Merge "Add missing key"
diff --git a/.releasenotes/notes/elasticsearch-new-parameter-93a08f64ff1a22ab.yaml b/.releasenotes/notes/elasticsearch-new-parameter-93a08f64ff1a22ab.yaml
new file mode 100644
index 0000000..2382274
--- /dev/null
+++ b/.releasenotes/notes/elasticsearch-new-parameter-93a08f64ff1a22ab.yaml
@@ -0,0 +1,15 @@
+---
+summary: >
+ Added a new parameter for Elasticsearch
+
+features:
+ - |
+ Added the ``elasticsearch_version`` parameter to specify which version of
+ Elasticsearch should be deployed. By default, Elasticsearch v2 is
+ installed.
+
+ To deploy Elasticsearch v5, specify the ``elasticsearch_version: 5``
+ parameter in the
+ ``classes/cluster/<cluster_name>/stacklight/server.yml`` file of
+ the Reclass model of your MCP deployment.
+
diff --git a/.releasenotes/notes/kibana-new-parameter-29e59b161f750390.yaml b/.releasenotes/notes/kibana-new-parameter-29e59b161f750390.yaml
new file mode 100644
index 0000000..8805765
--- /dev/null
+++ b/.releasenotes/notes/kibana-new-parameter-29e59b161f750390.yaml
@@ -0,0 +1,13 @@
+---
+summary: >
+ Added a new parameter for Kibana
+
+features:
+ - |
+ Added the ``kibana_version`` parameter to specify which version of Kibana
+ should be deployed. By default, Kibana v4 is installed.
+
+ To deploy Kibana v5, specify the ``kibana_version: 5`` parameter in the
+ ``classes/cluster/<cluster_name>/stacklight/server.yml`` file of the
+ Reclass model of your MCP deployment.
+
diff --git a/aptly/server/mirror/debian/cassandra.yml b/aptly/server/mirror/debian/cassandra.yml
index 3a19e84..4682dc4 100644
--- a/aptly/server/mirror/debian/cassandra.yml
+++ b/aptly/server/mirror/debian/cassandra.yml
@@ -5,6 +5,7 @@
mirror_cassandra-21x_distribution: 21x
mirror_cassandra-21x_components: main
mirror_cassandra-21x_gpgkeys:
+ - A278B781FE4B2BDA
- F758CE318D77295D
- 2B5C1B00
- 0353B12C
diff --git a/aptly/server/mirror/ubuntu/trusty/rabbitmq.yml b/aptly/server/mirror/ubuntu/trusty/rabbitmq.yml
index 5caa9b5..383aeda 100644
--- a/aptly/server/mirror/ubuntu/trusty/rabbitmq.yml
+++ b/aptly/server/mirror/ubuntu/trusty/rabbitmq.yml
@@ -4,6 +4,7 @@
mirror_rabbitmq-testing-trusty_distribution: testing
mirror_rabbitmq-testing-trusty_components: main
mirror_rabbitmq-testing-trusty_gpgkeys:
+ - 6B73A36E6026DFCA
- 056E8E56
aptly:
server:
diff --git a/ceph/common/container.yml b/ceph/common/container.yml
new file mode 100644
index 0000000..5c7619b
--- /dev/null
+++ b/ceph/common/container.yml
@@ -0,0 +1,6 @@
+classes:
+- service.ceph.common.container
+- system.ceph.monitoring.cluster_stats
+parameters:
+ _param:
+ ceph_common_prefix_dir: /srv/volumes/ceph
diff --git a/docker/client.yml b/docker/client/compose/init.yml
similarity index 62%
rename from docker/client.yml
rename to docker/client/compose/init.yml
index df11493..efeeadd 100644
--- a/docker/client.yml
+++ b/docker/client/compose/init.yml
@@ -1,11 +1,10 @@
classes:
- - service.docker.client
+ - system.docker.client
parameters:
_param:
- docker_image_compose: docker/compose:1.8.0
+ docker_image_compose: docker/compose:1.17.1
docker:
client:
- enabled: true
compose:
source:
engine: docker
diff --git a/docker/client/compose/service/gerrit.yml b/docker/client/compose/service/gerrit.yml
new file mode 100644
index 0000000..183f57d
--- /dev/null
+++ b/docker/client/compose/service/gerrit.yml
@@ -0,0 +1,72 @@
+classes:
+ - system.docker.client.compose
+parameters:
+ _param:
+ docker_image_gerrit: tcpcloud/gerrit:2.13.6
+ docker_image_mysql: tcpcloud/mysql:5.6
+ gerrit_ldap_server: ""
+ gerrit_ldap_bind_user: ""
+ gerrit_ldap_bind_password: ""
+ gerrit_ldap_account_base: ""
+ gerrit_ldap_group_base: ""
+ gerrit_http_listen_url: http://*:8080/
+ gerrit_extra_opts: ""
+ docker:
+ client:
+ compose:
+ gerrit:
+ service:
+ server:
+ image: ${_param:docker_image_gerrit}
+ restart: always
+ ports:
+ - 18083:8080
+ - 29417:29418
+ volumes:
+ - /srv/volumes/gerrit:/var/gerrit/review_site
+ depends_on:
+ - db
+ environment:
+ #GERRIT_INIT_ARGS: ""
+ DATABASE_TYPE: "mysql"
+ DB_PORT_3306_TCP_ADDR: ${_param:cluster_vip_address}
+ DB_ENV_MYSQL_USER: gerrit
+ DB_ENV_MYSQL_PASSWORD: ${_param:mysql_gerrit_password}
+ DB_ENV_MYSQL_DB: gerrit
+ AUTH_TYPE: ${_param:gerrit_auth_type}
+ LDAP_SERVER: ${_param:gerrit_ldap_server}
+ LDAP_ACCOUNTPATTERN: 'uid={username}'
+ LDAP_ACCOUNTBASE: ${_param:gerrit_ldap_account_base}
+ LDAP_GROUPBASE: ${_param:gerrit_ldap_group_base}
+ LDAP_USERNAME: ${_param:gerrit_ldap_bind_user}
+ LDAP_PASSWORD: ${_param:gerrit_ldap_bind_password}
+ WEBURL: ${_param:gerrit_public_host}
+ HTTPD_LISTENURL: ${_param:gerrit_http_listen_url}
+ GERRIT_ADMIN_SSH_PUBLIC: ${_param:gerrit_admin_public_key}
+ GERRIT_ADMIN_PWD: ${_param:gerrit_admin_password}
+ GERRIT_ADMIN_EMAIL: ${_param:gerrit_admin_email}
+ CANLOADINIFRAME: "true"
+ JAVA_OPTIONS: ${_param:gerrit_extra_opts}
+ https_proxy: ${_param:docker_https_proxy}
+ http_proxy: ${_param:docker_http_proxy}
+ no_proxy: ${_param:docker_no_proxy}
+ db:
+ environment:
+ MYSQL_USER: gerrit
+ MYSQL_PASSWORD: ${_param:mysql_gerrit_password}
+ MYSQL_DATABASE: gerrit
+ MYSQL_ROOT_PASSWORD: ${_param:mysql_admin_password}
+ MYSQL_START_TIMEOUT: 300
+ deploy:
+ restart_policy:
+ condition: any
+ image: "${_param:docker_image_mysql}"
+ ports:
+ - 13306:3306
+ volumes:
+ - /srv/volumes/mysql:/var/lib/mysql
+ linux:
+ system:
+ directory:
+ /srv/volumes/gerrit:
+ makedirs: true
diff --git a/docker/client/compose/service/jenkins.yml b/docker/client/compose/service/jenkins.yml
new file mode 100644
index 0000000..85f2006
--- /dev/null
+++ b/docker/client/compose/service/jenkins.yml
@@ -0,0 +1,42 @@
+classes:
+ - system.docker.client.compose
+parameters:
+ _param:
+ docker_image_jenkins: tcpcloud/jenkins:2.93
+ jenkins_master_extra_opts: ""
+ jenkins_master_executors_num: 4
+ jenkins_master_max_concurent_requests: 40
+ jenkins_home_dir_path: /var/jenkins_home
+ docker:
+ client:
+ compose:
+ jenkins:
+ status: up
+ service:
+ master:
+ environment:
+ JENKINS_HOME: ${_param:jenkins_home_dir_path}
+ JAVA_OPTS: " -server -XX:+AlwaysPreTouch -Xloggc:${_param:jenkins_home_dir_path}/gc-%t.log -XX:NumberOfGCLogFiles=5 -XX:+UseGCLogFileRotation -XX:GCLogFileSize=20m -XX:+PrintGC -XX:+PrintGCDateStamps -XX:+PrintGCDetails -XX:+PrintHeapAtGC -XX:+PrintGCCause -XX:+PrintTenuringDistribution -XX:+PrintReferenceGC -XX:+PrintAdaptiveSizePolicy -XX:+UseG1GC -XX:+ExplicitGCInvokesConcurrent -XX:+ParallelRefProcEnabled -XX:+UseStringDeduplication -XX:+UnlockExperimentalVMOptions -XX:G1NewSizePercent=20 -XX:+UnlockDiagnosticVMOptions -XX:G1SummarizeRSetStatsPeriod=1 -Djenkins.install.runSetupWizard=false -Dhudson.DNSMultiCast.disabled=true -Dhudson.udp=-1 -Dhudson.footerURL=https://www.mirantis.com ${_param:jenkins_master_extra_opts}"
+ JENKINS_NUM_EXECUTORS: ${_param:jenkins_master_executors_num}
+ JENKINS_OPTS: " --handlerCountMax=${_param:jenkins_master_max_concurent_requests}"
+ https_proxy: ${_param:docker_https_proxy}
+ http_proxy: ${_param:docker_http_proxy}
+ no_proxy: ${_param:docker_no_proxy}
+ image: ${_param:docker_image_jenkins}
+ restart: always
+ ports:
+ - 18081:8080
+ - 50001:50000
+ volumes:
+ - /srv/volumes/jenkins:/var/jenkins_home
+ - /etc/ssl/certs/java/cacerts:/etc/ssl/certs/java/cacerts:ro
+ linux:
+ system:
+ directory:
+ /srv/volumes/jenkins:
+ makedirs: true
+ user: 1000
+ group: 1000
+ package:
+ ca-certificates-java:
+ version: latest
diff --git a/docker/client/init.yml b/docker/client/init.yml
new file mode 100644
index 0000000..610e0a4
--- /dev/null
+++ b/docker/client/init.yml
@@ -0,0 +1,6 @@
+classes:
+ - service.docker.client
+parameters:
+ docker:
+ client:
+ enabled: true
diff --git a/docker/swarm/stack/jenkins/master.yml b/docker/swarm/stack/jenkins/master.yml
index 1237fe3..73a4b30 100644
--- a/docker/swarm/stack/jenkins/master.yml
+++ b/docker/swarm/stack/jenkins/master.yml
@@ -2,10 +2,11 @@
- system.docker
parameters:
_param:
- docker_image_jenkins: tcpcloud/jenkins:2.89
+ docker_image_jenkins: tcpcloud/jenkins:2.93
jenkins_master_extra_opts: ""
jenkins_master_executors_num: 4
jenkins_master_max_concurent_requests: 40
+ jenkins_home_dir_path: /var/jenkins_home
docker:
client:
stack:
@@ -13,8 +14,8 @@
service:
master:
environment:
- JENKINS_HOME: /var/jenkins_home
- JAVA_OPTS: " -server -XX:+AlwaysPreTouch -Xloggc:$JENKINS_HOME/gc-%t.log -XX:NumberOfGCLogFiles=5 -XX:+UseGCLogFileRotation -XX:GCLogFileSize=20m -XX:+PrintGC -XX:+PrintGCDateStamps -XX:+PrintGCDetails -XX:+PrintHeapAtGC -XX:+PrintGCCause -XX:+PrintTenuringDistribution -XX:+PrintReferenceGC -XX:+PrintAdaptiveSizePolicy -XX:+UseG1GC -XX:+ExplicitGCInvokesConcurrent -XX:+ParallelRefProcEnabled -XX:+UseStringDeduplication -XX:+UnlockExperimentalVMOptions -XX:G1NewSizePercent=20 -XX:+UnlockDiagnosticVMOptions -XX:G1SummarizeRSetStatsPeriod=1 -Djenkins.install.runSetupWizard=false -Dhudson.DNSMultiCast.disabled=true -Dhudson.udp=-1 -Dhudson.footerURL=https://www.mirantis.com ${_param:jenkins_master_extra_opts}"
+ JENKINS_HOME: ${_param:jenkins_home_dir_path}
+ JAVA_OPTS: " -server -XX:+AlwaysPreTouch -Xloggc:${_param:jenkins_home_dir_path}/gc-%t.log -XX:NumberOfGCLogFiles=5 -XX:+UseGCLogFileRotation -XX:GCLogFileSize=20m -XX:+PrintGC -XX:+PrintGCDateStamps -XX:+PrintGCDetails -XX:+PrintHeapAtGC -XX:+PrintGCCause -XX:+PrintTenuringDistribution -XX:+PrintReferenceGC -XX:+PrintAdaptiveSizePolicy -XX:+UseG1GC -XX:+ExplicitGCInvokesConcurrent -XX:+ParallelRefProcEnabled -XX:+UseStringDeduplication -XX:+UnlockExperimentalVMOptions -XX:G1NewSizePercent=20 -XX:+UnlockDiagnosticVMOptions -XX:G1SummarizeRSetStatsPeriod=1 -Djenkins.install.runSetupWizard=false -Dhudson.DNSMultiCast.disabled=true -Dhudson.udp=-1 -Dhudson.footerURL=https://www.mirantis.com ${_param:jenkins_master_extra_opts}"
JENKINS_NUM_EXECUTORS: ${_param:jenkins_master_executors_num}
JENKINS_OPTS: " --handlerCountMax=${_param:jenkins_master_max_concurent_requests}"
https_proxy: ${_param:docker_https_proxy}
diff --git a/docker/swarm/stack/monitoring/remote_agent/ceph.yml b/docker/swarm/stack/monitoring/remote_agent/ceph.yml
index 6085eeb..07996fa 100644
--- a/docker/swarm/stack/monitoring/remote_agent/ceph.yml
+++ b/docker/swarm/stack/monitoring/remote_agent/ceph.yml
@@ -1,3 +1,4 @@
+# client role is deprecated. Use ceph_common.yml instead
classes:
- system.ceph.client.container
- system.ceph.monitoring.cluster_stats
diff --git a/docker/swarm/stack/monitoring/remote_agent/ceph_common.yml b/docker/swarm/stack/monitoring/remote_agent/ceph_common.yml
new file mode 100644
index 0000000..3a269a7
--- /dev/null
+++ b/docker/swarm/stack/monitoring/remote_agent/ceph_common.yml
@@ -0,0 +1,9 @@
+parameters:
+ docker:
+ client:
+ stack:
+ monitoring:
+ service:
+ remote_agent:
+ volumes:
+ - ${ceph:common:prefix_dir}/etc/ceph:/etc/ceph
diff --git a/docker/swarm/stack/pushkin.yml b/docker/swarm/stack/pushkin.yml
index d0a3bce..22a921d 100644
--- a/docker/swarm/stack/pushkin.yml
+++ b/docker/swarm/stack/pushkin.yml
@@ -22,6 +22,7 @@
sfdc_consumer_key: example_consumer_key
sfdc_consumer_secret: example_consumer_secret
sfdc_organization_id: example_organization_id
+ sfdc_environment_id: 0
sfdc_sandbox_enabled: true
docker:
client:
@@ -46,6 +47,7 @@
SFDC_CONSUMER_KEY: ${_param:sfdc_consumer_key}
SFDC_CONSUMER_SECRET: ${_param:sfdc_consumer_secret}
SFDC_ORGANIZATION_ID: ${_param:sfdc_organization_id}
+ SFDC_ENVIRONMENT_ID: ${_param:sfdc_environment_id}
SFDC_SANDBOX_ENABLED: ${_param:sfdc_sandbox_enabled}
service:
pushkin-api:
diff --git a/docker/swarm/stack/security_monkey.yml b/docker/swarm/stack/security_monkey.yml
index b5a1100..3b9c272 100644
--- a/docker/swarm/stack/security_monkey.yml
+++ b/docker/swarm/stack/security_monkey.yml
@@ -2,6 +2,8 @@
_param:
docker_security_monkey_api_replicas: 1
docker_security_monkey_scheduler_replicas: 1
+ secmonkey_login_id: 11
+ secmonkey_application_id: 1
docker_image_security_monkey_api: docker-prod-local.artifactory.mirantis.com/mirantis/oss/security-monkey-api
docker_image_security_monkey_scheduler: docker-prod-local.artifactory.mirantis.com/mirantis/oss/security-monkey-scheduler
security_monkey_bind_host: security-audit-api
@@ -45,6 +47,8 @@
WEB_PORT: ${_param:security_monkey_web_port}
API_PORT: ${_param:security_monkey_api_port}
NGINX_PORT: ${_param:security_monkey_nginx_port}
+ NOTIFICATIONS_APP_ID: ${_param:secmonkey_application_id}
+ NOTIFICATIONS_LOGIN_ID: ${_param:secmonkey_login_id}
NOTIFICATIONS_SERVICE_URL: ${_param:notification_service_url}
DEFAULT_USER: ${_param:security_monkey_user}
DEFAULT_PASSWORD: ${_param:security_monkey_password}
@@ -63,7 +67,7 @@
SM_WTF_CSRF_ENABLED: ${_param:devops_portal_sm_wtf_csrf_enabled}
SECURITY_MONKEY_SYNC_INTERVAL: ${_param:security_monkey_sync_interval}
SQLALCHEMY_DATABASE_URI: postgresql://${_param:secmonkey_db_user}:${_param:secmonkey_db_user_password}@${_param:secmonkey_db_host}:${_param:haproxy_postgresql_bind_port}/${_param:security_monkey_db}
- SQLALCHEMY_POOL_RECYCLE: 14400
+ SQLALCHEMY_POOL_RECYCLE: 25000
service:
security-audit-api:
image: ${_param:docker_image_security_monkey_api}
diff --git a/elasticsearch/server/cluster.yml b/elasticsearch/server/cluster.yml
index 9be44ed..94b6d85 100644
--- a/elasticsearch/server/cluster.yml
+++ b/elasticsearch/server/cluster.yml
@@ -6,6 +6,7 @@
java_environment_version: "8"
java_environment_platform: openjdk
elasticsearch_cluster_name: elasticsearch
+ elasticsearch_version: 2
linux:
system:
sysctl:
@@ -16,6 +17,7 @@
headless: true
elasticsearch:
server:
+ version: ${_param:elasticsearch_version}
name: ${_param:elasticsearch_cluster_name}
enabled: true
master: true
diff --git a/elasticsearch/server/single.yml b/elasticsearch/server/single.yml
index 6606617..ce7da36 100644
--- a/elasticsearch/server/single.yml
+++ b/elasticsearch/server/single.yml
@@ -2,6 +2,8 @@
- service.java.environment.openjdk8
- service.elasticsearch.server.single
parameters:
+ _param:
+ elasticsearch_version: 2
linux:
system:
sysctl:
@@ -12,6 +14,7 @@
headless: true
elasticsearch:
server:
+ version: ${_param:elasticsearch_version}
enabled: true
bind:
address: ${_param:single_address}
diff --git a/fluentd/label/default_output/elasticsearch.yml b/fluentd/label/default_output/elasticsearch.yml
new file mode 100644
index 0000000..3c26d15
--- /dev/null
+++ b/fluentd/label/default_output/elasticsearch.yml
@@ -0,0 +1,15 @@
+classes:
+- service.fluentd.agent.output.elasticsearch
+parameters:
+ _params:
+ fluentd_elasticsearch_host: 127.0.0.1
+ elasticsearch_port: 9200
+ fluentd:
+ agent:
+ config:
+ label:
+ default_output:
+ match:
+ elasticsearch_output:
+ host: ${_param:fluentd_elasticsearch_host}
+ port: ${_param:elasticsearch_port}
diff --git a/gerrit/client/init.yml b/gerrit/client/init.yml
index 25c0b94..5456900 100644
--- a/gerrit/client/init.yml
+++ b/gerrit/client/init.yml
@@ -47,16 +47,16 @@
- name: create
group: devops-core
labels:
- - name: label-Code-Review
+ - name: Code-Review
group: devops-core
score: -2..+2
- - name: label-Code-Review
+ - name: Code-Review
group: Non-Interactive Users
score: -1..+1
- - name: label-Verified
+ - name: Verified
group: Non-Interactive Users
score: -1..+1
- - name: label-Workflow
+ - name: Workflow
group: devops-core
score: -1..+1
"refs/tags/*":
diff --git a/glance/client/image/cirros.yml b/glance/client/image/cirros.yml
index d9f3f33..3a7b213 100644
--- a/glance/client/image/cirros.yml
+++ b/glance/client/image/cirros.yml
@@ -2,7 +2,7 @@
- system.glance.client
parameters:
_param:
- cirros_image_url: "http://apt.mirantis.com/images/cirros-x64-20170828.qcow2"
+ cirros_image_url: "http://images.mirantis.com/cirros-x64-20170828.qcow2"
cirros_image_name: "cirros-0.3.0-x86_64"
glance:
client:
diff --git a/glance/client/image/ubuntu_trusty.yml b/glance/client/image/ubuntu_trusty.yml
index be9effc..2af6458 100644
--- a/glance/client/image/ubuntu_trusty.yml
+++ b/glance/client/image/ubuntu_trusty.yml
@@ -2,7 +2,7 @@
- system.glance.client
parameters:
_param:
- ubuntu_trusty_image_url: "http://apt.mirantis.com/images/ubuntu-14-04-x64-mcp1.1.qcow2"
+ ubuntu_trusty_image_url: "http://images.mirantis.com/ubuntu-14-04-x64-mcp1.1.qcow2"
ubuntu_trusty_image_name: "ubuntu-14-04-x64-mcp1.1"
glance:
client:
diff --git a/glance/client/image/ubuntu_xenial.yml b/glance/client/image/ubuntu_xenial.yml
index 4206584..a08a47d 100644
--- a/glance/client/image/ubuntu_xenial.yml
+++ b/glance/client/image/ubuntu_xenial.yml
@@ -2,7 +2,7 @@
- system.glance.client
parameters:
_param:
- ubuntu_xenial_image_url: "http://apt.mirantis.com/images/ubuntu-16-04-x64-mcp1.1.qcow2"
+ ubuntu_xenial_image_url: "http://images.mirantis.com/ubuntu-16-04-x64-mcp1.1.qcow2"
ubuntu_xenial_image_name: "ubuntu-16-04-amd64-cloudimg"
glance:
client:
diff --git a/jenkins/client/approved_scripts.yml b/jenkins/client/approved_scripts.yml
index 7d470b6..4f12bd6 100644
--- a/jenkins/client/approved_scripts.yml
+++ b/jenkins/client/approved_scripts.yml
@@ -17,12 +17,15 @@
- method groovy.util.XmlParser parseText java.lang.String
- method hudson.PluginManager getPlugins
- method hudson.PluginWrapper getShortName
+ - method hudson.model.Hudson getSlaves
- method hudson.model.Item getName
- method hudson.model.ItemGroup getItem java.lang.String
- method hudson.model.ItemGroup getItems
- method hudson.model.Job getBuildByNumber int
- method hudson.model.Job getBuilds
- method hudson.model.Job getLastBuild
+ - method hudson.model.Node getLabelString
+ - method hudson.model.Node getNodeName
- method hudson.model.Run getEnvironment
- method hudson.model.Run getId
- method hudson.model.Run getNumber
diff --git a/jenkins/client/job/aptly.yml b/jenkins/client/job/aptly.yml
index 256c04a..921e9bc 100644
--- a/jenkins/client/job/aptly.yml
+++ b/jenkins/client/job/aptly.yml
@@ -92,3 +92,63 @@
type: string
default: "all"
description: "Comma separated list (,)"
+ STORAGES:
+ type: string
+ default: "${_param:jenkins_aptly_storages}"
+ description: "Comma separated list of storage"
+ job_template:
+ aptly-all:
+ name: aptly-{{operation}}-all-{{source}}-{{target}}
+ jobs:
+ - operation: promote
+ diff_only: false
+ source: nightly
+ target: testing
+ - operation: promote
+ diff_only: false
+ source: testing
+ target: stable
+ template:
+ discard:
+ build:
+ keep_num: 25
+ artifact:
+ keep_num: 25
+ type: workflow-scm
+ concurrent: false
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
+ credentials: "gerrit"
+ script: aptly-promote-pipeline.groovy
+ param:
+ SOURCE:
+ type: string
+ default: "(.*)/{{source}}"
+ TARGET:
+ type: string
+ default: "{0}/{{target}}"
+ RECREATE:
+ type: boolean
+ default: 'false'
+ DUMP_PUBLISH:
+ type: boolean
+ default: 'true'
+ DIFF_ONLY:
+ type: boolean
+ default: '{{diff_only}}'
+ APTLY_URL:
+ type: string
+ default: "${_param:jenkins_aptly_api_url}"
+ COMPONENTS:
+ type: string
+ default: "all"
+ description: "Comma separated list (,)"
+ PACKAGES:
+ type: string
+ default: "all"
+ description: "Comma separated list (,)"
+ STORAGES:
+ type: string
+ default: "${_param:jenkins_aptly_storages}"
+ description: "Comma separated list of storage"
diff --git a/jenkins/client/job/ceph/replace-failed-osd.yml b/jenkins/client/job/ceph/replace-failed-osd.yml
index 57081ec..775915f 100644
--- a/jenkins/client/job/ceph/replace-failed-osd.yml
+++ b/jenkins/client/job/ceph/replace-failed-osd.yml
@@ -33,9 +33,9 @@
DEVICE:
type: string
description: Comma separated list of failed devices that will be replaced at HOST (/dev/sdb,/dev/sdc)
- JOURNAL_OR_BLOCKDB_PARTITION:
+ JOURNAL_BLOCKDB_BLOCKWAL_PARTITION:
type: string
- description: Comma separated list of partitions where journal or block_db for the failed devices on this HOST were stored (/dev/sdh2,/dev/sdh3)
+ description: Comma separated list of partitions where journal, block_db or block_wal for the failed devices on this HOST were stored (/dev/sdh2,/dev/sdh3)
ADMIN_HOST:
type: string
description: Host with admin keyring and correct crushmap file in /etc/ceph/crushmap
@@ -44,6 +44,10 @@
type: boolean
default: 'false'
description: Wait for healthy during pipeline
+ DMCRYPT:
+ type: boolean
+ default: 'false'
+ description: Check if replacing osds were encrypted
CLUSTER_FLAGS:
type: string
description: Flags to be aplied before pipeline and after pipeline (comma-separated list)
diff --git a/jenkins/client/job/deploy/lab/component/ceph.yml b/jenkins/client/job/deploy/lab/component/ceph.yml
index e9e3d64..b927c5d 100644
--- a/jenkins/client/job/deploy/lab/component/ceph.yml
+++ b/jenkins/client/job/deploy/lab/component/ceph.yml
@@ -15,3 +15,10 @@
stack_install: core,ceph
stack_test: "ceph"
job_timer: "H H * * *"
+ - stack_name: os_ha_ovs_ceph
+ stack_env: devcloud
+ stack_type: heat
+ stack_install: core,openstack,ovs,ceph
+ stack_test: ""
+ job_timer: "H H(0-6) * * *"
+
diff --git a/jenkins/client/job/deploy/lab/deploy.yml b/jenkins/client/job/deploy/lab/deploy.yml
index 108e30d..308b613 100644
--- a/jenkins/client/job/deploy/lab/deploy.yml
+++ b/jenkins/client/job/deploy/lab/deploy.yml
@@ -71,6 +71,9 @@
type: string
default: 'deploy-stack-cleanup'
+ STACK_RECLASS_ADDRESS:
+ type: string
+ default: ""
STACK_RECLASS_BRANCH:
type: string
default: ""
@@ -90,11 +93,14 @@
type: string
default: ""
description: "Formulas revision to install on Salt Master bootstrap stage"
+ EXTRA_FORMULAS:
+ type: string
+ default: "maas memcached ntp nginx collectd sensu heka sphinx mysql grafana libvirt rsyslog glusterfs postfix xtrabackup freeipa prometheus telegraf elasticsearch kibana rundeck devops-portal rsync docker keepalived aptly jenkins gerrit artifactory influxdb horizon"
# aws api
AWS_STACK_REGION:
type: string
- default: "us-west-2"
+ default: "eu-central-1"
AWS_API_CREDENTIALS:
type: string
default: "aws-credentials"
diff --git a/jenkins/client/job/git-mirrors/2way.yml b/jenkins/client/job/git-mirrors/2way.yml
new file mode 100644
index 0000000..158816a
--- /dev/null
+++ b/jenkins/client/job/git-mirrors/2way.yml
@@ -0,0 +1,49 @@
+parameters:
+ _param:
+ jenkins_pollscm_spec: "H/60 * * * *"
+ jenkins:
+ client:
+ job_template:
+ git-mirror-2way-common:
+ name: git-mirror-2way-{{name}}
+ jobs:
+ - name: salt-formulas-scripts
+ source: salt-formulas/salt-formulas-scripts
+ target: salt-formulas/salt-formulas-scripts
+ branches: "master"
+ - name: mcp-common-scripts
+ source: mcp/mcp-common-scripts
+ target: Mirantis/mcp-common-scripts
+ branches: "master"
+ template:
+ discard:
+ build:
+ keep_num: 10
+ artifact:
+ keep_num: 10
+ type: workflow-scm
+ concurrent: false
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
+ credentials: "gerrit"
+ script: git-mirror-2way-pipeline.groovy
+ github:
+ url: "https://github.com/{{target}}"
+ trigger:
+ github:
+ pollscm:
+ spec: ${_param:jenkins_pollscm_spec}
+ param:
+ SOURCE_URL:
+ type: string
+ default: "${_param:jenkins_gerrit_url}/{{source}}.git"
+ TARGET_URL:
+ type: string
+ default: "https://github.com/{{target}}.git"
+ CREDENTIALS_ID:
+ type: string
+ default: "gerrit"
+ BRANCHES:
+ type: string
+ default: "{{branches}}"
diff --git a/jenkins/client/job/git-mirrors/upstream/oss.yml b/jenkins/client/job/git-mirrors/upstream/oss.yml
index af3f816..57ce1a2 100644
--- a/jenkins/client/job/git-mirrors/upstream/oss.yml
+++ b/jenkins/client/job/git-mirrors/upstream/oss.yml
@@ -7,3 +7,7 @@
downstream: oss/rundeck-cis-jobs
upstream: "git@github.com:Mirantis/rundeck-cis-jobs"
branches: master
+ - name: security-monkey
+ downstream: oss/security-monkey
+ upstream: "git@github.com:Netflix/security_monkey.git"
+ branches: develop
diff --git a/jenkins/client/job/salt-formulas/git-mirrors/2way.yml b/jenkins/client/job/salt-formulas/git-mirrors/2way.yml
index 2de63a5..2fa9c6c 100644
--- a/jenkins/client/job/salt-formulas/git-mirrors/2way.yml
+++ b/jenkins/client/job/salt-formulas/git-mirrors/2way.yml
@@ -263,40 +263,36 @@
BRANCHES:
type: string
default: "{{branches}}"
- git-mirror-2way:
- name: git-mirror-2way-{{name}}
- jobs:
- - name: salt-formulas-scripts
- branches: master
- template:
- discard:
- build:
- keep_num: 10
- artifact:
- keep_num: 10
- type: workflow-scm
- concurrent: false
- scm:
- type: git
- url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
- credentials: "gerrit"
- script: git-mirror-2way-pipeline.groovy
- github:
- url: "https://github.com/salt-formulas/{{name}}"
- trigger:
- github:
- pollscm:
- spec: ${_param:jenkins_pollscm_spec}
- param:
- SOURCE_URL:
- type: string
- default: "${_param:jenkins_gerrit_url}/salt-formulas/{{name}}.git"
- TARGET_URL:
- type: string
- default: "https://github.com/salt-formulas/{{name}}.git"
- CREDENTIALS_ID:
- type: string
- default: "gerrit"
- BRANCHES:
- type: string
- default: "{{branches}}"
+ job:
+ git-mirror-2way-salt-formulas-scripts:
+ discard:
+ build:
+ keep_num: 10
+ artifact:
+ keep_num: 10
+ type: workflow-scm
+ concurrent: false
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
+ credentials: "gerrit"
+ script: git-mirror-2way-pipeline.groovy
+ github:
+ url: "https://github.com/salt-formulas/salt-formulas-scripts"
+ trigger:
+ github:
+ pollscm:
+ spec: ${_param:jenkins_pollscm_spec}
+ param:
+ SOURCE_URL:
+ type: string
+ default: "${_param:jenkins_gerrit_url}/salt-formulas/salt-formulas-scripts.git"
+ TARGET_URL:
+ type: string
+ default: "https://github.com/salt-formulas/salt-formulas-scripts.git"
+ CREDENTIALS_ID:
+ type: string
+ default: "gerrit"
+ BRANCHES:
+ type: string
+ default: "master"
diff --git a/jenkins/client/job/salt-formulas/tests.yml b/jenkins/client/job/salt-formulas/tests.yml
index 3b3eb43..44fd4c1 100644
--- a/jenkins/client/job/salt-formulas/tests.yml
+++ b/jenkins/client/job/salt-formulas/tests.yml
@@ -13,6 +13,7 @@
- name: avinetworks
- name: backupninja
- name: barbican
+ - name: baremetal-simulator
- name: billometer
- name: bind
- name: bird
@@ -114,7 +115,6 @@
- name: supervisor
- name: swift
- name: taiga
- - name: tinyproxy
- name: telegraf
- name: tinyproxy
- name: tftpd-hpa
diff --git a/jenkins/client/job/salt-models/tests.yml b/jenkins/client/job/salt-models/tests.yml
index 0440b28..19ed2e0 100644
--- a/jenkins/client/job/salt-models/tests.yml
+++ b/jenkins/client/job/salt-models/tests.yml
@@ -164,7 +164,7 @@
default: "1"
EXTRA_FORMULAS:
type: string
- default: "xtrabackup docker haproxy aptly keepalived gerrit jenkins openldap maas backupninja"
+ default: "aptly artifactory backupninja collectd devops-portal docker elasticsearch freeipa gerrit glusterfs grafana haproxy heka horizon influxdb jenkins keepalived kibana libvirt maas memcached mysql nginx ntp openldap openssh postfix prometheus rsync rsyslog rundeck sensu sphinx telegraf xtrabackup"
job:
test-salt-model-node:
name: test-salt-model-node
diff --git a/jenkins/client/job/validate.yml b/jenkins/client/job/validate.yml
index 6d3ecda..6bf4cac 100644
--- a/jenkins/client/job/validate.yml
+++ b/jenkins/client/job/validate.yml
@@ -126,6 +126,14 @@
type: string
default: ""
description: Git branch which will be used during the checkout
+ RALLY_SCENARIOS:
+ type: string
+ default: ""
+ description: Rally scenarios directory or file with scenarios
+ RALLY_TASK_ARGS_FILE:
+ type: string
+ default: ""
+ description: Rally scenarios arguments file
AVAILABILITY_ZONE:
type: string
default: "nova"
diff --git a/kibana/server/single.yml b/kibana/server/single.yml
index fe0555c..e6a0a4d 100644
--- a/kibana/server/single.yml
+++ b/kibana/server/single.yml
@@ -1,9 +1,12 @@
classes:
- service.kibana.server.single
parameters:
+ _param:
+ kibana_version: 4
kibana:
server:
enabled: true
+ version: ${_param:kibana_version}
default_app_id: "dashboard/logs"
bind:
address: ${_param:single_address}
diff --git a/linux/system/repo/elasticsearch5.yml b/linux/system/repo/elasticsearch5.yml
new file mode 100644
index 0000000..34699e8
--- /dev/null
+++ b/linux/system/repo/elasticsearch5.yml
@@ -0,0 +1,12 @@
+parameters:
+ linux:
+ system:
+ repo:
+ elasticsearch:
+ source: "deb https://artifacts.elastic.co/packages/5.x/apt stable main"
+ architectures: amd64
+ key_url: "https://artifacts.elastic.co/GPG-KEY-elasticsearch"
+ elasticsearch_curator:
+ source: "deb http://packages.elastic.co/curator/4/debian stable main"
+ architectures: amd64
+ key_url: "https://packages.elastic.co/GPG-KEY-elasticsearch"
diff --git a/linux/system/repo/kibana5.yml b/linux/system/repo/kibana5.yml
new file mode 100644
index 0000000..0d6235b
--- /dev/null
+++ b/linux/system/repo/kibana5.yml
@@ -0,0 +1,7 @@
+parameters:
+ linux:
+ system:
+ repo:
+ kibana:
+ source: "deb https://artifacts.elastic.co/packages/5.x/apt stable main"
+ key_url: "https://artifacts.elastic.co/GPG-KEY-elasticsearch"
\ No newline at end of file
diff --git a/linux/system/repo_local/mcp/extra.yml b/linux/system/repo_local/mcp/extra.yml
index c55ecfc..90339d3 100644
--- a/linux/system/repo_local/mcp/extra.yml
+++ b/linux/system/repo_local/mcp/extra.yml
@@ -15,3 +15,6 @@
- pin: 'release a=${_param:linux_system_repo_mcp_extra_version}'
priority: 1100
package: '*'
+ - pin: 'release a=${_param:linux_system_repo_mcp_extra_version}'
+ priority: 500
+ package: 'libsodium18'
diff --git a/neutron/client/service/ironic_provision.yml b/neutron/client/service/ironic_provision.yml
new file mode 100644
index 0000000..fc545b6
--- /dev/null
+++ b/neutron/client/service/ironic_provision.yml
@@ -0,0 +1,21 @@
+classes:
+- service.neutron.client
+parameters:
+ neutron:
+ client:
+ server:
+ admin_identity:
+ endpoint_type: internalURL
+ network:
+ baremetal-provision-network:
+ tenant: admin
+ shared: false
+ admin_state_up: True
+ port_security_enabled: false
+ subnet:
+ baremetal-provision-subnet:
+ cidr: ${_param:openstack_baremetal_neutron_subnet_cidr}
+ allocation_pools:
+ - start: ${_param:openstack_baremetal_neutron_subnet_allocation_start}
+ end: ${_param:openstack_baremetal_neutron_subnet_allocation_end}
+ enable_dhcp: true
diff --git a/neutron/compute/nfv/dpdk.yml b/neutron/compute/nfv/dpdk.yml
index 3f05d53..c8872c7 100644
--- a/neutron/compute/nfv/dpdk.yml
+++ b/neutron/compute/nfv/dpdk.yml
@@ -10,6 +10,9 @@
dpdk_socket_mem: "${_param:compute_ovs_dpdk_socket_mem}"
dpdk_lcore_mask: "${_param:compute_ovs_dpdk_lcore_mask}"
memory_channels: "${_param:compute_ovs_memory_channels}"
+ vhost_socket_dir:
+ name: "openvswitch-vhost"
+ path: "/run/openvswitch-vhost"
neutron:
compute:
dpdk: True
diff --git a/neutron/gateway/cluster.yml b/neutron/gateway/cluster.yml
index c96c6bb..558a814 100644
--- a/neutron/gateway/cluster.yml
+++ b/neutron/gateway/cluster.yml
@@ -4,6 +4,11 @@
_param:
neutron_enable_qos: False
neutron_enable_vlan_aware_vms: False
+ linux:
+ system:
+ kernel:
+ sysctl:
+ fs.inotify.max_user_instances: 4096
neutron:
gateway:
dvr: ${_param:neutron_gateway_dvr}
diff --git a/nova/compute/cluster.yml b/nova/compute/cluster.yml
index e8b29cc..5d0e6a1 100644
--- a/nova/compute/cluster.yml
+++ b/nova/compute/cluster.yml
@@ -1,6 +1,5 @@
classes:
- service.nova.compute.kvm
-- service.iptables.server
parameters:
_param:
nova_vncproxy_url: https://${_param:cluster_public_host}:6080
@@ -95,15 +94,3 @@
public_key: ${_param:nova_compute_ssh_public}
private_key: ${_param:nova_compute_ssh_private}
my_ip: ${_param:single_address}
- libvirt:
- uri: qemu+unix:///system?socket=/var/run/libvirt/libvirt-sock
- iptables:
- service:
- enabled: true
- chain:
- INPUT:
- rules:
- # deny any connections to libvirt port
- - destination_port: 16509
- protocol: tcp
- jump: DROP
\ No newline at end of file
diff --git a/nova/compute/single.yml b/nova/compute/single.yml
index d5126df..b915145 100644
--- a/nova/compute/single.yml
+++ b/nova/compute/single.yml
@@ -2,7 +2,6 @@
- nova
classes:
- service.nova.compute.kvm
-- service.iptables.server
parameters:
_param:
nova_vncproxy_url: https://${_param:cluster_public_host}:6080
@@ -91,15 +90,3 @@
public_key: ${_param:nova_compute_ssh_public}
private_key: ${_param:nova_compute_ssh_private}
my_ip: ${_param:single_address}
- libvirt:
- uri: qemu+unix:///system?socket=/var/run/libvirt/libvirt-sock
- iptables:
- service:
- enabled: true
- chain:
- INPUT:
- rules:
- # deny any connections to libvirt port
- - destination_port: 16509
- protocol: tcp
- jump: DROP
\ No newline at end of file
diff --git a/opencontrail/client/resource/global_vrouter_config.yml b/opencontrail/client/resource/global_vrouter_config.yml
index 15bf76e..9537775 100644
--- a/opencontrail/client/resource/global_vrouter_config.yml
+++ b/opencontrail/client/resource/global_vrouter_config.yml
@@ -2,7 +2,7 @@
opencontrail:
client:
global_vrouter_config:
- name: global-vrouter-config
+ name: default-global-vrouter-config
parent_type: global-system-config
encap_priority: "MPLSoUDP,MPLSoGRE"
vxlan_vn_id_mode: automatic
diff --git a/opencontrail/control/analytics4_0.yml b/opencontrail/control/analytics4_0.yml
index a122830..a426e02 100644
--- a/opencontrail/control/analytics4_0.yml
+++ b/opencontrail/control/analytics4_0.yml
@@ -11,33 +11,27 @@
opencontrail_message_queue_node02_address: ${_param:openstack_message_queue_node02_address}
opencontrail_message_queue_node03_address: ${_param:openstack_message_queue_node03_address}
opencontrail_message_queue_address: ${_param:openstack_message_queue_address}
+ opencontrail_analytics_image: docker-prod-local.artifactory.mirantis.com/opencontrail/opencontrail-analytics
+ opencontrail_analyticsdb_image: docker-prod-local.artifactory.mirantis.com/opencontrail/opencontrail-analyticsdb
# Temprorary fix for MOS9 packages to pin old version of kafka
linux:
system:
- package:
- librdkafka1:
- version: 0.9.0-0contrail0
- hold: true
- python-kafka:
- version: 1.0.1-0contrail1
- hold: true
kernel:
modules:
- nf_conntrack_ipv4
opencontrail:
common:
+ config_only: true
identity:
host: ${_param:openstack_control_address}
network:
host: ${_param:openstack_control_address}
collector:
+ config_only: true
discovery:
host: None
- database:
- members:
- - host: ${_param:opencontrail_analytics_node01_address}
- - host: ${_param:opencontrail_analytics_node02_address}
- - host: ${_param:opencontrail_analytics_node03_address}
+ identity:
+ host: ${_param:openstack_control_address}
analytics:
members:
- host: ${_param:opencontrail_analytics_node01_address}
@@ -55,6 +49,7 @@
- host: ${_param:opencontrail_control_node02_address}
- host: ${_param:opencontrail_control_node03_address}
database:
+ config_only: true
discovery:
host: None
analytics:
@@ -62,3 +57,34 @@
- host: ${_param:opencontrail_analytics_node01_address}
- host: ${_param:opencontrail_analytics_node02_address}
- host: ${_param:opencontrail_analytics_node03_address}
+ docker:
+ client:
+ compose:
+ opencontrail_api:
+ status: up
+ pull: true
+ service:
+ analytics:
+ image: ${_param:opencontrail_analytics_image}
+ network_mode: "host"
+ privileged: true
+ volumes:
+ - /etc/contrail:/etc/contrail
+ - /etc/redis/redis.conf:/etc/redis/redis.conf
+ analyticsdb:
+ image: ${_param:opencontrail_analyticsdb_image}
+ volumes:
+ - /etc/cassandra/cassandra-env-analytics.sh:/etc/cassandra/cassandra-env.sh
+ - /etc/cassandra/cassandra_analytics.yaml:/etc/cassandra/cassandra.yaml
+ - /etc/cassandra/logback.xml:/etc/cassandra/logback.xml
+ - /etc/contrail:/etc/contrail
+ - /var/lib/analyticsdb:/var/lib/cassandra
+ - /var/lib/analyticsdb_zookeeper_data:/var/lib/zookeeper
+ - /var/lib/zookeeper/myid:/var/lib/zookeeper/myid
+ - /usr/share/kafka/config/server.properties:/usr/share/kafka/config/server.properties
+ - /usr/share/kafka/config/consumer.properties:/usr/share/kafka/config/consumer.properties
+ - /usr/share/kafka/config/zookeeper.properties:/usr/share/kafka/config/zookeeper.properties
+ - /etc/zookeeper/conf/zoo_analytics.cfg:/etc/zookeeper/conf/zoo.cfg
+ - /etc/zookeeper/conf/log4j.properties:/etc/zookeeper/conf/log4j.properties
+ network_mode: "host"
+ privileged: true
diff --git a/opencontrail/control/cluster4_0.yml b/opencontrail/control/cluster4_0.yml
index cd12eef..9796930 100644
--- a/opencontrail/control/cluster4_0.yml
+++ b/opencontrail/control/cluster4_0.yml
@@ -12,31 +12,27 @@
opencontrail_message_queue_node02_address: ${_param:openstack_control_node02_address}
opencontrail_message_queue_node03_address: ${_param:openstack_control_node03_address}
opencontrail_message_queue_address: ${_param:openstack_control_address}
+ opencontrail_analytics_image: docker-prod-local.artifactory.mirantis.com/opencontrail/opencontrail-analytics
+ opencontrail_analyticsdb_image: docker-prod-local.artifactory.mirantis.com/opencontrail/opencontrail-analyticsdb
+ opencontrail_controller_image: docker-prod-local.artifactory.mirantis.com/opencontrail/opencontrail-controller
+ analytics_vip_address: ${_param:opencontrail_analytics_address}
# Temprorary fix for MOS9 packages to pin old version of kafka
linux:
system:
- package:
- librdkafka1:
- version: 0.9.0-0contrail0
- python-kafka:
- version: 1.0.1-0contrail1
kernel:
modules:
- nf_conntrack_ipv4
opencontrail:
common:
+ config_only: true
identity:
host: ${_param:openstack_control_address}
network:
host: ${_param:openstack_control_address}
collector:
+ config_only: true
discovery:
host: None
- database:
- members:
- - host: ${_param:cluster_node01_address}
- - host: ${_param:cluster_node02_address}
- - host: ${_param:cluster_node03_address}
analytics:
members:
- host: ${_param:cluster_node01_address}
@@ -54,6 +50,7 @@
- host: ${_param:cluster_node02_address}
- host: ${_param:cluster_node03_address}
database:
+ config_only: true
discovery:
host: None
analytics:
@@ -62,6 +59,7 @@
- host: ${_param:cluster_node02_address}
- host: ${_param:cluster_node03_address}
config:
+ config_only: true
network:
host: ${_param:openstack_control_address}
bind:
@@ -84,6 +82,9 @@
region: ${_param:openstack_region}
host: ${_param:openstack_control_address}
control:
+ config_only: true
+ identity:
+ host: ${_param:openstack_control_address}
analytics:
members:
- host: ${_param:cluster_node01_address}
@@ -102,6 +103,7 @@
discovery:
host: None
web:
+ config_only: true
analytics:
host: ${_param:opencontrail_control_address}
cache:
@@ -109,6 +111,51 @@
identity:
host: ${_param:openstack_control_address}
database:
- port: 9042
+ port: 9041
network:
host: ${_param:openstack_control_address}
+ docker:
+ client:
+ compose:
+ opencontrail_api:
+ status: up
+ pull: true
+ service:
+ controller:
+ image: ${_param:opencontrail_controller_image}
+ volumes:
+ - /etc/contrail:/etc/contrail
+ - /var/lib/configdb:/var/lib/cassandra
+ - /var/lib/config_zookeeper_data:/var/lib/zookeeper
+ - /var/lib/zookeeper/myid:/var/lib/zookeeper/myid
+ - /etc/cassandra/cassandra-env.sh:/etc/cassandra/cassandra-env.sh
+ - /etc/cassandra/cassandra.yaml:/etc/cassandra/cassandra.yaml
+ - /etc/cassandra/logback.xml:/etc/cassandra/logback.xml
+ - /etc/zookeeper/conf/zoo.cfg:/etc/zookeeper/conf/zoo.cfg
+ - /etc/zookeeper/conf/log4j.properties:/etc/zookeeper/conf/log4j.properties
+ network_mode: "host"
+ privileged: true
+ analytics:
+ image: ${_param:opencontrail_analytics_image}
+ network_mode: "host"
+ privileged: true
+ volumes:
+ - /etc/contrail:/etc/contrail
+ - /etc/redis/redis.conf:/etc/redis/redis.conf
+ analyticsdb:
+ image: ${_param:opencontrail_analyticsdb_image}
+ volumes:
+ - /etc/cassandra/cassandra-env-analytics.sh:/etc/cassandra/cassandra-env.sh
+ - /etc/cassandra/cassandra_analytics.yaml:/etc/cassandra/cassandra.yaml
+ - /etc/cassandra/logback.xml:/etc/cassandra/logback.xml
+ - /etc/contrail:/etc/contrail
+ - /var/lib/analyticsdb:/var/lib/cassandra
+ - /var/lib/analyticsdb_zookeeper_data:/var/lib/zookeeper
+ - /var/lib/zookeeper/myid:/var/lib/zookeeper/myid
+ - /usr/share/kafka/config/server.properties:/usr/share/kafka/config/server.properties
+ - /usr/share/kafka/config/consumer.properties:/usr/share/kafka/config/consumer.properties
+ - /usr/share/kafka/config/zookeeper.properties:/usr/share/kafka/config/zookeeper.properties
+ - /etc/zookeeper/conf/zoo_analytics.cfg:/etc/zookeeper/conf/zoo.cfg
+ - /etc/zookeeper/conf/log4j.properties:/etc/zookeeper/conf/log4j.properties
+ network_mode: "host"
+ privileged: true
diff --git a/opencontrail/control/control4_0.yml b/opencontrail/control/control4_0.yml
index 32b51e5..f1d603c 100644
--- a/opencontrail/control/control4_0.yml
+++ b/opencontrail/control/control4_0.yml
@@ -9,13 +9,17 @@
opencontrail_message_queue_node01_address: ${_param:openstack_message_queue_node01_address}
opencontrail_message_queue_node02_address: ${_param:openstack_message_queue_node02_address}
opencontrail_message_queue_node03_address: ${_param:openstack_message_queue_node03_address}
+ opencontrail_controller_image: docker-prod-local.artifactory.mirantis.com/opencontrail/opencontrail-controller
+ analytics_vip_address: ${_param:opencontrail_analytics_address}
opencontrail:
common:
+ config_only: true
identity:
host: ${_param:openstack_control_address}
network:
host: ${_param:openstack_control_address}
config:
+ config_only: true
network:
host: ${_param:openstack_control_address}
bind:
@@ -38,6 +42,7 @@
region: ${_param:openstack_region}
host: ${_param:openstack_control_address}
control:
+ config_only: true
analytics:
members:
- host: ${_param:opencontrail_analytics_node01_address}
@@ -56,6 +61,7 @@
discovery:
host: None
web:
+ config_only: true
analytics:
host: ${_param:opencontrail_analytics_address}
cache:
@@ -63,10 +69,11 @@
identity:
host: ${_param:openstack_control_address}
database:
- port: 9042
+ port: 9041
network:
host: ${_param:openstack_control_address}
database:
+ config_only: true
analytics:
members:
- host: ${_param:opencontrail_analytics_node01_address}
@@ -77,3 +84,24 @@
kernel:
modules:
- nf_conntrack_ipv4
+ docker:
+ client:
+ compose:
+ opencontrail_api:
+ status: up
+ pull: true
+ service:
+ controller:
+ image: ${_param:opencontrail_controller_image}
+ volumes:
+ - /etc/contrail:/etc/contrail
+ - /var/lib/configdb:/var/lib/cassandra
+ - /var/lib/config_zookeeper_data:/var/lib/zookeeper
+ - /var/lib/zookeeper/myid:/var/lib/zookeeper/myid
+ - /etc/cassandra/cassandra-env.sh:/etc/cassandra/cassandra-env.sh
+ - /etc/cassandra/cassandra.yaml:/etc/cassandra/cassandra.yaml
+ - /etc/cassandra/logback.xml:/etc/cassandra/logback.xml
+ - /etc/zookeeper/conf/zoo.cfg:/etc/zookeeper/conf/zoo.cfg
+ - /etc/zookeeper/conf/log4j.properties:/etc/zookeeper/conf/log4j.properties
+ network_mode: "host"
+ privileged: true
diff --git a/opencontrail/control/single4_0.yml b/opencontrail/control/single4_0.yml
index 365ed20..ded5289 100644
--- a/opencontrail/control/single4_0.yml
+++ b/opencontrail/control/single4_0.yml
@@ -5,14 +5,13 @@
_param:
opencontrail_version: 4.0
linux_repo_contrail_component: oc40
+ opencontrail_analytics_image: docker-prod-local.artifactory.mirantis.com/opencontrail/opencontrail-analytics
+ opencontrail_analyticsdb_image: docker-prod-local.artifactory.mirantis.com/opencontrail/opencontrail-analyticsdb
+ opencontrail_controller_image: docker-prod-local.artifactory.mirantis.com/opencontrail/opencontrail-controller
# Temprorary fix for MOS9 packages to pin old version of kafka
linux:
system:
package:
- librdkafka1:
- version: 0.9.0-0contrail0
- python-kafka:
- version: 1.0.1-0contrail1
contrail-api-cli:
version: latest
kernel:
@@ -73,11 +72,13 @@
password: ${_param:opencontrail_stats_password}
opencontrail:
common:
+ config_only: true
identity:
host: ${_param:openstack_control_address}
network:
host: ${_param:openstack_control_address}
config:
+ config_only: true
network:
host: ${_param:openstack_control_address}
bind:
@@ -96,6 +97,7 @@
region: ${_param:openstack_region}
host: ${_param:openstack_control_address}
control:
+ config_only: true
analytics:
members:
- host: ${_param:single_address}
@@ -108,6 +110,7 @@
discovery:
host: None
web:
+ config_only: true
analytics:
host: ${_param:single_address}
cache:
@@ -115,14 +118,18 @@
identity:
host: ${_param:openstack_control_address}
database:
- port: 9042
+ port: 9041
network:
host: ${_param:openstack_control_address}
database:
+ config_only: true
analytics:
members:
- host: ${_param:single_address}
collector:
+ config_only: true
+ identity:
+ host: ${_param:openstack_control_address}
discovery:
host: None
database:
@@ -138,3 +145,48 @@
config:
members:
- host: ${_param:single_address}
+ docker:
+ client:
+ compose:
+ opencontrail_api:
+ status: up
+ pull: true
+ service:
+ controller:
+ image: ${_param:opencontrail_controller_image}
+ volumes:
+ - /etc/contrail:/etc/contrail
+ - /var/lib/configdb:/var/lib/cassandra
+ - /var/lib/config_zookeeper_data:/var/lib/zookeeper
+ - /var/lib/zookeeper/myid:/var/lib/zookeeper/myid
+ - /etc/cassandra/cassandra-env.sh:/etc/cassandra/cassandra-env.sh
+ - /etc/cassandra/cassandra.yaml:/etc/cassandra/cassandra.yaml
+ - /etc/cassandra/logback.xml:/etc/cassandra/logback.xml
+ - /etc/zookeeper/conf/zoo.cfg:/etc/zookeeper/conf/zoo.cfg
+ - /etc/zookeeper/conf/log4j.properties:/etc/zookeeper/conf/log4j.properties
+ network_mode: "host"
+ privileged: true
+ analytics:
+ image: ${_param:opencontrail_analytics_image}
+ network_mode: "host"
+ privileged: true
+ volumes:
+ - /etc/contrail:/etc/contrail
+ - /etc/redis/redis.conf:/etc/redis/redis.conf
+ analyticsdb:
+ image: ${_param:opencontrail_analyticsdb_image}
+ volumes:
+ - /etc/cassandra/cassandra-env-analytics.sh:/etc/cassandra/cassandra-env.sh
+ - /etc/cassandra/cassandra_analytics.yaml:/etc/cassandra/cassandra.yaml
+ - /etc/cassandra/logback.xml:/etc/cassandra/logback.xml
+ - /etc/contrail:/etc/contrail
+ - /var/lib/analyticsdb:/var/lib/cassandra
+ - /var/lib/analyticsdb_zookeeper_data:/var/lib/zookeeper
+ - /var/lib/zookeeper/myid:/var/lib/zookeeper/myid
+ - /usr/share/kafka/config/server.properties:/usr/share/kafka/config/server.properties
+ - /usr/share/kafka/config/consumer.properties:/usr/share/kafka/config/consumer.properties
+ - /usr/share/kafka/config/zookeeper.properties:/usr/share/kafka/config/zookeeper.properties
+ - /etc/zookeeper/conf/zoo_analytics.cfg:/etc/zookeeper/conf/zoo.cfg
+ - /etc/zookeeper/conf/log4j.properties:/etc/zookeeper/conf/log4j.properties
+ network_mode: "host"
+ privileged: true
diff --git a/openssh/server/team/k8s_team.yml b/openssh/server/team/k8s_team.yml
index 9ec2b88..934afd6 100644
--- a/openssh/server/team/k8s_team.yml
+++ b/openssh/server/team/k8s_team.yml
@@ -1,3 +1,5 @@
+classes:
+- system.openssh.server.team.members.ashestakov
parameters:
_param:
linux_system_user_sudo: true
diff --git a/openssh/server/team/maintenance.yml b/openssh/server/team/maintenance.yml
new file mode 100644
index 0000000..44e8639
--- /dev/null
+++ b/openssh/server/team/maintenance.yml
@@ -0,0 +1,9 @@
+classes:
+- system.linux.system.sudo
+- system.openssh.server.team.members.astupnikov
+- system.openssh.server.team.members.dmeltsaykin
+- system.openssh.server.team.members.myatsenko
+- system.openssh.server.team.members.omolchanov
+parameters:
+ _param:
+ linux_system_user_sudo: true
diff --git a/openssh/server/team/members/astupnikov.yml b/openssh/server/team/members/astupnikov.yml
new file mode 100644
index 0000000..d4522f6
--- /dev/null
+++ b/openssh/server/team/members/astupnikov.yml
@@ -0,0 +1,20 @@
+parameters:
+ linux:
+ system:
+ user:
+ astupnikov:
+ enabled: true
+ name: astupnikov
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: Alexey Stupnikov
+ home: /home/astupnikov
+ email: astupnikov@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ astupnikov:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDrV6q403BYodTCb8BCsWlkW6AHxvtCH5JxI9gUANsvbQd9n8fd16xqgXVecCRBJOS4PVauLNiQPMaj6ZuFeRZ8ZXvX498eNSNa5WhBbSwk0X/DqdK1LN/MStTAtL60JQV0yQSY+BghVJkREw4MJJBksyP0X+OG5AB+ijh/bjsabYr+EQNK+WJblrsRvNNCbjiWPcjzXVMxUrzphB09CYMwWFgx1An5jS7c1EGvXrzf0aK1KkadhGnXcjPACFaMGPYmu5HNgQcRnzNXDQU6PLGeyqNnZYZjHdQWZR88cQywznqzI8y9P4qSOTVStYoKLlYsdQFRTw8sJrRpPZupgSED astupnikov@astupnikov-srv
+ user: ${linux:system:user:astupnikov}
diff --git a/openssh/server/team/members/dkruglov.yml b/openssh/server/team/members/dkruglov.yml
new file mode 100644
index 0000000..358e365
--- /dev/null
+++ b/openssh/server/team/members/dkruglov.yml
@@ -0,0 +1,20 @@
+parameters:
+ linux:
+ system:
+ user:
+ dkruglov:
+ enabled: true
+ name: dkruglov
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: Dmitriy Kruglov
+ home: /home/dkruglov
+ email: dkruglov@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ dkruglov:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDd0peqhFCRgFhxsAV23TJ6la96FH7CFd/XYW67vaxWrlWSZsba9+aMMpNFPjNfrcAqZsKNlRk3EOEAHyS4JQHcOzQAxYU5kCnqg2YnIY3bp4ihDwF/V+4xMRvt8avdlo9qBFQGqiX7iPleMM089wiATi6NYsacooqNEhrjf3NvqeJBK2NLS82aSdOFF7reC58hyomArD1dJE1usF28l5+i8d8ALlzOlMLLaIRPFmbJeT43S+VXNycREektwVbXvF+Lmt2FST1oQD2KMd+aWltLsGg2KlXwlzMIod1UuYx0ZcIk7o1GYY7duNP+gmldj+TTqAgqlOChusw8iAdOUPff dkruglov@mirantis.com
+ user: ${linux:system:user:dkruglov}
diff --git a/openssh/server/team/members/dmeltsaykin.yml b/openssh/server/team/members/dmeltsaykin.yml
new file mode 100644
index 0000000..1b5ff2e
--- /dev/null
+++ b/openssh/server/team/members/dmeltsaykin.yml
@@ -0,0 +1,20 @@
+parameters:
+ linux:
+ system:
+ user:
+ dmeltsaykin:
+ enabled: true
+ name: dmeltsaykin
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: Denis Meltsaykin
+ home: /home/dmeltsaykin
+ email: dmeltsaykin@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ dmeltsaykin:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqfNIy3WuxzRzOY/GBNGOnP5UrCFWZ8uMzW6hEl4wgIEYYIcv8o+C1/hvrfHimG/I/rAwYRS6Dx0bZ7m49zATNxe+EVer3BV63ru34Hzel/XxxyD34ULmrDgvP3olaAKFI17gVOFQ7hCBzDRp3s4YN3ojQspPyeiO+Jt8OwVomxJWgLauAHhl7Z/XPVHpT/fssJGG/eC4oOz4RZ4jAk0BH3Yl8s63grfwrgB79H/+nr0UvBdTkBn3T5WiC4gxnm+jQQwci7/BLQsg1Z3OykfTuyftIexNyVVy/SmdsGi37RJGFKRMMovoZx+261JgaHWBoHqBJa5UpV2usi9z3Py2z avgoor@MacBook-Pro-Denis.local
+ user: ${linux:system:user:dmeltsaykin}
diff --git a/openssh/server/team/members/mpolreich.yml b/openssh/server/team/members/mpolreich.yml
index a4658aa..cfe8b70 100644
--- a/openssh/server/team/members/mpolreich.yml
+++ b/openssh/server/team/members/mpolreich.yml
@@ -16,5 +16,5 @@
mpolreich:
enabled: true
public_keys:
- - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC0N+ds8BGTR+ZQo9NSRGRbjv3T8AbPmtSw2nClXxetRdmHpM/mU7/5iD7qfkCXtNptKeCG/Qk44wlijnAtjztJK1qfvyphHe3etZxLnqhYMm73Yy++yKPE/ywFPFb+7kd0BDy2iZqohZpX3gUi5iDnvXUInHNqqtTv3xFe2kmn3lq5bSRuUMtr61nZ7z/fkX8kNfoGxKrm7bhSo5zq4sjTrj3lk1LKZc1HYji3RwrzBM0z4eyed1BaJyDNtG+eFN4nOnvVn59452AR8SmKJXRErk37rEoQn80xszypzybooFPN5dpdB6u9b4xquFCOD83usb8kEjKY9VIYGuXxEEts1KIF20J+xd8UnZU8d4JL50G8JY8zdNgurR3ZyMD2okuord4cpHF8SVecsAyRV6nuhDxVtF2Xn/RriY02jrLoRPsS+3nIrKt9H8vpQZMYJ+jgEpekZhhVfz4AP3pATzOrWENzNXj5G1bLJs1C9aTtwE27EnKW73XekX/GLsehCwsQ21JvDX8PMxJwLVfqvkRlrc5GILEIVgjZ82Cj6Eens1QobymRAEWuEpZxkPx6u0kGO62ri8zFx8+NYwYDz3mwhHDRT34T/Rvzy/9V9xVjkUQOj9cZ3eYBnC1MffJjx8heHDmSQmUd+99zKa9Hzr74z3AvR3AIgFqmu7kx5fIMew== ubuntu@thinkpad-x1
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDC6jbVpCqvru+Te2RGLPy/AkcaoRqyqxdBi3OjjXdRjPQYGNuAEFgmlQDZvs5xBMAKOcrcCl8wLcFb3mmpr9+xBJAdR4K0bEqwMfCKRejsN+6AubCbrOeoWb9SsTdvBOl7rOFyICt/XuSNX56C8k1hJojC0U21DIertWSCd8h5RExE8Skqd9+KdHSFa+TZffWbysMrwba29UBt7XsAPuQr1BUOqhA8JOx146ul5HszitCOSvglre8pSJKpw6a4Fk/cb1J8Oc/AfSMdTvTLAfuF+d2Mw6SEawFEocSXq0WKCdZfJpZrWPr6SEB+7zoq3kvhIWgUH2ypYZvvqf0EVlWx polreichmartin@gmail.com
user: ${linux:system:user:mpolreich}
\ No newline at end of file
diff --git a/openssh/server/team/members/myatsenko.yml b/openssh/server/team/members/myatsenko.yml
new file mode 100644
index 0000000..01c2417
--- /dev/null
+++ b/openssh/server/team/members/myatsenko.yml
@@ -0,0 +1,20 @@
+parameters:
+ linux:
+ system:
+ user:
+ myatsenko:
+ enabled: true
+ name: myatsenko
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: Maksym Yatsenko
+ home: /home/myatsenko
+ email: myatsenko@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ myatsenko:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC3wCjIm2PVzViGp5NFxeDHLVLxSq67gR+mm4jarHyDVb8wz9kfSG6cWGXNZhrqse7NgpDZpurFunFddXQBOgR6LmOfo9sDlcl4oT0+OnWHgyK6RMYcigkVYVYI5W2f5M+3Dz/KjV1S/VmRYlh/tz46PECV+Y93RaUUXS/91Uv19SAzuCd3Rj0l43HY5ROZNK0VZSrIsnhOqLZxF71v0jY/AbFxswooMH0NCM7XFqVBsRjwclfQjIGkV1j4xeWGM1xWkvvHCSEz2JdeAR5w3C7mhCzPpQJXvQGJNuccyZzoNbHPgDdFPx76MGj/VdmeUu5yKnFSnNNoQ1CcbxmaYeJ7 myatsenko@myatsenko-pc
+ user: ${linux:system:user:myatsenko}
diff --git a/openssh/server/team/members/omolchanov.yml b/openssh/server/team/members/omolchanov.yml
new file mode 100644
index 0000000..61289ed
--- /dev/null
+++ b/openssh/server/team/members/omolchanov.yml
@@ -0,0 +1,20 @@
+parameters:
+ linux:
+ system:
+ user:
+ omolchanov:
+ enabled: true
+ name: omolchanov
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: Oleksii Molchanov
+ home: /home/omolchanov
+ email: omolchanov@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ myatsenko:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCulNT7qgpJtIoLshljGonHfWk5IYh/MhzO2PEh3GnzrsnI8Mgv2W8TCD4ZB7RbSP6Jt74T7P6F4Mgzag/Nxjwimh7cUJoJZQH54QC4GVBN+YG+CRjEhIDn/OEM9q+6fnAWqBLBf/k0pzeRxWM4mLpcU+6DSPS57qjEKG5OfLCgFbBFg+4EdGP9HNVTLcMBglo7vTWtvzaGjJgH0XFXjx1fXW9JftEmwMzNdoYpQ/a19JYC2x5vu0cGWUjdMWmrzJbnTJ7SwnVYfD2mhUYDi8WGy/nCk67tb6qKCAUN5kvCEWrMPDhVEcBfvyhXU2wVnZHJbOoZxrBiici9q2U7KDYT alex@alex-B85M-DS3H
+ user: ${linux:system:user:omolchanov}
diff --git a/openssh/server/team/members/pstefanski.yml b/openssh/server/team/members/pstefanski.yml
new file mode 100644
index 0000000..cd14386
--- /dev/null
+++ b/openssh/server/team/members/pstefanski.yml
@@ -0,0 +1,20 @@
+parameters:
+ linux:
+ system:
+ user:
+ pstefanski:
+ enabled: true
+ name: pstefanski
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: Pawel Stefanski
+ home: /home/pstefanski
+ email: pstefanski@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ pstefanski:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDEmhgYMXA98zTAHALZKpgD4MIhHsUcAbrw0dM5AroBKiGBAEqlClxKxzsg7cC7yv4P8TloIoV656ywtgiRIfTAYoXGANxBgkeDfHFzlBQ7yYf8xU1Cl5jBG2xB9FnPJQYtxFJD36dAsUPQ4ykROw0epfBv+CCqgqmh6AWuIRnY8vGx6o3oKu4eZ4P0iSGuN2ITfVkGc32WoXFI0qIZPrnWLmIf4+LwbeA3aNZ54La5Er2wgrzdwF3D2MOBg964gCnuauUneY4WDkO81W+yUB7MA1n/WQP5dgLwdNTXiMtyNtuXs+QeEzlag2fRvMkmsUoU7oaIC3iuW8mf6967n+ED
+ user: ${linux:system:user:pstefanski}
diff --git a/openssh/server/team/oscore_devops.yml b/openssh/server/team/oscore_devops.yml
index 149d765..b5505a8 100644
--- a/openssh/server/team/oscore_devops.yml
+++ b/openssh/server/team/oscore_devops.yml
@@ -2,7 +2,6 @@
- system.linux.system.sudo
- system.openssh.server.team.members.vsaienko
- system.openssh.server.team.members.vnogin
-- system.openssh.server.team.members.ashestakov
- system.openssh.server.team.members.mkarpin
parameters:
_param:
diff --git a/openssh/server/team/stacklight.yml b/openssh/server/team/stacklight.yml
index e1f09f3..b46ac24 100644
--- a/openssh/server/team/stacklight.yml
+++ b/openssh/server/team/stacklight.yml
@@ -204,7 +204,7 @@
vgusev:
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCrCyaZjs8hiwx38LfpeQ2z9n9ptwQ7gFrhq2z5sK9q/LQMCubbnp5xhyF0SMY1jmQUewBOKXhnq3QSX+DmtNsnhitnZBw2BE5PBXllCBWMMiWULfAYvB0of728Q3EEjrtyfHkt7o2E+CvreVJcVI4kBwjKh5WpVBZ8mmkW/sexLGMuYu0bUWjCddu6ZlhUa+y14VZKOKp44auemza1VL/UzqOVZkBAfR2gPV2pBG3Im+SlnOlDRxKPEXQbsn3u/sNeZq0wSY++khY86AU7jAKfL2NiNsoA7CyB0jTEKwYO3vOWOhECifZuHwY/TNWyRFWM2ImW3mT9aO7nE4w4jXXJ vgusev@vgusev
mpolreich:
- key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC0N+ds8BGTR+ZQo9NSRGRbjv3T8AbPmtSw2nClXxetRdmHpM/mU7/5iD7qfkCXtNptKeCG/Qk44wlijnAtjztJK1qfvyphHe3etZxLnqhYMm73Yy++yKPE/ywFPFb+7kd0BDy2iZqohZpX3gUi5iDnvXUInHNqqtTv3xFe2kmn3lq5bSRuUMtr61nZ7z/fkX8kNfoGxKrm7bhSo5zq4sjTrj3lk1LKZc1HYji3RwrzBM0z4eyed1BaJyDNtG+eFN4nOnvVn59452AR8SmKJXRErk37rEoQn80xszypzybooFPN5dpdB6u9b4xquFCOD83usb8kEjKY9VIYGuXxEEts1KIF20J+xd8UnZU8d4JL50G8JY8zdNgurR3ZyMD2okuord4cpHF8SVecsAyRV6nuhDxVtF2Xn/RriY02jrLoRPsS+3nIrKt9H8vpQZMYJ+jgEpekZhhVfz4AP3pATzOrWENzNXj5G1bLJs1C9aTtwE27EnKW73XekX/GLsehCwsQ21JvDX8PMxJwLVfqvkRlrc5GILEIVgjZ82Cj6Eens1QobymRAEWuEpZxkPx6u0kGO62ri8zFx8+NYwYDz3mwhHDRT34T/Rvzy/9V9xVjkUQOj9cZ3eYBnC1MffJjx8heHDmSQmUd+99zKa9Hzr74z3AvR3AIgFqmu7kx5fIMew== ubuntu@thinkpad-x1
+ key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDC6jbVpCqvru+Te2RGLPy/AkcaoRqyqxdBi3OjjXdRjPQYGNuAEFgmlQDZvs5xBMAKOcrcCl8wLcFb3mmpr9+xBJAdR4K0bEqwMfCKRejsN+6AubCbrOeoWb9SsTdvBOl7rOFyICt/XuSNX56C8k1hJojC0U21DIertWSCd8h5RExE8Skqd9+KdHSFa+TZffWbysMrwba29UBt7XsAPuQr1BUOqhA8JOx146ul5HszitCOSvglre8pSJKpw6a4Fk/cb1J8Oc/AfSMdTvTLAfuF+d2Mw6SEawFEocSXq0WKCdZfJpZrWPr6SEB+7zoq3kvhIWgUH2ypYZvvqf0EVlWx polreichmartin@gmail.com
isvetlov:
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC9lvegjKq6OP7cgF9YU9mPOk1/mfJbov3YnYnhiW1Ks0hrWZyAo+0TV3O7LgWZ8jqD9abbYaOiWCt4d9ABkLUJfCLNAqOJRapJ+tybPAxJKx4eV8pptJ7UF0EdItasTdd+gqJJ4Krk869rwmqVQ4hethdykjhKyWu3bG+uVtFUF5xUj9zaT9NThA6/Xhz0idAiTO8ArmLng4W8ne45gANaHIWXpIsklo6GLUSZwl4z6j2z4joxNJsB1hrw0msT56F26ctkDo6thNMAzPMyZsLjYJBJIRYhdC1d4Up9114nVcY4pzYw76+zXU9zED2XNRLdyAaxFlwXvumAs3iMLI8Z isvetlov@isvetlov-mac.local
akholkin:
diff --git a/postgresql/client/security_monkey.yml b/postgresql/client/security_monkey.yml
index a7a341f..c47e241 100644
--- a/postgresql/client/security_monkey.yml
+++ b/postgresql/client/security_monkey.yml
@@ -5,8 +5,6 @@
secmonkey_db_host: ${_param:haproxy_postgresql_bind_host}
secmonkey_db_user: secmonkey
secmonkey_db_user_password: secmonkey
- secmonkey_login_id: 11
- secmonkey_application_id: 1
postgresql:
client:
server:
diff --git a/rundeck/client/project/cicd.yml b/rundeck/client/project/cicd.yml
index ed8b256..4cbcd40 100644
--- a/rundeck/client/project/cicd.yml
+++ b/rundeck/client/project/cicd.yml
@@ -6,6 +6,7 @@
rundeck_cis_os_docker_image: docker-prod-local.artifactory.mirantis.com/mirantis/oss/cis-openstack:latest
rundeck_cis_openstack:
auth_url: http://yourcloud.com:5000/v3/auth/tokens
+ endpoint_type: publicURL
username: admin
password: password
cert: plain-certificate
@@ -47,6 +48,9 @@
cis/openstack/auth_url:
type: password
content: ${_param:rundeck_cis_openstack:auth_url}
+ cis/openstack/endpoint_type:
+ type: password
+ content: ${_param:rundeck_cis_openstack:endpoint_type}
cis/openstack/username:
type: password
content: ${_param:rundeck_cis_openstack:username}