Merge "Deploy jenkins using docker compose"
diff --git a/.releasenotes/notes/elasticsearch-new-parameter-93a08f64ff1a22ab.yaml b/.releasenotes/notes/elasticsearch-new-parameter-93a08f64ff1a22ab.yaml
new file mode 100644
index 0000000..2382274
--- /dev/null
+++ b/.releasenotes/notes/elasticsearch-new-parameter-93a08f64ff1a22ab.yaml
@@ -0,0 +1,15 @@
+---
+summary: >
+ Added a new parameter for Elasticsearch
+
+features:
+ - |
+ Added the ``elasticsearch_version`` parameter to specify which version of
+ Elasticsearch should be deployed. By default, Elasticsearch v2 is
+ installed.
+
+ To deploy Elasticsearch v5, specify the ``elasticsearch_version: 5``
+ parameter in the
+ ``classes/cluster/<cluster_name>/stacklight/server.yml`` file of
+ the Reclass model of your MCP deployment.
+
diff --git a/docker/swarm/stack/security_monkey.yml b/docker/swarm/stack/security_monkey.yml
index b5a1100..3b9c272 100644
--- a/docker/swarm/stack/security_monkey.yml
+++ b/docker/swarm/stack/security_monkey.yml
@@ -2,6 +2,8 @@
_param:
docker_security_monkey_api_replicas: 1
docker_security_monkey_scheduler_replicas: 1
+ secmonkey_login_id: 11
+ secmonkey_application_id: 1
docker_image_security_monkey_api: docker-prod-local.artifactory.mirantis.com/mirantis/oss/security-monkey-api
docker_image_security_monkey_scheduler: docker-prod-local.artifactory.mirantis.com/mirantis/oss/security-monkey-scheduler
security_monkey_bind_host: security-audit-api
@@ -45,6 +47,8 @@
WEB_PORT: ${_param:security_monkey_web_port}
API_PORT: ${_param:security_monkey_api_port}
NGINX_PORT: ${_param:security_monkey_nginx_port}
+ NOTIFICATIONS_APP_ID: ${_param:secmonkey_application_id}
+ NOTIFICATIONS_LOGIN_ID: ${_param:secmonkey_login_id}
NOTIFICATIONS_SERVICE_URL: ${_param:notification_service_url}
DEFAULT_USER: ${_param:security_monkey_user}
DEFAULT_PASSWORD: ${_param:security_monkey_password}
@@ -63,7 +67,7 @@
SM_WTF_CSRF_ENABLED: ${_param:devops_portal_sm_wtf_csrf_enabled}
SECURITY_MONKEY_SYNC_INTERVAL: ${_param:security_monkey_sync_interval}
SQLALCHEMY_DATABASE_URI: postgresql://${_param:secmonkey_db_user}:${_param:secmonkey_db_user_password}@${_param:secmonkey_db_host}:${_param:haproxy_postgresql_bind_port}/${_param:security_monkey_db}
- SQLALCHEMY_POOL_RECYCLE: 14400
+ SQLALCHEMY_POOL_RECYCLE: 25000
service:
security-audit-api:
image: ${_param:docker_image_security_monkey_api}
diff --git a/fluentd/label/default_output/elasticsearch.yml b/fluentd/label/default_output/elasticsearch.yml
new file mode 100644
index 0000000..3c26d15
--- /dev/null
+++ b/fluentd/label/default_output/elasticsearch.yml
@@ -0,0 +1,15 @@
+classes:
+- service.fluentd.agent.output.elasticsearch
+parameters:
+ _params:
+ fluentd_elasticsearch_host: 127.0.0.1
+ elasticsearch_port: 9200
+ fluentd:
+ agent:
+ config:
+ label:
+ default_output:
+ match:
+ elasticsearch_output:
+ host: ${_param:fluentd_elasticsearch_host}
+ port: ${_param:elasticsearch_port}
diff --git a/jenkins/client/job/aptly.yml b/jenkins/client/job/aptly.yml
index 256c04a..82e5ac7 100644
--- a/jenkins/client/job/aptly.yml
+++ b/jenkins/client/job/aptly.yml
@@ -1,4 +1,6 @@
parameters:
+ _param:
+ jenkins_aptly_storages: "local"
jenkins:
client:
view:
@@ -92,3 +94,7 @@
type: string
default: "all"
description: "Comma separated list (,)"
+ STORAGES:
+ type: string
+ default: "${_param:jenkins_aptly_storages}"
+ description: "Comma separated list of storage"
diff --git a/jenkins/client/job/ceph/replace-failed-osd.yml b/jenkins/client/job/ceph/replace-failed-osd.yml
index d50872e..775915f 100644
--- a/jenkins/client/job/ceph/replace-failed-osd.yml
+++ b/jenkins/client/job/ceph/replace-failed-osd.yml
@@ -44,6 +44,10 @@
type: boolean
default: 'false'
description: Wait for healthy during pipeline
+ DMCRYPT:
+ type: boolean
+ default: 'false'
+ description: Check if replacing osds were encrypted
CLUSTER_FLAGS:
type: string
description: Flags to be aplied before pipeline and after pipeline (comma-separated list)
diff --git a/jenkins/client/job/deploy/lab/component/ceph.yml b/jenkins/client/job/deploy/lab/component/ceph.yml
index e9e3d64..b927c5d 100644
--- a/jenkins/client/job/deploy/lab/component/ceph.yml
+++ b/jenkins/client/job/deploy/lab/component/ceph.yml
@@ -15,3 +15,10 @@
stack_install: core,ceph
stack_test: "ceph"
job_timer: "H H * * *"
+ - stack_name: os_ha_ovs_ceph
+ stack_env: devcloud
+ stack_type: heat
+ stack_install: core,openstack,ovs,ceph
+ stack_test: ""
+ job_timer: "H H(0-6) * * *"
+
diff --git a/jenkins/client/job/git-mirrors/upstream/oss.yml b/jenkins/client/job/git-mirrors/upstream/oss.yml
index af3f816..57ce1a2 100644
--- a/jenkins/client/job/git-mirrors/upstream/oss.yml
+++ b/jenkins/client/job/git-mirrors/upstream/oss.yml
@@ -7,3 +7,7 @@
downstream: oss/rundeck-cis-jobs
upstream: "git@github.com:Mirantis/rundeck-cis-jobs"
branches: master
+ - name: security-monkey
+ downstream: oss/security-monkey
+ upstream: "git@github.com:Netflix/security_monkey.git"
+ branches: develop
diff --git a/jenkins/client/job/salt-models/tests.yml b/jenkins/client/job/salt-models/tests.yml
index 0440b28..19ed2e0 100644
--- a/jenkins/client/job/salt-models/tests.yml
+++ b/jenkins/client/job/salt-models/tests.yml
@@ -164,7 +164,7 @@
default: "1"
EXTRA_FORMULAS:
type: string
- default: "xtrabackup docker haproxy aptly keepalived gerrit jenkins openldap maas backupninja"
+ default: "aptly artifactory backupninja collectd devops-portal docker elasticsearch freeipa gerrit glusterfs grafana haproxy heka horizon influxdb jenkins keepalived kibana libvirt maas memcached mysql nginx ntp openldap openssh postfix prometheus rsync rsyslog rundeck sensu sphinx telegraf xtrabackup"
job:
test-salt-model-node:
name: test-salt-model-node
diff --git a/opencontrail/control/analytics4_0.yml b/opencontrail/control/analytics4_0.yml
index 11ad4d3..a426e02 100644
--- a/opencontrail/control/analytics4_0.yml
+++ b/opencontrail/control/analytics4_0.yml
@@ -30,9 +30,9 @@
config_only: true
discovery:
host: None
+ identity:
+ host: ${_param:openstack_control_address}
analytics:
- identity:
- host: ${_param:openstack_control_address}
members:
- host: ${_param:opencontrail_analytics_node01_address}
- host: ${_param:opencontrail_analytics_node02_address}
diff --git a/opencontrail/control/cluster4_0.yml b/opencontrail/control/cluster4_0.yml
index 1ee9ca5..9796930 100644
--- a/opencontrail/control/cluster4_0.yml
+++ b/opencontrail/control/cluster4_0.yml
@@ -83,6 +83,8 @@
host: ${_param:openstack_control_address}
control:
config_only: true
+ identity:
+ host: ${_param:openstack_control_address}
analytics:
members:
- host: ${_param:cluster_node01_address}
diff --git a/opencontrail/control/single4_0.yml b/opencontrail/control/single4_0.yml
index de6f558..ded5289 100644
--- a/opencontrail/control/single4_0.yml
+++ b/opencontrail/control/single4_0.yml
@@ -128,6 +128,8 @@
- host: ${_param:single_address}
collector:
config_only: true
+ identity:
+ host: ${_param:openstack_control_address}
discovery:
host: None
database:
diff --git a/postgresql/client/security_monkey.yml b/postgresql/client/security_monkey.yml
index a7a341f..c47e241 100644
--- a/postgresql/client/security_monkey.yml
+++ b/postgresql/client/security_monkey.yml
@@ -5,8 +5,6 @@
secmonkey_db_host: ${_param:haproxy_postgresql_bind_host}
secmonkey_db_user: secmonkey
secmonkey_db_user_password: secmonkey
- secmonkey_login_id: 11
- secmonkey_application_id: 1
postgresql:
client:
server:
diff --git a/releasenotes/notes/elasticsearch-new-parameter-93a08f64ff1a22ab.yaml b/releasenotes/notes/elasticsearch-new-parameter-93a08f64ff1a22ab.yaml
deleted file mode 100644
index 00a44b2..0000000
--- a/releasenotes/notes/elasticsearch-new-parameter-93a08f64ff1a22ab.yaml
+++ /dev/null
@@ -1,11 +0,0 @@
----
-summary: >
- Added a new parameter for Elasticsearch
-features:
- - Added the ``elasticsearch_version`` parameter to specify
- which version of Elasticsearch should be deployed.
- Elasticsearch version 2 is deployed by default.
- To deploy Elasticsearch version 5, specify the
- ``elasticsearch_version: 5`` parameter in the
- ``classes/cluster/<cluster_name>/stacklight/server.yml``
- file of the Reclass model.
diff --git a/rundeck/client/project/cicd.yml b/rundeck/client/project/cicd.yml
index ed8b256..4cbcd40 100644
--- a/rundeck/client/project/cicd.yml
+++ b/rundeck/client/project/cicd.yml
@@ -6,6 +6,7 @@
rundeck_cis_os_docker_image: docker-prod-local.artifactory.mirantis.com/mirantis/oss/cis-openstack:latest
rundeck_cis_openstack:
auth_url: http://yourcloud.com:5000/v3/auth/tokens
+ endpoint_type: publicURL
username: admin
password: password
cert: plain-certificate
@@ -47,6 +48,9 @@
cis/openstack/auth_url:
type: password
content: ${_param:rundeck_cis_openstack:auth_url}
+ cis/openstack/endpoint_type:
+ type: password
+ content: ${_param:rundeck_cis_openstack:endpoint_type}
cis/openstack/username:
type: password
content: ${_param:rundeck_cis_openstack:username}