- source: "deb [arch=amd64] http://apt.mirantis.com/${_param:linux_system_codename}/elastic/2.x/ ${_param:linux_system_repo_mcp_elastic_2x_version} main"
+ source: "deb [arch=amd64] http://mirror.mirantis.com/${_param:linux_system_repo_mcp_elastic_2x_version}/elasticsearch-2.x/${_param:linux_system_codename}/ stable main"
architectures: amd64
- key_url: "http://apt.mirantis.com/public.gpg"
+ key_id: D88E42B4
+ key_server: keyserver.ubuntu.com
clean_file: true
- pin:
- - pin: 'release a=${_param:linux_system_repo_mcp_elastic_2x_version}'
- priority: 1100
- package: '*'
diff --git a/linux/system/repo/mcp/apt_mirantis/elastic/5x.yml b/linux/system/repo/mcp/apt_mirantis/elastic/5x.yml
index 8876c51..453b3bc 100644
--- a/linux/system/repo/mcp/apt_mirantis/elastic/5x.yml
+++ b/linux/system/repo/mcp/apt_mirantis/elastic/5x.yml
@@ -6,11 +6,8 @@
system:
repo:
mcp_elastic_5x:
- source: "deb [arch=amd64] http://apt.mirantis.com/${_param:linux_system_codename}/elastic/5.x/ ${_param:linux_system_repo_mcp_elastic_5x_version} main"
+ source: "deb [arch=amd64] http://mirror.mirantis.com/${_param:linux_system_repo_mcp_elastic_5x_version}/elasticsearch-5.x/${_param:linux_system_codename}/ stable main"
architectures: amd64
- key_url: "http://apt.mirantis.com/public.gpg"
+ key_id: D88E42B4
+ key_server: keyserver.ubuntu.com
clean_file: true
- pin:
- - pin: 'release a=${_param:linux_system_repo_mcp_elastic_5x_version}'
- priority: 1100
- package: '*'
diff --git a/linux/system/repo/mcp/apt_mirantis/fluentd.yml b/linux/system/repo/mcp/apt_mirantis/fluentd.yml
index da7d3ca..58df85f 100644
--- a/linux/system/repo/mcp/apt_mirantis/fluentd.yml
+++ b/linux/system/repo/mcp/apt_mirantis/fluentd.yml
@@ -6,11 +6,8 @@
system:
repo:
mcp_fluentd:
- source: "deb [arch=amd64] http://apt.mirantis.com/${_param:linux_system_codename}/fluentd/ ${_param:linux_system_repo_mcp_fluentd_version} main"
+ source: "deb [arch=amd64] http://mirror.mirantis.com/${_param:linux_system_repo_mcp_fluentd_version}/td-agent/${_param:linux_system_codename} ${_param:linux_system_codename} contrib"
architectures: amd64
- key_url: "http://apt.mirantis.com/public.gpg"
+ key_id: 901F9177AB97ACBE
+ key_server: keyserver.ubuntu.com
clean_file: true
- pin:
- - pin: 'release a=${_param:linux_system_repo_mcp_fluentd_version}'
- priority: 1100
- package: '*'
diff --git a/linux/system/repo/mcp/apt_mirantis/glusterfs.yml b/linux/system/repo/mcp/apt_mirantis/glusterfs.yml
index 1f5dd0e..02f2fd9 100644
--- a/linux/system/repo/mcp/apt_mirantis/glusterfs.yml
+++ b/linux/system/repo/mcp/apt_mirantis/glusterfs.yml
@@ -2,16 +2,13 @@
_param:
apt_mk_version: stable
linux_system_repo_mcp_glusterfs_version: ${_param:apt_mk_version}
- linux_system_repo_mcp_glusterfs_version_number: "3.12"
+ linux_system_repo_mcp_glusterfs_version_number: "3.8"
linux:
system:
repo:
mcp_glusterfs:
- source: "deb [arch=amd64] http://apt.mirantis.com/${_param:linux_system_codename}/glusterfs/ ${_param:linux_system_repo_mcp_glusterfs_version} ${_param:linux_system_repo_mcp_glusterfs_version_number}"
+ source: "deb [arch=amd64] http://mirror.mirantis.com/${_param:linux_system_repo_mcp_glusterfs_version}/glusterfs-${_param:linux_system_repo_mcp_glusterfs_version_number}/${_param:linux_system_codename}/ ${_param:linux_system_codename} main"
architectures: amd64
- key_url: "http://apt.mirantis.com/public.gpg"
+ key_id: 3FE869A9
+ key_server: keyserver.ubuntu.com
clean_file: true
- pin:
- - pin: 'release a=${_param:linux_system_repo_mcp_glusterfs_version}'
- priority: 1100
- package: '*'
diff --git a/linux/system/repo/mcp/apt_mirantis/grafana.yml b/linux/system/repo/mcp/apt_mirantis/grafana.yml
index 2d71740..5bf9396 100644
--- a/linux/system/repo/mcp/apt_mirantis/grafana.yml
+++ b/linux/system/repo/mcp/apt_mirantis/grafana.yml
@@ -6,11 +6,8 @@
system:
repo:
mcp_grafana:
- source: "deb [arch=amd64] http://apt.mirantis.com/${_param:linux_system_codename}/grafana/ ${_param:linux_system_repo_mcp_grafana_version} main"
+ source: "deb [arch=amd64] http://mirror.mirantis.com/${_param:linux_system_repo_mcp_grafana_version}/grafana/${_param:linux_system_codename}/ jessie main"
architectures: amd64
- key_url: "http://apt.mirantis.com/public.gpg"
+ key_id: C2E73424D59097AB
+ key_server: keyserver.ubuntu.com
clean_file: true
- pin:
- - pin: 'release a=${_param:linux_system_repo_mcp_grafana_version}'
- priority: 1100
- package: '*'
diff --git a/linux/system/repo/mcp/apt_mirantis/influxdb.yml b/linux/system/repo/mcp/apt_mirantis/influxdb.yml
index f3c1fec..e6ebcb3 100644
--- a/linux/system/repo/mcp/apt_mirantis/influxdb.yml
+++ b/linux/system/repo/mcp/apt_mirantis/influxdb.yml
@@ -6,11 +6,8 @@
system:
repo:
mcp_influxdb:
- source: "deb [arch=amd64] http://apt.mirantis.com/${_param:linux_system_codename}/influxdb/ ${_param:linux_system_repo_mcp_influxdb_version} main"
+ source: "deb [arch=amd64] http://mirror.mirantis.com/${_param:linux_system_repo_mcp_influxdb_version}/influxdb/${_param:linux_system_codename}/ ${_param:linux_system_codename} stable"
architectures: amd64
- key_url: "http://apt.mirantis.com/public.gpg"
+ key_id: 684A14CF2582E0C5
+ key_server: keyserver.ubuntu.com
clean_file: true
- pin:
- - pin: 'release a=${_param:linux_system_repo_mcp_influxdb_version}'
- priority: 1100
- package: '*'
diff --git a/linux/system/repo/mcp/apt_mirantis/kibana/46.yml b/linux/system/repo/mcp/apt_mirantis/kibana/46.yml
index f3795ad..21ab878 100644
--- a/linux/system/repo/mcp/apt_mirantis/kibana/46.yml
+++ b/linux/system/repo/mcp/apt_mirantis/kibana/46.yml
@@ -6,11 +6,8 @@
system:
repo:
mcp_kibana_46:
- source: "deb [arch=amd64] http://apt.mirantis.com/${_param:linux_system_codename}/kibana/4.6/ ${_param:linux_system_repo_mcp_kibana_46_version} kibana-46"
+ source: "deb [arch=amd64] http://mirror.mirantis.com/${_param:linux_system_repo_mcp_kibana_46_version}/kibana-4.6/${_param:linux_system_codename}/ stable main"
architectures: amd64
- key_url: "http://apt.mirantis.com/public.gpg"
+ key_id: D88E42B4
+ key_server: keyserver.ubuntu.com
clean_file: true
- pin:
- - pin: 'release a=${_param:linux_system_repo_mcp_kibana_46_version}'
- priority: 1100
- package: '*'
diff --git a/linux/system/repo/mcp/apt_mirantis/kibana/5x.yml b/linux/system/repo/mcp/apt_mirantis/kibana/5x.yml
index e2f4795..3c3d128 100644
--- a/linux/system/repo/mcp/apt_mirantis/kibana/5x.yml
+++ b/linux/system/repo/mcp/apt_mirantis/kibana/5x.yml
@@ -6,11 +6,8 @@
system:
repo:
mcp_kibana_5x:
- source: "deb [arch=amd64] http://apt.mirantis.com/${_param:linux_system_codename}/kibana/5.x/ ${_param:linux_system_repo_mcp_kibana_5x_version} kibana-5x"
+ source: "deb [arch=amd64] http://mirror.mirantis.com/${_param:linux_system_repo_mcp_kibana_5x_version}/elasticsearch-5.x/${_param:linux_system_codename}/ stable main"
architectures: amd64
- key_url: "http://apt.mirantis.com/public.gpg"
+ key_id: D88E42B4
+ key_server: keyserver.ubuntu.com
clean_file: true
- pin:
- - pin: 'release a=${_param:linux_system_repo_mcp_kibana_5x_version}'
- priority: 1100
- package: '*'
diff --git a/linux/system/repo/mcp/apt_mirantis/maas.yml b/linux/system/repo/mcp/apt_mirantis/maas.yml
index b18bf65..7ee3537 100644
--- a/linux/system/repo/mcp/apt_mirantis/maas.yml
+++ b/linux/system/repo/mcp/apt_mirantis/maas.yml
@@ -6,11 +6,8 @@
system:
repo:
mcp_maas:
- source: "deb [arch=amd64] http://apt.mirantis.com/${_param:linux_system_codename}/maas/ ${_param:linux_system_repo_mcp_maas_version} main"
+ source: "deb [arch=amd64] http://mirror.mirantis.com/${_param:linux_system_repo_mcp_maas_version}/maas/${_param:linux_system_codename}/ ${_param:linux_system_codename} main"
architectures: amd64
- key_url: "http://apt.mirantis.com/public.gpg"
+ key_id: 684D4A1C
+ key_server: keyserver.ubuntu.com
clean_file: true
- pin:
- - pin: 'release a=${_param:linux_system_repo_mcp_maas_version}'
- priority: 1100
- package: '*'
diff --git a/linux/system/repo/mcp/apt_mirantis/saltstack_2016_3.yml b/linux/system/repo/mcp/apt_mirantis/saltstack_2016_3.yml
index bec95cd..c47e177 100644
--- a/linux/system/repo/mcp/apt_mirantis/saltstack_2016_3.yml
+++ b/linux/system/repo/mcp/apt_mirantis/saltstack_2016_3.yml
@@ -6,11 +6,8 @@
system:
repo:
mcp_saltstack:
- source: "deb [arch=amd64] http://apt.mirantis.com/${_param:linux_system_codename}/salt/2016.3/ ${_param:linux_system_repo_mcp_saltstack_version} main"
+ source: "deb [arch=amd64] http://mirror.mirantis.com/${_param:linux_system_repo_mcp_saltstack_version}/saltstack-2016.3/${_param:linux_system_codename}/ ${_param:linux_system_codename} main"
architectures: amd64
- key_url: "http://apt.mirantis.com/public.gpg"
+ key_id: 0E08A149DE57BFBE
+ key_server: keyserver.ubuntu.com
clean_file: true
- pin:
- - pin: 'release a=${_param:linux_system_repo_mcp_saltstack_version}'
- priority: 1100
- package: '*'
\ No newline at end of file
diff --git a/linux/system/repo/mcp/apt_mirantis/sensu.yml b/linux/system/repo/mcp/apt_mirantis/sensu.yml
index f86b88a..fb1045f 100644
--- a/linux/system/repo/mcp/apt_mirantis/sensu.yml
+++ b/linux/system/repo/mcp/apt_mirantis/sensu.yml
@@ -1,16 +1,13 @@
parameters:
_param:
apt_mk_version: stable
- linux_system_repo_mcp_extra_version: ${_param:apt_mk_version}
+ linux_system_repo_mcp_sensu_version: ${_param:apt_mk_version}
linux:
system:
repo:
- mcp_extra:
- source: "deb [arch=amd64] http://apt.mirantis.com/${_param:linux_system_codename}/sensu/ ${_param:linux_system_repo_mcp_extra_version} main"
+ mcp_sensu:
+ source: "deb [arch=amd64] http://mirror.mirantis.com/${_param:linux_system_repo_mcp_sensu_version}/sensu/${_param:linux_system_codename}/ sensu main"
architectures: amd64
- key_url: "http://apt.mirantis.com/public.gpg"
+ key_id: A20F259AEB9C94BB
+ key_server: keyserver.ubuntu.com
clean_file: true
- pin:
- - pin: 'release a=${_param:linux_system_repo_mcp_extra_version}'
- priority: 1100
- package: '*'
diff --git a/linux/system/repo/mcp/updates.yml b/linux/system/repo/mcp/updates.yml
new file mode 100644
index 0000000..6d08b19
--- /dev/null
+++ b/linux/system/repo/mcp/updates.yml
@@ -0,0 +1,16 @@
+parameters:
+ _param:
+ apt_mk_version: stable
+ linux_system_repo_mcp_updates_version: ${_param:apt_mk_version}
+ linux:
+ system:
+ repo:
+ mcp_updates:
+ source: "deb [arch=amd64] http://apt.mirantis.com/${_param:linux_system_codename}/ ${_param:linux_system_repo_mcp_updates_version} updates"
+ architectures: amd64
+ key_url: "http://apt.mirantis.com/public.gpg"
+ clean_file: true
+ pin:
+ - pin: 'release a=${_param:linux_system_repo_mcp_updates_version}'
+ priority: 1200
+ package: '*'
diff --git a/linux/system/repo_local/mcp/apt_mirantis/fluentd.yml b/linux/system/repo_local/mcp/apt_mirantis/fluentd.yml
index 40682d7..d0a1671 100644
--- a/linux/system/repo_local/mcp/apt_mirantis/fluentd.yml
+++ b/linux/system/repo_local/mcp/apt_mirantis/fluentd.yml
@@ -6,7 +6,7 @@
system:
repo:
mcp_fluentd:
- source: "deb [arch=amd64] http://${_param:local_repo_url}/ubuntu-${_param:linux_system_codename}/fluentd/ ${_param:linux_system_repo_mcp_fluentd_version} main"
+ source: "deb [arch=amd64] http://${_param:local_repo_url}/ubuntu-${_param:linux_system_codename}/fluentd ${_param:apt_mk_version} contrib"
architectures: amd64
key_url: "http://${_param:local_repo_url}/public.gpg"
clean_file: true
diff --git a/linux/system/repo_local/mcp/apt_mirantis/glusterfs.yml b/linux/system/repo_local/mcp/apt_mirantis/glusterfs.yml
index ca7e1bd..cb3444b 100644
--- a/linux/system/repo_local/mcp/apt_mirantis/glusterfs.yml
+++ b/linux/system/repo_local/mcp/apt_mirantis/glusterfs.yml
@@ -2,7 +2,7 @@
_param:
apt_mk_version: stable
linux_system_repo_mcp_glusterfs_version: ${_param:apt_mk_version}
- linux_system_repo_mcp_glusterfs_version_number: "3.12"
+ linux_system_repo_mcp_glusterfs_version_number: "3.8"
linux:
system:
repo:
diff --git a/linux/system/repo_local/mcp/updates.yml b/linux/system/repo_local/mcp/updates.yml
new file mode 100644
index 0000000..f7f22d1
--- /dev/null
+++ b/linux/system/repo_local/mcp/updates.yml
@@ -0,0 +1,17 @@
+parameters:
+ _param:
+ apt_mk_version: stable
+ linux_system_repo_mcp_updates_version: ${_param:apt_mk_version}
+ linux:
+ system:
+ repo:
+ mcp_updates:
+ refresh_db: ${_param:linux_repo_refresh_db}
+ source: "deb [arch=amd64] http://${_param:local_repo_url}/ubuntu-${_param:linux_system_codename}/ ${_param:linux_system_repo_mcp_updates_version} updates"
+ architectures: amd64
+ key_url: "http://${_param:local_repo_url}/public.gpg"
+ clean_file: true
+ pin:
+ - pin: 'release a=${_param:linux_system_repo_mcp_updates_version}'
+ priority: 1200
+ package: '*'
diff --git a/linux/system/single/debian.yml b/linux/system/single/debian.yml
index b6d0b2b..b4d08c9 100644
--- a/linux/system/single/debian.yml
+++ b/linux/system/single/debian.yml
@@ -6,5 +6,31 @@
linux:
system:
package:
+ apt-transport-https:
+ version: latest
+ cloud-init:
+ version: purged
+ mcelog:
+ version: latest
python-msgpack:
version: latest
+ unattended-upgrades:
+ version: purged
+ apt:
+ config:
+ compression-workaround:
+ "Acquire::CompressionTypes::Order": "gz"
+ aws-s3-mirrors-workaround:
+ "Acquire::http::Pipeline-Depth": "0"
+ dont_install_recommends:
+ "APT::Install-Recommends": "false"
+ dont_install_suggests:
+ "APT::Install-Suggests": "false"
+ dont_acquire_all_languages:
+ "Acquire::Languages": "none"
+ dont_update_package_list:
+ "APT::Periodic::Update-Package-Lists": "0"
+ dont_update_download_upg_packages:
+ "APT::Periodic::Download-Upgradeable-Packages": "0"
+ disable_unattended_upgrade:
+ "APT::Periodic::Unattended-Upgrade": "0"
diff --git a/linux/system/single/init.yml b/linux/system/single/init.yml
index c7c583b..dae70ff 100644
--- a/linux/system/single/init.yml
+++ b/linux/system/single/init.yml
@@ -14,17 +14,6 @@
enabled: true
name: root
home: /root
- package:
- cloud-init:
- version: purged
- unattended-upgrades:
- version: purged
- mcelog:
- version: latest
- apt:
- config:
- compression-workaround:
- "Acquire::CompressionTypes::Order": "gz"
kernel:
modules:
- nf_conntrack
diff --git a/manila/common/cluster.yml b/manila/common/cluster.yml
new file mode 100644
index 0000000..8763903
--- /dev/null
+++ b/manila/common/cluster.yml
@@ -0,0 +1,34 @@
+classes:
+ - service.manila.common.cluster
+ - service.haproxy.proxy.single
+ - system.haproxy.proxy.listen.openstack.manila
+parameters:
+ manila:
+ common:
+ version: ${_param:openstack_version}
+ message_queue:
+ engine: rabbitmq
+ port: 5672
+ user: openstack
+ password: ${_param:rabbitmq_openstack_password}
+ virtual_host: '/openstack'
+ host: ${_param:openstack_message_queue_address}
+ database:
+ engine: mysql
+ host: ${_param:openstack_database_address}
+ port: 3306
+ name: manila
+ user: manila
+ password: ${_param:mysql_manila_password}
+ identity:
+ engine: keystone
+ region: RegionOne
+ host: ${_param:cluster_vip_address}
+ port: 35357
+ user: manila
+ password: ${_param:keystone_manila_password}
+ tenant: service
+ auth_type: password
+ user_domain_id: default
+ project_domain_id: default
+ protocol: 'http'
diff --git a/manila/common/single.yml b/manila/common/single.yml
new file mode 100644
index 0000000..362338f
--- /dev/null
+++ b/manila/common/single.yml
@@ -0,0 +1,32 @@
+classes:
+ - service.manila.common.single
+parameters:
+ manila:
+ common:
+ version: ${_param:openstack_version}
+ message_queue:
+ engine: rabbitmq
+ port: 5672
+ user: openstack
+ password: ${_param:rabbitmq_openstack_password}
+ virtual_host: '/openstack'
+ host: ${_param:single_address}
+ database:
+ engine: mysql
+ host: ${_param:single_address}
+ port: 3306
+ name: manila
+ user: manila
+ password: ${_param:mysql_manila_password}
+ identity:
+ engine: keystone
+ region: RegionOne
+ host: ${_param:single_address}
+ port: 35357
+ user: manila
+ password: ${_param:keystone_manila_password}
+ tenant: service
+ auth_type: password
+ user_domain_id: default
+ project_domain_id: default
+ protocol: 'http'
diff --git a/manila/control/cluster.yml b/manila/control/cluster.yml
new file mode 100644
index 0000000..0bf4c69
--- /dev/null
+++ b/manila/control/cluster.yml
@@ -0,0 +1,13 @@
+classes:
+ - system.manila.common.cluster
+ - system.apache.server.site.manila
+ - system.haproxy.proxy.listen.openstack.manila
+parameters:
+ manila:
+ common:
+ dhss: false
+ version: ${_param:openstack_version}
+ api:
+ enabled: true
+ scheduler:
+ enabled: true
diff --git a/manila/control/single.yml b/manila/control/single.yml
new file mode 100644
index 0000000..5029c67
--- /dev/null
+++ b/manila/control/single.yml
@@ -0,0 +1,12 @@
+classes:
+ - system.manila.common.cluster
+ - system.apache.server.site.manila
+parameters:
+ manila:
+ common:
+ dhss: false
+ version: ${_param:openstack_version}
+ api:
+ enabled: true
+ scheduler:
+ enabled: true
diff --git a/manila/share/backend/lvm.yml b/manila/share/backend/lvm.yml
new file mode 100644
index 0000000..488de4d
--- /dev/null
+++ b/manila/share/backend/lvm.yml
@@ -0,0 +1,20 @@
+parameters:
+ linux:
+ storage:
+ lvm:
+ manila-vg:
+ enabled: true
+ name: manila-volume
+ devices: ${_param:manila_lvm_devices}
+ manila:
+ share:
+ enabled_share_backends:
+ lvm:
+ name: lvm
+ type: lvm
+ enabled: true
+ lvm_share_export_ips:
+ - "${_param:single_address}"
+ dhss: false
+ share_driver: manila.share.drivers.lvm.LVMShareDriver
+ lvm_share_volume_group: manila-volume
diff --git a/mongodb/server/cluster.yml b/mongodb/server/cluster.yml
index f3c16d6..02294c4 100644
--- a/mongodb/server/cluster.yml
+++ b/mongodb/server/cluster.yml
@@ -2,10 +2,13 @@
- service.mongodb.server.cluster
parameters:
_param:
+ openstack_telemetry_node01_hostname: mdb01
+ openstack_telemetry_node02_hostname: mdb02
+ openstack_telemetry_node03_hostname: mdb03
mongodb_server_replica_set: mongodb
- mongodb_master: mdb01
+ mongodb_master: ${_param:openstack_telemetry_node01_hostname}
mongodb_server_members:
- - host: mdb01
+ - host: ${_param:openstack_telemetry_node01_hostname}
priority: 2
- - host: mdb02
- - host: mdb03
+ - host: ${_param:openstack_telemetry_node02_hostname}
+ - host: ${_param:openstack_telemetry_node03_hostname}
diff --git a/mysql/client/database/panko.yml b/mysql/client/database/panko.yml
new file mode 100644
index 0000000..e0463ef
--- /dev/null
+++ b/mysql/client/database/panko.yml
@@ -0,0 +1,17 @@
+parameters:
+ mysql:
+ client:
+ server:
+ database:
+ database:
+ panko:
+ encoding: utf8
+ users:
+ - name: panko
+ password: ${_param:mysql_panko_password}
+ host: '%'
+ rights: all
+ - name: panko
+ password: ${_param:mysql_panko_password}
+ host: ${_param:single_address}
+ rights: all
diff --git a/neutron/client/service/manila.yml b/neutron/client/service/manila.yml
new file mode 100644
index 0000000..cdbc7bb
--- /dev/null
+++ b/neutron/client/service/manila.yml
@@ -0,0 +1,21 @@
+classes:
+- service.neutron.client
+parameters:
+ neutron:
+ client:
+ server:
+ admin_identity:
+ endpoint_type: internalURL
+ network:
+ manila-share-network:
+ tenant: admin
+ shared: false
+ admin_state_up: True
+ port_security_enabled: false
+ subnet:
+ manila-share-subnet:
+ cidr: ${_param:openstack_manila_share_neutron_subnet_cidr}
+ allocation_pools:
+ - start: ${_param:openstack_manila_share_neutron_subnet_allocation_start}
+ end: ${_param:openstack_manila_share_neutron_subnet_allocation_end}
+ enable_dhcp: true
diff --git a/neutron/compute/cluster.yml b/neutron/compute/cluster.yml
index 13ee31c..e348a93 100644
--- a/neutron/compute/cluster.yml
+++ b/neutron/compute/cluster.yml
@@ -4,6 +4,8 @@
_param:
neutron_enable_qos: False
neutron_enable_vlan_aware_vms: False
+ neutron_enable_bgp_vpn: False
+ neutron_bgp_vpn_driver: bagpipe
linux:
system:
package:
@@ -15,6 +17,9 @@
dvr: ${_param:neutron_compute_dvr}
qos: ${_param:neutron_enable_qos}
vlan_aware_vms: ${_param:neutron_enable_vlan_aware_vms}
+ bgp_vpn:
+ enabled: ${_param:neutron_enable_bgp_vpn}
+ driver: ${_param:neutron_bgp_vpn_driver}
agent_mode: ${_param:neutron_compute_agent_mode}
external_access: ${_param:neutron_compute_external_access}
backend:
diff --git a/neutron/control/cluster.yml b/neutron/control/cluster.yml
index ea9596d..166de3a 100644
--- a/neutron/control/cluster.yml
+++ b/neutron/control/cluster.yml
@@ -5,6 +5,8 @@
- system.haproxy.proxy.listen.openstack.neutron
- system.galera.server.database.neutron
parameters:
+ _param:
+ cluster_internal_protocol: 'http'
linux:
system:
package:
@@ -36,3 +38,5 @@
neutron:
server:
plugin: contrail
+ identity:
+ protocol: ${_param:cluster_internal_protocol}
diff --git a/neutron/control/opendaylight/cluster.yml b/neutron/control/opendaylight/cluster.yml
new file mode 100644
index 0000000..7a62e8b
--- /dev/null
+++ b/neutron/control/opendaylight/cluster.yml
@@ -0,0 +1,23 @@
+classes:
+- service.keepalived.cluster.single
+- service.haproxy.proxy.single
+- service.neutron.control.cluster
+- system.neutron.control.openvswitch.cluster
+parameters:
+ _param:
+ opendaylight_router: odl-router_v2
+ opendaylight_driver: opendaylight_v2
+ neutron:
+ server:
+ backend:
+ opendaylight: true
+ host: ${_param:opendaylight_service_host}
+ rest_api_port: 8282
+ user: admin
+ password: admin
+ ovsdb_connection: tcp:127.0.0.1:6639
+ router: ${_param:opendaylight_router}
+ enable_websocket: true
+ mechanism:
+ ovs:
+ driver: ${_param:opendaylight_driver}
diff --git a/neutron/control/opendaylight/single.yml b/neutron/control/opendaylight/single.yml
new file mode 100644
index 0000000..e0c3ea9
--- /dev/null
+++ b/neutron/control/opendaylight/single.yml
@@ -0,0 +1,21 @@
+classes:
+- service.neutron.control.single
+- system.neutron.control.openvswitch.single
+parameters:
+ _param:
+ opendaylight_router: odl-router_v2
+ opendaylight_driver: opendaylight_v2
+ neutron:
+ server:
+ backend:
+ opendaylight: true
+ host: ${_param:opendaylight_service_host}
+ rest_api_port: 8282
+ user: admin
+ password: admin
+ ovsdb_connection: tcp:127.0.0.1:6639
+ router: ${_param:opendaylight_router}
+ enable_websocket: true
+ mechanism:
+ ovs:
+ driver: ${_param:opendaylight_driver}
diff --git a/neutron/control/openvswitch/cluster.yml b/neutron/control/openvswitch/cluster.yml
index 80489c8..3f80a55 100644
--- a/neutron/control/openvswitch/cluster.yml
+++ b/neutron/control/openvswitch/cluster.yml
@@ -12,6 +12,9 @@
neutron_tenant_network_types: "flat,vxlan"
neutron_enable_qos: False
neutron_enable_vlan_aware_vms: False
+ neutron_enable_bgp_vpn: False
+ neutron_bgp_vpn_driver: bagpipe
+ cluster_internal_protocol: 'http'
neutron:
server:
global_physnet_mtu: ${_param:neutron_global_physnet_mtu}
@@ -19,6 +22,9 @@
dvr: ${_param:neutron_control_dvr}
qos: ${_param:neutron_enable_qos}
vlan_aware_vms: ${_param:neutron_enable_vlan_aware_vms}
+ bgp_vpn:
+ enabled: ${_param:neutron_enable_bgp_vpn}
+ driver: ${_param:neutron_bgp_vpn_driver}
backend:
engine: ml2
tenant_network_types: "${_param:neutron_tenant_network_types}"
@@ -32,6 +38,7 @@
host: ${_param:openstack_database_address}
identity:
region: ${_param:openstack_region}
+ protocol: ${_param:cluster_internal_protocol}
message_queue:
members:
- host: ${_param:openstack_message_queue_node01_address}
diff --git a/neutron/control/openvswitch/single.yml b/neutron/control/openvswitch/single.yml
index 009c116..baa710e 100644
--- a/neutron/control/openvswitch/single.yml
+++ b/neutron/control/openvswitch/single.yml
@@ -10,6 +10,9 @@
neutron_tenant_network_types: "flat,vxlan"
neutron_enable_qos: False
neutron_enable_vlan_aware_vms: False
+ neutron_enable_bgp_vpn: False
+ neutron_bgp_vpn_driver: bagpipe
+ internal_protocol: 'http'
neutron:
server:
global_physnet_mtu: ${_param:neutron_global_physnet_mtu}
@@ -17,6 +20,9 @@
dvr: ${_param:neutron_control_dvr}
qos: ${_param:neutron_enable_qos}
vlan_aware_vms: ${_param:neutron_enable_vlan_aware_vms}
+ bgp_vpn:
+ enabled: ${_param:neutron_enable_bgp_vpn}
+ driver: ${_param:neutron_bgp_vpn_driver}
backend:
engine: ml2
tenant_network_types: "${_param:neutron_tenant_network_types}"
@@ -30,6 +36,7 @@
host: ${_param:openstack_database_address}
identity:
region: ${_param:openstack_region}
+ protocol: ${_param:internal_protocol}
message_queue:
members:
- host: ${_param:openstack_message_queue_node01_address}
diff --git a/neutron/control/ovn/single.yml b/neutron/control/ovn/single.yml
index c02f621..92b8258 100644
--- a/neutron/control/ovn/single.yml
+++ b/neutron/control/ovn/single.yml
@@ -32,6 +32,11 @@
message_queue:
members:
- host: ${_param:openstack_message_queue_node01_address}
+ ovn_ctl_opts:
+ db-nb-create-insecure-remote: 'yes'
+ db-sb-create-insecure-remote: 'yes'
+ db-nb-addr: ${_param:single_address}
+ db-sb-addr: ${_param:single_address}
mysql:
server:
database:
diff --git a/neutron/control/single.yml b/neutron/control/single.yml
index 7f02325..067b4df 100644
--- a/neutron/control/single.yml
+++ b/neutron/control/single.yml
@@ -2,6 +2,8 @@
- service.neutron.control.single
- system.galera.server.database.neutron
parameters:
+ _param:
+ internal_protocol: 'http'
linux:
system:
package:
@@ -12,3 +14,5 @@
server:
database:
host: ${_param:single_address}
+ identity:
+ protocol: ${_param:internal_protocol}
diff --git a/nginx/server/proxy/openstack/aodh.yml b/nginx/server/proxy/openstack/aodh.yml
index bfdb4d6..bd73165 100644
--- a/nginx/server/proxy/openstack/aodh.yml
+++ b/nginx/server/proxy/openstack/aodh.yml
@@ -1,6 +1,8 @@
parameters:
_param:
nginx_proxy_openstack_api_host: ${_param:cluster_public_host}
+ nginx_proxy_openstack_api_address: 0.0.0.0
+ nginx_proxy_openstack_aodh_host: ${_param:aodh_service_host}
nginx:
server:
enabled: true
@@ -11,10 +13,11 @@
name: openstack_api_aodh
check: false
proxy:
- host: ${_param:aodh_service_host}
+ host: ${_param:nginx_proxy_openstack_aodh_host}
port: 8042
protocol: http
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 8042
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
diff --git a/nginx/server/proxy/openstack/barbican.yml b/nginx/server/proxy/openstack/barbican.yml
index 5f658d1..89e5a9c 100644
--- a/nginx/server/proxy/openstack/barbican.yml
+++ b/nginx/server/proxy/openstack/barbican.yml
@@ -1,6 +1,8 @@
parameters:
_param:
nginx_proxy_openstack_api_host: ${_param:cluster_public_host}
+ nginx_proxy_openstack_api_address: 0.0.0.0
+ nginx_proxy_openstack_barbican_host: ${_param:barbican_service_host}
nginx:
server:
enabled: true
@@ -11,10 +13,11 @@
name: openstack_api_barbican
check: false
proxy:
- host: ${_param:barbican_service_host}
+ host: ${_param:nginx_proxy_openstack_barbican_host}
port: 9311
protocol: http
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 9311
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
diff --git a/nginx/server/proxy/openstack/ceilometer.yml b/nginx/server/proxy/openstack/ceilometer.yml
index 57315fe..938b6cf 100644
--- a/nginx/server/proxy/openstack/ceilometer.yml
+++ b/nginx/server/proxy/openstack/ceilometer.yml
@@ -1,6 +1,8 @@
parameters:
_param:
nginx_proxy_openstack_api_host: ${_param:cluster_public_host}
+ nginx_proxy_openstack_api_address: 0.0.0.0
+ nginx_proxy_openstack_ceilometer_host: ${_param:ceilometer_service_host}
nginx:
server:
enabled: true
@@ -11,10 +13,11 @@
name: openstack_api_ceilometer
check: false
proxy:
- host: ${_param:ceilometer_service_host}
+ host: ${_param:nginx_proxy_openstack_ceilometer_host}
port: 8777
protocol: http
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 8777
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
diff --git a/nginx/server/proxy/openstack/designate.yml b/nginx/server/proxy/openstack/designate.yml
index 29bc390..c238775 100644
--- a/nginx/server/proxy/openstack/designate.yml
+++ b/nginx/server/proxy/openstack/designate.yml
@@ -1,6 +1,8 @@
parameters:
_param:
nginx_proxy_openstack_api_host: ${_param:cluster_public_host}
+ nginx_proxy_openstack_api_address: 0.0.0.0
+ nginx_proxy_openstack_designate_host: ${_param:designate_service_host}
nginx:
server:
enabled: true
@@ -10,10 +12,11 @@
type: nginx_proxy
name: openstack_api_designate
proxy:
- host: ${_param:nginx_proxy_openstack_api_proxy_host}
+ host: ${_param:nginx_proxy_openstack_designate_host}
port: 9001
protocol: http
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 9001
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
diff --git a/nginx/server/proxy/openstack/gnocchi.yml b/nginx/server/proxy/openstack/gnocchi.yml
new file mode 100644
index 0000000..2f6d0e5
--- /dev/null
+++ b/nginx/server/proxy/openstack/gnocchi.yml
@@ -0,0 +1,23 @@
+parameters:
+ _param:
+ nginx_proxy_openstack_api_host: ${_param:cluster_public_host}
+ nginx_proxy_openstack_api_address: 0.0.0.0
+ nginx_proxy_openstack_gnocchi_host: ${_param:gnocchi_service_host}
+ nginx:
+ server:
+ enabled: true
+ site:
+ nginx_proxy_openstack_api_gnocchi:
+ enabled: true
+ type: nginx_proxy
+ name: openstack_api_gnocchi
+ check: false
+ proxy:
+ host: ${_param:nginx_proxy_openstack_gnocchi_host}
+ port: 8041
+ protocol: http
+ host:
+ name: ${_param:nginx_proxy_openstack_api_host}
+ port: 8041
+ address: ${_param:nginx_proxy_openstack_api_address}
+ ssl: ${_param:nginx_proxy_ssl}
diff --git a/nginx/server/proxy/openstack/horizon.yml b/nginx/server/proxy/openstack/horizon.yml
index 13df5cb..03e3f3c 100644
--- a/nginx/server/proxy/openstack/horizon.yml
+++ b/nginx/server/proxy/openstack/horizon.yml
@@ -1,4 +1,8 @@
parameters:
+ _param:
+ nginx_proxy_openstack_api_host: ${_param:cluster_public_host}
+ nginx_proxy_openstack_api_address: 0.0.0.0
+ nginx_proxy_openstack_horizon_host: ${_param:openstack_proxy_address}
nginx:
server:
enabled: true
@@ -8,11 +12,12 @@
type: nginx_proxy
name: horizon
proxy:
- host: ${_param:openstack_proxy_address}
+ host: ${_param:nginx_proxy_openstack_horizon_host}
port: 443
protocol: https
host:
- name: ${_param:cluster_public_host}
+ name: ${_param:nginx_proxy_openstack_api_host}
port: 443
protocol: https
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
diff --git a/nginx/server/proxy/openstack/ironic.yml b/nginx/server/proxy/openstack/ironic.yml
new file mode 100644
index 0000000..95eb1bd
--- /dev/null
+++ b/nginx/server/proxy/openstack/ironic.yml
@@ -0,0 +1,22 @@
+parameters:
+ _param:
+ nginx_proxy_openstack_api_host: ${_param:cluster_public_host}
+ nginx_proxy_openstack_api_address: 0.0.0.0
+ nginx_proxy_openstack_ironic_host: ${_param:ironic_service_host}
+ nginx:
+ server:
+ enabled: true
+ site:
+ nginx_proxy_openstack_api_ironic:
+ enabled: true
+ type: nginx_proxy
+ name: openstack_api_ironic
+ proxy:
+ host: ${_param:nginx_proxy_openstack_ironic_host}
+ port: 6385
+ protocol: http
+ host:
+ name: ${_param:nginx_proxy_openstack_api_host}
+ port: 6385
+ address: ${_param:nginx_proxy_openstack_api_address}
+ ssl: ${_param:nginx_proxy_ssl}
diff --git a/nginx/server/proxy/openstack/manila.yml b/nginx/server/proxy/openstack/manila.yml
new file mode 100644
index 0000000..050d0de
--- /dev/null
+++ b/nginx/server/proxy/openstack/manila.yml
@@ -0,0 +1,22 @@
+parameters:
+ _param:
+ nginx_proxy_openstack_api_host: ${_param:cluster_public_host}
+ nginx_proxy_openstack_api_address: 0.0.0.0
+ nginx_proxy_openstack_manila_host: ${_param:manila_service_host}
+ nginx:
+ server:
+ enabled: true
+ site:
+ nginx_proxy_openstack_api_manila:
+ enabled: true
+ type: nginx_proxy
+ name: openstack_api_manila
+ proxy:
+ host: ${_param:nginx_proxy_openstack_manila_host}
+ port: 8786
+ protocol: http
+ host:
+ name: ${_param:nginx_proxy_openstack_api_host}
+ port: 8786
+ address: ${_param:nginx_proxy_openstack_api_address}
+ ssl: ${_param:nginx_proxy_ssl}
diff --git a/nginx/server/proxy/openstack/panko.yml b/nginx/server/proxy/openstack/panko.yml
new file mode 100644
index 0000000..6081dd1
--- /dev/null
+++ b/nginx/server/proxy/openstack/panko.yml
@@ -0,0 +1,23 @@
+parameters:
+ _param:
+ nginx_proxy_openstack_api_host: ${_param:cluster_public_host}
+ nginx_proxy_openstack_api_address: 0.0.0.0
+ nginx_proxy_openstack_panko_host: ${_param:panko_service_host}
+ nginx:
+ server:
+ enabled: true
+ site:
+ nginx_proxy_openstack_api_panko:
+ enabled: true
+ type: nginx_proxy
+ name: openstack_api_panko
+ check: false
+ proxy:
+ host: ${_param:nginx_proxy_openstack_panko_host}
+ port: 8977
+ protocol: http
+ host:
+ name: ${_param:nginx_proxy_openstack_api_host}
+ port: 8977
+ address: ${_param:nginx_proxy_openstack_api_address}
+ ssl: ${_param:nginx_proxy_ssl}
diff --git a/nginx/server/proxy/openstack/placement.yml b/nginx/server/proxy/openstack/placement.yml
new file mode 100644
index 0000000..eda272c
--- /dev/null
+++ b/nginx/server/proxy/openstack/placement.yml
@@ -0,0 +1,22 @@
+parameters:
+ _param:
+ nginx_proxy_openstack_api_host: ${_param:cluster_public_host}
+ nginx_proxy_openstack_api_address: 0.0.0.0
+ nginx_proxy_openstack_placement_host: ${_param:placement_service_host}
+ nginx:
+ server:
+ enabled: true
+ site:
+ nginx_proxy_openstack_api_placement:
+ enabled: true
+ type: nginx_proxy
+ name: openstack_api_placement
+ proxy:
+ host: ${_param:nginx_proxy_openstack_placement_host}
+ port: 8778
+ protocol: http
+ host:
+ name: ${_param:nginx_proxy_openstack_api_host}
+ port: 8778
+ address: ${_param:nginx_proxy_openstack_api_address}
+ ssl: ${_param:nginx_proxy_ssl}
diff --git a/nginx/server/proxy/openstack_api.yml b/nginx/server/proxy/openstack_api.yml
index 4b0b3f4..4f6073d 100644
--- a/nginx/server/proxy/openstack_api.yml
+++ b/nginx/server/proxy/openstack_api.yml
@@ -1,6 +1,13 @@
parameters:
_param:
nginx_proxy_openstack_api_host: ${_param:cluster_public_host}
+ nginx_proxy_openstack_api_address: 0.0.0.0
+ nginx_proxy_openstack_keystone_host: ${_param:keystone_service_host}
+ nginx_proxy_openstack_nova_host: ${_param:nova_service_host}
+ nginx_proxy_openstack_cinder_host: ${_param:cinder_service_host}
+ nginx_proxy_openstack_glance_host: ${_param:glance_service_host}
+ nginx_proxy_openstack_neutron_host: ${_param:neutron_service_host}
+ nginx_proxy_openstack_heat_host: ${_param:heat_service_host}
nginx:
server:
enabled: true
@@ -11,12 +18,13 @@
name: openstack_api_keystone
check: false
proxy:
- host: ${_param:keystone_service_host}
+ host: ${_param:nginx_proxy_openstack_keystone_host}
port: 5000
protocol: http
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 5000
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_keystone_private:
enabled: true
@@ -24,12 +32,13 @@
name: openstack_api_keystone_private
check: false
proxy:
- host: ${_param:keystone_service_host}
+ host: ${_param:nginx_proxy_openstack_keystone_host}
port: 35357
protocol: http
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 35357
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_nova:
enabled: true
@@ -37,12 +46,13 @@
name: openstack_api_nova
check: false
proxy:
- host: ${_param:nova_service_host}
+ host: ${_param:nginx_proxy_openstack_nova_host}
port: 8774
protocol: http
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 8774
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_cinder:
enabled: true
@@ -50,12 +60,13 @@
name: openstack_api_cinder
check: false
proxy:
- host: ${_param:cinder_service_host}
+ host: ${_param:nginx_proxy_openstack_cinder_host}
port: 8776
protocol: http
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 8776
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_glance:
enabled: true
@@ -64,13 +75,14 @@
check: false
underscores_in_headers: true
proxy:
- host: ${_param:glance_service_host}
+ host: ${_param:nginx_proxy_openstack_glance_host}
port: 9292
protocol: http
size: 30000m
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 9292
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_neutron:
enabled: true
@@ -78,36 +90,39 @@
name: openstack_api_neutron
check: false
proxy:
- host: ${_param:neutron_service_host}
+ host: ${_param:nginx_proxy_openstack_neutron_host}
port: 9696
protocol: http
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 9696
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_heat_cloudwatch:
enabled: true
type: nginx_proxy
name: openstack_api_heat_cloudwatch
proxy:
- host: ${_param:heat_service_host}
+ host: ${_param:nginx_proxy_openstack_heat_host}
port: 8003
protocol: http
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 8003
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_heat_cfn:
enabled: true
type: nginx_proxy
name: openstack_api_heat_cfn
proxy:
- host: ${_param:heat_service_host}
+ host: ${_param:nginx_proxy_openstack_heat_host}
port: 8000
protocol: http
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 8000
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_heat:
enabled: true
@@ -115,12 +130,13 @@
name: openstack_api_heat
check: false
proxy:
- host: ${_param:heat_service_host}
+ host: ${_param:nginx_proxy_openstack_heat_host}
port: 8004
protocol: http
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 8004
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
nginx_proxy_openstack_api_nova_ec2:
enabled: true
@@ -128,10 +144,11 @@
name: openstack_api_nova_ec2
check: false
proxy:
- host: ${_param:nova_service_host}
+ host: ${_param:nginx_proxy_openstack_nova_host}
port: 8773
protocol: http
host:
name: ${_param:nginx_proxy_openstack_api_host}
port: 8773
+ address: ${_param:nginx_proxy_openstack_api_address}
ssl: ${_param:nginx_proxy_ssl}
diff --git a/nova/compute/cluster.yml b/nova/compute/cluster.yml
index 5d0e6a1..f32fffd 100644
--- a/nova/compute/cluster.yml
+++ b/nova/compute/cluster.yml
@@ -35,6 +35,7 @@
7xDyBz85icFU0rceYQetwFH2p5tRL0GcUQhJmJFgIL0OXdCQvRNJrT3iS00N1aUo
SG9MrLHCd5l60aCUQg0UA5ed7Hd6SA314k+HwxJno9/wJ+voBeacMg==
-----END RSA PRIVATE KEY-----
+ cluster_internal_protocol: 'http'
openssh:
client:
enabled: True
@@ -68,6 +69,7 @@
user: nova
password: ${_param:keystone_nova_password}
tenant: service
+ protocol: ${_param:cluster_internal_protocol}
message_queue:
engine: rabbitmq
port: 5672
@@ -82,6 +84,7 @@
engine: glance
host: ${_param:cluster_vip_address}
port: 9292
+ protocol: ${_param:cluster_internal_protocol}
network:
engine: neutron
region: ${_param:openstack_region}
@@ -90,6 +93,7 @@
user: neutron
tenant: service
password: ${_param:keystone_neutron_password}
+ protocol: ${_param:cluster_internal_protocol}
user:
public_key: ${_param:nova_compute_ssh_public}
private_key: ${_param:nova_compute_ssh_private}
diff --git a/nova/compute/single.yml b/nova/compute/single.yml
index b915145..483a1d3 100644
--- a/nova/compute/single.yml
+++ b/nova/compute/single.yml
@@ -35,6 +35,7 @@
7xDyBz85icFU0rceYQetwFH2p5tRL0GcUQhJmJFgIL0OXdCQvRNJrT3iS00N1aUo
SG9MrLHCd5l60aCUQg0UA5ed7Hd6SA314k+HwxJno9/wJ+voBeacMg==
-----END RSA PRIVATE KEY-----
+ cluster_internal_protocol: 'http'
openssh:
client:
enabled: True
@@ -66,6 +67,7 @@
user: nova
password: ${_param:keystone_nova_password}
tenant: service
+ protocol: ${_param:cluster_internal_protocol}
message_queue:
engine: rabbitmq
host: ${_param:control_address}
@@ -77,10 +79,12 @@
engine: glance
host: ${_param:control_address}
port: 9292
+ protocol: ${_param:cluster_internal_protocol}
network:
engine: neutron
host: ${_param:control_address}
port: 9696
+ protocol: ${_param:cluster_internal_protocol}
cache:
engine: memcached
members:
diff --git a/nova/compute_ironic/cluster.yml b/nova/compute_ironic/cluster.yml
index 2526373..885a869 100644
--- a/nova/compute_ironic/cluster.yml
+++ b/nova/compute_ironic/cluster.yml
@@ -1,6 +1,8 @@
classes:
- service.nova.compute.ironic
parameters:
+ _param:
+ cluster_internal_protocol: 'http'
nova:
compute:
version: ${_param:nova_version}
@@ -23,6 +25,7 @@
user: nova
password: ${_param:keystone_nova_password}
tenant: service
+ protocol: ${_param:cluster_internal_protocol}
message_queue:
engine: rabbitmq
port: 5672
@@ -41,6 +44,9 @@
user: neutron
tenant: service
password: ${_param:keystone_neutron_password}
+ protocol: ${_param:cluster_internal_protocol}
+ glance:
+ protocol: ${_param:cluster_internal_protocol}
ironic:
region: ${_param:openstack_region}
host: ${_param:ironic_service_host}
@@ -51,3 +57,4 @@
auth_type: password
project_domain_name: Default
user_domain_name: Default
+ protocol: ${_param:cluster_internal_protocol}
diff --git a/nova/compute_ironic/single.yml b/nova/compute_ironic/single.yml
index 5c19023..69025d3 100644
--- a/nova/compute_ironic/single.yml
+++ b/nova/compute_ironic/single.yml
@@ -1,6 +1,8 @@
classes:
- service.nova.compute.ironic
parameters:
+ _param:
+ cluster_internal_protocol: 'http'
nova:
compute:
version: ${_param:nova_version}
@@ -23,6 +25,7 @@
user: nova
password: ${_param:keystone_nova_password}
tenant: service
+ protocol: ${_param:cluster_internal_protocol}
message_queue:
engine: rabbitmq
port: 5672
@@ -38,6 +41,9 @@
user: neutron
tenant: service
password: ${_param:keystone_neutron_password}
+ protocol: ${_param:cluster_internal_protocol}
+ glance:
+ protocol: ${_param:cluster_internal_protocol}
ironic:
region: ${_param:openstack_region}
host: ${_param:control_address}
@@ -45,3 +51,4 @@
user: ironic
tenant: service
password: ${_param:keystone_ironic_password}
+ protocol: ${_param:cluster_internal_protocol}
diff --git a/nova/control/cluster.yml b/nova/control/cluster.yml
index 3b8877d..be5f775 100644
--- a/nova/control/cluster.yml
+++ b/nova/control/cluster.yml
@@ -11,6 +11,7 @@
nova_ram_allocation_ratio: 1.5
nova_disk_allocation_ratio: 1.0
metadata_password: metadataPass
+ cluster_internal_protocol: 'http'
linux:
system:
package:
@@ -24,7 +25,7 @@
vncproxy_url: ${_param:nova_vncproxy_url}
security_group: false
dhcp_domain: novalocal
- scheduler_default_filters: "DifferentHostFilter,RetryFilter,AvailabilityZoneFilter,RamFilter,CoreFilter,DiskFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter,PciPassthroughFilter,NUMATopologyFilter,AggregateInstanceExtraSpecsFilter"
+ scheduler_default_filters: "DifferentHostFilter,SameHostFilter,RetryFilter,AvailabilityZoneFilter,RamFilter,CoreFilter,DiskFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter,PciPassthroughFilter,NUMATopologyFilter,AggregateInstanceExtraSpecsFilter"
cpu_allocation_ratio: ${_param:nova_cpu_allocation_ratio}
ram_allocation_ratio: ${_param:nova_ram_allocation_ratio}
disk_allocation_ratio: ${_param:nova_disk_allocation_ratio}
@@ -50,6 +51,7 @@
user: nova
password: ${_param:keystone_nova_password}
tenant: service
+ protocol: ${_param:cluster_internal_protocol}
message_queue:
engine: rabbitmq
port: 5672
@@ -63,6 +65,7 @@
glance:
host: ${_param:cluster_vip_address}
port: 9292
+ protocol: ${_param:cluster_internal_protocol}
network:
engine: neutron
region: ${_param:openstack_region}
@@ -72,5 +75,6 @@
port: 9696
mtu: 1500
tenant: service
+ protocol: ${_param:cluster_internal_protocol}
metadata:
password: ${_param:metadata_password}
diff --git a/nova/control/single.yml b/nova/control/single.yml
index c2aef10..ca21d05 100644
--- a/nova/control/single.yml
+++ b/nova/control/single.yml
@@ -1,6 +1,8 @@
classes:
- service.nova.control.single
parameters:
+ _param:
+ cluster_internal_protocol: 'http'
linux:
system:
package:
@@ -11,3 +13,9 @@
controller:
database:
host: ${_param:single_address}
+ identity:
+ protocol: ${_param:cluster_internal_protocol}
+ network:
+ protocol: ${_param:cluster_internal_protocol}
+ glance:
+ protocol: ${_param:cluster_internal_protocol}
diff --git a/opencontrail/control/control.yml b/opencontrail/control/control.yml
index 50c0c77..e846f5d 100644
--- a/opencontrail/control/control.yml
+++ b/opencontrail/control/control.yml
@@ -4,7 +4,7 @@
- system.haproxy.proxy.listen.opencontrail.control
parameters:
_param:
- multi_tenancy: false
+ multi_tenancy: true
opencontrail_message_queue_node01_address: ${_param:openstack_message_queue_node01_address}
opencontrail_message_queue_node02_address: ${_param:openstack_message_queue_node02_address}
opencontrail_message_queue_node03_address: ${_param:openstack_message_queue_node03_address}
diff --git a/openssh/server/team/members/alugovoi.yml b/openssh/server/team/members/alugovoi.yml
new file mode 100644
index 0000000..4a5c0d8
--- /dev/null
+++ b/openssh/server/team/members/alugovoi.yml
@@ -0,0 +1,19 @@
+parameters:
+ linux:
+ system:
+ user:
+ alugovoi:
+ enabled: true
+ name: alugovoi
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: Alexei Lugovoi
+ home: /home/alugovoi
+ email: alugovoi@mirantis.com
+ openssh:
+ server:
+ user:
+ alugovoi:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQChbsvFGG96lVcXrKWiJuFkrKSYR+lv/0kWQw6NugJMfem4XycbC85J7op6WtjlbZPTEKLJUkF2WFRyY6sHlFNwuSNqEgQhxUwYT+TpbCXlW837fuykjBFR/XQH4FvOAH8X4Pd+jy+WRk0UN9rt2QZWFu1znzB1brB6OZBBHZooaSQjnbBPbnepvl6gOtCRMK/3qRqKaHe5at4cTML4UOwRn25eCwmbS1Tm2bVfRiabShIS2WA02Eit+Wme3M6J9l/iJ8vC9Y36cOSWD4sPmxRm4Lwv0TAN3eqJ2fqCVpKULYtsVQihsHgrmovkRzEMdhiEKvvjB3zNRUKtSqyo6Nox alugovoi@alugovoi-pc
+ user: ${linux:system:user:alugovoi}
diff --git a/openssh/server/team/members/listomin.yml b/openssh/server/team/members/listomin.yml
index 4a22a23..0871423 100644
--- a/openssh/server/team/members/listomin.yml
+++ b/openssh/server/team/members/listomin.yml
@@ -16,5 +16,5 @@
listomin:
enabled: true
public_keys:
- - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCkiHTkB53cYMFqNsKjEa1W+O3KpSRk26zCQtNsJO4KrNTSuROcpSjSGLUL55YgjBzVUUo88WNFJgu5e3oJNmXpWcfyRa2LoQyhAws6LxsGb5hH0YWB34w4uzvcHIpO5QNGmHIMaczdS721cgGMygBla32putV13gZE/y2ucFh4oza5lRuY5GZm2i1iTaDV5QqamDeYC3venjTtnXXuZbsW0Mkyn8mPXe5d3/FYSKLBGGCELnxpyopfpuCBsQEPSuYIz7EWsLCCjKgUrYZ4Uu5Sg5Ifs+Z0lSQR7/wbraDoGSyrubBHP3ub57lJvQ5kvNyKnT+BwGpoF8V+oMuoqR4l listomin@listomin-laptop
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCxYzWudGTO2HNris63l1DWv3Q8gl9Rc09nrzogWy/tzXsoQohClhs3QVSSGb3ztRx1uRH7llQ3dq7Z05zxYjv5nBzU6SRkpQzSYXGx2xl0tJPWiNo1sY1xZzwlGHRJjI9DRJYmXAO6GO/n5zeYQ1kf47tSaP6MEV9HD4Ns1zWJ97Izi4EzaYQrosTSfGBfQKC6Vr4CiXfIVev1EQwUYIkrcLp5lcbOOLpfBfU9aRx1YU8V3MzYjGAiWlGeqZeKwyJc6H2JAGX8HEWDkwdMAdIjqsL5wH1KjeXd9V/gWUPaemj/XL0MLCPu0uBbdjWKGGcbTys+mr/gVGP/rwQOwYKl listomin@listomin-laptop.local
user: ${linux:system:user:listomin}
\ No newline at end of file
diff --git a/openssh/server/team/members/osergiyuk.yml b/openssh/server/team/members/osergiyuk.yml
new file mode 100644
index 0000000..01fe7f9
--- /dev/null
+++ b/openssh/server/team/members/osergiyuk.yml
@@ -0,0 +1,19 @@
+parameters:
+ linux:
+ system:
+ user:
+ osergiyuk:
+ enabled: true
+ name: osergiyuk
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: Oleg Sergiyuk
+ home: /home/osergiyuk
+ email: osergiyuk@mirantis.com
+ openssh:
+ server:
+ user:
+ osergiyuk:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCmdJA5DWI9BQuvIzaPSdLDoK1QwUOI0Z1XjlXlaySFUuknDpYOZpBCi8SyNxS3uR8G1iO069tQ7e72cTxwP3lBJGSjgo0sg3lBuaXfunZo4D1dcjpOgKSIRMVZSB2W1pWzVuk5wjLSxePj6yaUUcCemWuELzMix3Ew8GBeWYVfgcAZPtXy4l5slxvK7lRxZZGwX1HTja0uN3UbR3J3pGDDsFN+qLdqnAtbofu9wlpXd7ffshB5dWUXHk9SEh20V/HVk1K7mDCEpKTYRC/vRlPaovauoldHEzwGcEnToXmWSmS8wrCYCTAmCw3jVHDNcYJ+kjDkaJsyTQ+KrLcSYzgMc2efRE5L98ShLZCWQMEd8ldSZ5FIynbTPhJ+9KzS4fnwoX+wCpwYGwpYKkw6zs/N+oXw2CTk5tmc2br84qHkY6spr2+ydTn0cbsMxN/XlPIz5Zn6A5O4yBZA0LRf4A+bKMijn596/XH/TPuy+LdTwEbhA13v2o6beA5xlt1TSxmvumzwXfvzMpmzWlyC+xjUR/2x6ak1RxIi1zlDnULyZRtrHdAxz/SiEgRUVmet8uGhwYKno/GMa45UfzzAX+6w2M6rFBfqvia5Wmg19UheVVvVP08ssm4Cb6l7I58sMkFcLnazf918T8uxqE+1E82ZhbkXi2X3c6C7jY2UkVf3dw== osergiyuk@mirantis.com
+ user: ${linux:system:user:osergiyuk}
diff --git a/openssh/server/team/members/tjaroszyk.yml b/openssh/server/team/members/tjaroszyk.yml
new file mode 100644
index 0000000..537d5e2
--- /dev/null
+++ b/openssh/server/team/members/tjaroszyk.yml
@@ -0,0 +1,19 @@
+parameters:
+ linux:
+ system:
+ user:
+ tjaroszyk:
+ enabled: true
+ name: tjaroszyk
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: Tomek Jaroszyk
+ home: /home/tjaroszyk
+ email: tjaroszyk@mirantis.com
+ openssh:
+ server:
+ user:
+ tjaroszyk:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDIl9Jhv6t99Ek1qaKxnVZwNpPq+ueZ257PHxkfMBYD62r5KXtJM93mYiul5FaK+YH4u7wHaI3onMQzf0BVqj1/TfTgFJVHkB332ZLq6DNwpcF5rv4NeLHKAZKTsJ6RR/cVLmIHtZBUsJwsUShN4p1ESIYVfdaaLse9SxOzUeaL/qz0MxGvjydUVNkegH4jfi/9lMgRrNGDSU9dsiKO4gFLZaLNU3pl/JyuqH++xEksbxQZ2BNUvZV5H4HWaHPuMQ31u0OrmUnVF8UrquwrVxE7f4FNZVJNdzCHhsYr6vCV2m+C/KN8LdnHSln+sG+P6QKu4MlETiFRbraKqLzUPrUvrYckIZiU4LTo6NRB2G7ioVnycYyZFLAzoajCt2MQowAmrpuLjM6RXUhbZilfWfwHxnKlR8LmJRBS3Q+h7i55fvhoReZ3IrzPGNqC8QlEdNdLX9gXuZ+e8BtbxUuAB4wi2yRYrEBnQoqUEB7kj64W8YdBsM0ftKJJu44DLcY7djrMHuF6QFvxezEGIfIPsuE96DCyzFoQZtvJ11x7kjSJ1dQuycsWSRvsfpxTj87iQvHKR9aZXIoVtqxHefosaKoIhTZnI53HsPR50g6r4NwXPzcCpR1SOC3lpIDyK4rwkoze85aLVjaKWMgXY1GlMbMIhOk/mlVGZiezmFdgGTtCMQ== blady@figa
+ user: ${linux:system:user:tjaroszyk}
diff --git a/openssh/server/team/services.yml b/openssh/server/team/services.yml
index 40694d2..9de3a31 100644
--- a/openssh/server/team/services.yml
+++ b/openssh/server/team/services.yml
@@ -11,6 +11,8 @@
- system.openssh.server.team.members.dbogaczyk
- system.openssh.server.team.members.dkruglov
- system.openssh.server.team.members.sflorczak
+- system.openssh.server.team.members.alugovoi
+- system.openssh.server.team.members.tjaroszyk
parameters:
_param:
linux_system_user_sudo: true
diff --git a/openssh/server/team/stacklight.yml b/openssh/server/team/stacklight.yml
index b46ac24..032466b 100644
--- a/openssh/server/team/stacklight.yml
+++ b/openssh/server/team/stacklight.yml
@@ -109,6 +109,20 @@
full_name: Christian Huebner
home: /home/crh
email: chuebner@mirantis.com
+ mmatuszkowiak:
+ enabled: true
+ name: mmatuszkowiak
+ sudo: true
+ full_name: Mateusz Matuszkowiak
+ home: /home/mmatuszkowiak
+ email: mmatuszkowiak@mirantis.com
+ mkobus:
+ enabled: true
+ name: mkobus
+ sudo: true
+ full_name: Michal Kobus
+ home: /home/mkobus
+ email: mkobus@mirantis.com
openssh:
client:
enabled: true
@@ -190,6 +204,16 @@
public_keys:
- ${public_keys:crh}
user: ${linux:system:user:crh}
+ mmatuszkowiak:
+ enabled: true
+ public_keys:
+ - ${public_keys:mmatuszkowiak}
+ user: ${linux:system:user:mmatuszkowiak}
+ mkobus:
+ enabled: true
+ public_keys:
+ - ${public_keys:mkobus}
+ user: ${linux:system:user:mkobus}
public_keys:
newt:
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC3odU+3V2uDA2ptAFL9hrJRPNEEdAyztWOZFQ5Oyd9oerTGOU3p4xmrgWWjfKFKbYGhiiIUcYAol5PkTfKukGEkkjCHYA1t023soCaaAj85wCZCnw2zQNAziwxTYmAzTqgxiSvtZNMMrtJvFHRIRDzJ3M1lV0prWNWkMM1/3FAd4W49y6VT3fkMCo8uqG7CfGdgR2DgBCxf9KaNPfW5eDEPOgmE5lK8tVSEI6T+Cg7hbcTf4lFYnlFBnlQgp/0JstsM4Vbwb4B34LOpOsf2S8rrWk2xQMjwaMHXkc2s/E8iW3F5nVFuyEXYISFQIiAHw8dzC6CHgLcyHUVWwznKawZ newt@newt-dev1
@@ -221,3 +245,7 @@
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMdgjQ/jeWwQTaPyy7G5JJAkM+QPNPFkzMldPHJzOxEBzt/M5zAooj0XgbRIDIztolhXhmj8N5QSG5n3Wn9T9e2KpoxrLaVhMV5WGTgMrXMmyT8oXLV3gLxGNHMWFvplSbHLK78EsZQQ1/kBQMyPXB1+FpIuSHVOxaospOQObJ08lvQfvlO7AUUV4ecpFj3PpV5vkKPRS+KfiRm84BeGIu51BL1BClZcOyHZPBQT+DUBjm8y4Nd7pVZRjsiBzZBvUotCbn5+RqWJnu4kyoGoRNmk8pvCx7jGL1G9rE8NNsKlCUWedvyNkDeoWKvleJuzkj3ggfuCj/iTtDoXFR95e3
crh:
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDjW4PSMoILjoZWDM8RnbiW6HXHBFntnDd6jgAlokJhTpYIjzUHpoh/OqphraKbNFnPbzL2nkIbaKZqKj+uuvbsitHnApmdFgSpOmBRGeaSExA30GqweYrIMKN5JAQTbONZWLSm+LD689CXRv2s6Th/YMELYfoi2W0pkvwiBdr+/0NxpdRvJydCn36SE6wOigu4uJXIXeNqIjTD+x4sW6GB54Ugbg+SMmI9D5ONlmfEj8K/ZmG1THdPGOLlquy/VLiuOBuwNoJCBV9shsGEmdg8NiOu8NPupQlsbmClZDbBAklJ0AF6ElAwKSiqCOhbaa7hu4qJFrCKC+XAgYxS9t7r
+ mmatuszkowiak:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDC6TGCQAH3FGNSOhSbovhwODabOAsgVqG71rEDdXvDSShwyNB3RIICefas3mdSLsG7+1K9mZ1jicWzNbotvePwzrM/MESzntzp4QZ5J/9L3BMiqWWKL2u6BQ65LGe0YMzMmdSkqMAj0uxt3+OiFDPDrwqH6qN0hwxAJM+byeUlQW8uWQYm/pmWMD60GUrnjYUfKfEa/S3symaZBHQvjtp26De8D6u/jr4TWi5VJpKqVREqU7Z4IKwn8JvHMmUbRO4endW3cRiv35Qb7s66rO6TD0KlDFnnTxOtFvLhL51j58X4MrV9FHUI6czoqjAgEDe9CW7DzZ1xMj03d6IAipgL
+ mkobus:
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCBqe3X+LrneiuieWGjlw5wRtgixBu2Q8LZjH6W+8nsOkB7iN6qRdKom3jac1Cdd5wSJ0NFAhDNcTLK4Etz/3YACglsTxk09TzXlqs1V0Y7U5a2eqn3KTOgMNsJ1aOhFq/LnmUwTdN8NXac6TIkwZZBj5KhHSvIoO+mfsascct5FIVU/+p32d3o/4NqMDDdTg/qxIMKQsh5sw5Y9Tz9h28LGbDh+QF2lW+b5YJhnCG21Uw17xcyxf3/53EpJwTXfElonSR7HMVLxrq7oDzmqKFZ2z8i9do6EgODKlZpSkxiAFOBw5oA2hPtEeqtXqvddu2FcNGuSNhx/6O8ZHIKq3Xh/tTOYnoc+qYDMRCzDwzeyivfr5Ci3n64giUaZl+KUr6D1CKeL2s8j9+kod/1JJDEeoYR+V93MTiTD/39N8eQAGv+6r9HBapXIkvr3iNuTH1+5eN36Vc90jXXRmGMZkF5P9ivNGDZGcy2pBwwPg/bRn2xb0zx1fsxd4qOi+Cd7mBCF4+SfnVCqUd2H9R0O3S7WgfLr+wOXpFq6/WwgjzI9RVhLJ5cZmePJKvYZYYhkAxsVwWSE639zFFuU1zhFXr49wa0njK9DdYWiQEhOki0ki3huABmVbWKg/zP1Rlllmtk0S4mwggJ57JYbuhEV3a1x1KOtWMzODW5cb3HlPTQw==
diff --git a/panko/server/cluster.yml b/panko/server/cluster.yml
new file mode 100644
index 0000000..d2d4b9b
--- /dev/null
+++ b/panko/server/cluster.yml
@@ -0,0 +1,6 @@
+classes:
+- service.panko.server.cluster
+- service.haproxy.proxy.single
+- system.apache.server.site.panko
+- system.haproxy.proxy.listen.openstack.panko
+- system.keepalived.cluster.instance.openstack_telemetry_vip
\ No newline at end of file
diff --git a/prometheus/relay/init.yml b/prometheus/relay/init.yml
new file mode 100644
index 0000000..a240458
--- /dev/null
+++ b/prometheus/relay/init.yml
@@ -0,0 +1,3 @@
+classes:
+ - service.prometheus.relay
+ - service.prometheus.relay.cluster
diff --git a/prometheus/server/standalone.yml b/prometheus/server/standalone.yml
new file mode 100644
index 0000000..cdddb9a
--- /dev/null
+++ b/prometheus/server/standalone.yml
@@ -0,0 +1,7 @@
+classes:
+- service.prometheus.server.standalone
+parameters:
+ prometheus:
+ server:
+ version: 2.0
+
diff --git a/prometheus/server/target/dns.yml b/prometheus/server/target/dns.yml
deleted file mode 100644
index e2745f1..0000000
--- a/prometheus/server/target/dns.yml
+++ /dev/null
@@ -1,32 +0,0 @@
-parameters:
- prometheus:
- server:
- target:
- dns:
- enabled: true
- endpoint:
- - name: 'pushgateway'
- domain:
- - 'tasks.monitoring_pushgateway'
- type: A
- port: ${prometheus:pushgateway:bind:port}
- - name: 'prometheus'
- domain:
- - 'tasks.monitoring_server'
- type: A
- port: ${prometheus:server:bind:port}
- - name: 'alertmanager'
- domain:
- - 'tasks.monitoring_alertmanager'
- type: A
- port: ${prometheus:alertmanager:bind:port}
- - name: 'remote_agent'
- domain:
- - 'tasks.monitoring_remote_agent'
- type: A
- port: ${telegraf:remote_agent:output:prometheus_client:bind:port}
- - name: 'remote_storage_adapter'
- domain:
- - 'tasks.monitoring_remote_storage_adapter'
- type: A
- port: ${prometheus:remote_storage_adapter:bind:port}
diff --git a/prometheus/server/target/dns/alertmanager.yml b/prometheus/server/target/dns/alertmanager.yml
new file mode 100644
index 0000000..78172d1
--- /dev/null
+++ b/prometheus/server/target/dns/alertmanager.yml
@@ -0,0 +1,12 @@
+parameters:
+ prometheus:
+ server:
+ target:
+ dns:
+ enabled: true
+ endpoint:
+ - name: 'alertmanager'
+ domain:
+ - 'tasks.monitoring_alertmanager'
+ type: A
+ port: ${prometheus:alertmanager:bind:port}
diff --git a/prometheus/server/target/dns/init.yml b/prometheus/server/target/dns/init.yml
new file mode 100644
index 0000000..361d296
--- /dev/null
+++ b/prometheus/server/target/dns/init.yml
@@ -0,0 +1,6 @@
+classes:
+- system.prometheus.server.target.dns.alertmanager
+- system.prometheus.server.target.dns.prometheus
+- system.prometheus.server.target.dns.pushgateway
+- system.prometheus.server.target.dns.remote_agent
+- system.prometheus.server.target.dns.remote_storage_adapter
diff --git a/prometheus/server/target/dns/prometheus.yml b/prometheus/server/target/dns/prometheus.yml
new file mode 100644
index 0000000..abffe03
--- /dev/null
+++ b/prometheus/server/target/dns/prometheus.yml
@@ -0,0 +1,12 @@
+parameters:
+ prometheus:
+ server:
+ target:
+ dns:
+ enabled: true
+ endpoint:
+ - name: 'prometheus'
+ domain:
+ - 'tasks.monitoring_server'
+ type: A
+ port: ${prometheus:server:bind:port}
diff --git a/prometheus/server/target/dns/pushgateway.yml b/prometheus/server/target/dns/pushgateway.yml
new file mode 100644
index 0000000..9022fa7
--- /dev/null
+++ b/prometheus/server/target/dns/pushgateway.yml
@@ -0,0 +1,12 @@
+parameters:
+ prometheus:
+ server:
+ target:
+ dns:
+ enabled: true
+ endpoint:
+ - name: 'pushgateway'
+ domain:
+ - 'tasks.monitoring_pushgateway'
+ type: A
+ port: ${prometheus:pushgateway:bind:port}
\ No newline at end of file
diff --git a/prometheus/server/target/dns/remote_agent.yml b/prometheus/server/target/dns/remote_agent.yml
new file mode 100644
index 0000000..6801ffc
--- /dev/null
+++ b/prometheus/server/target/dns/remote_agent.yml
@@ -0,0 +1,12 @@
+parameters:
+ prometheus:
+ server:
+ target:
+ dns:
+ enabled: true
+ endpoint:
+ - name: 'remote_agent'
+ domain:
+ - 'tasks.monitoring_remote_agent'
+ type: A
+ port: ${telegraf:remote_agent:output:prometheus_client:bind:port}
diff --git a/prometheus/server/target/dns/remote_storage_adapter.yml b/prometheus/server/target/dns/remote_storage_adapter.yml
new file mode 100644
index 0000000..618f438
--- /dev/null
+++ b/prometheus/server/target/dns/remote_storage_adapter.yml
@@ -0,0 +1,12 @@
+parameters:
+ prometheus:
+ server:
+ target:
+ dns:
+ enabled: true
+ endpoint:
+ - name: 'remote_storage_adapter'
+ domain:
+ - 'tasks.monitoring_remote_storage_adapter'
+ type: A
+ port: ${prometheus:remote_storage_adapter:bind:port}
diff --git a/prometheus/server/target/federation/all_metrics.yml b/prometheus/server/target/federation/all_metrics.yml
new file mode 100644
index 0000000..f6a4ae3
--- /dev/null
+++ b/prometheus/server/target/federation/all_metrics.yml
@@ -0,0 +1,9 @@
+parameters:
+ prometheus:
+ server:
+ target:
+ static:
+ prometheus_federation:
+ params:
+ match[]:
+ - '{__name__=~".+"}'
diff --git a/prometheus/server/target/federation/init.yml b/prometheus/server/target/federation/init.yml
new file mode 100644
index 0000000..564af82
--- /dev/null
+++ b/prometheus/server/target/federation/init.yml
@@ -0,0 +1,17 @@
+parameters:
+ prometheus:
+ server:
+ target:
+ static:
+ prometheus:
+ endpoint:
+ - address: 127.0.0.1
+ port: ${prometheus:server:bind:port}
+ prometheus_federation:
+ honor_labels: true
+ metrics_path: '/federate'
+ scrape_interval: 15s
+ scrape_timeout: 15s
+ endpoint:
+ - address: ${_param:stacklight_monitor_address}
+ port: 15010
diff --git a/reclass/storage/system/opendaylight_control_single.yml b/reclass/storage/system/opendaylight_control_single.yml
new file mode 100644
index 0000000..ad809f5
--- /dev/null
+++ b/reclass/storage/system/opendaylight_control_single.yml
@@ -0,0 +1,13 @@
+parameters:
+ _param:
+ opendaylight_control_hostname: odl01
+ reclass:
+ storage:
+ node:
+ opendaylight_control_node01:
+ name: ${_param:opendaylight_control_hostname}
+ domain: ${_param:cluster_domain}
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: ${_param:linux_system_codename}
+ single_address: ${_param:opendaylight_service_host}
diff --git a/reclass/storage/system/openstack_share_multi.yml b/reclass/storage/system/openstack_share_multi.yml
new file mode 100644
index 0000000..a347aec
--- /dev/null
+++ b/reclass/storage/system/openstack_share_multi.yml
@@ -0,0 +1,42 @@
+parameters:
+ _param:
+ openstack_share_node01_hostname: share01
+ openstack_share_node02_hostname: share02
+ openstack_share_node03_hostname: share03
+
+ openstack_share_node01_share_address: ${_param:single_address}
+ openstack_share_node02_share_address: ${_param:single_address}
+ openstack_share_node03_share_address: ${_param:single_address}
+ reclass:
+ storage:
+ node:
+ openstack_share_node01:
+ name: ${_param:openstack_share_node01_hostname}
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.openstack.share
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: ${_param:linux_system_codename}
+ single_address: ${_param:openstack_share_node01_address}
+ share_address: ${_param:openstack_share_node01_share_address}
+ openstack_share_node02:
+ name: ${_param:openstack_share_node02_hostname}
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.openstack.share
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: ${_param:linux_system_codename}
+ single_address: ${_param:openstack_share_node02_address}
+ share_address: ${_param:openstack_share_node02_share_address}
+ openstack_share_node03:
+ name: ${_param:openstack_share_node03_hostname}
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.openstack.share
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: ${_param:linux_system_codename}
+ single_address: ${_param:openstack_share_node03_address}
+ share_address: ${_param:openstack_share_node03_share_address}
diff --git a/reclass/storage/system/openstack_share_single.yml b/reclass/storage/system/openstack_share_single.yml
new file mode 100644
index 0000000..cb33dde
--- /dev/null
+++ b/reclass/storage/system/openstack_share_single.yml
@@ -0,0 +1,16 @@
+parameters:
+ _param:
+ openstack_share_node01_hostname: share01
+ reclass:
+ storage:
+ node:
+ openstack_share_node01:
+ name: ${_param:openstack_share_node01_hostname}
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.openstack.share
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: ${_param:linux_system_codename}
+ single_address: ${_param:openstack_share_node01_address}
+ share_address: ${_param:openstack_share_node01_share_address}
diff --git a/salt/control/sizes/ceph.yml b/salt/control/sizes/ceph.yml
new file mode 100644
index 0000000..7b46367
--- /dev/null
+++ b/salt/control/sizes/ceph.yml
@@ -0,0 +1,23 @@
+parameters:
+ _param:
+ salt_control_size_cpu_ceph_mon: 8
+ salt_control_size_ram_ceph_mon: 16384
+ salt_control_size_disk_profile_ceph_mon: large
+ salt_control_size_net_profile_cpu_ceph_mon: default
+ salt_control_size_cpu_ceph_rgw: 8
+ salt_control_size_ram_ceph_rgw: 16384
+ salt_control_size_disk_profile_ceph_rgw: small
+ salt_control_size_net_profile_cpu_ceph_rgw: default
+ salt:
+ control:
+ size:
+ ceph.mon:
+ cpu: ${_param:salt_control_size_cpu_ceph_mon}
+ ram: ${_param:salt_control_size_ram_ceph_mon}
+ disk_profile: ${_param:salt_control_size_disk_profile_ceph_mon}
+ net_profile: ${_param:salt_control_size_net_profile_ceph_mon}
+ ceph.rgw:
+ cpu: ${_param:salt_control_size_cpu_ceph_rgw}
+ ram: ${_param:salt_control_size_ram_ceph_rgw}
+ disk_profile: ${_param:salt_control_size_disk_profile_ceph_rgw}
+ net_profile: ${_param:salt_control_size_net_profile_ceph_rgw}
diff --git a/salt/control/sizes/cicd.yml b/salt/control/sizes/cicd.yml
new file mode 100644
index 0000000..1099649
--- /dev/null
+++ b/salt/control/sizes/cicd.yml
@@ -0,0 +1,14 @@
+parameters:
+ _param:
+ salt_control_size_cpu_cicd_control: 8
+ salt_control_size_ram_cicd_control: 32768
+ salt_control_size_disk_profile_cicd_control: huge
+ salt_control_size_net_profile_cpu_cicd_control: default
+ salt:
+ control:
+ size:
+ cicd.control:
+ cpu: ${_param:salt_control_size_cpu_cicd_control}
+ ram: ${_param:salt_control_size_ram_cicd_control}
+ disk_profile: ${_param:salt_control_size_disk_profile_cicd_control}
+ net_profile: ${_param:salt_control_size_net_profile_cicd_control}
diff --git a/salt/control/sizes/opencontrail.yml b/salt/control/sizes/opencontrail.yml
new file mode 100644
index 0000000..85a348d
--- /dev/null
+++ b/salt/control/sizes/opencontrail.yml
@@ -0,0 +1,23 @@
+parameters:
+ _param:
+ salt_control_size_cpu_opencontrail_control: 8
+ salt_control_size_ram_opencontrail_control: 65536
+ salt_control_size_disk_profile_opencontrail_control: large
+ salt_control_size_net_profile_cpu_opencontrail_control: default
+ salt_control_size_cpu_opencontrail_analytics: 16
+ salt_control_size_ram_opencontrail_analytics: 98304
+ salt_control_size_disk_profile_opencontrail_analytics: huge
+ salt_control_size_net_profile_cpu_opencontrail_analytics: default
+ salt:
+ control:
+ size:
+ opencontrail.control:
+ cpu: ${_param:salt_control_size_cpu_opencontrail_control}
+ ram: ${_param:salt_control_size_ram_opencontrail_control}
+ disk_profile: ${_param:salt_control_size_disk_profile_opencontrail_control}
+ net_profile: ${_param:salt_control_size_net_profile_opencontrail_control}
+ opencontrail.analytics:
+ cpu: ${_param:salt_control_size_cpu_opencontrail_analytics}
+ ram: ${_param:salt_control_size_ram_opencontrail_analytics}
+ disk_profile: ${_param:salt_control_size_disk_profile_opencontrail_analytics}
+ net_profile: ${_param:salt_control_size_net_profile_opencontrail_analytics}
diff --git a/salt/control/sizes/openstack.yml b/salt/control/sizes/openstack.yml
new file mode 100644
index 0000000..4283c73
--- /dev/null
+++ b/salt/control/sizes/openstack.yml
@@ -0,0 +1,50 @@
+parameters:
+ _param:
+ salt_control_size_cpu_openstack_control: 8
+ salt_control_size_ram_openstack_control: 65536
+ salt_control_size_disk_profile_openstack_control: large
+ salt_control_size_net_profile_cpu_openstack_control: default
+ salt_control_size_cpu_openstack_database: 8
+ salt_control_size_ram_openstack_database: 32768
+ salt_control_size_disk_profile_openstack_database: large
+ salt_control_size_net_profile_cpu_openstack_database: default
+ salt_control_size_cpu_openstack_message_queue: 16
+ salt_control_size_ram_openstack_message_queue: 65536
+ salt_control_size_disk_profile_openstack_message_queue: xxlarge
+ salt_control_size_net_profile_cpu_openstack_message_queue: default
+ salt_control_size_cpu_openstack_proxy: 4
+ salt_control_size_ram_openstack_proxy: 16384
+ salt_control_size_disk_profile_openstack_proxy: large
+ salt_control_size_net_profile_cpu_openstack_proxy: default
+ salt_control_size_cpu_openstack_upgrade: 8
+ salt_control_size_ram_openstack_upgrade: 16384
+ salt_control_size_disk_profile_openstack_upgrade: medium
+ salt_control_size_net_profile_cpu_openstack_upgrade: default
+ salt:
+ control:
+ size:
+ openstack.control:
+ cpu: ${_param:salt_control_size_cpu_openstack_control}
+ ram: ${_param:salt_control_size_ram_openstack_control}
+ disk_profile: ${_param:salt_control_size_disk_profile_openstack_control}
+ net_profile: ${_param:salt_control_size_net_profile_openstack_control}
+ openstack.database:
+ cpu: ${_param:salt_control_size_cpu_openstack_database}
+ ram: ${_param:salt_control_size_ram_openstack_database}
+ disk_profile: ${_param:salt_control_size_disk_profile_openstack_database}
+ net_profile: ${_param:salt_control_size_net_profile_openstack_database}
+ openstack.message_queue:
+ cpu: ${_param:salt_control_size_cpu_openstack_message_queue}
+ ram: ${_param:salt_control_size_ram_openstack_message_queue}
+ disk_profile: ${_param:salt_control_size_disk_profile_openstack_message_queue}
+ net_profile: ${_param:salt_control_size_net_profile_openstack_message_queue}
+ openstack.proxy:
+ cpu: ${_param:salt_control_size_cpu_openstack_proxy}
+ ram: ${_param:salt_control_size_ram_openstack_proxy}
+ disk_profile: ${_param:salt_control_size_disk_profile_openstack_proxy}
+ net_profile: ${_param:salt_control_size_net_profile_openstack_proxy}
+ openstack.upgrade:
+ cpu: ${_param:salt_control_size_cpu_openstack_upgrade}
+ ram: ${_param:salt_control_size_ram_openstack_upgrade}
+ disk_profile: ${_param:salt_control_size_disk_profile_openstack_upgrade}
+ net_profile: ${_param:salt_control_size_net_profile_openstack_upgrade}
diff --git a/salt/control/sizes/stacklight.yml b/salt/control/sizes/stacklight.yml
new file mode 100644
index 0000000..50f2803
--- /dev/null
+++ b/salt/control/sizes/stacklight.yml
@@ -0,0 +1,23 @@
+parameters:
+ _param:
+ salt_control_size_cpu_stacklight_log: 8
+ salt_control_size_ram_stacklight_log: 16384
+ salt_control_size_disk_profile_stacklight_log: large
+ salt_control_size_net_profile_cpu_stacklight_log: default
+ salt_control_size_cpu_stacklight_server: 8
+ salt_control_size_ram_stacklight_server: 16384
+ salt_control_size_disk_profile_stacklight_server: large
+ salt_control_size_net_profile_cpu_stacklight_server: default
+ salt:
+ control:
+ size:
+ stacklight.log:
+ cpu: ${_param:salt_control_size_cpu_stacklight_log}
+ ram: ${_param:salt_control_size_ram_stacklight_log}
+ disk_profile: ${_param:salt_control_size_disk_profile_stacklight_log}
+ net_profile: ${_param:salt_control_size_net_profile_stacklight_log}
+ stacklight.server:
+ cpu: ${_param:salt_control_size_cpu_stacklight_server}
+ ram: ${_param:salt_control_size_ram_stacklight_server}
+ disk_profile: ${_param:salt_control_size_disk_profile_stacklight_server}
+ net_profile: ${_param:salt_control_size_net_profile_stacklight_server}
\ No newline at end of file
diff --git a/salt/master/formula/git/gnocchi.yml b/salt/master/formula/git/gnocchi.yml
new file mode 100644
index 0000000..53d2f56
--- /dev/null
+++ b/salt/master/formula/git/gnocchi.yml
@@ -0,0 +1,10 @@
+parameters:
+ salt:
+ master:
+ environment:
+ dev:
+ formula:
+ gnocchi:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-gnocchi.git'
+ revision: ${_param:salt_master_environment_revision}
diff --git a/salt/master/formula/git/manila.yml b/salt/master/formula/git/manila.yml
new file mode 100644
index 0000000..b9cf3e0
--- /dev/null
+++ b/salt/master/formula/git/manila.yml
@@ -0,0 +1,10 @@
+parameters:
+ salt:
+ master:
+ environment:
+ dev:
+ formula:
+ manila:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-manila.git'
+ revision: ${_param:salt_master_environment_revision}
diff --git a/salt/master/formula/git/monitoring.yml b/salt/master/formula/git/monitoring.yml
index e0cf30d..ab8a8fc 100644
--- a/salt/master/formula/git/monitoring.yml
+++ b/salt/master/formula/git/monitoring.yml
@@ -4,6 +4,10 @@
environment:
dev:
formula:
+ fluentd:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-fluentd.git'
+ revision: ${_param:salt_master_environment_revision}
prometheus:
source: git
address: '${_param:salt_master_environment_repository}/salt-formula-prometheus.git'
diff --git a/salt/master/formula/git/panko.yml b/salt/master/formula/git/panko.yml
new file mode 100644
index 0000000..045331b
--- /dev/null
+++ b/salt/master/formula/git/panko.yml
@@ -0,0 +1,10 @@
+parameters:
+ salt:
+ master:
+ environment:
+ dev:
+ formula:
+ panko:
+ source: git
+ address: '${_param:salt_master_environment_repository}/salt-formula-panko.git'
+ revision: ${_param:salt_master_environment_revision}
diff --git a/salt/master/formula/pkg/gnocchi.yml b/salt/master/formula/pkg/gnocchi.yml
new file mode 100644
index 0000000..2f49b99
--- /dev/null
+++ b/salt/master/formula/pkg/gnocchi.yml
@@ -0,0 +1,9 @@
+parameters:
+ salt:
+ master:
+ environment:
+ prd:
+ formula:
+ gnocchi:
+ source: pkg
+ name: salt-formula-gnocchi
diff --git a/salt/master/formula/pkg/manila.yml b/salt/master/formula/pkg/manila.yml
new file mode 100644
index 0000000..4777a36
--- /dev/null
+++ b/salt/master/formula/pkg/manila.yml
@@ -0,0 +1,9 @@
+parameters:
+ salt:
+ master:
+ environment:
+ prd:
+ formula:
+ manila:
+ source: pkg
+ name: salt-formula-manila
diff --git a/salt/master/formula/pkg/monitoring.yml b/salt/master/formula/pkg/monitoring.yml
index 375cbd8..9e2db0b 100644
--- a/salt/master/formula/pkg/monitoring.yml
+++ b/salt/master/formula/pkg/monitoring.yml
@@ -4,6 +4,9 @@
environment:
prd:
formula:
+ fluentd:
+ source: pkg
+ name: salt-formula-fluentd
prometheus:
source: pkg
name: salt-formula-prometheus
diff --git a/salt/master/formula/pkg/panko.yml b/salt/master/formula/pkg/panko.yml
new file mode 100644
index 0000000..d4d8b8f
--- /dev/null
+++ b/salt/master/formula/pkg/panko.yml
@@ -0,0 +1,9 @@
+parameters:
+ salt:
+ master:
+ environment:
+ prd:
+ formula:
+ panko:
+ source: pkg
+ name: salt-formula-panko
diff --git a/salt/master/single.yml b/salt/master/single.yml
index 9764a97..fbb32f2 100644
--- a/salt/master/single.yml
+++ b/salt/master/single.yml
@@ -13,7 +13,8 @@
master:
accept_policy: auto_accept
worker_threads: 40
+ max_open_files: 15000
command_timeout: 10
peer:
'.*':
- - x509.sign_remote_certificate
+ - x509.sign_remote_certificate
\ No newline at end of file
diff --git a/salt/minion/cert/rabbitmq_server.yml b/salt/minion/cert/rabbitmq_server.yml
index 59972fe..78520e2 100644
--- a/salt/minion/cert/rabbitmq_server.yml
+++ b/salt/minion/cert/rabbitmq_server.yml
@@ -18,5 +18,6 @@
cert_file: ${rabbitmq:server:ssl:cert_file}
all_file: ${rabbitmq:server:ssl:all_file}
ca_file: ${rabbitmq:server:ssl:ca_file}
- user: rabbitmq
- group: rabbitmq
\ No newline at end of file
+ user: root
+ group: rabbitmq
+ mode: 640
diff --git a/salt/minion/single.yml b/salt/minion/single.yml
new file mode 100644
index 0000000..9d20aff
--- /dev/null
+++ b/salt/minion/single.yml
@@ -0,0 +1,10 @@
+parameters:
+ salt:
+ minion:
+ acceptance_wait_time_max: 60
+ acceptance_wait_time: 10
+ random_reauth_delay: 270
+ recon_default: 1000
+ recon_max: 60000
+ recon_randomize: True
+ auth_timeout: 60
\ No newline at end of file