Merge "Add fluentd-based notification transport"
diff --git a/defaults/glusterfs.yml b/defaults/glusterfs.yml
new file mode 100644
index 0000000..72a68da
--- /dev/null
+++ b/defaults/glusterfs.yml
@@ -0,0 +1,4 @@
+parameters:
+ _param:
+ glusterfs_allow_ips: '*'
+ glusterfs_reject_ips: none
diff --git a/defaults/init.yml b/defaults/init.yml
index 72ca17c..2683f28 100644
--- a/defaults/init.yml
+++ b/defaults/init.yml
@@ -10,6 +10,7 @@
- system.defaults.linux_system_file
- system.defaults.backupninja
- system.defaults.git
+- system.defaults.glusterfs
- system.defaults.jenkins
- system.defaults.postgresql
- system.defaults.maas
diff --git a/docker/client/compose/service/jenkins.yml b/docker/client/compose/service/jenkins.yml
index 55aacdc..7045b66 100644
--- a/docker/client/compose/service/jenkins.yml
+++ b/docker/client/compose/service/jenkins.yml
@@ -3,7 +3,7 @@
parameters:
_param:
jenkins_master_extra_opts: ""
- jenkins_master_executors_num: 4
+ jenkins_master_executors_num: 0
jenkins_master_max_concurent_requests: 40
jenkins_home_dir_path: /var/jenkins_home
docker:
diff --git a/docker/swarm/stack/jenkins/master.yml b/docker/swarm/stack/jenkins/master.yml
index ab850c0..ea4dfe5 100644
--- a/docker/swarm/stack/jenkins/master.yml
+++ b/docker/swarm/stack/jenkins/master.yml
@@ -4,7 +4,7 @@
parameters:
_param:
jenkins_master_extra_opts: ""
- jenkins_master_executors_num: 4
+ jenkins_master_executors_num: 0
jenkins_master_max_concurent_requests: 40
jenkins_home_dir_path: /var/jenkins_home
docker:
diff --git a/docker/swarm/stack/jenkins/slave01.yml b/docker/swarm/stack/jenkins/slave01.yml
index a9643ac..4791fe3 100644
--- a/docker/swarm/stack/jenkins/slave01.yml
+++ b/docker/swarm/stack/jenkins/slave01.yml
@@ -28,6 +28,7 @@
image: ${_param:docker_image_jenkins_slave}
volumes:
- /etc/ssl/certs/java/cacerts:/etc/ssl/certs/java/cacerts:ro
+ - /dev/urandom:/dev/random:ro
- /var/run/docker.sock:/var/run/docker.sock
- /usr/bin/docker:/usr/bin/docker:ro
- /var/lib/jenkins:/var/lib/jenkins
diff --git a/docker/swarm/stack/jenkins/slave02.yml b/docker/swarm/stack/jenkins/slave02.yml
index fb3e6cc..58b5a23 100644
--- a/docker/swarm/stack/jenkins/slave02.yml
+++ b/docker/swarm/stack/jenkins/slave02.yml
@@ -28,6 +28,7 @@
image: ${_param:docker_image_jenkins_slave}
volumes:
- /etc/ssl/certs/java/cacerts:/etc/ssl/certs/java/cacerts:ro
+ - /dev/urandom:/dev/random:ro
- /var/run/docker.sock:/var/run/docker.sock
- /usr/bin/docker:/usr/bin/docker:ro
- /var/lib/jenkins:/var/lib/jenkins
diff --git a/docker/swarm/stack/jenkins/slave03.yml b/docker/swarm/stack/jenkins/slave03.yml
index b10dc66..cc2acbd 100644
--- a/docker/swarm/stack/jenkins/slave03.yml
+++ b/docker/swarm/stack/jenkins/slave03.yml
@@ -28,6 +28,7 @@
image: ${_param:docker_image_jenkins_slave}
volumes:
- /etc/ssl/certs/java/cacerts:/etc/ssl/certs/java/cacerts:ro
+ - /dev/urandom:/dev/random:ro
- /var/run/docker.sock:/var/run/docker.sock
- /usr/bin/docker:/usr/bin/docker:ro
- /var/lib/jenkins:/var/lib/jenkins
diff --git a/glusterfs/server/volume/aptly.yml b/glusterfs/server/volume/aptly.yml
index 9c9e518..095ed8e 100644
--- a/glusterfs/server/volume/aptly.yml
+++ b/glusterfs/server/volume/aptly.yml
@@ -10,6 +10,8 @@
- ${_param:cluster_node02_address}:/srv/glusterfs/aptly
- ${_param:cluster_node03_address}:/srv/glusterfs/aptly
options:
+ auth.allow: ${_param:glusterfs_allow_ips}
+ auth.reject: ${_param:glusterfs_reject_ips}
cluster.readdir-optimize: On
nfs.disable: On
network.remote-dio: On
diff --git a/glusterfs/server/volume/artifactory.yml b/glusterfs/server/volume/artifactory.yml
index f70d2f0..c903d5f 100644
--- a/glusterfs/server/volume/artifactory.yml
+++ b/glusterfs/server/volume/artifactory.yml
@@ -10,6 +10,8 @@
- ${_param:cluster_node02_address}:/srv/glusterfs/artifactory
- ${_param:cluster_node03_address}:/srv/glusterfs/artifactory
options:
+ auth.allow: ${_param:glusterfs_allow_ips}
+ auth.reject: ${_param:glusterfs_reject_ips}
cluster.readdir-optimize: On
nfs.disable: On
network.remote-dio: On
diff --git a/glusterfs/server/volume/backup.yml b/glusterfs/server/volume/backup.yml
index 22e59e2..3c86bb0 100644
--- a/glusterfs/server/volume/backup.yml
+++ b/glusterfs/server/volume/backup.yml
@@ -10,6 +10,8 @@
- ${_param:cluster_node02_address}:/srv/glusterfs/backup
- ${_param:cluster_node03_address}:/srv/glusterfs/backup
options:
+ auth.allow: ${_param:glusterfs_allow_ips}
+ auth.reject: ${_param:glusterfs_reject_ips}
cluster.readdir-optimize: On
nfs.disable: On
network.remote-dio: On
diff --git a/glusterfs/server/volume/decapod.yml b/glusterfs/server/volume/decapod.yml
index e8f4c99..9a39eaa 100644
--- a/glusterfs/server/volume/decapod.yml
+++ b/glusterfs/server/volume/decapod.yml
@@ -10,6 +10,8 @@
- ${_param:cluster_node02_address}:/srv/glusterfs/decapod
- ${_param:cluster_node03_address}:/srv/glusterfs/decapod
options:
+ auth.allow: ${_param:glusterfs_allow_ips}
+ auth.reject: ${_param:glusterfs_reject_ips}
cluster.readdir-optimize: On
nfs.disable: On
network.remote-dio: On
diff --git a/glusterfs/server/volume/devops_portal.yml b/glusterfs/server/volume/devops_portal.yml
index a2f00ba..e2116cb 100644
--- a/glusterfs/server/volume/devops_portal.yml
+++ b/glusterfs/server/volume/devops_portal.yml
@@ -10,6 +10,8 @@
- ${_param:cluster_node02_address}:/srv/glusterfs/devops_portal
- ${_param:cluster_node03_address}:/srv/glusterfs/devops_portal
options:
+ auth.allow: ${_param:glusterfs_allow_ips}
+ auth.reject: ${_param:glusterfs_reject_ips}
cluster.readdir-optimize: On
nfs.disable: On
network.remote-dio: On
diff --git a/glusterfs/server/volume/elasticsearch.yml b/glusterfs/server/volume/elasticsearch.yml
index 65cf76e..e66a388 100644
--- a/glusterfs/server/volume/elasticsearch.yml
+++ b/glusterfs/server/volume/elasticsearch.yml
@@ -10,6 +10,8 @@
- ${_param:cluster_node02_address}:/srv/glusterfs/elasticsearch
- ${_param:cluster_node03_address}:/srv/glusterfs/elasticsearch
options:
+ auth.allow: ${_param:glusterfs_allow_ips}
+ auth.reject: ${_param:glusterfs_reject_ips}
cluster.readdir-optimize: On
nfs.disable: On
network.remote-dio: On
diff --git a/glusterfs/server/volume/etcd.yml b/glusterfs/server/volume/etcd.yml
index 874119e..6300593 100644
--- a/glusterfs/server/volume/etcd.yml
+++ b/glusterfs/server/volume/etcd.yml
@@ -10,6 +10,8 @@
- ${_param:cluster_node02_address}:/srv/glusterfs/etcd
- ${_param:cluster_node03_address}:/srv/glusterfs/etcd
options:
+ auth.allow: ${_param:glusterfs_allow_ips}
+ auth.reject: ${_param:glusterfs_reject_ips}
cluster.readdir-optimize: On
nfs.disable: On
network.remote-dio: On
diff --git a/glusterfs/server/volume/gerrit.yml b/glusterfs/server/volume/gerrit.yml
index 3348306..b3b036a 100644
--- a/glusterfs/server/volume/gerrit.yml
+++ b/glusterfs/server/volume/gerrit.yml
@@ -10,6 +10,8 @@
- ${_param:cluster_node02_address}:/srv/glusterfs/gerrit
- ${_param:cluster_node03_address}:/srv/glusterfs/gerrit
options:
+ auth.allow: ${_param:glusterfs_allow_ips}
+ auth.reject: ${_param:glusterfs_reject_ips}
storage.owner-gid: 1000
storage.owner-uid: 1000
cluster.readdir-optimize: On
diff --git a/glusterfs/server/volume/glance.yml b/glusterfs/server/volume/glance.yml
index d0dfdf1..38a571e 100644
--- a/glusterfs/server/volume/glance.yml
+++ b/glusterfs/server/volume/glance.yml
@@ -10,6 +10,8 @@
- ${_param:cluster_node02_address}:/srv/glusterfs/glance
- ${_param:cluster_node03_address}:/srv/glusterfs/glance
options:
+ auth.allow: ${_param:glusterfs_allow_ips}
+ auth.reject: ${_param:glusterfs_reject_ips}
cluster.readdir-optimize: On
nfs.disable: On
network.remote-dio: On
diff --git a/glusterfs/server/volume/gnocchi.yml b/glusterfs/server/volume/gnocchi.yml
index f8f5b6a..1d4ce62 100644
--- a/glusterfs/server/volume/gnocchi.yml
+++ b/glusterfs/server/volume/gnocchi.yml
@@ -10,6 +10,8 @@
- ${_param:cluster_node02_address}:/srv/glusterfs/gnocchi
- ${_param:cluster_node03_address}:/srv/glusterfs/gnocchi
options:
+ auth.allow: ${_param:glusterfs_allow_ips}
+ auth.reject: ${_param:glusterfs_reject_ips}
cluster.readdir-optimize: On
nfs.disable: On
network.remote-dio: On
diff --git a/glusterfs/server/volume/influxdb.yml b/glusterfs/server/volume/influxdb.yml
index 9a75a2f..5f56d0b 100644
--- a/glusterfs/server/volume/influxdb.yml
+++ b/glusterfs/server/volume/influxdb.yml
@@ -10,6 +10,8 @@
- ${_param:cluster_node02_address}:/srv/glusterfs/influxdb
- ${_param:cluster_node03_address}:/srv/glusterfs/influxdb
options:
+ auth.allow: ${_param:glusterfs_allow_ips}
+ auth.reject: ${_param:glusterfs_reject_ips}
cluster.readdir-optimize: On
nfs.disable: On
network.remote-dio: On
diff --git a/glusterfs/server/volume/jenkins.yml b/glusterfs/server/volume/jenkins.yml
index 38a341b..e17cdb5 100644
--- a/glusterfs/server/volume/jenkins.yml
+++ b/glusterfs/server/volume/jenkins.yml
@@ -10,6 +10,8 @@
- ${_param:cluster_node02_address}:/srv/glusterfs/jenkins
- ${_param:cluster_node03_address}:/srv/glusterfs/jenkins
options:
+ auth.allow: ${_param:glusterfs_allow_ips}
+ auth.reject: ${_param:glusterfs_reject_ips}
storage.owner-gid: 1000
storage.owner-uid: 1000
cluster.readdir-optimize: On
diff --git a/glusterfs/server/volume/jenkins_slave_multi.yml b/glusterfs/server/volume/jenkins_slave_multi.yml
index d926dfc..5d2e70a 100644
--- a/glusterfs/server/volume/jenkins_slave_multi.yml
+++ b/glusterfs/server/volume/jenkins_slave_multi.yml
@@ -12,6 +12,8 @@
- ${_param:cluster_node02_address}:/srv/glusterfs/jenkins_slaves/slave02
- ${_param:cluster_node03_address}:/srv/glusterfs/jenkins_slaves/slave02
options:
+ auth.allow: ${_param:glusterfs_allow_ips}
+ auth.reject: ${_param:glusterfs_reject_ips}
storage.owner-gid: 10000
storage.owner-uid: 10000
cluster.readdir-optimize: On
@@ -28,6 +30,8 @@
- ${_param:cluster_node02_address}:/srv/glusterfs/jenkins_slaves/slave03
- ${_param:cluster_node03_address}:/srv/glusterfs/jenkins_slaves/slave03
options:
+ auth.allow: ${_param:glusterfs_allow_ips}
+ auth.reject: ${_param:glusterfs_reject_ips}
storage.owner-gid: 10000
storage.owner-uid: 10000
cluster.readdir-optimize: On
diff --git a/glusterfs/server/volume/jenkins_slave_single.yml b/glusterfs/server/volume/jenkins_slave_single.yml
index 7056240..e9420b3 100644
--- a/glusterfs/server/volume/jenkins_slave_single.yml
+++ b/glusterfs/server/volume/jenkins_slave_single.yml
@@ -10,6 +10,8 @@
- ${_param:cluster_node02_address}:/srv/glusterfs/jenkins_slaves/slave01
- ${_param:cluster_node03_address}:/srv/glusterfs/jenkins_slaves/slave01
options:
+ auth.allow: ${_param:glusterfs_allow_ips}
+ auth.reject: ${_param:glusterfs_reject_ips}
storage.owner-gid: 10000
storage.owner-uid: 10000
cluster.readdir-optimize: On
diff --git a/glusterfs/server/volume/keycloak.yml b/glusterfs/server/volume/keycloak.yml
index c8c71f0..b22d2c3 100644
--- a/glusterfs/server/volume/keycloak.yml
+++ b/glusterfs/server/volume/keycloak.yml
@@ -10,6 +10,8 @@
- ${_param:cluster_node02_address}:/srv/glusterfs/keycloak
- ${_param:cluster_node03_address}:/srv/glusterfs/keycloak
options:
+ auth.allow: ${_param:glusterfs_allow_ips}
+ auth.reject: ${_param:glusterfs_reject_ips}
cluster.readdir-optimize: On
nfs.disable: On
network.remote-dio: On
diff --git a/glusterfs/server/volume/keystone.yml b/glusterfs/server/volume/keystone.yml
index 81e14be..e549180 100644
--- a/glusterfs/server/volume/keystone.yml
+++ b/glusterfs/server/volume/keystone.yml
@@ -10,6 +10,8 @@
- ${_param:cluster_node02_address}:/srv/glusterfs/keystone-keys
- ${_param:cluster_node03_address}:/srv/glusterfs/keystone-keys
options:
+ auth.allow: ${_param:glusterfs_allow_ips}
+ auth.reject: ${_param:glusterfs_reject_ips}
cluster.readdir-optimize: On
nfs.disable: On
network.remote-dio: On
@@ -24,6 +26,8 @@
- ${_param:cluster_node02_address}:/srv/glusterfs/keystone-credential-keys
- ${_param:cluster_node03_address}:/srv/glusterfs/keystone-credential-keys
options:
+ auth.allow: ${_param:glusterfs_allow_ips}
+ auth.reject: ${_param:glusterfs_reject_ips}
cluster.readdir-optimize: On
nfs.disable: On
network.remote-dio: On
diff --git a/glusterfs/server/volume/kqueen.yml b/glusterfs/server/volume/kqueen.yml
index 0d09c51..091a93c 100644
--- a/glusterfs/server/volume/kqueen.yml
+++ b/glusterfs/server/volume/kqueen.yml
@@ -10,6 +10,8 @@
- ${_param:cluster_node02_address}:/srv/glusterfs/kqueen
- ${_param:cluster_node03_address}:/srv/glusterfs/kqueen
options:
+ auth.allow: ${_param:glusterfs_allow_ips}
+ auth.reject: ${_param:glusterfs_reject_ips}
cluster.readdir-optimize: On
nfs.disable: On
network.remote-dio: On
diff --git a/glusterfs/server/volume/mongodb.yml b/glusterfs/server/volume/mongodb.yml
index f694ad7..0cb3a8e 100644
--- a/glusterfs/server/volume/mongodb.yml
+++ b/glusterfs/server/volume/mongodb.yml
@@ -10,6 +10,8 @@
- ${_param:cluster_node02_address}:/srv/glusterfs/mongodb
- ${_param:cluster_node03_address}:/srv/glusterfs/mongodb
options:
+ auth.allow: ${_param:glusterfs_allow_ips}
+ auth.reject: ${_param:glusterfs_reject_ips}
cluster.readdir-optimize: On
nfs.disable: On
network.remote-dio: On
diff --git a/glusterfs/server/volume/mysql.yml b/glusterfs/server/volume/mysql.yml
index 551ae40..b67975e 100644
--- a/glusterfs/server/volume/mysql.yml
+++ b/glusterfs/server/volume/mysql.yml
@@ -10,6 +10,8 @@
- ${_param:cluster_node02_address}:/srv/glusterfs/mysql
- ${_param:cluster_node03_address}:/srv/glusterfs/mysql
options:
+ auth.allow: ${_param:glusterfs_allow_ips}
+ auth.reject: ${_param:glusterfs_reject_ips}
storage.owner-gid: 999
storage.owner-uid: 999
cluster.readdir-optimize: On
diff --git a/glusterfs/server/volume/openldap.yml b/glusterfs/server/volume/openldap.yml
index 84619c0..cc1ba5f 100644
--- a/glusterfs/server/volume/openldap.yml
+++ b/glusterfs/server/volume/openldap.yml
@@ -10,6 +10,8 @@
- ${_param:cluster_node02_address}:/srv/glusterfs/openldap
- ${_param:cluster_node03_address}:/srv/glusterfs/openldap
options:
+ auth.allow: ${_param:glusterfs_allow_ips}
+ auth.reject: ${_param:glusterfs_reject_ips}
cluster.readdir-optimize: On
nfs.disable: On
network.remote-dio: On
diff --git a/glusterfs/server/volume/openldap_k8s.yml b/glusterfs/server/volume/openldap_k8s.yml
index 554801d..24b2a26 100644
--- a/glusterfs/server/volume/openldap_k8s.yml
+++ b/glusterfs/server/volume/openldap_k8s.yml
@@ -10,6 +10,8 @@
- ${_param:cluster_node02_address}:/srv/glusterfs/openldap/config
- ${_param:cluster_node03_address}:/srv/glusterfs/openldap/config
options:
+ auth.allow: ${_param:glusterfs_allow_ips}
+ auth.reject: ${_param:glusterfs_reject_ips}
storage.owner-gid: 999
storage.owner-uid: 999
cluster.readdir-optimize: On
@@ -26,6 +28,8 @@
- ${_param:cluster_node02_address}:/srv/glusterfs/openldap/data
- ${_param:cluster_node03_address}:/srv/glusterfs/openldap/data
options:
+ auth.allow: ${_param:glusterfs_allow_ips}
+ auth.reject: ${_param:glusterfs_reject_ips}
storage.owner-gid: 999
storage.owner-uid: 999
cluster.readdir-optimize: On
diff --git a/glusterfs/server/volume/postgresql.yml b/glusterfs/server/volume/postgresql.yml
index c48d833..5376934 100644
--- a/glusterfs/server/volume/postgresql.yml
+++ b/glusterfs/server/volume/postgresql.yml
@@ -10,6 +10,8 @@
- ${_param:cluster_node02_address}:/srv/glusterfs/postgresql
- ${_param:cluster_node03_address}:/srv/glusterfs/postgresql
options:
+ auth.allow: ${_param:glusterfs_allow_ips}
+ auth.reject: ${_param:glusterfs_reject_ips}
cluster.readdir-optimize: On
nfs.disable: On
network.remote-dio: On
diff --git a/glusterfs/server/volume/postgresql_k8s.yml b/glusterfs/server/volume/postgresql_k8s.yml
index f276d60..523ef59 100644
--- a/glusterfs/server/volume/postgresql_k8s.yml
+++ b/glusterfs/server/volume/postgresql_k8s.yml
@@ -10,6 +10,8 @@
- ${_param:cluster_node02_address}:/srv/glusterfs/postgresql
- ${_param:cluster_node03_address}:/srv/glusterfs/postgresql
options:
+ auth.allow: ${_param:glusterfs_allow_ips}
+ auth.reject: ${_param:glusterfs_reject_ips}
storage.owner-gid: 999
storage.owner-uid: 999
cluster.readdir-optimize: On
diff --git a/glusterfs/server/volume/privatebin.yml b/glusterfs/server/volume/privatebin.yml
index e2eba2d..e78df75 100644
--- a/glusterfs/server/volume/privatebin.yml
+++ b/glusterfs/server/volume/privatebin.yml
@@ -10,6 +10,8 @@
- ${_param:cluster_node02_address}:/srv/glusterfs/privatebin
- ${_param:cluster_node03_address}:/srv/glusterfs/privatebin
options:
+ auth.allow: ${_param:glusterfs_allow_ips}
+ auth.reject: ${_param:glusterfs_reject_ips}
cluster.readdir-optimize: On
nfs.disable: On
network.remote-dio: On
diff --git a/glusterfs/server/volume/pushkin.yml b/glusterfs/server/volume/pushkin.yml
index 2d6a249..14d8b16 100644
--- a/glusterfs/server/volume/pushkin.yml
+++ b/glusterfs/server/volume/pushkin.yml
@@ -10,6 +10,8 @@
- ${_param:cluster_node02_address}:/srv/glusterfs/pushkin
- ${_param:cluster_node03_address}:/srv/glusterfs/pushkin
options:
+ auth.allow: ${_param:glusterfs_allow_ips}
+ auth.reject: ${_param:glusterfs_reject_ips}
cluster.readdir-optimize: On
nfs.disable: On
network.remote-dio: On
diff --git a/glusterfs/server/volume/registry.yml b/glusterfs/server/volume/registry.yml
index 474ce7b..19d0106 100644
--- a/glusterfs/server/volume/registry.yml
+++ b/glusterfs/server/volume/registry.yml
@@ -10,6 +10,8 @@
- ${_param:cluster_node02_address}:/srv/glusterfs/registry
- ${_param:cluster_node03_address}:/srv/glusterfs/registry
options:
+ auth.allow: ${_param:glusterfs_allow_ips}
+ auth.reject: ${_param:glusterfs_reject_ips}
cluster.readdir-optimize: On
nfs.disable: On
network.remote-dio: On
diff --git a/glusterfs/server/volume/rundeck.yml b/glusterfs/server/volume/rundeck.yml
index c0ced5b..727496a 100644
--- a/glusterfs/server/volume/rundeck.yml
+++ b/glusterfs/server/volume/rundeck.yml
@@ -10,6 +10,8 @@
- ${_param:cluster_node02_address}:/srv/glusterfs/rundeck
- ${_param:cluster_node03_address}:/srv/glusterfs/rundeck
options:
+ auth.allow: ${_param:glusterfs_allow_ips}
+ auth.reject: ${_param:glusterfs_reject_ips}
cluster.readdir-optimize: On
nfs.disable: On
network.remote-dio: On
diff --git a/glusterfs/server/volume/salt.yml b/glusterfs/server/volume/salt.yml
index e14701d..f832bce 100644
--- a/glusterfs/server/volume/salt.yml
+++ b/glusterfs/server/volume/salt.yml
@@ -10,6 +10,8 @@
- ${_param:cluster_node02_address}:/srv/glusterfs/saltmaster
- ${_param:cluster_node03_address}:/srv/glusterfs/saltmaster
options:
+ auth.allow: ${_param:glusterfs_allow_ips}
+ auth.reject: ${_param:glusterfs_reject_ips}
cluster.readdir-optimize: On
nfs.disable: On
network.remote-dio: On
diff --git a/glusterfs/server/volume/salt_pki.yml b/glusterfs/server/volume/salt_pki.yml
index 9a26bdb..8135e47 100644
--- a/glusterfs/server/volume/salt_pki.yml
+++ b/glusterfs/server/volume/salt_pki.yml
@@ -10,6 +10,8 @@
- ${_param:cluster_node02_address}:/srv/glusterfs/salt_pki
- ${_param:cluster_node03_address}:/srv/glusterfs/salt_pki
options:
+ auth.allow: ${_param:glusterfs_allow_ips}
+ auth.reject: ${_param:glusterfs_reject_ips}
cluster.readdir-optimize: On
nfs.disable: On
network.remote-dio: On
diff --git a/glusterfs/server/volume/security_monkey.yml b/glusterfs/server/volume/security_monkey.yml
index e730c90..3fa9f57 100644
--- a/glusterfs/server/volume/security_monkey.yml
+++ b/glusterfs/server/volume/security_monkey.yml
@@ -10,6 +10,8 @@
- ${_param:cluster_node02_address}:/srv/glusterfs/security_monkey
- ${_param:cluster_node03_address}:/srv/glusterfs/security_monkey
options:
+ auth.allow: ${_param:glusterfs_allow_ips}
+ auth.reject: ${_param:glusterfs_reject_ips}
cluster.readdir-optimize: On
nfs.disable: On
network.remote-dio: On
diff --git a/jenkins/client/job/validate.yml b/jenkins/client/job/validate.yml
index 21313b2..ede66b1 100644
--- a/jenkins/client/job/validate.yml
+++ b/jenkins/client/job/validate.yml
@@ -250,6 +250,53 @@
type: string
default: "https://github.com/Mirantis/cvp-configuration"
description: URL of repo where testing tools, scenarios, configs are located.
+ cvp-tempest:
+ type: workflow-scm
+ name: cvp-tempest
+ display_name: "CVP - Functional tests (new)"
+ discard:
+ build:
+ keep_num: 20
+ artifact:
+ keep_num: 20
+ concurrent: false
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
+ branch: "${_param:jenkins_pipelines_branch}"
+ credentials: "gerrit"
+ script: cvp-tempest.groovy
+ param:
+ PREPARE_RESOURCES:
+ type: boolean
+ default: true
+ description: Prepare resources for Tempest
+ SALT_MASTER_URL:
+ type: string
+ default: "${_param:jenkins_salt_api_url}"
+ description: SALT_MASTER_URL
+ TEMPEST_TEST_PATTERN:
+ type: string
+ default: "set=smoke"
+ description: Use set=smoke, set=full or just test name (regex)
+ TEMPEST_ENDPOINT_TYPE:
+ type: choice
+ choices:
+ - internalURL
+ - adminURL
+ - publicURL
+ description: Openstack endpoint type to use during test run.
+ EXTRA_PARAMS:
+ type: text
+ default: |
+ ---
+ DEBUG_MODE: false
+ GENERATE_CONFIG: true
+ TARGET_NODE: "I@gerrit:client"
+ SKIP_LIST_PATH: ""
+ TEST_IMAGE: "docker-prod-virtual.docker.mirantis.net/mirantis/cicd/ci-tempest:${_param:openstack_version}"
+ report_prefix: "cvp_"
+ description: YAML context with additional parameters
cvp-perf:
type: workflow-scm
name: cvp-perf
@@ -444,3 +491,39 @@
SHAKER_EXTERNAL_NET='public'
For the more detailed description of the last two categories please refer to the shaker documentation
https://pyshaker.readthedocs.io/en/latest/tools.html
+ cvp-rebuild:
+ type: workflow-scm
+ name: cvp-rebuild
+ display_name: "CVP-rebuild job for images"
+ discard:
+ build:
+ keep_num: 20
+ artifact:
+ keep_num: 20
+ concurrent: false
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
+ branch: "${_param:jenkins_pipelines_branch}"
+ credentials: "gerrit"
+ script: cvp-rebuild.groovy
+ param:
+ DESTINATION_IMAGE:
+ type: string
+ default: ""
+ description: "Specify address of local registry and name of the image e.g. _cid_vip_:5000/ci-tempest:v1"
+ SALT_MASTER_URL:
+ type: string
+ default: "${_param:jenkins_salt_api_url}"
+ description: Full Salt API address [e.g. https://10.10.10.2:6969]
+ SALT_MASTER_CREDENTIALS:
+ type: string
+ default: "salt"
+ REPO:
+ type: string
+ default: ""
+ description: Specify repo that will be used to rebuild image
+ BRANCH:
+ type: string
+ default: ""
+ description: Branch or version of REPO to checkout
diff --git a/jenkins/client/node.yml b/jenkins/client/node.yml
index e5e4d3b..2de0022 100644
--- a/jenkins/client/node.yml
+++ b/jenkins/client/node.yml
@@ -7,8 +7,7 @@
master:
node_mode: Exclusive
remote_home: /var/lib/jenkins
- labels:
- - python
+ num_executors: 0
launcher:
type: master
slave01:
diff --git a/kubernetes/control/services/drivetrain/jenkins_master.yml b/kubernetes/control/services/drivetrain/jenkins_master.yml
index 36d8c5a..a564318 100644
--- a/kubernetes/control/services/drivetrain/jenkins_master.yml
+++ b/kubernetes/control/services/drivetrain/jenkins_master.yml
@@ -1,7 +1,7 @@
parameters:
_param:
jenkins_master_extra_opts: ""
- jenkins_master_executors_num: 4
+ jenkins_master_executors_num: 0
jenkins_master_max_concurent_requests: 40
jenkins_home_dir_path: /var/jenkins_home
kubernetes:
diff --git a/kubernetes/control/services/drivetrain/jenkins_slave_multi.yml b/kubernetes/control/services/drivetrain/jenkins_slave_multi.yml
index e710cd2..f1617b4 100644
--- a/kubernetes/control/services/drivetrain/jenkins_slave_multi.yml
+++ b/kubernetes/control/services/drivetrain/jenkins_slave_multi.yml
@@ -41,6 +41,9 @@
- name: docker-sock-volume02
mount: /var/run/docker.sock
read_only: false
+ - name: entropy-volume02
+ mount: /dev/random
+ read_only: true
volume:
jenkins-slave02:
type: glusterfs
@@ -50,6 +53,9 @@
docker-sock-volume02:
type: hostPath
path: /var/run/docker.sock
+ entropy-volume02:
+ type: hostPath
+ path: /dev/urandom
jenkins_slave03:
create: true
service: slave03
@@ -87,6 +93,9 @@
- name: docker-sock-volume03
mount: /var/run/docker.sock
read_only: false
+ - name: entropy-volume03
+ mount: /dev/random
+ read_only: true
volume:
jenkins-slave03:
type: glusterfs
@@ -96,3 +105,6 @@
docker-sock-volume03:
type: hostPath
path: /var/run/docker.sock
+ entropy-volume03:
+ type: hostPath
+ path: /dev/urandom
diff --git a/kubernetes/control/services/drivetrain/jenkins_slave_single.yml b/kubernetes/control/services/drivetrain/jenkins_slave_single.yml
index 5cdd32b..ee327dd 100644
--- a/kubernetes/control/services/drivetrain/jenkins_slave_single.yml
+++ b/kubernetes/control/services/drivetrain/jenkins_slave_single.yml
@@ -42,6 +42,9 @@
- name: docker-sock-volume
mount: /var/run/docker.sock
read_only: false
+ - name: entropy-volume
+ mount: /dev/random
+ read_only: true
volume:
jenkins-slave01:
type: glusterfs
@@ -51,3 +54,6 @@
docker-sock-volume:
type: hostPath
path: /var/run/docker.sock
+ entropy-volume:
+ type: hostPath
+ path: /dev/urandom
diff --git a/openssh/server/team/drivetrain.yml b/openssh/server/team/drivetrain.yml
index 1a0d574..066d543 100644
--- a/openssh/server/team/drivetrain.yml
+++ b/openssh/server/team/drivetrain.yml
@@ -4,6 +4,7 @@
- system.openssh.server.team.members.iberezovskiy
- system.openssh.server.team.members.mpolreich
- system.openssh.server.team.members.sriazanov
+- system.openssh.server.team.members.efedorova
parameters:
_param:
linux_system_user_sudo: true
diff --git a/openssh/server/team/members/efedorova.yml b/openssh/server/team/members/efedorova.yml
new file mode 100644
index 0000000..8f37847
--- /dev/null
+++ b/openssh/server/team/members/efedorova.yml
@@ -0,0 +1,19 @@
+parameters:
+ linux:
+ system:
+ user:
+ efedorova:
+ email: efedorova@mirantis.com
+ enabled: true
+ full_name: Ekaterina Chernova
+ home: /home/efedorova
+ name: efedorova
+ sudo: ${_param:linux_system_user_sudo}
+ openssh:
+ server:
+ user:
+ efedorova:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC2WZDqD0R/6RNSx4KdR5QD/jmCWnl/4QHHZeu679gP6Sdy/Z2/Qzf9k7hBSwLFExjLCu4dIJGhdvB1HoG3S5qIqdhfKZTkJp2ackDPnegSAhgqem/tXcyQrMOe8jtCCK375kwsMV5dJkxadbv5Qb71TdwHeBsV5B3Kmi5q0WwSlzsq3AI8OvNn4KeSeEGGv2lK6Ddxwl1u5IcSf5G0zBGc8s0mwGPnsBIATfiztX61MkqyDPIuYacRpkaDLX5v/X7eYqxYxDop6OBLxR+mgivluDEyDaQ9DKHO5ypQIiAk359CxMSQ9T+y5WSL0MdgYSKxFsK8jzo6JquZC54ZUQKb efedorova
+ user: ${linux:system:user:efedorova}
\ No newline at end of file