- OS::TripleO::Services::CACerts
- OS::TripleO::Services::CinderApi
- OS::TripleO::Services::CinderScheduler
+ - OS::TripleO::Services::Docker
- OS::TripleO::Services::Kernel
- OS::TripleO::Services::Keystone
- OS::TripleO::Services::GlanceApi
- OS::TripleO::Services::CACerts
- OS::TripleO::Services::CinderBackup
- OS::TripleO::Services::CinderVolume
+ - OS::TripleO::Services::Docker
- OS::TripleO::Services::Kernel
- OS::TripleO::Services::MySQL
- OS::TripleO::Services::MySQLClient
- OS::TripleO::Services::CinderApi
- OS::TripleO::Services::CinderScheduler
- OS::TripleO::Services::CinderVolume
+ - OS::TripleO::Services::Docker
- OS::TripleO::Services::Kernel
- OS::TripleO::Services::Keystone
- OS::TripleO::Services::GlanceApi
parameter_defaults:
ControllerServices:
- OS::TripleO::Services::CACerts
+ - OS::TripleO::Services::Docker
- OS::TripleO::Services::Kernel
- OS::TripleO::Services::Keystone
- OS::TripleO::Services::GlanceApi
parameter_defaults:
ControllerServices:
+ - OS::TripleO::Services::Docker
- OS::TripleO::Services::Kernel
- OS::TripleO::Services::Keystone
- OS::TripleO::Services::GlanceApi
parameter_defaults:
ControllerServices:
+ - OS::TripleO::Services::Docker
- OS::TripleO::Services::Kernel
- OS::TripleO::Services::Keystone
- OS::TripleO::Services::GlanceApi
parameter_defaults:
ControllerServices:
+ - OS::TripleO::Services::Docker
- OS::TripleO::Services::Kernel
- OS::TripleO::Services::Keystone
- OS::TripleO::Services::GlanceApi
- OS::TripleO::Services::CephMon
- OS::TripleO::Services::CephOSD
- OS::TripleO::Services::CephRgw
+ - OS::TripleO::Services::Docker
- OS::TripleO::Services::Kernel
- OS::TripleO::Services::Keystone
- OS::TripleO::Services::GlanceApi
stderr=subprocess.PIPE)
cmd_stdout, cmd_stderr = subproc.communicate()
print(cmd_stdout)
- print(cmd_stderr)
+ if cmd_stderr and \
+ cmd_stderr != 'Error response from daemon: ' \
+ 'No such container: {}\n'.format(name):
+ print(cmd_stderr)
process_count = int(os.environ.get('PROCESS_COUNT',
multiprocessing.cpu_count()))
'--volume', '/usr/share/openstack-puppet/modules/:/usr/share/openstack-puppet/modules/:ro',
'--volume', '/var/lib/config-data/:/var/lib/config-data/:rw',
'--volume', 'tripleo_logs:/var/log/tripleo/',
+ # OpenSSL trusted CA injection
+ '--volume', '/etc/pki/ca-trust/extracted:/etc/pki/ca-trust/extracted:ro',
+ '--volume', '/etc/pki/tls/certs/ca-bundle.crt:/etc/pki/tls/certs/ca-bundle.crt:ro',
+ '--volume', '/etc/pki/tls/certs/ca-bundle.trust.crt:/etc/pki/tls/certs/ca-bundle.trust.crt:ro',
+ '--volume', '/etc/pki/tls/cert.pem:/etc/pki/tls/cert.pem:ro',
+ # script injection
'--volume', '%s:%s:rw' % (sh_script, sh_script) ]
for volume in volumes:
- /etc/localtime:/etc/localtime:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ upgrade_tasks:
+ - name: Stop and disable httpd service
+ tags: step2
+ service: name=httpd state=stopped enabled=no
- /etc/localtime:/etc/localtime:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ upgrade_tasks:
+ - name: Stop and disable openstack-gnocchi-metricd service
+ tags: step2
+ service: name=openstack-gnocchi-metricd.service state=stopped enabled=no
- /etc/localtime:/etc/localtime:ro
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+ upgrade_tasks:
+ - name: Stop and disable openstack-gnocchi-statsd service
+ tags: step2
+ service: name=openstack-gnocchi-statsd.service state=stopped enabled=no
default: 'fernet'
constraints:
- allowed_values: ['uuid', 'fernet']
+ EnableInternalTLS:
+ type: boolean
+ default: false
resources:
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
+conditions:
+
+ internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
+
outputs:
role_data:
description: Role data for the Keystone API role.
- /etc/hosts:/etc/hosts:ro
- /etc/localtime:/etc/localtime:ro
- logs:/var/log
+ -
+ if:
+ - internal_tls_enabled
+ - /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro
+ - ''
+ -
+ if:
+ - internal_tls_enabled
+ - /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro
+ - ''
environment:
- KOLLA_BOOTSTRAP=True
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
- [ {get_param: DockerNamespace}, {get_param: DockerZaqarImage} ]
kolla_config:
/var/lib/kolla/config_files/zaqar.json:
- command: /usr/bin/zaqar-server --config-file /etc/zaqar/zaqar.conf
+ command: /usr/sbin/httpd -DFOREGROUND
/var/lib/kolla/config_files/zaqar_websocket.json:
command: /usr/bin/zaqar-server --config-file /etc/zaqar/zaqar.conf --config-file /etc/zaqar/1.conf
docker_config:
net: host
privileged: false
restart: always
+ # NOTE(mandre) kolla image changes the user to 'zaqar', we need it
+ # to be root to run httpd
+ user: root
volumes:
- /var/lib/kolla/config_files/zaqar.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/zaqar/etc/zaqar/:/etc/zaqar/:ro
+ - /var/lib/config-data/zaqar/etc/httpd:/etc/httpd/:ro
- /etc/hosts:/etc/hosts:ro
- /etc/localtime:/etc/localtime:ro
environment:
upgrade_tasks:
- name: Stop and disable zaqar service
tags: step2
- service: name=openstack-zaqar.service state=stopped enabled=no
-
+ service: name=httpd state=stopped enabled=no
# A Heat environment file which can be used to enable a
# a Cinder NetApp backend, configured via puppet
resource_registry:
- OS::TripleO::ControllerExtraConfigPre: ../puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml
+ OS::TripleO::Services::CinderBackendNetApp: ../puppet/services/cinder-backend-netapp.yaml
parameter_defaults:
CinderEnableNetappBackend: true
--- /dev/null
+# This environment contains the services that can work with TLS-everywhere.
+resource_registry:
+ # This can be used when you don't want to run puppet on the host,
+ # e.g atomic, but it has been replaced with OS::TripleO::Services::Docker
+ # OS::TripleO::NodeUserData: ../docker/firstboot/setup_docker_host.yaml
+ OS::TripleO::Services::Docker: ../puppet/services/docker.yaml
+ # The compute node still needs extra initialization steps
+ OS::TripleO::Compute::NodeUserData: ../docker/firstboot/setup_docker_host.yaml
+
+ # NOTE: add roles to be docker enabled as we support them.
+ OS::TripleO::Services::Keystone: ../docker/services/keystone.yaml
+
+ OS::TripleO::PostDeploySteps: ../docker/post.yaml
+ OS::TripleO::PostUpgradeSteps: ../docker/post-upgrade.yaml
+
+ OS::TripleO::Services: ../docker/services/services.yaml
+
+parameter_defaults:
+ # Defaults to 'tripleoupstream'. Specify a local docker registry
+ # Example: 192.168.24.1:8787/tripleoupstream
+ DockerNamespace: tripleoupstream
+ DockerNamespaceIsRegistry: false
+
+ ComputeServices:
+ - OS::TripleO::Services::NovaCompute
+ - OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::ComputeNeutronOvsAgent
+ - OS::TripleO::Services::Docker
command_arguments=${command_arguments:-}
-list_updates=$(yum list updates)
-
-if [[ "$list_updates" == "" ]]; then
+# yum check-update exits 100 if updates are available
+set +e
+check_update=$(yum check-update 2>&1)
+check_update_exit=$?
+set -e
+
+if [[ "$check_update_exit" == "1" ]]; then
+ echo "Failed to check for package updates"
+ echo "$check_update"
+ exit 1
+elif [[ "$check_update_exit" != "100" ]]; then
echo "No packages require updating"
exit 0
fi
OS::TripleO::Services::Zaqar: OS::Heat::None
OS::TripleO::Services::NeutronML2FujitsuCfab: OS::Heat::None
OS::TripleO::Services::NeutronML2FujitsuFossw: OS::Heat::None
+ OS::TripleO::Services::CinderBackendDellPs: OS::Heat::None
+ OS::TripleO::Services::CinderBackendDellSc: OS::Heat::None
+ OS::TripleO::Services::CinderBackendNetApp: OS::Heat::None
+ OS::TripleO::Services::CinderBackendScaleIO: OS::Heat::None
OS::TripleO::Services::CinderHPELeftHandISCSI: OS::Heat::None
OS::TripleO::Services::Etcd: OS::Heat::None
OS::TripleO::Services::Ec2Api: OS::Heat::None
- all_nodes # provided by allNodesConfig
- vip_data # provided by allNodesConfig
- '"%{::osfamily}"'
- - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
- neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
- neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
- cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
+++ /dev/null
-heat_template_version: ocata
-
-description: Configure hieradata for Cinder Netapp configuration
-
-parameters:
- server:
- description: ID of the controller node to apply this config to
- type: string
-
- # Config specific parameters, to be provided via parameter_defaults
- CinderEnableNetappBackend:
- type: boolean
- default: true
- CinderNetappBackendName:
- type: string
- default: 'tripleo_netapp'
- CinderNetappLogin:
- type: string
- CinderNetappPassword:
- type: string
- hidden: true
- CinderNetappServerHostname:
- type: string
- CinderNetappServerPort:
- type: string
- default: '80'
- CinderNetappSizeMultiplier:
- type: string
- default: '1.2'
- CinderNetappStorageFamily:
- type: string
- default: 'ontap_cluster'
- CinderNetappStorageProtocol:
- type: string
- default: 'nfs'
- CinderNetappTransportType:
- type: string
- default: 'http'
- CinderNetappVfiler:
- type: string
- default: ''
- CinderNetappVolumeList:
- type: string
- default: ''
- CinderNetappVserver:
- type: string
- default: ''
- CinderNetappPartnerBackendName:
- type: string
- default: ''
- CinderNetappNfsShares:
- type: string
- default: ''
- CinderNetappNfsSharesConfig:
- type: string
- default: '/etc/cinder/shares.conf'
- CinderNetappNfsMountOptions:
- type: string
- default: ''
- CinderNetappCopyOffloadToolPath:
- type: string
- default: ''
- CinderNetappControllerIps:
- type: string
- default: ''
- CinderNetappSaPassword:
- type: string
- default: ''
- hidden: true
- CinderNetappStoragePools:
- type: string
- default: ''
- CinderNetappHostType:
- type: string
- default: ''
- CinderNetappWebservicePath:
- type: string
- default: '/devmgr/v2'
- # DEPRECATED options for compatibility with older versions
- CinderNetappEseriesHostType:
- type: string
- default: 'linux_dm_mp'
-
-parameter_groups:
-- label: deprecated
- description: Do not use deprecated params, they will be removed.
- parameters:
- - CinderNetappEseriesHostType
-
-resources:
- CinderNetappConfig:
- type: OS::Heat::StructuredConfig
- properties:
- group: hiera
- config:
- datafiles:
- cinder_netapp_data:
- mapped_data:
- tripleo::profile::base::cinder::volume::cinder_enable_netapp_backend: {get_input: EnableNetappBackend}
- cinder::backend::netapp::title: {get_input: NetappBackendName}
- cinder::backend::netapp::netapp_login: {get_input: NetappLogin}
- cinder::backend::netapp::netapp_password: {get_input: NetappPassword}
- cinder::backend::netapp::netapp_server_hostname: {get_input: NetappServerHostname}
- cinder::backend::netapp::netapp_server_port: {get_input: NetappServerPort}
- cinder::backend::netapp::netapp_size_multiplier: {get_input: NetappSizeMultiplier}
- cinder::backend::netapp::netapp_storage_family: {get_input: NetappStorageFamily}
- cinder::backend::netapp::netapp_storage_protocol: {get_input: NetappStorageProtocol}
- cinder::backend::netapp::netapp_transport_type: {get_input: NetappTransportType}
- cinder::backend::netapp::netapp_vfiler: {get_input: NetappVfiler}
- cinder::backend::netapp::netapp_volume_list: {get_input: NetappVolumeList}
- cinder::backend::netapp::netapp_vserver: {get_input: NetappVserver}
- cinder::backend::netapp::netapp_partner_backend_name: {get_input: NetappPartnerBackendName}
- cinder::backend::netapp::nfs_shares: {get_input: NetappNfsShares}
- cinder::backend::netapp::nfs_shares_config: {get_input: NetappNfsSharesConfig}
- cinder::backend::netapp::nfs_mount_options: {get_input: NetappNfsMountOptions}
- cinder::backend::netapp::netapp_copyoffload_tool_path: {get_input: NetappCopyOffloadToolPath}
- cinder::backend::netapp::netapp_controller_ips: {get_input: NetappControllerIps}
- cinder::backend::netapp::netapp_sa_password: {get_input: NetappSaPassword}
- cinder::backend::netapp::netapp_storage_pools: {get_input: NetappStoragePools}
- cinder::backend::netapp::netapp_host_type: {get_input: NetappHostType}
- cinder::backend::netapp::netapp_webservice_path: {get_input: NetappWebservicePath}
-
- CinderNetappDeployment:
- type: OS::Heat::StructuredDeployment
- properties:
- name: CinderNetappDeployment
- config: {get_resource: CinderNetappConfig}
- server: {get_param: server}
- input_values:
- EnableNetappBackend: {get_param: CinderEnableNetappBackend}
- NetappBackendName: {get_param: CinderNetappBackendName}
- NetappLogin: {get_param: CinderNetappLogin}
- NetappPassword: {get_param: CinderNetappPassword}
- NetappServerHostname: {get_param: CinderNetappServerHostname}
- NetappServerPort: {get_param: CinderNetappServerPort}
- NetappSizeMultiplier: {get_param: CinderNetappSizeMultiplier}
- NetappStorageFamily: {get_param: CinderNetappStorageFamily}
- NetappStorageProtocol: {get_param: CinderNetappStorageProtocol}
- NetappTransportType: {get_param: CinderNetappTransportType}
- NetappVfiler: {get_param: CinderNetappVfiler}
- NetappVolumeList: {get_param: CinderNetappVolumeList}
- NetappVserver: {get_param: CinderNetappVserver}
- NetappPartnerBackendName: {get_param: CinderNetappPartnerBackendName}
- NetappNfsShares: {get_param: CinderNetappNfsShares}
- NetappNfsSharesConfig: {get_param: CinderNetappNfsSharesConfig}
- NetappNfsMountOptions: {get_param: CinderNetappNfsMountOptions}
- NetappCopyOffloadToolPath: {get_param: CinderNetappCopyOffloadToolPath}
- NetappControllerIps: {get_param: CinderNetappControllerIps}
- NetappSaPassword: {get_param: CinderNetappSaPassword}
- NetappStoragePools: {get_param: CinderNetappStoragePools}
- NetappHostType: {get_param: CinderNetappHostType}
- NetappWebservicePath: {get_param: CinderNetappWebservicePath}
-
-outputs:
- deploy_stdout:
- description: Deployment reference, used to trigger puppet apply on changes
- value: {get_attr: [CinderNetappDeployment, deploy_stdout]}
- "%{hiera('apache_remote_proxy_ips_network')}"
-
generate_service_certificates: true
+ tripleo::certmonger::apache_dirs::certificate_dir: '/etc/pki/tls/certs/httpd'
+ tripleo::certmonger::apache_dirs::key_dir: '/etc/pki/tls/private/httpd'
apache_certificates_specs:
map_merge:
repeat:
template:
httpd-NETWORK:
- service_certificate: '/etc/pki/tls/certs/httpd-NETWORK.crt'
- service_key: '/etc/pki/tls/private/httpd-NETWORK.key'
+ service_certificate: '/etc/pki/tls/certs/httpd/httpd-NETWORK.crt'
+ service_key: '/etc/pki/tls/private/httpd/httpd-NETWORK.key'
hostname: "%{hiera('fqdn_NETWORK')}"
principal: "HTTP/%{hiera('fqdn_NETWORK')}"
for_each:
--- /dev/null
+heat_template_version: ocata
+
+description: Openstack Cinder Netapp backend
+
+parameters:
+ CinderEnableNetappBackend:
+ type: boolean
+ default: true
+ CinderNetappBackendName:
+ type: string
+ default: 'tripleo_netapp'
+ CinderNetappLogin:
+ type: string
+ CinderNetappPassword:
+ type: string
+ hidden: true
+ CinderNetappServerHostname:
+ type: string
+ CinderNetappServerPort:
+ type: string
+ default: '80'
+ CinderNetappSizeMultiplier:
+ type: string
+ default: '1.2'
+ CinderNetappStorageFamily:
+ type: string
+ default: 'ontap_cluster'
+ CinderNetappStorageProtocol:
+ type: string
+ default: 'nfs'
+ CinderNetappTransportType:
+ type: string
+ default: 'http'
+ CinderNetappVfiler:
+ type: string
+ default: ''
+ CinderNetappVolumeList:
+ type: string
+ default: ''
+ CinderNetappVserver:
+ type: string
+ default: ''
+ CinderNetappPartnerBackendName:
+ type: string
+ default: ''
+ CinderNetappNfsShares:
+ type: string
+ default: ''
+ CinderNetappNfsSharesConfig:
+ type: string
+ default: '/etc/cinder/shares.conf'
+ CinderNetappNfsMountOptions:
+ type: string
+ default: ''
+ CinderNetappCopyOffloadToolPath:
+ type: string
+ default: ''
+ CinderNetappControllerIps:
+ type: string
+ default: ''
+ CinderNetappSaPassword:
+ type: string
+ default: ''
+ hidden: true
+ CinderNetappStoragePools:
+ type: string
+ default: ''
+ CinderNetappHostType:
+ type: string
+ default: ''
+ CinderNetappWebservicePath:
+ type: string
+ default: '/devmgr/v2'
+ # DEPRECATED options for compatibility with older versions
+ CinderNetappEseriesHostType:
+ type: string
+ default: 'linux_dm_mp'
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
+ EndpointMap:
+ default: {}
+ type: json
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+
+parameter_groups:
+- label: deprecated
+ description: Do not use deprecated params, they will be removed.
+ parameters:
+ - CinderNetappEseriesHostType
+
+outputs:
+ role_data:
+ description: Role data for the Cinder NetApp backend.
+ value:
+ service_name: cinder_backend_netapp
+ config_settings:
+ tripleo::profile::base::cinder::volume::cinder_enable_netapp_backend: {get_param: CinderEnableNetappBackend}
+ cinder::backend::netapp::title: {get_param: CinderNetappBackendName}
+ cinder::backend::netapp::netapp_login: {get_param: CinderNetappLogin}
+ cinder::backend::netapp::netapp_password: {get_param: CinderNetappPassword}
+ cinder::backend::netapp::netapp_server_hostname: {get_param: CinderNetappServerHostname}
+ cinder::backend::netapp::netapp_server_port: {get_param: CinderNetappServerPort}
+ cinder::backend::netapp::netapp_size_multiplier: {get_param: CinderNetappSizeMultiplier}
+ cinder::backend::netapp::netapp_storage_family: {get_param: CinderNetappStorageFamily}
+ cinder::backend::netapp::netapp_storage_protocol: {get_param: CinderNetappStorageProtocol}
+ cinder::backend::netapp::netapp_transport_type: {get_param: CinderNetappTransportType}
+ cinder::backend::netapp::netapp_vfiler: {get_param: CinderNetappVfiler}
+ cinder::backend::netapp::netapp_volume_list: {get_param: CinderNetappVolumeList}
+ cinder::backend::netapp::netapp_vserver: {get_param: CinderNetappVserver}
+ cinder::backend::netapp::netapp_partner_backend_name: {get_param: CinderNetappPartnerBackendName}
+ cinder::backend::netapp::nfs_shares: {get_param: CinderNetappNfsShares}
+ cinder::backend::netapp::nfs_shares_config: {get_param: CinderNetappNfsSharesConfig}
+ cinder::backend::netapp::nfs_mount_options: {get_param: CinderNetappNfsMountOptions}
+ cinder::backend::netapp::netapp_copyoffload_tool_path: {get_param: CinderNetappCopyOffloadToolPath}
+ cinder::backend::netapp::netapp_controller_ips: {get_param: CinderNetappControllerIps}
+ cinder::backend::netapp::netapp_sa_password: {get_param: CinderNetappSaPassword}
+ cinder::backend::netapp::netapp_storage_pools: {get_param: CinderNetappStoragePools}
+ cinder::backend::netapp::netapp_host_type: {get_param: CinderNetappHostType}
+ cinder::backend::netapp::netapp_webservice_path: {get_param: CinderNetappWebservicePath}
+ step_config: |
+ include ::tripleo::profile::base::cinder::volume
default: 1048576
description: Configures sysctl kernel.pid_max key
type: number
+ KernelDisableIPv6:
+ default: 0
+ description: Configures sysctl net.ipv6.{default/all}.disable_ipv6 keys
+ type: number
outputs:
role_data:
value: 500000
net.netfilter.nf_conntrack_max:
value: 500000
+ net.ipv6.conf.default.disable_ipv6:
+ value: {get_param: KernelDisableIPv6}
+ net.ipv6.conf.all.disable_ipv6:
+ value: {get_param: KernelDisableIPv6}
# prevent neutron bridges from autoconfiguring ipv6 addresses
net.ipv6.conf.all.accept_ra:
value: 0
Cron to purge expired tokens - Ensure
default: 'present'
KeystoneCronTokenFlushMinute:
- type: string
+ type: comma_delimited_list
description: >
Cron to purge expired tokens - Minute
default: '1'
KeystoneCronTokenFlushHour:
- type: string
+ type: comma_delimited_list
description: >
Cron to purge expired tokens - Hour
default: '0'
KeystoneCronTokenFlushMonthday:
- type: string
+ type: comma_delimited_list
description: >
Cron to purge expired tokens - Month Day
default: '*'
KeystoneCronTokenFlushMonth:
- type: string
+ type: comma_delimited_list
description: >
Cron to purge expired tokens - Month
default: '*'
KeystoneCronTokenFlushWeekday:
- type: string
+ type: comma_delimited_list
description: >
Cron to purge expired tokens - Week Day
default: '*'
--- /dev/null
+---
+security:
+ - |
+ Add IPv6 disable option and make it configurable for user to disable IPv6
+ when it's not used, this will descrease the risk of ipv6 attack.
+ Both net.ipv6.conf.default.disable_ipv6 & net.ipv6.conf.all.disable_ipv6
+ will be explicitly set to the default value (0) which is enabled.
- OS::TripleO::Services::CinderBackup
- OS::TripleO::Services::CinderScheduler
- OS::TripleO::Services::CinderVolume
+ - OS::TripleO::Services::CinderBackendDellPs
+ - OS::TripleO::Services::CinderBackendDellSc
+ - OS::TripleO::Services::CinderBackendNetApp
+ - OS::TripleO::Services::CinderBackendScaleIO
- OS::TripleO::Services::Congress
- OS::TripleO::Services::Kernel
- OS::TripleO::Services::Keystone
Code Review / apex-tripleo-heat-templates.git / commitdiff