From: Michael Polenchuk Date: Wed, 24 May 2017 08:44:05 +0000 (+0400) Subject: [mcp] Bring in reclass system salt models X-Git-Tag: opnfv-5.0.RC1~192 X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=commitdiff_plain;h=refs%2Fchanges%2F61%2F35261%2F1;p=fuel.git [mcp] Bring in reclass system salt models Change-Id: I1a865b7524f3a5242544e60e6b36b1092721c58b Signed-off-by: Michael Polenchuk --- diff --git a/mcp/reclass/classes/cluster/virtual-mcp-ocata-ovs/infra/config.yml b/mcp/reclass/classes/cluster/virtual-mcp-ocata-ovs/infra/config.yml new file mode 100644 index 000000000..6f712c9e9 --- /dev/null +++ b/mcp/reclass/classes/cluster/virtual-mcp-ocata-ovs/infra/config.yml @@ -0,0 +1,76 @@ +classes: +- service.git.client +- system.linux.system.single +- system.linux.system.repo.mcp.salt +- system.salt.master.api +- system.salt.master.pkg +- system.reclass.storage.salt +- system.salt.minion.ca.salt_master +- system.salt.minion.cert.proxy +- system.keystone.client.single +- system.keystone.client.service.ceilometer +- system.keystone.client.service.nova21 +- system.keystone.client.service.nova-placement +- system.keystone.client.service.glare +- system.keystone.client.service.cinder3 +- system.mysql.client.single +- system.reclass.storage.system.openstack_control_cluster +- system.reclass.storage.system.openstack_compute_multi +- system.reclass.storage.system.openstack_gateway_single +- cluster.virtual-mcp-ocata-ovs +parameters: + _param: + reclass_data_repository: https://gerrit.opnfv.org/gerrit/fuel + reclass_data_revision: master + salt_master_environment_repository: "https://github.com/tcpcloud" + salt_master_environment_revision: master + reclass_config_master: 192.168.10.100 + single_address: 172.16.10.100 + salt_master_host: 127.0.0.1 + salt_master_base_environment: prd + salt_minion_ca_host: ${linux:network:fqdn} + salt_api_password_hash: "$6$sGnRlxGf$al5jMCetLP.vfI/fTl3Z0N7Za1aeiexL487jAtyRABVfT3NlwZxQGVhO7S1N8OwS/34VHYwZQA8lkXwKMN/GS1" + linux: + network: + interface: + ens4: + enabled: true + type: eth + proto: static + address: ${_param:single_address} + netmask: 255.255.255.0 + reclass: + storage: + node: + openstack_control_node01: + classes: + - service.galera.master.cluster + params: + mysql_cluster_role: master + linux_system_codename: xenial + openstack_control_node02: + classes: + - service.galera.slave.cluster + params: + mysql_cluster_role: slave + linux_system_codename: xenial + openstack_control_node03: + classes: + - service.galera.slave.cluster + params: + mysql_cluster_role: slave + linux_system_codename: xenial + openstack_compute_node01: + params: + single_address: 172.16.10.105 + tenant_address: 10.1.0.105 + external_address: 10.16.0.105 + openstack_compute_node02: + params: + single_address: 172.16.10.106 + tenant_address: 10.1.0.106 + external_address: 10.16.0.106 + openstack_gateway_node01: + params: + tenant_address: 10.1.0.110 + external_address: 10.16.0.110 diff --git a/mcp/reclass/classes/cluster/virtual-mcp-ocata-ovs/infra/init.yml b/mcp/reclass/classes/cluster/virtual-mcp-ocata-ovs/infra/init.yml new file mode 100644 index 000000000..9140bd0bc --- /dev/null +++ b/mcp/reclass/classes/cluster/virtual-mcp-ocata-ovs/infra/init.yml @@ -0,0 +1,14 @@ +parameters: + linux: + network: + host: + cfg01: + address: ${_param:infra_config_address} + names: + - cfg01 + - cfg01.${_param:cluster_domain} + cfg: + address: ${_param:infra_config_address} + names: + - cfg + - cfg.${_param:cluster_domain} diff --git a/mcp/reclass/classes/cluster/virtual-mcp-ocata-ovs/init.yml b/mcp/reclass/classes/cluster/virtual-mcp-ocata-ovs/init.yml new file mode 100644 index 000000000..79261b8a2 --- /dev/null +++ b/mcp/reclass/classes/cluster/virtual-mcp-ocata-ovs/init.yml @@ -0,0 +1,22 @@ +classes: +- system.linux.system.single +- cluster.virtual-mcp-ocata-ovs.infra +- cluster.virtual-mcp-ocata-ovs.openstack + +parameters: + _param: + cluster_domain: virtual-mcp-ocata-ovs.local + cluster_name: virtual-mcp-ocata-ovs + # infra service addresses + infra_config_address: 172.16.10.100 + # openstack service addresses + openstack_control_address: 172.16.10.254 + openstack_control_node01_address: 172.16.10.101 + openstack_control_node02_address: 172.16.10.102 + openstack_control_node03_address: 172.16.10.103 + openstack_database_address: ${_param:openstack_control_address} + openstack_message_queue_address: ${_param:openstack_control_address} + openstack_message_queue_node01_address: ${_param:openstack_control_node01_address} + openstack_message_queue_node02_address: ${_param:openstack_control_node02_address} + openstack_message_queue_node03_address: ${_param:openstack_control_node03_address} + openstack_gateway_address: 172.16.10.110 diff --git a/mcp/reclass/classes/cluster/virtual-mcp-ocata-ovs/openstack/compute.yml b/mcp/reclass/classes/cluster/virtual-mcp-ocata-ovs/openstack/compute.yml new file mode 100644 index 000000000..8ed7f51b3 --- /dev/null +++ b/mcp/reclass/classes/cluster/virtual-mcp-ocata-ovs/openstack/compute.yml @@ -0,0 +1,61 @@ +classes: +- system.linux.system.repo.mcp.openstack +- system.linux.system.repo.mcp.extra +- system.linux.system.repo.saltstack.xenial +- system.nova.compute.cluster +- system.neutron.compute.cluster +- system.ceilometer.agent.cluster +- cluster.virtual-mcp-ocata-ovs +parameters: + _param: + primary_interface: ens4 + tenant_interface: ens5 + external_interface: ens6 + interface_mtu: 9000 + linux_system_codename: xenial + nova: + compute: + vncproxy_url: http://${_param:cluster_vip_address}:6080 + message_queue: + members: + - host: ${_param:openstack_control_node01_address} + - host: ${_param:openstack_control_node02_address} + - host: ${_param:openstack_control_node03_address} + linux: + network: + bridge: openvswitch + interface: + dhcp_int: + enabled: true + name: ens3 + proto: dhcp + type: eth + mtu: ${_param:interface_mtu} + primary_interface: + enabled: true + name: ${_param:primary_interface} + mtu: ${_param:interface_mtu} + proto: manual + type: eth + tenant_interface: + enabled: true + name: ${_param:tenant_interface} + mtu: ${_param:interface_mtu} + proto: manual + type: eth + br-mgmt: + enabled: true + type: bridge + proto: static + address: ${_param:single_address} + netmask: 255.255.255.0 + use_interfaces: + - ${_param:primary_interface} + br-mesh: + enabled: true + type: bridge + proto: static + address: ${_param:tenant_address} + netmask: 255.255.255.0 + use_interfaces: + - ${_param:tenant_interface} diff --git a/mcp/reclass/classes/cluster/virtual-mcp-ocata-ovs/openstack/control.yml b/mcp/reclass/classes/cluster/virtual-mcp-ocata-ovs/openstack/control.yml new file mode 100644 index 000000000..15266f2ea --- /dev/null +++ b/mcp/reclass/classes/cluster/virtual-mcp-ocata-ovs/openstack/control.yml @@ -0,0 +1,81 @@ +classes: +- system.linux.system.lowmem +- system.linux.system.repo.glusterfs +- system.linux.system.repo.mcp.openstack +- system.linux.system.repo.mcp.extra +- system.linux.system.repo.saltstack.xenial +- system.ceilometer.client +- system.memcached.server.single +- system.rabbitmq.server.cluster +- system.rabbitmq.server.vhost.openstack +- system.keystone.server.wsgi +- system.keystone.server.cluster +- system.glusterfs.client.cluster +- system.glusterfs.client.volume.glance +- system.glusterfs.client.volume.keystone +- system.glusterfs.server.volume.glance +- system.glusterfs.server.volume.keystone +- system.glusterfs.server.cluster +- system.glance.control.cluster +- system.nova.control.cluster +- system.neutron.control.openvswitch.cluster +- system.cinder.control.cluster +- system.heat.server.cluster +- system.galera.server.cluster +- system.galera.server.database.aodh +- system.galera.server.database.ceilometer +- system.galera.server.database.cinder +- system.galera.server.database.glance +- system.galera.server.database.grafana +- system.galera.server.database.heat +- system.galera.server.database.keystone +- system.galera.server.database.nova +- system.haproxy.proxy.listen.openstack.nova-placement +- system.ceilometer.server.cluster +- system.aodh.server.cluster +- system.horizon.server.cluster +- cluster.virtual-mcp-ocata-ovs +parameters: + _param: + keepalived_vip_interface: ens4 + keepalived_openstack_telemetry_vip_interface: ens4 + linux_system_codename: xenial + linux: + system: + package: + python-msgpack: + version: latest + network: + interface: + ens4: + enabled: true + type: eth + proto: static + address: ${_param:single_address} + netmask: 255.255.255.0 + keepalived: + cluster: + instance: + VIP: + virtual_router_id: 150 + keystone: + server: + admin_email: ${_param:admin_email} + glance: + server: + storage: + engine: file + images: [] + workers: 1 + nova: + controller: + networking: dvr + cpu_allocation: 54 + metadata: + password: ${_param:metadata_password} + bind: + private_address: ${_param:cluster_local_address} + public_address: ${_param:cluster_vip_address} + novncproxy_port: 6080 + vncproxy_url: http://${_param:cluster_vip_address}:6080 + workers: 1 diff --git a/mcp/reclass/classes/cluster/virtual-mcp-ocata-ovs/openstack/gateway.yml b/mcp/reclass/classes/cluster/virtual-mcp-ocata-ovs/openstack/gateway.yml new file mode 100644 index 000000000..8167f96f5 --- /dev/null +++ b/mcp/reclass/classes/cluster/virtual-mcp-ocata-ovs/openstack/gateway.yml @@ -0,0 +1,78 @@ +classes: +- system.linux.system.repo.mcp.openstack +- system.linux.system.repo.mcp.extra +- system.linux.system.repo.saltstack.xenial +- system.neutron.gateway.cluster +- cluster.virtual-mcp-ocata-ovs +parameters: + _param: + primary_interface: ens4 + tenant_interface: ens5 + external_interface: ens6 + interface_mtu: 9000 + linux_system_codename: xenial + linux: + network: + bridge: openvswitch + interface: + dhcp_int: + enabled: true + name: ens3 + proto: dhcp + type: eth + mtu: ${_param:interface_mtu} + primary_interface: + enabled: true + name: ${_param:primary_interface} + mtu: ${_param:interface_mtu} + proto: manual + type: eth + tenant_interface: + enabled: true + name: ${_param:tenant_interface} + mtu: ${_param:interface_mtu} + proto: manual + type: eth + external_interface: + enabled: true + name: ${_param:external_interface} + mtu: ${_param:interface_mtu} + proto: manual + type: eth + br-floating: + enabled: true + type: ovs_bridge + mtu: ${_param:interface_mtu} + br-mgmt: + enabled: true + type: bridge + proto: static + address: ${_param:single_address} + netmask: 255.255.255.0 + mtu: ${_param:interface_mtu} + use_interfaces: + - ${_param:primary_interface} + br-mesh: + enabled: true + type: bridge + mtu: ${_param:interface_mtu} + proto: static + address: ${_param:tenant_address} + netmask: 255.255.255.0 + use_interfaces: + - ${_param:tenant_interface} + float-to-ex: + enabled: true + type: ovs_port + mtu: ${_param:interface_mtu} + bridge: br-floating + br-ex: + enabled: true + type: bridge + mtu: ${_param:interface_mtu} + address: ${_param:external_address} + netmask: 255.255.255.0 + use_interfaces: + - ${_param:external_interface} + use_ovs_ports: + - float-to-ex \ No newline at end of file diff --git a/mcp/reclass/classes/cluster/virtual-mcp-ocata-ovs/openstack/init.yml b/mcp/reclass/classes/cluster/virtual-mcp-ocata-ovs/openstack/init.yml new file mode 100644 index 000000000..4b5149f64 --- /dev/null +++ b/mcp/reclass/classes/cluster/virtual-mcp-ocata-ovs/openstack/init.yml @@ -0,0 +1,127 @@ +parameters: + _param: + openstack_version: ocata + apt_mk_version: nightly + mcp_repo_version: 1.1 + openstack_region: RegionOne + admin_email: root@localhost + cluster_public_protocol: http + cluster_public_host: 172.16.10.254 + neutron_public_protocol: http + neutron_control_dvr: False + neutron_tenant_network_types: "flat,vxlan" + neutron_l3_ha: False + neutron_global_physnet_mtu: 1500 + neutron_external_mtu: 1500 + neutron_gateway_dvr: False + neutron_gateway_agent_mode: legacy + neutron_compute_dvr: False + neutron_compute_agent_mode: legacy + neutron_compute_external_access: False + galera_server_cluster_name: openstack_cluster + galera_server_maintenance_password: opnfv_secret + galera_server_admin_password: opnfv_secret + cluster_vip_address: 172.16.10.254 + cluster_local_address: ${_param:single_address} + cluster_node01_hostname: ctl01 + cluster_node01_address: 172.16.10.101 + cluster_node02_hostname: ctl02 + cluster_node02_address: 172.16.10.102 + cluster_node03_hostname: ctl03 + cluster_node03_address: 172.16.10.103 + rabbitmq_secret_key: opnfv_secret + rabbitmq_admin_password: opnfv_secret + rabbitmq_openstack_password: opnfv_secret + rabbitmq_cold_password: opnfv_secret + glance_version: ${_param:openstack_version} + glance_service_host: ${_param:cluster_vip_address} + keystone_version: ${_param:openstack_version} + keystone_service_host: ${_param:cluster_vip_address} + heat_version: ${_param:openstack_version} + heat_service_host: ${_param:cluster_vip_address} + heat_domain_admin_password: opnfv_secret + ceilometer_version: ${_param:openstack_version} + ceilometer_service_host: 172.16.10.108 + cinder_version: ${_param:openstack_version} + cinder_service_host: ${_param:cluster_vip_address} + ceilometer_graphite_publisher_host: 172.16.10.107 + ceilometer_graphite_publisher_port: 2013 + nova_version: ${_param:openstack_version} + nova_service_host: ${_param:cluster_vip_address} + nova_vncproxy_url: http://${_param:cluster_vip_address}:8060 + neutron_version: ${_param:openstack_version} + neutron_service_host: ${_param:cluster_vip_address} + glusterfs_service_host: ${_param:cluster_vip_address} + metadata_password: password + mysql_admin_user: root + mysql_admin_password: opnfv_secret + mysql_cinder_password: opnfv_secret + mysql_ceilometer_password: opnfv_secret + mysql_glance_password: opnfv_secret + mysql_grafana_password: opnfv_secret + mysql_heat_password: opnfv_secret + mysql_keystone_password: opnfv_secret + mysql_neutron_password: opnfv_secret + mysql_nova_password: opnfv_secret + mysql_aodh_password: opnfv_secret + keystone_service_token: opnfv_secret + keystone_admin_password: opnfv_secret + keystone_ceilometer_password: opnfv_secret + keystone_cinder_password: opnfv_secret + keystone_glance_password: opnfv_secret + keystone_heat_password: opnfv_secret + keystone_keystone_password: opnfv_secret + keystone_neutron_password: opnfv_secret + keystone_nova_password: opnfv_secret + ceilometer_secret_key: opnfv_secret + metadata_password: opnfv_secret + horizon_version: ${_param:openstack_version} + horizon_secret_key: opaesee8Que2yahJoh9fo0eefo1Aeyo6ahyei8zeiboh3aeth5loth7ieNa5xi5e + horizon_identity_host: ${_param:cluster_vip_address} + horizon_identity_encryption: none + horizon_identity_version: 3 + mongodb_server_replica_set: ceilometer + mongodb_ceilometer_password: cloudlab + mongodb_admin_password: cloudlab + mongodb_shared_key: eoTh1AwahlahqueingeejooLughah4tei9feing0eeVaephooDi2li1TaeV1ooth + aodh_version: ${_param:openstack_version} + keystone_aodh_password: opnfv_secret + aodh_service_host: 172.16.10.108 + linux: + network: + host: + ctl: + address: ${_param:openstack_control_address} + names: + - ctl + - ctl.${_param:cluster_domain} + ctl01: + address: ${_param:openstack_control_node01_address} + names: + - ctl01 + - ctl01.${_param:cluster_domain} + ctl02: + address: ${_param:openstack_control_node02_address} + names: + - ctl02 + - ctl02.${_param:cluster_domain} + ctl03: + address: ${_param:openstack_control_node03_address} + names: + - ctl03 + - ctl03.${_param:cluster_domain} + gtw01: + address: ${_param:openstack_gateway_address} + names: + - gtw01 + - gtw01.${_param:cluster_domain} + cmp01: + address: 172.16.10.105 + names: + - cmp01 + - cmp01.${_param:cluster_domain} + cmp02: + address: 172.16.10.106 + names: + - cmp02 + - cmp02.${_param:cluster_domain} diff --git a/mcp/reclass/classes/system/aodh/server/cluster.yml b/mcp/reclass/classes/system/aodh/server/cluster.yml new file mode 100644 index 000000000..4743111aa --- /dev/null +++ b/mcp/reclass/classes/system/aodh/server/cluster.yml @@ -0,0 +1,40 @@ +classes: +- service.aodh.server.cluster +- system.haproxy.proxy.listen.openstack.aodh +parameters: + aodh: + server: + enabled: true + version: ${_param:aodh_version} + cluster: true + ttl: 86400 + debug: false + verbose: true + region: ${_param:openstack_region} + database: + engine: "mysql+pymysql" + host: ${_param:openstack_database_address} + port: 3306 + name: aodh + user: aodh + password: ${_param:mysql_aodh_password} + bind: + host: ${_param:cluster_local_address} + port: 8042 + identity: + engine: keystone + host: ${_param:keystone_service_host} + port: 35357 + tenant: service + user: aodh + password: ${_param:keystone_aodh_password} + message_queue: + engine: rabbitmq + port: 5672 + user: openstack + password: ${_param:rabbitmq_openstack_password} + virtual_host: '/openstack' + members: + - host: ${_param:openstack_message_queue_node01_address} + - host: ${_param:openstack_message_queue_node02_address} + - host: ${_param:openstack_message_queue_node03_address} diff --git a/mcp/reclass/classes/system/aodh/server/coordination/redis.yml b/mcp/reclass/classes/system/aodh/server/coordination/redis.yml new file mode 100644 index 000000000..e013e0fa2 --- /dev/null +++ b/mcp/reclass/classes/system/aodh/server/coordination/redis.yml @@ -0,0 +1,7 @@ +classes: +- service.redis.server.single +parameters: + aodh: + server: + coordination_backend: + url: redis://${_param:single_address}:6379/${_param:cluster_node01_address} diff --git a/mcp/reclass/classes/system/aodh/server/single.yml b/mcp/reclass/classes/system/aodh/server/single.yml new file mode 100644 index 000000000..eba3fc1f8 --- /dev/null +++ b/mcp/reclass/classes/system/aodh/server/single.yml @@ -0,0 +1,2 @@ +classes: +- service.aodh.server.single diff --git a/mcp/reclass/classes/system/apache/server/single.yml b/mcp/reclass/classes/system/apache/server/single.yml new file mode 100644 index 000000000..06c8c4c67 --- /dev/null +++ b/mcp/reclass/classes/system/apache/server/single.yml @@ -0,0 +1,2 @@ +classes: +- service.apache.server.single diff --git a/mcp/reclass/classes/system/ceilometer/agent/cluster.yml b/mcp/reclass/classes/system/ceilometer/agent/cluster.yml new file mode 100644 index 000000000..135dbe8a9 --- /dev/null +++ b/mcp/reclass/classes/system/ceilometer/agent/cluster.yml @@ -0,0 +1,31 @@ +classes: +- service.ceilometer.agent.cluster +parameters: + ceilometer: + agent: + region: ${_param:openstack_region} + enabled: true + version: ${_param:ceilometer_version} + secret: ${_param:ceilometer_secret_key} + identity: + engine: keystone + host: ${_param:keystone_service_host} + port: 35357 + tenant: service + user: ceilometer + password: ${_param:keystone_ceilometer_password} + message_queue: + engine: rabbitmq + members: + - host: ${_param:openstack_message_queue_node01_address} + - host: ${_param:openstack_message_queue_node02_address} + - host: ${_param:openstack_message_queue_node03_address} + user: openstack + password: ${_param:rabbitmq_openstack_password} + virtual_host: '/openstack' + ha_queues: true + rpc_thread_pool_size: 5 + nova: + compute: + notification: + driver: messagingv2 diff --git a/mcp/reclass/classes/system/ceilometer/agent/single.yml b/mcp/reclass/classes/system/ceilometer/agent/single.yml new file mode 100644 index 000000000..ebb1d6043 --- /dev/null +++ b/mcp/reclass/classes/system/ceilometer/agent/single.yml @@ -0,0 +1,2 @@ +classes: +- service.ceilometer.agent.single diff --git a/mcp/reclass/classes/system/ceilometer/client/cinder_control.yml b/mcp/reclass/classes/system/ceilometer/client/cinder_control.yml new file mode 100644 index 000000000..2e90aff6b --- /dev/null +++ b/mcp/reclass/classes/system/ceilometer/client/cinder_control.yml @@ -0,0 +1,4 @@ +parameters: + cinder: + controller: + notification: true \ No newline at end of file diff --git a/mcp/reclass/classes/system/ceilometer/client/cinder_volume.yml b/mcp/reclass/classes/system/ceilometer/client/cinder_volume.yml new file mode 100644 index 000000000..4d57c97e4 --- /dev/null +++ b/mcp/reclass/classes/system/ceilometer/client/cinder_volume.yml @@ -0,0 +1,4 @@ +parameters: + cinder: + volume: + notification: true \ No newline at end of file diff --git a/mcp/reclass/classes/system/ceilometer/client/glance.yml b/mcp/reclass/classes/system/ceilometer/client/glance.yml new file mode 100644 index 000000000..48b1ba152 --- /dev/null +++ b/mcp/reclass/classes/system/ceilometer/client/glance.yml @@ -0,0 +1,4 @@ +parameters: + glance: + server: + notification: true \ No newline at end of file diff --git a/mcp/reclass/classes/system/ceilometer/client/heat.yml b/mcp/reclass/classes/system/ceilometer/client/heat.yml new file mode 100644 index 000000000..0cb467758 --- /dev/null +++ b/mcp/reclass/classes/system/ceilometer/client/heat.yml @@ -0,0 +1,4 @@ +parameters: + heat: + server: + notification: true \ No newline at end of file diff --git a/mcp/reclass/classes/system/ceilometer/client/init.yml b/mcp/reclass/classes/system/ceilometer/client/init.yml new file mode 100644 index 000000000..5a0aaa070 --- /dev/null +++ b/mcp/reclass/classes/system/ceilometer/client/init.yml @@ -0,0 +1,6 @@ +classes: +- system.ceilometer.client.cinder_control +- system.ceilometer.client.keystone +- system.ceilometer.client.glance +- system.ceilometer.client.heat +- system.ceilometer.client.nova_control \ No newline at end of file diff --git a/mcp/reclass/classes/system/ceilometer/client/keystone.yml b/mcp/reclass/classes/system/ceilometer/client/keystone.yml new file mode 100644 index 000000000..c09b3802d --- /dev/null +++ b/mcp/reclass/classes/system/ceilometer/client/keystone.yml @@ -0,0 +1,4 @@ +parameters: + keystone: + server: + notification: true \ No newline at end of file diff --git a/mcp/reclass/classes/system/ceilometer/client/neutron.yml b/mcp/reclass/classes/system/ceilometer/client/neutron.yml new file mode 100644 index 000000000..4f0538571 --- /dev/null +++ b/mcp/reclass/classes/system/ceilometer/client/neutron.yml @@ -0,0 +1,4 @@ +parameters: + neutron: + server: + notification: true \ No newline at end of file diff --git a/mcp/reclass/classes/system/ceilometer/client/nova_compute.yml b/mcp/reclass/classes/system/ceilometer/client/nova_compute.yml new file mode 100644 index 000000000..57e900a7f --- /dev/null +++ b/mcp/reclass/classes/system/ceilometer/client/nova_compute.yml @@ -0,0 +1,7 @@ +parameters: + nova: + compute: + notification: + driver: messagingv2 + notify_on: + state_change: vm_and_task_state \ No newline at end of file diff --git a/mcp/reclass/classes/system/ceilometer/client/nova_control.yml b/mcp/reclass/classes/system/ceilometer/client/nova_control.yml new file mode 100644 index 000000000..252c67e26 --- /dev/null +++ b/mcp/reclass/classes/system/ceilometer/client/nova_control.yml @@ -0,0 +1,5 @@ +parameters: + nova: + controller: + notification: + driver: messagingv2 diff --git a/mcp/reclass/classes/system/ceilometer/server/backend/influxdb.yml b/mcp/reclass/classes/system/ceilometer/server/backend/influxdb.yml new file mode 100644 index 000000000..8faeceb8d --- /dev/null +++ b/mcp/reclass/classes/system/ceilometer/server/backend/influxdb.yml @@ -0,0 +1,14 @@ +parameters: + ceilometer: + server: + database: + influxdb: + host: ${_param:stacklight_telemetry_node01_address} + port: 8086 + user: ceilometer + password: ${_param:ceilometer_influxdb_password} + database: ceilometer + elasticsearch: + enabled: true + host: ${_param:stacklight_log_address} + port: 9200 \ No newline at end of file diff --git a/mcp/reclass/classes/system/ceilometer/server/backend/mongodb.yml b/mcp/reclass/classes/system/ceilometer/server/backend/mongodb.yml new file mode 100644 index 000000000..eab849457 --- /dev/null +++ b/mcp/reclass/classes/system/ceilometer/server/backend/mongodb.yml @@ -0,0 +1,15 @@ +parameters: + ceilometer: + server: + database: + engine: mongodb + members: + - host: ${_param:cluster_node01_address} + port: 27017 + - host: ${_param:cluster_node02_address} + port: 27017 + - host: ${_param:cluster_node03_address} + port: 27017 + name: ceilometer + user: ceilometer + password: ${_param:mongodb_ceilometer_password} \ No newline at end of file diff --git a/mcp/reclass/classes/system/ceilometer/server/cluster.yml b/mcp/reclass/classes/system/ceilometer/server/cluster.yml new file mode 100644 index 000000000..cfe54f95b --- /dev/null +++ b/mcp/reclass/classes/system/ceilometer/server/cluster.yml @@ -0,0 +1,37 @@ +classes: +- service.ceilometer.server.cluster +- system.haproxy.proxy.listen.openstack.ceilometer +- system.keepalived.cluster.instance.openstack_telemetry_vip +- service.haproxy.proxy.single +parameters: + ceilometer: + server: + enabled: true + version: ${_param:ceilometer_version} + region: ${_param:openstack_region} + cluster: true + secret: ${_param:ceilometer_secret_key} + ttl: 86400 + publisher: + default: + bind: + host: ${_param:cluster_local_address} + port: 8777 + identity: + engine: keystone + host: ${_param:openstack_control_address} + port: 35357 + tenant: service + user: ceilometer + password: ${_param:keystone_ceilometer_password} + message_queue: + engine: rabbitmq + members: + - host: ${_param:openstack_message_queue_node01_address} + - host: ${_param:openstack_message_queue_node02_address} + - host: ${_param:openstack_message_queue_node03_address} + user: openstack + password: ${_param:rabbitmq_openstack_password} + virtual_host: '/openstack' + # Workaround for https://bugs.launchpad.net/ceilometer/+bug/1337715 + rpc_thread_pool_size: 5 diff --git a/mcp/reclass/classes/system/ceilometer/server/coordination/redis.yml b/mcp/reclass/classes/system/ceilometer/server/coordination/redis.yml new file mode 100644 index 000000000..e013e0fa2 --- /dev/null +++ b/mcp/reclass/classes/system/ceilometer/server/coordination/redis.yml @@ -0,0 +1,7 @@ +classes: +- service.redis.server.single +parameters: + aodh: + server: + coordination_backend: + url: redis://${_param:single_address}:6379/${_param:cluster_node01_address} diff --git a/mcp/reclass/classes/system/ceilometer/server/single.yml b/mcp/reclass/classes/system/ceilometer/server/single.yml new file mode 100644 index 000000000..9758af2aa --- /dev/null +++ b/mcp/reclass/classes/system/ceilometer/server/single.yml @@ -0,0 +1,16 @@ +classes: +- service.ceilometer.server.single +parameters: + ceilometer: + server: + database: + influxdb: + host: ${_param:stacklight_monitor_node01_address} + port: 8086 + user: ceilometer + password: ${_param:ceilometer_influxdb_password} + database: ceilometer + elasticsearch: + enabled: true + host: ${_param:stacklight_monitor_address} + port: 9200 diff --git a/mcp/reclass/classes/system/ceph/client/single.yml b/mcp/reclass/classes/system/ceph/client/single.yml new file mode 100644 index 000000000..6ff7cd8f9 --- /dev/null +++ b/mcp/reclass/classes/system/ceph/client/single.yml @@ -0,0 +1,37 @@ +classes: +- service.ceph.client.single +parameters: + _param: + ceph_auth_client_required: cephx + ceph: + client: + config: + global: + fsid: ${_param:ceph_fsid} + mon_initial_members: ${_param:ceph_mon_initial_members} + mon_host: ${_param:ceph_mon_host} + auth_client_required: ${_param:ceph_auth_client_required} + public_network: ${_param:ceph_public_network} + cluster_network: ${_param:ceph_cluster_network} + osd_fs_mount_options_xfs: rw,noatime + osd_fs_type: xfs + osd: + filestore_xattr_use_omap: True + osd_journal_size: 7500 + mon: + mon_debug_dump_transactions: False + client: + rbd_cache_size: 268435456 + rbd_cache_max_dirty: 134217728 + rbd_cache_max_dirty_age: 5 + rbd_cache: True + # TODO: Configure these keys on cluster level + # keyring: + # images: + # key: + # object: + # key: + # cinder: + # key: + # nova: + # key: diff --git a/mcp/reclass/classes/system/ceph/radosgw/single.yml b/mcp/reclass/classes/system/ceph/radosgw/single.yml new file mode 100644 index 000000000..31bdc7db9 --- /dev/null +++ b/mcp/reclass/classes/system/ceph/radosgw/single.yml @@ -0,0 +1,20 @@ +parameters: + _param: + radosgw_keyring_path: /etc/ceph/ceph.client.radosgw.keyring + ceph: + radosgw: + enabled: true + client: + config: + client.radosgw.gateway: + rgw_keystone_accepted_roles: "_member_, Member, admin, swiftoperator" + keyring: /etc/ceph/ceph.client.radosgw.keyring + rgw_socket_path: /tmp/radosgw.sock + rgw_keystone_revocation_interval: 60 + rgw_keystone_url: ${_param:keystone_service_host}:5000 + rgw_keystone_admin_token: ${_param:keystone_service_token} + host: ${linux:system:name} + rgw_dns_name : ${_param:cluster_domain} + rgw_print_continue: True + rgw_content_length_compat: true + user: www-data diff --git a/mcp/reclass/classes/system/cinder/control/backend/ceph.yml b/mcp/reclass/classes/system/cinder/control/backend/ceph.yml new file mode 100644 index 000000000..1026f6840 --- /dev/null +++ b/mcp/reclass/classes/system/cinder/control/backend/ceph.yml @@ -0,0 +1,13 @@ +parameters: + cinder: + controller: + default_volume_type: standard-iops + backend: + ceph: + type_name: standard-iops + backend: ceph + pool: ${_param:cinder_storage_pool} + engine: ceph + user: ${_param:cinder_storage_user} + secret_uuid: ${_param:cinder_storage_secret_uuid} + client_cinder_key: ${_param:cinder_storage_client_key} diff --git a/mcp/reclass/classes/system/cinder/control/backend/lvm.yml b/mcp/reclass/classes/system/cinder/control/backend/lvm.yml new file mode 100644 index 000000000..976a80eaa --- /dev/null +++ b/mcp/reclass/classes/system/cinder/control/backend/lvm.yml @@ -0,0 +1,9 @@ +parameters: + cinder: + controller: + default_volume_type: lvm-driver + backend: + lvm-driver: + engine: lvm + type_name: lvm-driver + volume_group: cinder-volume diff --git a/mcp/reclass/classes/system/cinder/control/backend/nfs.yml b/mcp/reclass/classes/system/cinder/control/backend/nfs.yml new file mode 100644 index 000000000..1e5d5eb77 --- /dev/null +++ b/mcp/reclass/classes/system/cinder/control/backend/nfs.yml @@ -0,0 +1,15 @@ +parameters: + _param: + cinder_nfs_local_path: /var/lib/cinder/nfs + cinder: + controller: + default_volume_type: nfs-driver + backend: + nfs-driver: + engine: nfs + type_name: nfs-driver + volume_group: cinder-volume + path: ${_param:cinder_nfs_local_path} + devices: + - ${_param:cinder_nfs_host}:${_param:cinder_nfs_remote_path} + options: ${_param:cinder_nfs_mount_options} \ No newline at end of file diff --git a/mcp/reclass/classes/system/cinder/control/cluster.yml b/mcp/reclass/classes/system/cinder/control/cluster.yml new file mode 100644 index 000000000..868b71e6f --- /dev/null +++ b/mcp/reclass/classes/system/cinder/control/cluster.yml @@ -0,0 +1,58 @@ +classes: +- service.cinder.control.cluster_control +- service.haproxy.proxy.single +- service.keepalived.cluster.single +- system.haproxy.proxy.listen.openstack.cinder +parameters: + cinder: + volume: + enabled: false + default_volume_type: "" + backend: {} + logging: + heka: + enabled: true + controller: + enabled: true + default_volume_type: "" + backend: {} + version: ${_param:cinder_version} + osapi: + host: ${_param:cluster_local_address} + database: + engine: mysql + host: ${_param:openstack_database_address} + port: 3306 + name: cinder + user: cinder + password: ${_param:mysql_cinder_password} + identity: + engine: keystone + region: ${_param:openstack_region} + host: ${_param:cluster_vip_address} + port: 35357 + tenant: service + user: cinder + password: ${_param:keystone_cinder_password} + glance: + host: ${_param:cluster_vip_address} + port: 9292 + message_queue: + engine: rabbitmq + members: + - host: ${_param:openstack_message_queue_node01_address} + - host: ${_param:openstack_message_queue_node02_address} + - host: ${_param:openstack_message_queue_node03_address} + user: openstack + password: ${_param:rabbitmq_openstack_password} + virtual_host: '/openstack' + cache: + engine: memcached + members: + - host: ${_param:cluster_node01_address} + port: 11211 + - host: ${_param:cluster_node02_address} + port: 11211 + - host: ${_param:cluster_node03_address} + port: 11211 + diff --git a/mcp/reclass/classes/system/cinder/control/notification/cadf.yml b/mcp/reclass/classes/system/cinder/control/notification/cadf.yml new file mode 100644 index 000000000..813dade82 --- /dev/null +++ b/mcp/reclass/classes/system/cinder/control/notification/cadf.yml @@ -0,0 +1,5 @@ +parameters: + cinder: + controller: + audit: + enabled: true diff --git a/mcp/reclass/classes/system/cinder/control/notification/messagingv2.yml b/mcp/reclass/classes/system/cinder/control/notification/messagingv2.yml new file mode 100644 index 000000000..8fb11724b --- /dev/null +++ b/mcp/reclass/classes/system/cinder/control/notification/messagingv2.yml @@ -0,0 +1,6 @@ +parameters: + cinder: + controller: + notification: + driver: messagingv2 + topics: "${_param:openstack_notification_topics}" diff --git a/mcp/reclass/classes/system/cinder/control/single.yml b/mcp/reclass/classes/system/cinder/control/single.yml new file mode 100644 index 000000000..58156cbb1 --- /dev/null +++ b/mcp/reclass/classes/system/cinder/control/single.yml @@ -0,0 +1,12 @@ +classes: +- service.cinder.control.single +parameters: + cinder: + volume: + enabled: false + controller: + backend: {} + default_volume_type: '' + database: + host: ${_param:single_address} + diff --git a/mcp/reclass/classes/system/cinder/volume/backend/ceph.yml b/mcp/reclass/classes/system/cinder/volume/backend/ceph.yml new file mode 100644 index 000000000..6560add2f --- /dev/null +++ b/mcp/reclass/classes/system/cinder/volume/backend/ceph.yml @@ -0,0 +1,17 @@ +parameters: + cinder: + volume: + message_queue: + ha_queues: true + enabled: true + notification: true + default_volume_type: standard-iops + backend: + ceph: + type_name: standard-iops + backend: ceph + pool: ${_param:cinder_storage_pool} + engine: ceph + user: ${_param:cinder_storage_user} + secret_uuid: ${_param:cinder_storage_secret_uuid} + client_cinder_key: ${_param:cinder_storage_client_key} diff --git a/mcp/reclass/classes/system/cinder/volume/backend/hitashi_vsp.yml b/mcp/reclass/classes/system/cinder/volume/backend/hitashi_vsp.yml new file mode 100644 index 000000000..e7aa30df6 --- /dev/null +++ b/mcp/reclass/classes/system/cinder/volume/backend/hitashi_vsp.yml @@ -0,0 +1,18 @@ +parameters: + cinder: + volume: + default_volume_type: hitachi_vsp + enabled: True + backend: + hitachi_vsp: + backend: hitachi_vsp + type_name: hitachi_vsp + engine: hitachi_vsp + version: 1.3 + user: ${_param:cinder_storage_user} + password: ${_param:cinder_storage_password} + storage_id: ${_param:cinder_storage_id} + thin_pool_id: ${_param:cinder_thin_pool_id} + pool_id: ${_param:cinder_pool_id} + target_ports: ${_param:cinder_target_ports} + compute_target_ports: ${_param:cinder_target_compute_ports} diff --git a/mcp/reclass/classes/system/cinder/volume/backend/lvm.yml b/mcp/reclass/classes/system/cinder/volume/backend/lvm.yml new file mode 100644 index 000000000..768fb6b8b --- /dev/null +++ b/mcp/reclass/classes/system/cinder/volume/backend/lvm.yml @@ -0,0 +1,18 @@ +parameters: + _param: + cinder_lvm_devices: [ "/dev/loop0" ] + linux: + storage: + lvm: + cinder-vg: + enabled: true + name: cinder-volume + devices: ${_param:cinder_lvm_devices} + cinder: + volume: + default_volume_type: lvm-driver + backend: + lvm-driver: + engine: lvm + type_name: lvm-driver + volume_group: cinder-volume diff --git a/mcp/reclass/classes/system/cinder/volume/backend/nfs.yml b/mcp/reclass/classes/system/cinder/volume/backend/nfs.yml new file mode 100644 index 000000000..e78f4fb50 --- /dev/null +++ b/mcp/reclass/classes/system/cinder/volume/backend/nfs.yml @@ -0,0 +1,9 @@ +parameters: + cinder: + volume: + default_volume_type: nfs-driver + backend: + nfs-driver: + engine: nfs + type_name: nfs-driver + volume_group: cinder-volume \ No newline at end of file diff --git a/mcp/reclass/classes/system/cinder/volume/local.yml b/mcp/reclass/classes/system/cinder/volume/local.yml new file mode 100644 index 000000000..794a33e3a --- /dev/null +++ b/mcp/reclass/classes/system/cinder/volume/local.yml @@ -0,0 +1,14 @@ +classes: +- service.cinder.volume.local +parameters: + cinder: + volume: + enabled: True + database: + host: ${_param:single_address} + glance: + host: ${_param:single_address} + message_queue: + host: ${_param:single_address} + identity: + host: ${_param:single_address} diff --git a/mcp/reclass/classes/system/cinder/volume/notification/messagingv2.yml b/mcp/reclass/classes/system/cinder/volume/notification/messagingv2.yml new file mode 100644 index 000000000..4ccbdd88b --- /dev/null +++ b/mcp/reclass/classes/system/cinder/volume/notification/messagingv2.yml @@ -0,0 +1,6 @@ +parameters: + cinder: + volume: + notification: + driver: messagingv2 + topics: "${_param:openstack_notification_topics}" diff --git a/mcp/reclass/classes/system/cinder/volume/single.yml b/mcp/reclass/classes/system/cinder/volume/single.yml new file mode 100644 index 000000000..9c8f7c2b9 --- /dev/null +++ b/mcp/reclass/classes/system/cinder/volume/single.yml @@ -0,0 +1,17 @@ +classes: +- service.cinder.volume.single +parameters: + cinder: + volume: + enabled: True + database: + host: ${_param:openstack_database_address} + glance: + host: ${_param:openstack_control_address} + message_queue: + members: + - host: ${_param:openstack_message_queue_node01_address} + - host: ${_param:openstack_message_queue_node02_address} + - host: ${_param:openstack_message_queue_node03_address} + identity: + host: ${_param:openstack_control_address} diff --git a/mcp/reclass/classes/system/collectd/client/local.yml b/mcp/reclass/classes/system/collectd/client/local.yml new file mode 100644 index 000000000..b1c88431b --- /dev/null +++ b/mcp/reclass/classes/system/collectd/client/local.yml @@ -0,0 +1,2 @@ +classes: +- service.collectd.client diff --git a/mcp/reclass/classes/system/collectd/client/output/carbon.yml b/mcp/reclass/classes/system/collectd/client/output/carbon.yml new file mode 100644 index 000000000..47e8c73dc --- /dev/null +++ b/mcp/reclass/classes/system/collectd/client/output/carbon.yml @@ -0,0 +1,14 @@ +classes: +- service.collectd.client +parameters: + _param: + collectd_backend_carbon_host: localhost + collectd_backend_carbon_port: 2003 + collectd: + client: + enabled: true + backend: + carbon: + engine: carbon + host: ${_param:collectd_backend_carbon_host} + port: ${_param:collectd_backend_carbon_port} \ No newline at end of file diff --git a/mcp/reclass/classes/system/collectd/client/output/heka.yml b/mcp/reclass/classes/system/collectd/client/output/heka.yml new file mode 100644 index 000000000..9550961ca --- /dev/null +++ b/mcp/reclass/classes/system/collectd/client/output/heka.yml @@ -0,0 +1,17 @@ +classes: +- service.collectd.client +parameters: + _param: + collectd_metric_collector_host: 127.0.0.1 + collectd_metric_collector_port: 8325 + collectd: + client: + enabled: true + backend: + metric_collector: + engine: http + host: ${_param:collectd_metric_collector_host} + port: ${_param:collectd_metric_collector_port} + read_interval: 10 + use_fqdn: false + syslog_logging: false diff --git a/mcp/reclass/classes/system/collectd/remote_client/cluster.yml b/mcp/reclass/classes/system/collectd/remote_client/cluster.yml new file mode 100644 index 000000000..1edced034 --- /dev/null +++ b/mcp/reclass/classes/system/collectd/remote_client/cluster.yml @@ -0,0 +1,18 @@ +classes: +- system.collectd.remote_client.output.heka +- service.collectd.remote_client.cluster +parameters: + collectd: + remote_client: + automatic_starting: false + keepalived: + cluster: + instance: + stacklight_monitor_vip: + notify_action: + master: + - service remote_collectd start + backup: + - service remote_collectd stop + fault: + - service remote_collectd stop diff --git a/mcp/reclass/classes/system/collectd/remote_client/output/heka.yml b/mcp/reclass/classes/system/collectd/remote_client/output/heka.yml new file mode 100644 index 000000000..a5a509d04 --- /dev/null +++ b/mcp/reclass/classes/system/collectd/remote_client/output/heka.yml @@ -0,0 +1,15 @@ +parameters: + _param: + collectd_remote_collector_port: 8326 + collectd: + remote_client: + enabled: true + backend: + remote_collector: + engine: http + host: ${_param:collectd_remote_collector_host} + port: ${_param:collectd_remote_collector_port} + timeout: 5 + read_interval: 10 + use_fqdn: false + syslog_logging: false diff --git a/mcp/reclass/classes/system/collectd/remote_client/single.yml b/mcp/reclass/classes/system/collectd/remote_client/single.yml new file mode 100644 index 000000000..f49e40db7 --- /dev/null +++ b/mcp/reclass/classes/system/collectd/remote_client/single.yml @@ -0,0 +1,7 @@ +classes: +- system.collectd.remote_client.output.heka +- service.collectd.remote_client.single +parameters: + collectd: + remote_client: + automatic_starting: true diff --git a/mcp/reclass/classes/system/designate/server/backend/bind.yml b/mcp/reclass/classes/system/designate/server/backend/bind.yml new file mode 100644 index 000000000..2b4042486 --- /dev/null +++ b/mcp/reclass/classes/system/designate/server/backend/bind.yml @@ -0,0 +1,36 @@ +parameters: + designate: + server: + backend: + bind9: + rndc_key: "${_param:designate_bind9_rndc_key}" + bind: + server: + key: + designate: + secret: "${_param:designate_bind9_rndc_key}" + algorithm: hmac-sha512 + allow_new_zones: true + query: true + control: + local: + enabled: true + bind: + address: 127.0.0.1 + port: 953 + allow: + - 127.0.0.1 + - ${_param:single_address} + keys: + - designate + client: + enabled: true + option: + default: + server: 127.0.0.1 + port: 953 + key: designate + key: + designate: + secret: "${_param:designate_bind9_rndc_key}" + algorithm: hmac-sha512 diff --git a/mcp/reclass/classes/system/designate/server/cluster.yml b/mcp/reclass/classes/system/designate/server/cluster.yml new file mode 100644 index 000000000..573ac66fa --- /dev/null +++ b/mcp/reclass/classes/system/designate/server/cluster.yml @@ -0,0 +1,59 @@ +classes: +- service.designate.server.cluster +- service.keepalived.cluster.single +- system.haproxy.proxy.listen.openstack.designate +- service.haproxy.proxy.single +parameters: + designate: + _support: + sensu: + enabled: false + server: + enabled: true + local_bind: true + region: ${_param:openstack_region} + domain_id: ${_param:designate_domain_id} + version: ${_param:designate_version} + database: + engine: mysql + host: ${_param:openstack_database_address} + port: 3306 + name: + main_database: designate + pool_manager: designate_pool_manager + user: designate + password: ${_param:mysql_designate_password} + identity: + engine: keystone + host: ${_param:openstack_control_address} + port: 35357 + tenant: service + user: designate + password: ${_param:keystone_designate_password} + bind: + api: + address: ${_param:single_address} + message_queue: + engine: rabbitmq + port: 5672 + members: + - host: ${_param:openstack_message_queue_node01_address} + - host: ${_param:openstack_message_queue_node02_address} + - host: ${_param:openstack_message_queue_node03_address} + user: openstack + password: ${_param:rabbitmq_openstack_password} + virtual_host: '/openstack' + pool: + pool_id: ${_param:designate_pool_id} + nameservers: + - uuid: ${_param:designate_node1_uuid} + host: ${_param:cluster_node01_address} + port: 53 + - uuid: ${_param:designate_node2_uuid} + host: ${_param:cluster_node02_address} + port: 53 + targets: + uuid: ${_param:designate_target_uuid} + options: 'port: 53, host: 127.0.0.1' + masters: 127.0.0.1:5354 + type: ${_param:designate_target_type} diff --git a/mcp/reclass/classes/system/designate/server/single.yml b/mcp/reclass/classes/system/designate/server/single.yml new file mode 100644 index 000000000..bef6e4df5 --- /dev/null +++ b/mcp/reclass/classes/system/designate/server/single.yml @@ -0,0 +1,37 @@ +classes: +- service.designate.server.single +- service.haproxy.proxy.single +parameters: + designate: + server: + enabled: true + local_bind: true + region: ${_param:openstack_region} + domain_id: ${_param:designate_domain_id} + version: ${_param:designate_version} + bind: + api: + address: ${_param:single_address} + database: + engine: mysql + host: ${_param:openstack_database_address} + port: 3306 + name: + main_database: designate + pool_manager: designate_pool_manager + user: designate + password: ${_param:mysql_designate_password} + identity: + engine: keystone + host: ${_param:openstack_control_address} + port: 35357 + tenant: service + user: designate + password: ${_param:keystone_designate_password} + message_queue: + engine: rabbitmq + host: ${_param:cluster_vip_address} + port: 5672 + user: openstack + password: ${_param:rabbitmq_openstack_password} + virtual_host: '/openstack' diff --git a/mcp/reclass/classes/system/galera/server/cluster.yml b/mcp/reclass/classes/system/galera/server/cluster.yml new file mode 100644 index 000000000..f1c3a480e --- /dev/null +++ b/mcp/reclass/classes/system/galera/server/cluster.yml @@ -0,0 +1,4 @@ +classes: +- service.keepalived.cluster.single +- service.haproxy.proxy.single +- system.haproxy.proxy.listen.openstack.galera \ No newline at end of file diff --git a/mcp/reclass/classes/system/galera/server/database/aodh.yml b/mcp/reclass/classes/system/galera/server/database/aodh.yml new file mode 100644 index 000000000..f5095d2d1 --- /dev/null +++ b/mcp/reclass/classes/system/galera/server/database/aodh.yml @@ -0,0 +1,15 @@ +parameters: + mysql: + server: + database: + aodh: + encoding: utf8 + users: + - name: aodh + password: ${_param:mysql_aodh_password} + host: '%' + rights: all + - name: aodh + password: ${_param:mysql_aodh_password} + host: ${_param:cluster_vip_address} + rights: all diff --git a/mcp/reclass/classes/system/galera/server/database/ceilometer.yml b/mcp/reclass/classes/system/galera/server/database/ceilometer.yml new file mode 100644 index 000000000..b33c8f985 --- /dev/null +++ b/mcp/reclass/classes/system/galera/server/database/ceilometer.yml @@ -0,0 +1,15 @@ +parameters: + mysql: + server: + database: + ceilometer: + encoding: utf8 + users: + - name: ceilometer + password: ${_param:mysql_ceilometer_password} + host: '%' + rights: all + - name: ceilometer + password: ${_param:mysql_ceilometer_password} + host: ${_param:cluster_local_address} + rights: all diff --git a/mcp/reclass/classes/system/galera/server/database/cinder.yml b/mcp/reclass/classes/system/galera/server/database/cinder.yml new file mode 100644 index 000000000..08b6ddb3d --- /dev/null +++ b/mcp/reclass/classes/system/galera/server/database/cinder.yml @@ -0,0 +1,15 @@ +parameters: + mysql: + server: + database: + cinder: + encoding: utf8 + users: + - name: cinder + password: ${_param:mysql_cinder_password} + host: '%' + rights: all + - name: cinder + password: ${_param:mysql_cinder_password} + host: ${_param:cluster_local_address} + rights: all diff --git a/mcp/reclass/classes/system/galera/server/database/glance.yml b/mcp/reclass/classes/system/galera/server/database/glance.yml new file mode 100644 index 000000000..7e5e443bf --- /dev/null +++ b/mcp/reclass/classes/system/galera/server/database/glance.yml @@ -0,0 +1,15 @@ +parameters: + mysql: + server: + database: + glance: + encoding: utf8 + users: + - name: glance + password: ${_param:mysql_glance_password} + host: '%' + rights: all + - name: glance + password: ${_param:mysql_glance_password} + host: ${_param:cluster_local_address} + rights: all diff --git a/mcp/reclass/classes/system/galera/server/database/grafana.yml b/mcp/reclass/classes/system/galera/server/database/grafana.yml new file mode 100644 index 000000000..fa4742e96 --- /dev/null +++ b/mcp/reclass/classes/system/galera/server/database/grafana.yml @@ -0,0 +1,16 @@ +parameters: + mysql: + server: + database: + grafana: + encoding: utf8 + users: + - name: grafana + password: ${_param:mysql_grafana_password} + host: '%' + rights: all + - name: grafana + password: ${_param:mysql_grafana_password} + host: ${_param:cluster_local_address} + rights: all + diff --git a/mcp/reclass/classes/system/galera/server/database/graphite.yml b/mcp/reclass/classes/system/galera/server/database/graphite.yml new file mode 100644 index 000000000..8ba6efdd8 --- /dev/null +++ b/mcp/reclass/classes/system/galera/server/database/graphite.yml @@ -0,0 +1,11 @@ +parameters: + mysql: + server: + database: + graphite: + encoding: 'utf8' + users: + - name: 'graphite' + password: '${_param:mysql_graphite_password}' + host: '%' + rights: 'all' diff --git a/mcp/reclass/classes/system/galera/server/database/heat.yml b/mcp/reclass/classes/system/galera/server/database/heat.yml new file mode 100644 index 000000000..0d716d861 --- /dev/null +++ b/mcp/reclass/classes/system/galera/server/database/heat.yml @@ -0,0 +1,15 @@ +parameters: + mysql: + server: + database: + heat: + encoding: utf8 + users: + - name: heat + password: ${_param:mysql_heat_password} + host: '%' + rights: all + - name: heat + password: ${_param:mysql_heat_password} + host: ${_param:cluster_local_address} + rights: all diff --git a/mcp/reclass/classes/system/galera/server/database/keystone.yml b/mcp/reclass/classes/system/galera/server/database/keystone.yml new file mode 100644 index 000000000..fc2c5eb85 --- /dev/null +++ b/mcp/reclass/classes/system/galera/server/database/keystone.yml @@ -0,0 +1,15 @@ +parameters: + mysql: + server: + database: + keystone: + encoding: utf8 + users: + - name: keystone + password: ${_param:mysql_keystone_password} + host: '%' + rights: all + - name: keystone + password: ${_param:mysql_keystone_password} + host: ${_param:cluster_local_address} + rights: all diff --git a/mcp/reclass/classes/system/galera/server/database/neutron.yml b/mcp/reclass/classes/system/galera/server/database/neutron.yml new file mode 100644 index 000000000..58dd01264 --- /dev/null +++ b/mcp/reclass/classes/system/galera/server/database/neutron.yml @@ -0,0 +1,15 @@ +parameters: + mysql: + server: + database: + neutron: + encoding: 'utf8' + users: + - name: 'neutron' + password: '${_param:mysql_neutron_password}' + host: '%' + rights: 'all' + - name: 'neutron' + password: '${_param:mysql_neutron_password}' + host: '${_param:cluster_local_address}' + rights: 'all' diff --git a/mcp/reclass/classes/system/galera/server/database/nova.yml b/mcp/reclass/classes/system/galera/server/database/nova.yml new file mode 100644 index 000000000..86d482168 --- /dev/null +++ b/mcp/reclass/classes/system/galera/server/database/nova.yml @@ -0,0 +1,37 @@ +parameters: + mysql: + server: + database: + nova: + encoding: utf8 + users: + - name: nova + password: ${_param:mysql_nova_password} + host: '%' + rights: all + - name: nova + password: ${_param:mysql_nova_password} + host: ${_param:cluster_local_address} + rights: all + nova_api: + encoding: utf8 + users: + - name: nova + password: ${_param:mysql_nova_password} + host: '%' + rights: all + - name: nova + password: ${_param:mysql_nova_password} + host: ${_param:cluster_local_address} + rights: all + nova_cell0: + encoding: utf8 + users: + - name: nova + password: ${_param:mysql_nova_password} + host: '%' + rights: all + - name: nova + password: ${_param:mysql_nova_password} + host: ${_param:cluster_local_address} + rights: all diff --git a/mcp/reclass/classes/system/glance/control/cluster.yml b/mcp/reclass/classes/system/glance/control/cluster.yml new file mode 100644 index 000000000..b009e9e9c --- /dev/null +++ b/mcp/reclass/classes/system/glance/control/cluster.yml @@ -0,0 +1,45 @@ +classes: +- service.glance.control.cluster +- service.keepalived.cluster.single +- service.haproxy.proxy.single +- system.haproxy.proxy.listen.openstack.glance +parameters: + glance: + server: + enabled: true + version: ${_param:glance_version} + workers: 8 + database: + engine: mysql + host: ${_param:openstack_database_address} + port: 3306 + name: glance + user: glance + password: ${_param:mysql_glance_password} + registry: + host: ${_param:cluster_vip_address} + port: 9191 + bind: + address: ${_param:cluster_local_address} + port: 9292 + identity: + engine: keystone + host: ${_param:cluster_vip_address} + port: 35357 + user: glance + password: ${_param:keystone_glance_password} + region: ${_param:openstack_region} + tenant: service + message_queue: + engine: rabbitmq + port: 5672 + user: openstack + password: ${_param:rabbitmq_openstack_password} + virtual_host: '/openstack' + members: + - host: ${_param:openstack_message_queue_node01_address} + - host: ${_param:openstack_message_queue_node02_address} + - host: ${_param:openstack_message_queue_node03_address} + storage: + engine: file + images: [] \ No newline at end of file diff --git a/mcp/reclass/classes/system/glance/control/notification/cadf.yml b/mcp/reclass/classes/system/glance/control/notification/cadf.yml new file mode 100644 index 000000000..0f2fbae74 --- /dev/null +++ b/mcp/reclass/classes/system/glance/control/notification/cadf.yml @@ -0,0 +1,5 @@ +parameters: + glance: + server: + audit: + enabled: true diff --git a/mcp/reclass/classes/system/glance/control/notification/messagingv2.yml b/mcp/reclass/classes/system/glance/control/notification/messagingv2.yml new file mode 100644 index 000000000..7020add43 --- /dev/null +++ b/mcp/reclass/classes/system/glance/control/notification/messagingv2.yml @@ -0,0 +1,6 @@ +parameters: + glance: + server: + notification: + driver: messagingv2 + topics: "${_param:openstack_notification_topics}" diff --git a/mcp/reclass/classes/system/glance/control/single.yml b/mcp/reclass/classes/system/glance/control/single.yml new file mode 100644 index 000000000..13f443465 --- /dev/null +++ b/mcp/reclass/classes/system/glance/control/single.yml @@ -0,0 +1,7 @@ +classes: +- service.glance.control.single +parameters: + glance: + server: + database: + host: ${_param:single_address} diff --git a/mcp/reclass/classes/system/glance/control/storage/ceph.yml b/mcp/reclass/classes/system/glance/control/storage/ceph.yml new file mode 100644 index 000000000..d48fb6d71 --- /dev/null +++ b/mcp/reclass/classes/system/glance/control/storage/ceph.yml @@ -0,0 +1,8 @@ +parameters: + glance: + server: + storage: + engine: rbd,http + user: ${_param:glance_storage_user} + pool: ${_param:glance_storage_pool} + chunk_size: 8 \ No newline at end of file diff --git a/mcp/reclass/classes/system/glusterfs/client/cluster.yml b/mcp/reclass/classes/system/glusterfs/client/cluster.yml new file mode 100644 index 000000000..24eab4fa5 --- /dev/null +++ b/mcp/reclass/classes/system/glusterfs/client/cluster.yml @@ -0,0 +1,2 @@ +classes: +- service.glusterfs.client \ No newline at end of file diff --git a/mcp/reclass/classes/system/glusterfs/client/volume/aptly.yml b/mcp/reclass/classes/system/glusterfs/client/volume/aptly.yml new file mode 100644 index 000000000..659f59d16 --- /dev/null +++ b/mcp/reclass/classes/system/glusterfs/client/volume/aptly.yml @@ -0,0 +1,13 @@ +parameters: + _param: + aptly_glusterfs_service_host: ${_param:glusterfs_service_host} + glusterfs_node01_address: ${_param:cluster_node01_address} + glusterfs_node02_address: ${_param:cluster_node02_address} + glusterfs_node03_address: ${_param:cluster_node03_address} + glusterfs: + client: + volumes: + aptly: + path: /srv/volumes/aptly + server: ${_param:aptly_glusterfs_service_host} + opts: "defaults,backup-volfile-servers=${_param:glusterfs_node01_address}:${_param:glusterfs_node02_address}:${_param:glusterfs_node03_address}" diff --git a/mcp/reclass/classes/system/glusterfs/client/volume/artifactory.yml b/mcp/reclass/classes/system/glusterfs/client/volume/artifactory.yml new file mode 100644 index 000000000..878131fbb --- /dev/null +++ b/mcp/reclass/classes/system/glusterfs/client/volume/artifactory.yml @@ -0,0 +1,13 @@ +parameters: + _param: + artifactory_glusterfs_service_host: ${_param:glusterfs_service_host} + glusterfs_node01_address: ${_param:cluster_node01_address} + glusterfs_node02_address: ${_param:cluster_node02_address} + glusterfs_node03_address: ${_param:cluster_node03_address} + glusterfs: + client: + volumes: + artifactory: + path: /srv/volumes/artifactory + server: ${_param:artifactory_glusterfs_service_host} + opts: "defaults,backup-volfile-servers=${_param:glusterfs_node01_address}:${_param:glusterfs_node02_address}:${_param:glusterfs_node03_address}" diff --git a/mcp/reclass/classes/system/glusterfs/client/volume/devops_portal.yml b/mcp/reclass/classes/system/glusterfs/client/volume/devops_portal.yml new file mode 100644 index 000000000..dc422012b --- /dev/null +++ b/mcp/reclass/classes/system/glusterfs/client/volume/devops_portal.yml @@ -0,0 +1,13 @@ +parameters: + _param: + devops_portal_glusterfs_service_host: ${_param:glusterfs_service_host} + glusterfs_node01_address: ${_param:cluster_node01_address} + glusterfs_node02_address: ${_param:cluster_node02_address} + glusterfs_node03_address: ${_param:cluster_node03_address} + glusterfs: + client: + volumes: + devops_portal: + path: /srv/volumes/devops_portal + server: ${_param:devops_portal_glusterfs_service_host} + opts: "defaults,backup-volfile-servers=${_param:glusterfs_node01_address}:${_param:glusterfs_node02_address}:${_param:glusterfs_node03_address}" diff --git a/mcp/reclass/classes/system/glusterfs/client/volume/elasticsearch.yml b/mcp/reclass/classes/system/glusterfs/client/volume/elasticsearch.yml new file mode 100644 index 000000000..02480937e --- /dev/null +++ b/mcp/reclass/classes/system/glusterfs/client/volume/elasticsearch.yml @@ -0,0 +1,13 @@ +parameters: + _param: + elasticsearch_glusterfs_service_host: ${_param:glusterfs_service_host} + glusterfs_node01_address: ${_param:cluster_node01_address} + glusterfs_node02_address: ${_param:cluster_node02_address} + glusterfs_node03_address: ${_param:cluster_node03_address} + glusterfs: + client: + volumes: + elasticsearch: + path: /srv/volumes/elasticsearch + server: ${_param:elasticsearch_glusterfs_service_host} + opts: "defaults,backup-volfile-servers=${_param:glusterfs_node01_address}:${_param:glusterfs_node02_address}:${_param:glusterfs_node03_address}" diff --git a/mcp/reclass/classes/system/glusterfs/client/volume/gerrit.yml b/mcp/reclass/classes/system/glusterfs/client/volume/gerrit.yml new file mode 100644 index 000000000..4598683b9 --- /dev/null +++ b/mcp/reclass/classes/system/glusterfs/client/volume/gerrit.yml @@ -0,0 +1,15 @@ +parameters: + _param: + gerrit_glusterfs_service_host: ${_param:glusterfs_service_host} + glusterfs_node01_address: ${_param:cluster_node01_address} + glusterfs_node02_address: ${_param:cluster_node02_address} + glusterfs_node03_address: ${_param:cluster_node03_address} + glusterfs: + client: + volumes: + gerrit: + path: /srv/volumes/gerrit + server: ${_param:gerrit_glusterfs_service_host} + opts: "defaults,backup-volfile-servers=${_param:glusterfs_node01_address}:${_param:glusterfs_node02_address}:${_param:glusterfs_node03_address}" + user: 1000 + group: 1000 diff --git a/mcp/reclass/classes/system/glusterfs/client/volume/glance.yml b/mcp/reclass/classes/system/glusterfs/client/volume/glance.yml new file mode 100644 index 000000000..ec593b9fa --- /dev/null +++ b/mcp/reclass/classes/system/glusterfs/client/volume/glance.yml @@ -0,0 +1,15 @@ +parameters: + _param: + glance_glusterfs_service_host: ${_param:glusterfs_service_host} + glusterfs_node01_address: ${_param:cluster_node01_address} + glusterfs_node02_address: ${_param:cluster_node02_address} + glusterfs_node03_address: ${_param:cluster_node03_address} + glusterfs: + client: + volumes: + glance: + path: /var/lib/glance/images + server: ${_param:glance_glusterfs_service_host} + user: glance + group: glance + opts: "defaults,backup-volfile-servers=${_param:glusterfs_node01_address}:${_param:glusterfs_node02_address}:${_param:glusterfs_node03_address}" diff --git a/mcp/reclass/classes/system/glusterfs/client/volume/jenkins.yml b/mcp/reclass/classes/system/glusterfs/client/volume/jenkins.yml new file mode 100644 index 000000000..c9fa258be --- /dev/null +++ b/mcp/reclass/classes/system/glusterfs/client/volume/jenkins.yml @@ -0,0 +1,15 @@ +parameters: + _param: + jenkins_glusterfs_service_host: ${_param:glusterfs_service_host} + glusterfs_node01_address: ${_param:cluster_node01_address} + glusterfs_node02_address: ${_param:cluster_node02_address} + glusterfs_node03_address: ${_param:cluster_node03_address} + glusterfs: + client: + volumes: + jenkins: + path: /srv/volumes/jenkins + server: ${_param:jenkins_glusterfs_service_host} + opts: "defaults,backup-volfile-servers=${_param:glusterfs_node01_address}:${_param:glusterfs_node02_address}:${_param:glusterfs_node03_address}" + user: 1000 + group: 1000 diff --git a/mcp/reclass/classes/system/glusterfs/client/volume/keystone.yml b/mcp/reclass/classes/system/glusterfs/client/volume/keystone.yml new file mode 100644 index 000000000..713902972 --- /dev/null +++ b/mcp/reclass/classes/system/glusterfs/client/volume/keystone.yml @@ -0,0 +1,15 @@ +parameters: + _param: + keystone_glusterfs_service_host: ${_param:glusterfs_service_host} + glusterfs_node01_address: ${_param:cluster_node01_address} + glusterfs_node02_address: ${_param:cluster_node02_address} + glusterfs_node03_address: ${_param:cluster_node03_address} + glusterfs: + client: + volumes: + keystone-keys: + path: /var/lib/keystone/fernet-keys + server: ${_param:keystone_glusterfs_service_host} + user: keystone + group: keystone + opts: "defaults,backup-volfile-servers=${_param:glusterfs_node01_address}:${_param:glusterfs_node02_address}:${_param:glusterfs_node03_address}" diff --git a/mcp/reclass/classes/system/glusterfs/client/volume/mysql.yml b/mcp/reclass/classes/system/glusterfs/client/volume/mysql.yml new file mode 100644 index 000000000..7761a0735 --- /dev/null +++ b/mcp/reclass/classes/system/glusterfs/client/volume/mysql.yml @@ -0,0 +1,13 @@ +parameters: + _param: + mysql_glusterfs_service_host: ${_param:glusterfs_service_host} + glusterfs_node01_address: ${_param:cluster_node01_address} + glusterfs_node02_address: ${_param:cluster_node02_address} + glusterfs_node03_address: ${_param:cluster_node03_address} + glusterfs: + client: + volumes: + mysql: + path: /srv/volumes/mysql + server: ${_param:mysql_glusterfs_service_host} + opts: "defaults,backup-volfile-servers=${_param:glusterfs_node01_address}:${_param:glusterfs_node02_address}:${_param:glusterfs_node03_address}" diff --git a/mcp/reclass/classes/system/glusterfs/client/volume/openldap.yml b/mcp/reclass/classes/system/glusterfs/client/volume/openldap.yml new file mode 100644 index 000000000..22b10cd9c --- /dev/null +++ b/mcp/reclass/classes/system/glusterfs/client/volume/openldap.yml @@ -0,0 +1,13 @@ +parameters: + _param: + openldap_glusterfs_service_host: ${_param:glusterfs_service_host} + glusterfs_node01_address: ${_param:cluster_node01_address} + glusterfs_node02_address: ${_param:cluster_node02_address} + glusterfs_node03_address: ${_param:cluster_node03_address} + glusterfs: + client: + volumes: + openldap: + path: /srv/volumes/openldap + server: ${_param:openldap_glusterfs_service_host} + opts: "defaults,backup-volfile-servers=${_param:glusterfs_node01_address}:${_param:glusterfs_node02_address}:${_param:glusterfs_node03_address}" diff --git a/mcp/reclass/classes/system/glusterfs/client/volume/postgresql.yml b/mcp/reclass/classes/system/glusterfs/client/volume/postgresql.yml new file mode 100644 index 000000000..b49c905d8 --- /dev/null +++ b/mcp/reclass/classes/system/glusterfs/client/volume/postgresql.yml @@ -0,0 +1,13 @@ +parameters: + _param: + postgresql_glusterfs_service_host: ${_param:glusterfs_service_host} + glusterfs_node01_address: ${_param:cluster_node01_address} + glusterfs_node02_address: ${_param:cluster_node02_address} + glusterfs_node03_address: ${_param:cluster_node03_address} + glusterfs: + client: + volumes: + postgresql: + path: /srv/volumes/postgresql + server: ${_param:postgresql_glusterfs_service_host} + opts: "defaults,backup-volfile-servers=${_param:glusterfs_node01_address}:${_param:glusterfs_node02_address}:${_param:glusterfs_node03_address}" diff --git a/mcp/reclass/classes/system/glusterfs/client/volume/prometheus.yml b/mcp/reclass/classes/system/glusterfs/client/volume/prometheus.yml new file mode 100644 index 000000000..3fae59b3a --- /dev/null +++ b/mcp/reclass/classes/system/glusterfs/client/volume/prometheus.yml @@ -0,0 +1,13 @@ +parameters: + _param: + prometheus_glusterfs_service_host: ${_param:glusterfs_service_host} + glusterfs_node01_address: ${_param:cluster_node01_address} + glusterfs_node02_address: ${_param:cluster_node02_address} + glusterfs_node03_address: ${_param:cluster_node03_address} + glusterfs: + client: + volumes: + prometheus: + path: /srv/volumes/prometheus + server: ${_param:prometheus_glusterfs_service_host} + opts: "defaults,backup-volfile-servers=${_param:glusterfs_node01_address}:${_param:glusterfs_node02_address}:${_param:glusterfs_node03_address}" diff --git a/mcp/reclass/classes/system/glusterfs/client/volume/pushkin.yml b/mcp/reclass/classes/system/glusterfs/client/volume/pushkin.yml new file mode 100644 index 000000000..ee09ef860 --- /dev/null +++ b/mcp/reclass/classes/system/glusterfs/client/volume/pushkin.yml @@ -0,0 +1,13 @@ +parameters: + _param: + pushkin_glusterfs_service_host: ${_param:glusterfs_service_host} + glusterfs_node01_address: ${_param:cluster_node01_address} + glusterfs_node02_address: ${_param:cluster_node02_address} + glusterfs_node03_address: ${_param:cluster_node03_address} + glusterfs: + client: + volumes: + pushkin: + path: /srv/volumes/pushkin + server: ${_param:pushkin_glusterfs_service_host} + opts: "defaults,backup-volfile-servers=${_param:glusterfs_node01_address}:${_param:glusterfs_node02_address}:${_param:glusterfs_node03_address}" diff --git a/mcp/reclass/classes/system/glusterfs/client/volume/registry.yml b/mcp/reclass/classes/system/glusterfs/client/volume/registry.yml new file mode 100644 index 000000000..af932a681 --- /dev/null +++ b/mcp/reclass/classes/system/glusterfs/client/volume/registry.yml @@ -0,0 +1,13 @@ +parameters: + _param: + registry_glusterfs_service_host: ${_param:glusterfs_service_host} + glusterfs_node01_address: ${_param:cluster_node01_address} + glusterfs_node02_address: ${_param:cluster_node02_address} + glusterfs_node03_address: ${_param:cluster_node03_address} + glusterfs: + client: + volumes: + registry: + path: /srv/volumes/registry + server: ${_param:registry_glusterfs_service_host} + opts: "defaults,backup-volfile-servers=${_param:glusterfs_node01_address}:${_param:glusterfs_node02_address}:${_param:glusterfs_node03_address}" diff --git a/mcp/reclass/classes/system/glusterfs/client/volume/rundeck.yml b/mcp/reclass/classes/system/glusterfs/client/volume/rundeck.yml new file mode 100644 index 000000000..f0c6ccdf9 --- /dev/null +++ b/mcp/reclass/classes/system/glusterfs/client/volume/rundeck.yml @@ -0,0 +1,13 @@ +parameters: + _param: + rundeck_glusterfs_service_host: ${_param:glusterfs_service_host} + glusterfs_node01_address: ${_param:cluster_node01_address} + glusterfs_node02_address: ${_param:cluster_node02_address} + glusterfs_node03_address: ${_param:cluster_node03_address} + glusterfs: + client: + volumes: + rundeck: + path: /srv/volumes/rundeck + server: ${_param:rundeck_glusterfs_service_host} + opts: "defaults,backup-volfile-servers=${_param:glusterfs_node01_address}:${_param:glusterfs_node02_address}:${_param:glusterfs_node03_address}" diff --git a/mcp/reclass/classes/system/glusterfs/client/volume/salt.yml b/mcp/reclass/classes/system/glusterfs/client/volume/salt.yml new file mode 100644 index 000000000..048d38b94 --- /dev/null +++ b/mcp/reclass/classes/system/glusterfs/client/volume/salt.yml @@ -0,0 +1,13 @@ +parameters: + _param: + salt_glusterfs_service_host: ${_param:glusterfs_service_host} + glusterfs_node01_address: ${_param:cluster_node01_address} + glusterfs_node02_address: ${_param:cluster_node02_address} + glusterfs_node03_address: ${_param:cluster_node03_address} + glusterfs: + client: + volumes: + saltmaster: + path: /etc/salt/pki/master + server: ${_param:salt_glusterfs_service_host} + opts: "defaults,backup-volfile-servers=${_param:glusterfs_node01_address}:${_param:glusterfs_node02_address}:${_param:glusterfs_node03_address}" diff --git a/mcp/reclass/classes/system/glusterfs/client/volume/salt_pki.yml b/mcp/reclass/classes/system/glusterfs/client/volume/salt_pki.yml new file mode 100644 index 000000000..9083e19ba --- /dev/null +++ b/mcp/reclass/classes/system/glusterfs/client/volume/salt_pki.yml @@ -0,0 +1,13 @@ +parameters: + _param: + salt_glusterfs_service_host: ${_param:glusterfs_service_host} + glusterfs_node01_address: ${_param:cluster_node01_address} + glusterfs_node02_address: ${_param:cluster_node02_address} + glusterfs_node03_address: ${_param:cluster_node03_address} + glusterfs: + client: + volumes: + salt_pki: + path: /srv/salt/pki + server: ${_param:salt_glusterfs_service_host} + opts: "defaults,backup-volfile-servers=${_param:glusterfs_node01_address}:${_param:glusterfs_node02_address}:${_param:glusterfs_node03_address}" diff --git a/mcp/reclass/classes/system/glusterfs/client/volume/security_monkey.yml b/mcp/reclass/classes/system/glusterfs/client/volume/security_monkey.yml new file mode 100644 index 000000000..b00866978 --- /dev/null +++ b/mcp/reclass/classes/system/glusterfs/client/volume/security_monkey.yml @@ -0,0 +1,13 @@ +parameters: + _param: + security_monkey_glusterfs_service_host: ${_param:glusterfs_service_host} + glusterfs_node01_address: ${_param:cluster_node01_address} + glusterfs_node02_address: ${_param:cluster_node02_address} + glusterfs_node03_address: ${_param:cluster_node03_address} + glusterfs: + client: + volumes: + security_monkey: + path: /srv/volumes/security_monkey + server: ${_param:security_monkey_glusterfs_service_host} + opts: "defaults,backup-volfile-servers=${_param:glusterfs_node01_address}:${_param:glusterfs_node02_address}:${_param:glusterfs_node03_address}" diff --git a/mcp/reclass/classes/system/glusterfs/cluster.yml b/mcp/reclass/classes/system/glusterfs/cluster.yml new file mode 100644 index 000000000..8a5c59539 --- /dev/null +++ b/mcp/reclass/classes/system/glusterfs/cluster.yml @@ -0,0 +1,2 @@ +classes: +- service.glusterfs.server diff --git a/mcp/reclass/classes/system/glusterfs/server/cluster.yml b/mcp/reclass/classes/system/glusterfs/server/cluster.yml new file mode 100644 index 000000000..87aa0e950 --- /dev/null +++ b/mcp/reclass/classes/system/glusterfs/server/cluster.yml @@ -0,0 +1,12 @@ +classes: +- service.glusterfs.server +parameters: + glusterfs: + _support: + iptables: + enabled: false + server: + peers: + - ${_param:cluster_node01_address} + - ${_param:cluster_node02_address} + - ${_param:cluster_node03_address} diff --git a/mcp/reclass/classes/system/glusterfs/server/volume/aptly.yml b/mcp/reclass/classes/system/glusterfs/server/volume/aptly.yml new file mode 100644 index 000000000..db0163821 --- /dev/null +++ b/mcp/reclass/classes/system/glusterfs/server/volume/aptly.yml @@ -0,0 +1,17 @@ +parameters: + glusterfs: + server: + volumes: + aptly: + storage: /srv/glusterfs/aptly + replica: 3 + bricks: + - ${_param:cluster_node01_address}:/srv/glusterfs/aptly + - ${_param:cluster_node02_address}:/srv/glusterfs/aptly + - ${_param:cluster_node03_address}:/srv/glusterfs/aptly + options: + cluster.readdir-optimize: On + nfs.disable: On + network.remote-dio: On + diagnostics.client-log-level: WARNING + diagnostics.brick-log-level: WARNING diff --git a/mcp/reclass/classes/system/glusterfs/server/volume/artifactory.yml b/mcp/reclass/classes/system/glusterfs/server/volume/artifactory.yml new file mode 100644 index 000000000..a19115e9c --- /dev/null +++ b/mcp/reclass/classes/system/glusterfs/server/volume/artifactory.yml @@ -0,0 +1,17 @@ +parameters: + glusterfs: + server: + volumes: + artifactory: + storage: /srv/glusterfs/artifactory + replica: 3 + bricks: + - ${_param:cluster_node01_address}:/srv/glusterfs/artifactory + - ${_param:cluster_node02_address}:/srv/glusterfs/artifactory + - ${_param:cluster_node03_address}:/srv/glusterfs/artifactory + options: + cluster.readdir-optimize: On + nfs.disable: On + network.remote-dio: On + diagnostics.client-log-level: WARNING + diagnostics.brick-log-level: WARNING diff --git a/mcp/reclass/classes/system/glusterfs/server/volume/devops_portal.yml b/mcp/reclass/classes/system/glusterfs/server/volume/devops_portal.yml new file mode 100644 index 000000000..0b71b6280 --- /dev/null +++ b/mcp/reclass/classes/system/glusterfs/server/volume/devops_portal.yml @@ -0,0 +1,17 @@ +parameters: + glusterfs: + server: + volumes: + devops_portal: + storage: /srv/glusterfs/devops_portal + replica: 3 + bricks: + - ${_param:cluster_node01_address}:/srv/glusterfs/devops_portal + - ${_param:cluster_node02_address}:/srv/glusterfs/devops_portal + - ${_param:cluster_node03_address}:/srv/glusterfs/devops_portal + options: + cluster.readdir-optimize: On + nfs.disable: On + network.remote-dio: On + diagnostics.client-log-level: WARNING + diagnostics.brick-log-level: WARNING diff --git a/mcp/reclass/classes/system/glusterfs/server/volume/elasticsearch.yml b/mcp/reclass/classes/system/glusterfs/server/volume/elasticsearch.yml new file mode 100644 index 000000000..73f35c102 --- /dev/null +++ b/mcp/reclass/classes/system/glusterfs/server/volume/elasticsearch.yml @@ -0,0 +1,17 @@ +parameters: + glusterfs: + server: + volumes: + elasticsearch: + storage: /srv/glusterfs/elasticsearch + replica: 3 + bricks: + - ${_param:cluster_node01_address}:/srv/glusterfs/elasticsearch + - ${_param:cluster_node02_address}:/srv/glusterfs/elasticsearch + - ${_param:cluster_node03_address}:/srv/glusterfs/elasticsearch + options: + cluster.readdir-optimize: On + nfs.disable: On + network.remote-dio: On + diagnostics.client-log-level: WARNING + diagnostics.brick-log-level: WARNING diff --git a/mcp/reclass/classes/system/glusterfs/server/volume/gerrit.yml b/mcp/reclass/classes/system/glusterfs/server/volume/gerrit.yml new file mode 100644 index 000000000..6667f936b --- /dev/null +++ b/mcp/reclass/classes/system/glusterfs/server/volume/gerrit.yml @@ -0,0 +1,17 @@ +parameters: + glusterfs: + server: + volumes: + gerrit: + storage: /srv/glusterfs/gerrit + replica: 3 + bricks: + - ${_param:cluster_node01_address}:/srv/glusterfs/gerrit + - ${_param:cluster_node02_address}:/srv/glusterfs/gerrit + - ${_param:cluster_node03_address}:/srv/glusterfs/gerrit + options: + cluster.readdir-optimize: On + nfs.disable: On + network.remote-dio: On + diagnostics.client-log-level: WARNING + diagnostics.brick-log-level: WARNING diff --git a/mcp/reclass/classes/system/glusterfs/server/volume/glance.yml b/mcp/reclass/classes/system/glusterfs/server/volume/glance.yml new file mode 100644 index 000000000..8276a448a --- /dev/null +++ b/mcp/reclass/classes/system/glusterfs/server/volume/glance.yml @@ -0,0 +1,17 @@ +parameters: + glusterfs: + server: + volumes: + glance: + storage: /srv/glusterfs/glance + replica: 3 + bricks: + - ${_param:cluster_node01_address}:/srv/glusterfs/glance + - ${_param:cluster_node02_address}:/srv/glusterfs/glance + - ${_param:cluster_node03_address}:/srv/glusterfs/glance + options: + cluster.readdir-optimize: On + nfs.disable: On + network.remote-dio: On + diagnostics.client-log-level: WARNING + diagnostics.brick-log-level: WARNING \ No newline at end of file diff --git a/mcp/reclass/classes/system/glusterfs/server/volume/jenkins.yml b/mcp/reclass/classes/system/glusterfs/server/volume/jenkins.yml new file mode 100644 index 000000000..5c077d0bb --- /dev/null +++ b/mcp/reclass/classes/system/glusterfs/server/volume/jenkins.yml @@ -0,0 +1,17 @@ +parameters: + glusterfs: + server: + volumes: + jenkins: + storage: /srv/glusterfs/jenkins + replica: 3 + bricks: + - ${_param:cluster_node01_address}:/srv/glusterfs/jenkins + - ${_param:cluster_node02_address}:/srv/glusterfs/jenkins + - ${_param:cluster_node03_address}:/srv/glusterfs/jenkins + options: + cluster.readdir-optimize: On + nfs.disable: On + network.remote-dio: On + diagnostics.client-log-level: WARNING + diagnostics.brick-log-level: WARNING diff --git a/mcp/reclass/classes/system/glusterfs/server/volume/keystone.yml b/mcp/reclass/classes/system/glusterfs/server/volume/keystone.yml new file mode 100644 index 000000000..229d787d5 --- /dev/null +++ b/mcp/reclass/classes/system/glusterfs/server/volume/keystone.yml @@ -0,0 +1,17 @@ +parameters: + glusterfs: + server: + volumes: + keystone-keys: + storage: /srv/glusterfs/keystone-keys + replica: 3 + bricks: + - ${_param:cluster_node01_address}:/srv/glusterfs/keystone-keys + - ${_param:cluster_node02_address}:/srv/glusterfs/keystone-keys + - ${_param:cluster_node03_address}:/srv/glusterfs/keystone-keys + options: + cluster.readdir-optimize: On + nfs.disable: On + network.remote-dio: On + diagnostics.client-log-level: WARNING + diagnostics.brick-log-level: WARNING \ No newline at end of file diff --git a/mcp/reclass/classes/system/glusterfs/server/volume/mysql.yml b/mcp/reclass/classes/system/glusterfs/server/volume/mysql.yml new file mode 100644 index 000000000..0e7367c37 --- /dev/null +++ b/mcp/reclass/classes/system/glusterfs/server/volume/mysql.yml @@ -0,0 +1,17 @@ +parameters: + glusterfs: + server: + volumes: + mysql: + storage: /srv/glusterfs/mysql + replica: 3 + bricks: + - ${_param:cluster_node01_address}:/srv/glusterfs/mysql + - ${_param:cluster_node02_address}:/srv/glusterfs/mysql + - ${_param:cluster_node03_address}:/srv/glusterfs/mysql + options: + cluster.readdir-optimize: On + nfs.disable: On + network.remote-dio: On + diagnostics.client-log-level: WARNING + diagnostics.brick-log-level: WARNING \ No newline at end of file diff --git a/mcp/reclass/classes/system/glusterfs/server/volume/openldap.yml b/mcp/reclass/classes/system/glusterfs/server/volume/openldap.yml new file mode 100644 index 000000000..d507b44f7 --- /dev/null +++ b/mcp/reclass/classes/system/glusterfs/server/volume/openldap.yml @@ -0,0 +1,17 @@ +parameters: + glusterfs: + server: + volumes: + openldap: + storage: /srv/glusterfs/openldap + replica: 3 + bricks: + - ${_param:cluster_node01_address}:/srv/glusterfs/openldap + - ${_param:cluster_node02_address}:/srv/glusterfs/openldap + - ${_param:cluster_node03_address}:/srv/glusterfs/openldap + options: + cluster.readdir-optimize: On + nfs.disable: On + network.remote-dio: On + diagnostics.client-log-level: WARNING + diagnostics.brick-log-level: WARNING diff --git a/mcp/reclass/classes/system/glusterfs/server/volume/postgresql.yml b/mcp/reclass/classes/system/glusterfs/server/volume/postgresql.yml new file mode 100644 index 000000000..26290f888 --- /dev/null +++ b/mcp/reclass/classes/system/glusterfs/server/volume/postgresql.yml @@ -0,0 +1,17 @@ +parameters: + glusterfs: + server: + volumes: + postgresql: + storage: /srv/glusterfs/postgresql + replica: 3 + bricks: + - ${_param:cluster_node01_address}:/srv/glusterfs/postgresql + - ${_param:cluster_node02_address}:/srv/glusterfs/postgresql + - ${_param:cluster_node03_address}:/srv/glusterfs/postgresql + options: + cluster.readdir-optimize: On + nfs.disable: On + network.remote-dio: On + diagnostics.client-log-level: WARNING + diagnostics.brick-log-level: WARNING diff --git a/mcp/reclass/classes/system/glusterfs/server/volume/prometheus.yml b/mcp/reclass/classes/system/glusterfs/server/volume/prometheus.yml new file mode 100644 index 000000000..144847a0b --- /dev/null +++ b/mcp/reclass/classes/system/glusterfs/server/volume/prometheus.yml @@ -0,0 +1,17 @@ +parameters: + glusterfs: + server: + volumes: + prometheus: + storage: /srv/glusterfs/prometheus + replica: 3 + bricks: + - ${_param:cluster_node01_address}:/srv/glusterfs/prometheus + - ${_param:cluster_node02_address}:/srv/glusterfs/prometheus + - ${_param:cluster_node03_address}:/srv/glusterfs/prometheus + options: + cluster.readdir-optimize: On + nfs.disable: On + network.remote-dio: On + diagnostics.client-log-level: WARNING + diagnostics.brick-log-level: WARNING diff --git a/mcp/reclass/classes/system/glusterfs/server/volume/pushkin.yml b/mcp/reclass/classes/system/glusterfs/server/volume/pushkin.yml new file mode 100644 index 000000000..52d393ef1 --- /dev/null +++ b/mcp/reclass/classes/system/glusterfs/server/volume/pushkin.yml @@ -0,0 +1,17 @@ +parameters: + glusterfs: + server: + volumes: + pushkin: + storage: /srv/glusterfs/pushkin + replica: 3 + bricks: + - ${_param:cluster_node01_address}:/srv/glusterfs/pushkin + - ${_param:cluster_node02_address}:/srv/glusterfs/pushkin + - ${_param:cluster_node03_address}:/srv/glusterfs/pushkin + options: + cluster.readdir-optimize: On + nfs.disable: On + network.remote-dio: On + diagnostics.client-log-level: WARNING + diagnostics.brick-log-level: WARNING diff --git a/mcp/reclass/classes/system/glusterfs/server/volume/registry.yml b/mcp/reclass/classes/system/glusterfs/server/volume/registry.yml new file mode 100644 index 000000000..5df7d8a70 --- /dev/null +++ b/mcp/reclass/classes/system/glusterfs/server/volume/registry.yml @@ -0,0 +1,17 @@ +parameters: + glusterfs: + server: + volumes: + registry: + storage: /srv/glusterfs/registry + replica: 3 + bricks: + - ${_param:cluster_node01_address}:/srv/glusterfs/registry + - ${_param:cluster_node02_address}:/srv/glusterfs/registry + - ${_param:cluster_node03_address}:/srv/glusterfs/registry + options: + cluster.readdir-optimize: On + nfs.disable: On + network.remote-dio: On + diagnostics.client-log-level: WARNING + diagnostics.brick-log-level: WARNING diff --git a/mcp/reclass/classes/system/glusterfs/server/volume/rundeck.yml b/mcp/reclass/classes/system/glusterfs/server/volume/rundeck.yml new file mode 100644 index 000000000..22e5563fd --- /dev/null +++ b/mcp/reclass/classes/system/glusterfs/server/volume/rundeck.yml @@ -0,0 +1,17 @@ +parameters: + glusterfs: + server: + volumes: + rundeck: + storage: /srv/glusterfs/rundeck + replica: 3 + bricks: + - ${_param:cluster_node01_address}:/srv/glusterfs/rundeck + - ${_param:cluster_node02_address}:/srv/glusterfs/rundeck + - ${_param:cluster_node03_address}:/srv/glusterfs/rundeck + options: + cluster.readdir-optimize: On + nfs.disable: On + network.remote-dio: On + diagnostics.client-log-level: WARNING + diagnostics.brick-log-level: WARNING diff --git a/mcp/reclass/classes/system/glusterfs/server/volume/salt.yml b/mcp/reclass/classes/system/glusterfs/server/volume/salt.yml new file mode 100644 index 000000000..f87b02938 --- /dev/null +++ b/mcp/reclass/classes/system/glusterfs/server/volume/salt.yml @@ -0,0 +1,17 @@ +parameters: + glusterfs: + server: + volumes: + saltmaster: + storage: /srv/glusterfs/saltmaster + replica: 3 + bricks: + - ${_param:cluster_node01_address}:/srv/glusterfs/saltmaster + - ${_param:cluster_node02_address}:/srv/glusterfs/saltmaster + - ${_param:cluster_node03_address}:/srv/glusterfs/saltmaster + options: + cluster.readdir-optimize: On + nfs.disable: On + network.remote-dio: On + diagnostics.client-log-level: WARNING + diagnostics.brick-log-level: WARNING diff --git a/mcp/reclass/classes/system/glusterfs/server/volume/salt_pki.yml b/mcp/reclass/classes/system/glusterfs/server/volume/salt_pki.yml new file mode 100644 index 000000000..7af39daab --- /dev/null +++ b/mcp/reclass/classes/system/glusterfs/server/volume/salt_pki.yml @@ -0,0 +1,17 @@ +parameters: + glusterfs: + server: + volumes: + salt_pki: + storage: /srv/glusterfs/salt_pki + replica: 3 + bricks: + - ${_param:cluster_node01_address}:/srv/glusterfs/salt_pki + - ${_param:cluster_node02_address}:/srv/glusterfs/salt_pki + - ${_param:cluster_node03_address}:/srv/glusterfs/salt_pki + options: + cluster.readdir-optimize: On + nfs.disable: On + network.remote-dio: On + diagnostics.client-log-level: WARNING + diagnostics.brick-log-level: WARNING diff --git a/mcp/reclass/classes/system/glusterfs/server/volume/security_monkey.yml b/mcp/reclass/classes/system/glusterfs/server/volume/security_monkey.yml new file mode 100644 index 000000000..478aec3af --- /dev/null +++ b/mcp/reclass/classes/system/glusterfs/server/volume/security_monkey.yml @@ -0,0 +1,17 @@ +parameters: + glusterfs: + server: + volumes: + security_monkey: + storage: /srv/glusterfs/security_monkey + replica: 3 + bricks: + - ${_param:cluster_node01_address}:/srv/glusterfs/security_monkey + - ${_param:cluster_node02_address}:/srv/glusterfs/security_monkey + - ${_param:cluster_node03_address}:/srv/glusterfs/security_monkey + options: + cluster.readdir-optimize: On + nfs.disable: On + network.remote-dio: On + diagnostics.client-log-level: WARNING + diagnostics.brick-log-level: WARNING diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/cicd/aptly.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/cicd/aptly.yml new file mode 100644 index 000000000..fb24c1f0d --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/cicd/aptly.yml @@ -0,0 +1,55 @@ +parameters: + _param: + haproxy_aptly_api_bind_host: ${_param:haproxy_bind_address} + haproxy_aptly_api_bind_port: 8084 + haproxy_aptly_public_bind_host: ${_param:haproxy_bind_address} + haproxy_aptly_public_bind_port: 8085 + haproxy: + proxy: + listen: + aptly-api: + mode: http + options: + - forwardfor + - httpclose + - httplog + balance: source + binds: + - address: ${_param:haproxy_aptly_api_bind_host} + port: ${_param:haproxy_aptly_api_bind_port} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: 18084 + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: 18084 + params: backup check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: 18084 + params: backup check + aptly-public: + mode: http + options: + - forwardfor + - httpclose + - httplog + balance: source + binds: + - address: ${_param:haproxy_aptly_public_bind_host} + port: ${_param:haproxy_aptly_public_bind_port} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: 18085 + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: 18085 + params: check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: 18085 + params: check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/cicd/gerrit.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/cicd/gerrit.yml new file mode 100644 index 000000000..51d494b61 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/cicd/gerrit.yml @@ -0,0 +1,58 @@ +parameters: + _param: + haproxy_gerrit_bind_host: ${_param:haproxy_bind_address} + haproxy_gerrit_bind_port: 8080 + haproxy_gerrit_ssh_bind_host: ${_param:haproxy_gerrit_bind_host} + haproxy_gerrit_ssh_bind_port: 29418 + haproxy_gerrit_ssl: + enabled: false + haproxy: + proxy: + listen: + gerrit: + mode: http + options: + - forwardfor + - httpchk + - httpclose + - httplog + balance: source + http_request: + - action: "add-header X-Forwarded-Proto https" + condition: "if { ssl_fc }" + binds: + - address: ${_param:haproxy_gerrit_bind_host} + port: ${_param:haproxy_gerrit_bind_port} + ssl: ${_param:haproxy_gerrit_ssl} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: 18083 + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: 18083 + params: backup check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: 18083 + params: backup check + gerrit_ssh: + mode: tcp + balance: source + binds: + - address: ${_param:haproxy_gerrit_ssh_bind_host} + port: ${_param:haproxy_gerrit_ssh_bind_port} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: 29417 + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: 29417 + params: backup check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: 29417 + params: backup check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/cicd/jenkins.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/cicd/jenkins.yml new file mode 100644 index 000000000..eda12f84e --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/cicd/jenkins.yml @@ -0,0 +1,60 @@ +parameters: + _param: + haproxy_jenkins_bind_host: ${_param:haproxy_bind_address} + haproxy_jenkins_bind_port: 8081 + haproxy_jenkins_jnlp_bind_host: ${_param:haproxy_jenkins_bind_host} + haproxy_jenkins_jnlp_bind_port: 50000 + haproxy_jenkins_ssl: + enabled: false + haproxy: + proxy: + listen: + jenkins: + mode: http + options: + - forwardfor +# - httpchk + - httpclose + - httplog + balance: source + http_request: + - action: "add-header X-Forwarded-Proto https" + condition: "if { ssl_fc }" + http_response: + - action: "del-header X-Frame-Options" + binds: + - address: ${_param:haproxy_jenkins_bind_host} + port: ${_param:haproxy_jenkins_bind_port} + ssl: ${_param:haproxy_jenkins_ssl} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: 18081 + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: 18081 + params: backup check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: 18081 + params: backup check + jenkins_jnlp: + mode: tcp + balance: source + binds: + - address: ${_param:haproxy_jenkins_jnlp_bind_host} + port: ${_param:haproxy_jenkins_jnlp_bind_port} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: 50001 + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: 50001 + params: backup check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: 50001 + params: backup check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/docker/registry.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/docker/registry.yml new file mode 100644 index 000000000..8d45e971f --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/docker/registry.yml @@ -0,0 +1,36 @@ +parameters: + _param: + haproxy_docker_registry_listen_host: ${_param:haproxy_bind_address} + haproxy_docker_registry_listen_port: 5000 + haproxy_docker_registry_ssl: + enabled: false + haproxy: + proxy: + listen: + registry: + mode: http + options: + - forwardfor + - httpclose + - httplog + balance: source + http_request: + - action: "add-header X-Forwarded-Proto https" + condition: "if { ssl_fc }" + binds: + - address: ${_param:haproxy_docker_registry_listen_host} + port: ${_param:haproxy_docker_registry_listen_port} + ssl: ${_param:haproxy_docker_registry_ssl} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: 15000 + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: 15000 + params: check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: 15000 + params: check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/docker/visualizer.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/docker/visualizer.yml new file mode 100644 index 000000000..409815c4d --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/docker/visualizer.yml @@ -0,0 +1,30 @@ +parameters: + _param: + haproxy_docker_visualizer_listen_port: 8091 + haproxy: + proxy: + listen: + visualizer: + mode: http + options: + - forwardfor + - httpchk + - httpclose + - httplog + balance: source + binds: + - address: ${_param:haproxy_bind_address} + port: ${_param:haproxy_docker_visualizer_listen_port} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: 18090 + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: 18090 + params: check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: 18090 + params: check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/elasticsearch.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/elasticsearch.yml new file mode 100644 index 000000000..cb1a8e5ec --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/elasticsearch.yml @@ -0,0 +1,29 @@ +parameters: + haproxy: + proxy: + listen: + elasticsearch: + mode: http + service_name: elasticsearch + options: + - forwardfor + - httpchk + - httpclose + - httplog + balance: roundrobin + binds: + - address: ${_param:cluster_vip_address} + port: 9200 + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 9200 + params: check + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 9200 + params: check + - name: ${_param:cluster_node03_hostname} + host: ${_param:cluster_node03_address} + port: 9200 + params: check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/kibana.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/kibana.yml new file mode 100644 index 000000000..a2180cb25 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/kibana.yml @@ -0,0 +1,29 @@ +parameters: + haproxy: + proxy: + listen: + kibana: + mode: http + service_name: kibana + options: + - forwardfor +# - httpchk + - httpclose + - httplog + balance: source + binds: + - address: ${_param:cluster_vip_address} + port: 80 + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 5601 + params: check + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 5601 + params: check + - name: ${_param:cluster_node03_hostname} + host: ${_param:cluster_node03_address} + port: 5601 + params: check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/kubernetes/apiserver.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/kubernetes/apiserver.yml new file mode 100644 index 000000000..a45a71a75 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/kubernetes/apiserver.yml @@ -0,0 +1,24 @@ +parameters: + haproxy: + proxy: + listen: + k8s_secure: + type: kubernetes + options: + - ssl-hello-chk + binds: + - address: ${_param:cluster_vip_address} + port: 443 + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 443 + params: check + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 443 + params: check + - name: ${_param:cluster_node03_hostname} + host: ${_param:cluster_node03_address} + port: 443 + params: check \ No newline at end of file diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/kubernetes/apiserver_insecure.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/kubernetes/apiserver_insecure.yml new file mode 100644 index 000000000..a365c5190 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/kubernetes/apiserver_insecure.yml @@ -0,0 +1,40 @@ +parameters: + haproxy: + proxy: + listen: + k8s_cluster: + type: kubernetes + binds: + - address: ${_param:cluster_vip_address} + port: 8080 + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 8080 + params: check + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 8080 + params: check + - name: ${_param:cluster_node03_hostname} + host: ${_param:cluster_node03_address} + port: 8080 + params: check + k8s_cluster_localhost: + type: kubernetes + binds: + - address: localhost + port: 8080 + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 8080 + params: check + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 8080 + params: check + - name: ${_param:cluster_node03_hostname} + host: ${_param:cluster_node03_address} + port: 8080 + params: check \ No newline at end of file diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/kubernetes/etcd.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/kubernetes/etcd.yml new file mode 100644 index 000000000..c31419165 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/kubernetes/etcd.yml @@ -0,0 +1,22 @@ +parameters: + haproxy: + proxy: + listen: + etcd_cluster: + type: etcd + binds: + - address: ${_param:cluster_vip_address} + port: 4001 + servers: + - name: etc01 + host: ${_param:cluster_node01_address} + port: 4001 + params: check + - name: etc02 + host: ${_param:cluster_node02_address} + port: 4001 + params: backup check + - name: etc03 + host: ${_param:cluster_node03_address} + port: 4001 + params: backup check \ No newline at end of file diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/logging.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/logging.yml new file mode 100644 index 000000000..48a4b5ce5 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/logging.yml @@ -0,0 +1,6 @@ +classes: + - service.haproxy.proxy.single + - service.haproxy.proxy.stats + # Services + - system.haproxy.proxy._kibana + - system.haproxy.proxy._elasticsearch diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/monitoring.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/monitoring.yml new file mode 100644 index 000000000..a59d84ac8 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/monitoring.yml @@ -0,0 +1,8 @@ +classes: + - service.haproxy.proxy.single + - service.haproxy.proxy.stats + # Services + - system.haproxy.proxy._rabbitmq + - system.haproxy.proxy._uchiwa + - system.haproxy.proxy._sensu + - system.haproxy.proxy._redis diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/mysql.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/mysql.yml new file mode 100644 index 000000000..a7ef9105b --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/mysql.yml @@ -0,0 +1,26 @@ +parameters: + _param: + haproxy_mysql_bind_port: 3306 + haproxy_mysql_source_port: 3306 + haproxy: + proxy: + listen: + mysql: + mode: tcp + balance: source + binds: + - address: ${_param:haproxy_bind_address} + port: ${_param:haproxy_mysql_bind_port} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: ${_param:haproxy_mysql_source_port} + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: ${_param:haproxy_mysql_source_port} + params: backup check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: ${_param:haproxy_mysql_source_port} + params: backup check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/opencontrail/analytics.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/opencontrail/analytics.yml new file mode 100644 index 000000000..fd20277dd --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/opencontrail/analytics.yml @@ -0,0 +1,53 @@ +parameters: + haproxy: + proxy: + listen: + contrail_analytics: + type: contrail-analytics + service_name: contrail + binds: + - address: ${_param:cluster_vip_address} + port: 8081 + servers: + - name: nal01 + host: ${_param:cluster_node01_address} + port: 9081 + params: check inter 2000 rise 2 fall 3 + - name: nal02 + host: ${_param:cluster_node02_address} + port: 9081 + params: check inter 2000 rise 2 fall 3 + - name: nal03 + host: ${_param:cluster_node03_address} + port: 9081 + params: check inter 2000 rise 2 fall 3 + contrail_config_stats: + type: contrail-config + service_name: contrail + check: false + format: listen + binds: + - address: '*' + port: 5937 + user: haproxy + password: ${_param:opencontrail_stats_password} + contrail_openstack_stats: + type: contrail-config + service_name: contrail + check: false + format: listen + binds: + - address: '*' + port: 5936 + user: haproxy + password: ${_param:opencontrail_stats_password} + contrail_collector_stats: + type: contrail-config + service_name: contrail + check: false + format: listen + binds: + - address: '*' + port: 5938 + user: haproxy + password: ${_param:opencontrail_stats_password} diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/opencontrail/control.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/opencontrail/control.yml new file mode 100644 index 000000000..c38968275 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/opencontrail/control.yml @@ -0,0 +1,69 @@ +parameters: + haproxy: + proxy: + listen: + contrail_api: + type: contrail-api + service_name: contrail + binds: + - address: ${_param:cluster_vip_address} + port: 8082 + servers: + - name: ntw01 + host: ${_param:cluster_node01_address} + port: 9100 + params: check inter 2000 rise 2 fall 3 + - name: ntw02 + host: ${_param:cluster_node02_address} + port: 9100 + params: check inter 2000 rise 2 fall 3 + - name: ntw03 + host: ${_param:cluster_node03_address} + port: 9100 + params: check inter 2000 rise 2 fall 3 + contrail_discovery: + type: contrail-api + service_name: contrail + binds: + - address: ${_param:cluster_vip_address} + port: 5998 + servers: + - name: ntw01 + host: ${_param:cluster_node01_address} + port: 9110 + params: check inter 2000 rise 2 fall 3 + - name: ntw02 + host: ${_param:cluster_node02_address} + port: 9110 + params: check inter 2000 rise 2 fall 3 + - name: ntw03 + host: ${_param:cluster_node03_address} + port: 9110 + params: check inter 2000 rise 2 fall 3 + contrail_config_stats: + type: contrail-config + check: false + format: listen + binds: + - address: '*' + port: 5937 + user: haproxy + password: ${_param:opencontrail_stats_password} + contrail_openstack_stats: + type: contrail-config + check: false + format: listen + binds: + - address: '*' + port: 5936 + user: haproxy + password: ${_param:opencontrail_stats_password} + contrail_collector_stats: + type: contrail-config + check: false + format: listen + binds: + - address: '*' + port: 5938 + user: haproxy + password: ${_param:opencontrail_stats_password} diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/openldap.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/openldap.yml new file mode 100644 index 000000000..b6f79a039 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/openldap.yml @@ -0,0 +1,46 @@ +parameters: + _param: + haproxy_openldap_bind_host: ${_param:haproxy_bind_address} + haproxy_openldap_bind_port: 389 + haproxy_openldap_ssl_bind_port: 636 + haproxy: + proxy: + listen: + openldap: + mode: tcp + balance: source + binds: + - address: ${_param:haproxy_openldap_bind_host} + port: ${_param:haproxy_openldap_bind_port} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: 1389 + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: 1389 + params: backup check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: 1389 + params: backup check + openldap_ssl: + mode: tcp + balance: source + binds: + - address: ${_param:haproxy_openldap_bind_host} + port: ${_param:haproxy_openldap_ssl_bind_port} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: 1636 + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: 1636 + params: backup check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: 1636 + params: backup check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/aodh.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/aodh.yml new file mode 100644 index 000000000..6b024aa2f --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/aodh.yml @@ -0,0 +1,23 @@ +parameters: + haproxy: + proxy: + listen: + aodh-api: + type: openstack-service + service_name: aodh + binds: + - address: ${_param:cluster_vip_address} + port: 8042 + servers: + - name: ctl01 + host: ${_param:cluster_node01_address} + port: 8042 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl02 + host: ${_param:cluster_node02_address} + port: 8042 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl03 + host: ${_param:cluster_node03_address} + port: 8042 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 \ No newline at end of file diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/ceilometer.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/ceilometer.yml new file mode 100644 index 000000000..68eef43c6 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/ceilometer.yml @@ -0,0 +1,23 @@ +parameters: + haproxy: + proxy: + listen: + ceilometer_api: + type: general-service + check: false + binds: + - address: ${_param:cluster_vip_address} + port: 8777 + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 8777 + params: check + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 8777 + params: check + - name: ${_param:cluster_node03_hostname} + host: ${_param:cluster_node03_address} + port: 8777 + params: check \ No newline at end of file diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/cinder.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/cinder.yml new file mode 100644 index 000000000..a693e6e21 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/cinder.yml @@ -0,0 +1,23 @@ +parameters: + haproxy: + proxy: + listen: + cinder_api: + type: openstack-service + service_name: cinder + binds: + - address: ${_param:cluster_vip_address} + port: 8776 + servers: + - name: ctl01 + host: ${_param:cluster_node01_address} + port: 8776 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl02 + host: ${_param:cluster_node02_address} + port: 8776 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl03 + host: ${_param:cluster_node03_address} + port: 8776 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 \ No newline at end of file diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/designate.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/designate.yml new file mode 100644 index 000000000..7a54af27d --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/designate.yml @@ -0,0 +1,19 @@ +parameters: + haproxy: + proxy: + listen: + designate_api: + type: openstack-service + service_name: designate + binds: + - address: ${_param:cluster_vip_address} + port: 9001 + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 9001 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 9001 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/galera.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/galera.yml new file mode 100644 index 000000000..254dc3b03 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/galera.yml @@ -0,0 +1,29 @@ +parameters: + haproxy: + proxy: + timeout: + queue: '10s' + connect: '10s' + client: '10s' + server: '10s' + check: '10s' + listen: + mysql_cluster: + type: mysql + service_name: mysql + binds: + - address: ${_param:cluster_vip_address} + port: 3306 + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 3306 + params: check inter 20s fastinter 2s downinter 2s rise 3 fall 3 + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 3306 + params: backup check inter 20s fastinter 2s downinter 2s rise 3 fall 3 + - name: ${_param:cluster_node03_hostname} + host: ${_param:cluster_node03_address} + port: 3306 + params: backup check inter 20s fastinter 2s downinter 2s rise 3 fall 3 diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/glance.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/glance.yml new file mode 100644 index 000000000..729cc5b69 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/glance.yml @@ -0,0 +1,42 @@ +parameters: + haproxy: + proxy: + listen: + glance_api: + type: openstack-service + service_name: glance + binds: + - address: ${_param:cluster_vip_address} + port: 9292 + servers: + - name: ctl01 + host: ${_param:cluster_node01_address} + port: 9292 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl02 + host: ${_param:cluster_node02_address} + port: 9292 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl03 + host: ${_param:cluster_node03_address} + port: 9292 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + glance_registry_api: + type: general-service + service_name: glance + binds: + - address: ${_param:cluster_vip_address} + port: 9191 + servers: + - name: ctl01 + host: ${_param:cluster_node01_address} + port: 9191 + params: check + - name: ctl02 + host: ${_param:cluster_node02_address} + port: 9191 + params: check + - name: ctl03 + host: ${_param:cluster_node03_address} + port: 9191 + params: check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/glare.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/glare.yml new file mode 100644 index 000000000..a98427511 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/glare.yml @@ -0,0 +1,23 @@ +parameters: + haproxy: + proxy: + listen: + glare: + type: general-service + service_name: glare + binds: + - address: ${_param:cluster_vip_address} + port: 9494 + servers: + - name: ctl01 + host: ${_param:cluster_node01_address} + port: 9494 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl02 + host: ${_param:cluster_node02_address} + port: 9494 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl03 + host: ${_param:cluster_node03_address} + port: 9494 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/heat.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/heat.yml new file mode 100644 index 000000000..440a018b2 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/heat.yml @@ -0,0 +1,61 @@ +parameters: + haproxy: + proxy: + listen: + heat_cloudwatch_api: + type: openstack-service + service_name: heat + binds: + - address: ${_param:cluster_vip_address} + port: 8000 + servers: + - name: ctl01 + host: ${_param:cluster_node01_address} + port: 8000 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl02 + host: ${_param:cluster_node02_address} + port: 8000 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl03 + host: ${_param:cluster_node03_address} + port: 8000 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + heat_api: + type: openstack-service + service_name: heat + binds: + - address: ${_param:cluster_vip_address} + port: 8004 + servers: + - name: ctl01 + host: ${_param:cluster_node01_address} + port: 8004 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl02 + host: ${_param:cluster_node02_address} + port: 8004 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl03 + host: ${_param:cluster_node03_address} + port: 8004 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + heat_cfn_api: + type: openstack-service + service_name: heat + binds: + - address: ${_param:cluster_vip_address} + port: 8003 + servers: + - name: ctl01 + host: ${_param:cluster_node01_address} + port: 8003 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl02 + host: ${_param:cluster_node02_address} + port: 8003 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl03 + host: ${_param:cluster_node03_address} + port: 8003 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 \ No newline at end of file diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/horizon.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/horizon.yml new file mode 100644 index 000000000..9bf838cd7 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/horizon.yml @@ -0,0 +1,23 @@ +parameters: + haproxy: + proxy: + listen: + horizon_web: + type: general-service + check: false + binds: + - address: ${_param:cluster_vip_address} + port: 8078 + servers: + - name: ctl01 + host: ${_param:cluster_node01_address} + port: 8078 + params: check + - name: ctl02 + host: ${_param:cluster_node02_address} + port: 8078 + params: check + - name: ctl03 + host: ${_param:cluster_node03_address} + port: 8078 + params: check \ No newline at end of file diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/keystone.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/keystone.yml new file mode 100644 index 000000000..17e537ecf --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/keystone.yml @@ -0,0 +1,42 @@ +parameters: + haproxy: + proxy: + listen: + keystone_public_api: + type: openstack-service + service_name: keystone + binds: + - address: ${_param:cluster_vip_address} + port: 5000 + servers: + - name: ctl01 + host: ${_param:cluster_node01_address} + port: 5000 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl02 + host: ${_param:cluster_node02_address} + port: 5000 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl03 + host: ${_param:cluster_node03_address} + port: 5000 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + keystone_admin_api: + type: openstack-service + service_name: keystone + binds: + - address: ${_param:cluster_vip_address} + port: 35357 + servers: + - name: ctl01 + host: ${_param:cluster_node01_address} + port: 35357 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl02 + host: ${_param:cluster_node02_address} + port: 35357 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl03 + host: ${_param:cluster_node03_address} + port: 35357 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 \ No newline at end of file diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/murano.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/murano.yml new file mode 100644 index 000000000..0427820ba --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/murano.yml @@ -0,0 +1,18 @@ +parameters: + haproxy: + proxy: + listen: + murano_api: + type: openstack-service + check: false + binds: + - address: ${_param:cluster_vip_address} + port: 8082 + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 8082 + params: check + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 8082 \ No newline at end of file diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/neutron.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/neutron.yml new file mode 100644 index 000000000..1f8b4d596 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/neutron.yml @@ -0,0 +1,23 @@ +parameters: + haproxy: + proxy: + listen: + neutron_api: + type: openstack-service + service_name: neutron + binds: + - address: ${_param:cluster_vip_address} + port: 9696 + servers: + - name: ctl01 + host: ${_param:cluster_node01_address} + port: 9696 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl02 + host: ${_param:cluster_node02_address} + port: 9696 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl03 + host: ${_param:cluster_node03_address} + port: 9696 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 \ No newline at end of file diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/nova-placement.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/nova-placement.yml new file mode 100644 index 000000000..e3b72b7dc --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/nova-placement.yml @@ -0,0 +1,29 @@ +parameters: + haproxy: + proxy: + listen: + nova_placement_api: + mode: http + binds: + - address: ${_param:cluster_vip_address} + port: 8778 + options: + - httpclose + - httplog + health-check: + http: + options: + - expect status 401 + servers: + - name: ctl01 + host: ${_param:cluster_node01_address} + port: 8778 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl02 + host: ${_param:cluster_node02_address} + port: 8778 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl03 + host: ${_param:cluster_node03_address} + port: 8778 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/nova.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/nova.yml new file mode 100644 index 000000000..3865a822c --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/nova.yml @@ -0,0 +1,61 @@ +parameters: + haproxy: + proxy: + listen: + nova_ec2_api: + type: general-service + service_name: nova + check: false + binds: + - address: ${_param:cluster_vip_address} + port: 8773 + servers: + - name: ctl01 + host: ${_param:cluster_node01_address} + port: 8773 + params: check + - name: ctl02 + host: ${_param:cluster_node02_address} + port: 8773 + params: check + - name: ctl03 + host: ${_param:cluster_node03_address} + port: 8773 + params: check + nova_api: + type: openstack-service + service_name: nova + binds: + - address: ${_param:cluster_vip_address} + port: 8774 + servers: + - name: ctl01 + host: ${_param:cluster_node01_address} + port: 8774 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl02 + host: ${_param:cluster_node02_address} + port: 8774 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl03 + host: ${_param:cluster_node03_address} + port: 8774 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + nova_metadata_api: + type: openstack-service + binds: + - address: ${_param:cluster_vip_address} + port: 8775 + servers: + - name: ctl01 + host: ${_param:cluster_node01_address} + port: 8775 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl02 + host: ${_param:cluster_node02_address} + port: 8775 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl03 + host: ${_param:cluster_node03_address} + port: 8775 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/novnc.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/novnc.yml new file mode 100644 index 000000000..78b7d98bd --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/novnc.yml @@ -0,0 +1,25 @@ +parameters: + haproxy: + proxy: + listen: + nova_novnc: + type: general-service + service_name: http + check: true + binds: + - address: ${_param:cluster_vip_address} + port: 6080 + servers: + - name: ctl01 + host: ${_param:cluster_node01_address} + port: 6080 + params: check + - name: ctl02 + host: ${_param:cluster_node02_address} + port: 6080 + params: check + - name: ctl03 + host: ${_param:cluster_node03_address} + port: 6080 + params: check + diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/sahara.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/sahara.yml new file mode 100644 index 000000000..3bbf8094c --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/openstack/sahara.yml @@ -0,0 +1,24 @@ +parameters: + haproxy: + proxy: + listen: + sahara_api: + type: openstack-service + options: + - httplog + binds: + - address: ${_param:cluster_vip_address} + port: 8386 + servers: + - name: ctl01 + host: ${_param:cluster_node01_address} + port: 8386 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl02 + host: ${_param:cluster_node02_address} + port: 8386 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl03 + host: ${_param:cluster_node03_address} + port: 8386 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/oss/devops_portal.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/oss/devops_portal.yml new file mode 100644 index 000000000..e5c25cfbd --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/oss/devops_portal.yml @@ -0,0 +1,37 @@ +parameters: + _param: + haproxy_devops_portal_bind_host: ${_param:haproxy_bind_address} + haproxy_devops_portal_bind_port: 8800 + haproxy_devops_portal_ssl: + enabled: false + haproxy: + proxy: + listen: + devops_portal: + mode: http + options: + - forwardfor + - httpchk + - httpclose + - httplog + balance: source + http_request: + - action: "add-header X-Forwarded-Proto https" + condition: "if { ssl_fc }" + binds: + - address: ${_param:haproxy_devops_portal_bind_host} + port: ${_param:haproxy_devops_portal_bind_port} + ssl: ${_param:haproxy_devops_portal_ssl} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: 18800 + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: 18800 + params: backup check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: 18800 + params: backup check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/oss/elasticsearch.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/oss/elasticsearch.yml new file mode 100644 index 000000000..2f5d1ee40 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/oss/elasticsearch.yml @@ -0,0 +1,38 @@ +parameters: + _param: + haproxy_elasticsearch_bind_host: ${_param:haproxy_bind_address} + haproxy_elasticsearch_bind_port: 9200 + haproxy_elasticsearch_exposed_port: 19200 + haproxy_elasticsearch_ssl: + enabled: false + haproxy: + proxy: + listen: + elasticsearch: + mode: http + options: + - forwardfor + - httpchk + - httpclose + - httplog + balance: source + http_request: + - action: "add-header X-Forwarded-Proto https" + condition: "if { ssl_fc }" + binds: + - address: ${_param:haproxy_elasticsearch_bind_host} + port: ${_param:haproxy_elasticsearch_bind_port} + ssl: ${_param:haproxy_elasticsearch_ssl} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: ${_param:haproxy_elasticsearch_exposed_port} + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: ${_param:haproxy_elasticsearch_exposed_port} + params: backup check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: ${_param:haproxy_elasticsearch_exposed_port} + params: backup check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/oss/postgresql.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/oss/postgresql.yml new file mode 100644 index 000000000..1bc1f44c9 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/oss/postgresql.yml @@ -0,0 +1,32 @@ +parameters: + _param: + haproxy_postgresql_bind_host: ${_param:haproxy_bind_address} + haproxy_postgresql_bind_port: 5432 + haproxy_postgresql_exposed_port: 15432 + haproxy_postgresql_ssl: + enabled: false + haproxy: + proxy: + listen: + postgresql: + mode: tcp + balance: source + options: + - tcp-check + binds: + - address: ${_param:haproxy_postgresql_bind_host} + port: ${_param:haproxy_postgresql_bind_port} + ssl: ${_param:haproxy_postgresql_ssl} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: ${_param:haproxy_postgresql_exposed_port} + params: check port ${_param:haproxy_postgresql_exposed_port} + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: ${_param:haproxy_postgresql_exposed_port} + params: backup check port ${_param:haproxy_postgresql_exposed_port} + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: ${_param:haproxy_postgresql_exposed_port} + params: backup check port ${_param:haproxy_postgresql_exposed_port} diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/oss/pushkin.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/oss/pushkin.yml new file mode 100644 index 000000000..db33352ca --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/oss/pushkin.yml @@ -0,0 +1,37 @@ +parameters: + _param: + haproxy_pushkin_bind_host: ${_param:haproxy_bind_address} + haproxy_pushkin_bind_port: 8887 + haproxy_pushkin_exposed_port: 18887 + haproxy_pushkin_ssl: + enabled: false + haproxy: + proxy: + listen: + pushkin: + mode: http + options: + - httpchk GET /apps + balance: source + http_request: + - action: "add-header X-Forwarded-Proto https" + condition: "if { ssl_fc }" + sticks: + - http-check expect status 200 + binds: + - address: ${_param:haproxy_pushkin_bind_host} + port: ${_param:haproxy_pushkin_bind_port} + ssl: ${_param:haproxy_pushkin_ssl} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: ${_param:haproxy_pushkin_exposed_port} + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: ${_param:haproxy_pushkin_exposed_port} + params: backup check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: ${_param:haproxy_pushkin_exposed_port} + params: backup check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/oss/rundeck.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/oss/rundeck.yml new file mode 100644 index 000000000..fbabb381d --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/oss/rundeck.yml @@ -0,0 +1,37 @@ +parameters: + _param: + haproxy_rundeck_bind_host: ${_param:haproxy_bind_address} + haproxy_rundeck_bind_port: 4440 + haproxy_rundeck_ssl: + enabled: false + haproxy: + proxy: + listen: + rundeck: + mode: http + options: + - forwardfor + - httpchk + - httpclose + - httplog + balance: source + http_request: + - action: "add-header X-Forwarded-Proto https" + condition: "if { ssl_fc }" + binds: + - address: ${_param:haproxy_rundeck_bind_host} + port: ${_param:haproxy_rundeck_bind_port} + ssl: ${_param:haproxy_rundeck_ssl} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: 14440 + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: 14440 + params: backup check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: 14440 + params: backup check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/oss/security_monkey.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/oss/security_monkey.yml new file mode 100644 index 000000000..549869996 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/oss/security_monkey.yml @@ -0,0 +1,37 @@ +parameters: + _param: + haproxy_security_monkey_bind_host: ${_param:haproxy_bind_address} + haproxy_security_monkey_bind_port: 5001 + haproxy_security_monkey_exposed_port: 15001 + haproxy_security_monkey_ssl: + enabled: false + haproxy: + proxy: + listen: + security_monkey: + mode: http + options: + - httpchk GET / + balance: source + http_request: + - action: "add-header X-Forwarded-Proto https" + condition: "if { ssl_fc }" + sticks: + - http-check expect status 404 + binds: + - address: ${_param:haproxy_security_monkey_bind_host} + port: ${_param:haproxy_security_monkey_bind_port} + ssl: ${_param:haproxy_security_monkey_ssl} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: ${_param:haproxy_security_monkey_exposed_port} + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: ${_param:haproxy_security_monkey_exposed_port} + params: backup check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: ${_param:haproxy_security_monkey_exposed_port} + params: backup check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/phpldapadmin.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/phpldapadmin.yml new file mode 100644 index 000000000..b2b7f93da --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/phpldapadmin.yml @@ -0,0 +1,30 @@ +parameters: + _param: + haproxy_phpldapadmin_bind_host: ${_param:haproxy_bind_address} + haproxy_phpldapadmin_bind_port: 8089 + haproxy: + proxy: + listen: + phpldapadmin: + mode: http + options: + - forwardfor + - httpclose + - httplog + balance: source + binds: + - address: ${_param:haproxy_phpldapadmin_bind_host} + port: ${_param:haproxy_phpldapadmin_bind_port} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: 18089 + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: 18089 + params: backup check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: 18089 + params: backup check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/rabbitmq.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/rabbitmq.yml new file mode 100644 index 000000000..83992dd11 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/rabbitmq.yml @@ -0,0 +1,34 @@ +parameters: + haproxy: + proxy: + listen: + rabbitmq: + type: rabbitmq + service_name: rabbitmq + binds: + - address: ${_param:cluster_vip_address} + port: 5672 + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 5672 + params: check + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 5672 + params: backup check + rabbitmq_management: + type: rabbitmq + service_name: rabbitmq + binds: + - address: ${_param:cluster_vip_address} + port: 15672 + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 15672 + params: check + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 15672 + params: backup check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/radosgw.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/radosgw.yml new file mode 100644 index 000000000..369306ba4 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/radosgw.yml @@ -0,0 +1,26 @@ +parameters: + _param: + haproxy_radosgw_bind_port: 8080 + haproxy_radosgw_source_port: 8080 + haproxy: + proxy: + listen: + radosgw: + mode: tcp + balance: source + binds: + - address: ${_param:cluster_vip_address} + port: ${_param:haproxy_radosgw_bind_port} + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: ${_param:haproxy_radosgw_source_port} + params: check + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: ${_param:haproxy_radosgw_source_port} + params: backup check + - name: ${_param:cluster_node03_hostname} + host: ${_param:cluster_node03_address} + port: ${_param:haproxy_radosgw_source_port} + params: backup check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/redis.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/redis.yml new file mode 100644 index 000000000..fc4695337 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/redis.yml @@ -0,0 +1,20 @@ +parameters: + haproxy: + proxy: + listen: + redis: + mode: tcp + service_name: redis + balance: source + binds: + - address: ${_param:cluster_vip_address} + port: 6379 + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 6379 + params: check + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 6379 + params: backup check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/salt.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/salt.yml new file mode 100644 index 000000000..ba54c0740 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/salt.yml @@ -0,0 +1,31 @@ +parameters: + haproxy: + proxy: + listen: + salt: + mode: http + options: + - forwardfor + - httpchk + - httpclose + - httplog + balance: source + timeout: + server: 20m + client: 20m + binds: + - address: ${_param:haproxy_bind_address} + port: 8000 + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: 8000 + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: 8000 + params: backup check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: 8000 + params: backup check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/sensu.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/sensu.yml new file mode 100644 index 000000000..739916cf1 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/sensu.yml @@ -0,0 +1,24 @@ +parameters: + haproxy: + proxy: + listen: + sensu: + mode: http + options: + - forwardfor + - httpchk + - httpclose + - httplog + balance: source + binds: + - address: ${_param:cluster_vip_address} + port: 4567 + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 4567 + params: check + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 4567 + params: backup check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/elasticsearch.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/elasticsearch.yml new file mode 100644 index 000000000..531d647f0 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/elasticsearch.yml @@ -0,0 +1,28 @@ +parameters: + haproxy: + proxy: + listen: + elasticsearch: + mode: http + options: + - httplog + - http-keep-alive + - prefer-last-server + - dontlog-normal + balance: roundrobin + binds: + - address: ${_param:cluster_vip_address} + port: 9200 + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 9200 + params: 'check inter 10s fastinter 2s downinter 3s rise 3 fall 3' + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 9200 + params: 'check inter 10s fastinter 2s downinter 3s rise 3 fall 3' + - name: ${_param:cluster_node03_hostname} + host: ${_param:cluster_node03_address} + port: 9200 + params: 'check inter 10s fastinter 2s downinter 3s rise 3 fall 3' diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/grafana.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/grafana.yml new file mode 100644 index 000000000..3f59ce268 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/grafana.yml @@ -0,0 +1,26 @@ +parameters: + haproxy: + proxy: + listen: + grafana: + mode: http + options: + - httplog + - dontlog-normal + balance: source + binds: + - address: ${_param:cluster_vip_address} + port: ${_param:cluster_grafana_port} + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 3000 + params: 'check' + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 3000 + params: 'check' + - name: ${_param:cluster_node03_hostname} + host: ${_param:cluster_node03_address} + port: 3000 + params: 'check' diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/influxdb.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/influxdb.yml new file mode 100644 index 000000000..02e25d7b2 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/influxdb.yml @@ -0,0 +1,28 @@ +parameters: + _param: + cluster_influxdb_port: ${_param:influxdb_port} + haproxy: + proxy: + listen: + influxdb: + mode: http + options: + - "httpchk GET /ping" + - httplog + - dontlog-normal + binds: + - address: ${_param:cluster_vip_address} + port: ${_param:cluster_influxdb_port} + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 8086 + params: 'check' + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 8086 + params: 'backup check' + - name: ${_param:cluster_node03_hostname} + host: ${_param:cluster_node03_address} + port: 8086 + params: 'backup check' diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/kibana.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/kibana.yml new file mode 100644 index 000000000..e92e38a43 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/kibana.yml @@ -0,0 +1,28 @@ +parameters: + haproxy: + proxy: + listen: + kibana: + mode: http + options: + - httplog + - http-keep-alive + - prefer-last-server + - dontlog-normal + balance: roundrobin + binds: + - address: ${_param:cluster_vip_address} + port: 5601 + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 5601 + params: 'check inter 10s fastinter 2s downinter 3s rise 3 fall 3' + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 5601 + params: 'check inter 10s fastinter 2s downinter 3s rise 3 fall 3' + - name: ${_param:cluster_node03_hostname} + host: ${_param:cluster_node03_address} + port: 5601 + params: 'check inter 10s fastinter 2s downinter 3s rise 3 fall 3' diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/redis.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/redis.yml new file mode 100644 index 000000000..881e8ed9a --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/redis.yml @@ -0,0 +1,32 @@ +parameters: + haproxy: + proxy: + listen: + redis: + mode: tcp + check: False + health-check: + tcp: + options: + - send PING\r\n + - expect string +PONG + - send info\ replication\r\n + - expect string role:master + - send QUIT\r\n + - expect string +OK + binds: + - address: ${_param:cluster_vip_address} + port: ${_param:cluster_redis_port} + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 6379 + params: 'check' + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 6379 + params: 'check' + - name: ${_param:cluster_node03_hostname} + host: ${_param:cluster_node03_address} + port: 6379 + params: 'check' diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/sensu.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/sensu.yml new file mode 100644 index 000000000..33ab5bcd4 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/sensu.yml @@ -0,0 +1,28 @@ +parameters: + haproxy: + proxy: + listen: + sensu: + mode: http + options: + - forwardfor + - httpchk + - httpclose + - httplog + balance: source + binds: + - address: ${_param:cluster_vip_address} + port: 4567 + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 4567 + params: check + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 4567 + params: check + - name: ${_param:cluster_node03_hostname} + host: ${_param:cluster_node03_address} + port: 4567 + params: check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/uchiwa.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/uchiwa.yml new file mode 100644 index 000000000..3bec0e82b --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/stacklight/uchiwa.yml @@ -0,0 +1,29 @@ +parameters: + haproxy: + proxy: + listen: + uchiwa: + mode: http + options: + - forwardfor + - httpchk + - httpclose + - httplog + balance: source + binds: + - address: ${_param:cluster_vip_address} + port: 3001 + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 3001 + params: check + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 3001 + params: check + - name: ${_param:cluster_node03_hostname} + host: ${_param:cluster_node03_address} + port: 3001 + params: check + diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/stats.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/stats.yml new file mode 100644 index 000000000..1d093f17b --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/stats.yml @@ -0,0 +1,12 @@ +parameters: + _param: + haproxy_stats_port: 9600 + haproxy: + proxy: + listen: + stats: + type: stats + check: false + binds: + - address: ${_param:haproxy_bind_address} + port: ${_param:haproxy_stats_port} diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/uchiwa.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/uchiwa.yml new file mode 100644 index 000000000..1f25bc49c --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/uchiwa.yml @@ -0,0 +1,24 @@ +parameters: + haproxy: + proxy: + listen: + uchiwa: + mode: http + options: + - forwardfor + - httpchk + - httpclose + - httplog + balance: source + binds: + - address: ${_param:cluster_vip_address} + port: 80 + servers: + - name: ${_param:cluster_node01_hostname} + host: ${_param:cluster_node01_address} + port: 3000 + params: check + - name: ${_param:cluster_node02_hostname} + host: ${_param:cluster_node02_address} + port: 3000 + params: check diff --git a/mcp/reclass/classes/system/haproxy/proxy/single.yml b/mcp/reclass/classes/system/haproxy/proxy/single.yml new file mode 100644 index 000000000..dc9c6685a --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/single.yml @@ -0,0 +1,4 @@ +parameters: + haproxy: + proxy: + enabled: true diff --git a/mcp/reclass/classes/system/heat/client/init.yml b/mcp/reclass/classes/system/heat/client/init.yml new file mode 100644 index 000000000..cb3ce4fcc --- /dev/null +++ b/mcp/reclass/classes/system/heat/client/init.yml @@ -0,0 +1,10 @@ +parameters: + _param: + heat_data_revision: master + heat: + client: + enabled: true + source: + engine: git + address: ${_param:heat_data_repository} + revision: ${_param:heat_data_revision} diff --git a/mcp/reclass/classes/system/heat/server/cluster.yml b/mcp/reclass/classes/system/heat/server/cluster.yml new file mode 100644 index 000000000..ee5df3361 --- /dev/null +++ b/mcp/reclass/classes/system/heat/server/cluster.yml @@ -0,0 +1,60 @@ +classes: +- service.heat.server.cluster +- service.haproxy.proxy.single +- service.keepalived.cluster.single +- system.haproxy.proxy.listen.openstack.heat +parameters: + _param: + cluster_public_protocol: https + heat: + server: + stack_domain_admin: + name: heat_domain_admin + password: ${_param:heat_domain_admin_password} + domain: heat + enabled: true + region: ${_param:openstack_region} + version: ${_param:heat_version} + bind: + api_cfn: + address: ${_param:cluster_local_address} + api_cloudwatch: + address: ${_param:cluster_local_address} + api: + address: ${_param:cluster_local_address} + database: + engine: mysql + host: ${_param:openstack_database_address} + port: 3306 + name: heat + user: heat + password: ${_param:mysql_heat_password} + metadata: + host: ${_param:cluster_public_host} + port: 8000 + protocol: ${_param:cluster_public_protocol} + waitcondition: + host: ${_param:cluster_public_host} + port: 8000 + protocol: ${_param:cluster_public_protocol} + watch: + host: ${_param:cluster_public_host} + port: 8003 + protocol: ${_param:cluster_public_protocol} + identity: + engine: keystone + host: ${_param:cluster_vip_address} + port: 35357 + tenant: service + user: heat + password: ${_param:keystone_heat_password} + message_queue: + engine: rabbitmq + port: 5672 + user: openstack + password: ${_param:rabbitmq_openstack_password} + virtual_host: '/openstack' + members: + - host: ${_param:openstack_message_queue_node01_address} + - host: ${_param:openstack_message_queue_node02_address} + - host: ${_param:openstack_message_queue_node03_address} diff --git a/mcp/reclass/classes/system/heat/server/notification/cadf.yml b/mcp/reclass/classes/system/heat/server/notification/cadf.yml new file mode 100644 index 000000000..352e93654 --- /dev/null +++ b/mcp/reclass/classes/system/heat/server/notification/cadf.yml @@ -0,0 +1,5 @@ +parameters: + heat: + server: + audit: + enabled: true diff --git a/mcp/reclass/classes/system/heat/server/notification/messagingv2.yml b/mcp/reclass/classes/system/heat/server/notification/messagingv2.yml new file mode 100644 index 000000000..eff514123 --- /dev/null +++ b/mcp/reclass/classes/system/heat/server/notification/messagingv2.yml @@ -0,0 +1,6 @@ +parameters: + heat: + server: + notification: + driver: messagingv2 + topics: "${_param:openstack_notification_topics}" diff --git a/mcp/reclass/classes/system/heat/server/resource/contrail.yml b/mcp/reclass/classes/system/heat/server/resource/contrail.yml new file mode 100644 index 000000000..0b4cc56de --- /dev/null +++ b/mcp/reclass/classes/system/heat/server/resource/contrail.yml @@ -0,0 +1,11 @@ +parameters: + linux: + system: + package: + contrail-heat: + version: latest + heat: + server: + dir: + plugins: + - /usr/lib/python2.7/dist-packages/vnc_api/gen/heat/resources diff --git a/mcp/reclass/classes/system/heat/server/resource/salt.yml b/mcp/reclass/classes/system/heat/server/resource/salt.yml new file mode 100644 index 000000000..a371a3854 --- /dev/null +++ b/mcp/reclass/classes/system/heat/server/resource/salt.yml @@ -0,0 +1,11 @@ +parameters: + linux: + system: + package: + python-heat-salt: + version: latest + heat: + server: + dir: + plugins: + - /usr/lib/python2.7/dist-packages/heat_salt/resources diff --git a/mcp/reclass/classes/system/heat/server/single.yml b/mcp/reclass/classes/system/heat/server/single.yml new file mode 100644 index 000000000..d09760557 --- /dev/null +++ b/mcp/reclass/classes/system/heat/server/single.yml @@ -0,0 +1,9 @@ +classes: +- service.heat.server.single +parameters: + heat: + server: + stack_domain_admin: + name: heat_domain_admin + password: ${_param:heat_domain_admin_password} + domain: heat diff --git a/mcp/reclass/classes/system/horizon/server/cluster.yml b/mcp/reclass/classes/system/horizon/server/cluster.yml new file mode 100644 index 000000000..8ee48a3ca --- /dev/null +++ b/mcp/reclass/classes/system/horizon/server/cluster.yml @@ -0,0 +1,16 @@ +classes: +- service.keepalived.cluster.single +- service.horizon.server.cluster +- service.haproxy.proxy.single +- system.haproxy.proxy.listen.openstack.horizon +- system.memcached.server.single +parameters: + _param: + horizon_site_branding: "OpenStack Dashboard" + horizon: + server: + branding: ${_param:horizon_site_branding} + plugin: {} + session: + engine: "cache" + diff --git a/mcp/reclass/classes/system/horizon/server/plugin/api_mask.yml b/mcp/reclass/classes/system/horizon/server/plugin/api_mask.yml new file mode 100644 index 000000000..5ef5f5a20 --- /dev/null +++ b/mcp/reclass/classes/system/horizon/server/plugin/api_mask.yml @@ -0,0 +1,10 @@ +parameters: + horizon: + server: + plugin: + api_mask: + app: api_mask + mask_url: ${_param:horizon_api_mask_url} + source: + engine: pkg + name: openstack-dashboard-api-mask diff --git a/mcp/reclass/classes/system/horizon/server/plugin/billing.yml b/mcp/reclass/classes/system/horizon/server/plugin/billing.yml new file mode 100644 index 000000000..9fdefdeb0 --- /dev/null +++ b/mcp/reclass/classes/system/horizon/server/plugin/billing.yml @@ -0,0 +1,23 @@ +parameters: + _param: + openstack_billing_currency: EUR + openstack_billing_allocation: False + openstack_billing_resource_types: [] + horizon: + server: + plugin: + billing: + metric: + engine: graphite + host: ${_param:openstack_billing_address} + port: 80 + config: + currency: ${_param:openstack_billing_currency} + allocation: ${_param:openstack_billing_allocation} + extra_resource_types: ${_param:openstack_billing_resource_types} + source: + engine: pkg + name: openstack-dashboard-billing + horizon_overrides: + overrides: + - horizon_billing diff --git a/mcp/reclass/classes/system/horizon/server/plugin/contrail.yml b/mcp/reclass/classes/system/horizon/server/plugin/contrail.yml new file mode 100644 index 000000000..669dbb6bb --- /dev/null +++ b/mcp/reclass/classes/system/horizon/server/plugin/contrail.yml @@ -0,0 +1,11 @@ +parameters: + horizon: + server: + plugin: + contrail: + source: + engine: pkg + name: openstack-dashboard-contrail-panels + horizon_overrides: + overrides: + - contrail_openstack_dashboard diff --git a/mcp/reclass/classes/system/horizon/server/plugin/heat.yml b/mcp/reclass/classes/system/horizon/server/plugin/heat.yml new file mode 100644 index 000000000..9e7048099 --- /dev/null +++ b/mcp/reclass/classes/system/horizon/server/plugin/heat.yml @@ -0,0 +1,11 @@ +parameters: + horizon: + server: + plugin: + heat: + source: + engine: pkg + name: openstack-dashboard-heat-server-templates + horizon_overrides: + overrides: + - heat_server_templates diff --git a/mcp/reclass/classes/system/horizon/server/plugin/jenkins.yml b/mcp/reclass/classes/system/horizon/server/plugin/jenkins.yml new file mode 100644 index 000000000..04c490160 --- /dev/null +++ b/mcp/reclass/classes/system/horizon/server/plugin/jenkins.yml @@ -0,0 +1,15 @@ +parameters: + _param: + horizon_jenkins_url: http://localhost:8080/ + horizon_jenkins_user: admin + horizon: + server: + jenkins_api: + url: ${_param:horizon_jenkins_url} + user: ${_param:horizon_jenkins_user} + password: ${_param:horizon_jenkins_password} + plugin: + jenkins: + source: + engine: pkg + name: openstack-dashboard-jenkins diff --git a/mcp/reclass/classes/system/horizon/server/plugin/monitoring.yml b/mcp/reclass/classes/system/horizon/server/plugin/monitoring.yml new file mode 100644 index 000000000..66add9400 --- /dev/null +++ b/mcp/reclass/classes/system/horizon/server/plugin/monitoring.yml @@ -0,0 +1,9 @@ +parameters: + horizon: + server: + plugin: + monitoring: + app: horizon_monitoring + source: + engine: pkg + name: openstack-dashboard-sensu diff --git a/mcp/reclass/classes/system/horizon/server/plugin/overrides.yml b/mcp/reclass/classes/system/horizon/server/plugin/overrides.yml new file mode 100644 index 000000000..edf60b3f3 --- /dev/null +++ b/mcp/reclass/classes/system/horizon/server/plugin/overrides.yml @@ -0,0 +1,10 @@ +parameters: + horizon: + server: + plugin: + horizon_overrides: + override: true + app: horizon_overrides + source: + engine: pkg + name: python-horizon-overrides-plugin diff --git a/mcp/reclass/classes/system/horizon/server/plugin/telemetry.yml b/mcp/reclass/classes/system/horizon/server/plugin/telemetry.yml new file mode 100644 index 000000000..a9441118e --- /dev/null +++ b/mcp/reclass/classes/system/horizon/server/plugin/telemetry.yml @@ -0,0 +1,21 @@ +parameters: + _param: + horizon_telemetry_engine: graphite + horizon_telemetry_host: 127.0.0.1 + horizon_telemetry_port: 80 + horizon_telemetry_control_nodes: {} + horizon: + server: + control_nodes: ${_param:horizon_telemetry_control_nodes} + plugin: + telemetry: + metric: + engine: ${_param:horizon_telemetry_engine} + host: ${_param:horizon_telemetry_host} + port: ${_param:horizon_telemetry_port} + source: + engine: pkg + name: openstack-dashboard-telemetry + horizon_overrides: + overrides: + - horizon_telemetry diff --git a/mcp/reclass/classes/system/horizon/server/plugin/theme.yml b/mcp/reclass/classes/system/horizon/server/plugin/theme.yml new file mode 100644 index 000000000..85475d754 --- /dev/null +++ b/mcp/reclass/classes/system/horizon/server/plugin/theme.yml @@ -0,0 +1,12 @@ +parameters: + _param: + horizon_dashboard_theme: mirantis + horizon: + server: + plugin: + horizon_theme: + app: horizon_theme + theme_name: ${_param:horizon_dashboard_theme} + source: + engine: pkg + name: openstack-dashboard-${_param:horizon_dashboard_theme}-theme diff --git a/mcp/reclass/classes/system/horizon/server/single.yml b/mcp/reclass/classes/system/horizon/server/single.yml new file mode 100644 index 000000000..2b59f5218 --- /dev/null +++ b/mcp/reclass/classes/system/horizon/server/single.yml @@ -0,0 +1,16 @@ +classes: +- service.horizon.server.single +- system.memcached.server.single +parameters: + _param: + horizon_site_branding: "OpenStack Dashboard" + horizon: + server: + branding: ${_param:horizon_site_branding} + bind: + address: 0.0.0.0 + port: 8078 + plugin: {} + session: + engine: "cache" + diff --git a/mcp/reclass/classes/system/keepalived/cluster/instance/cicd_control_vip.yml b/mcp/reclass/classes/system/keepalived/cluster/instance/cicd_control_vip.yml new file mode 100644 index 000000000..ab7f413fc --- /dev/null +++ b/mcp/reclass/classes/system/keepalived/cluster/instance/cicd_control_vip.yml @@ -0,0 +1,15 @@ +applications: + - keepalived +classes: + - service.keepalived.support +parameters: + keepalived: + cluster: + enabled: true + instance: + cicd_control_vip: + address: ${_param:cluster_vip_address} + password: ${_param:keepalived_vip_password} + interface: ${_param:keepalived_vip_interface} + virtual_router_id: ${_param:keepalived_vip_virtual_router_id} + priority: ${_param:keepalived_vip_priority} diff --git a/mcp/reclass/classes/system/keepalived/cluster/instance/openstack_telemetry_vip.yml b/mcp/reclass/classes/system/keepalived/cluster/instance/openstack_telemetry_vip.yml new file mode 100644 index 000000000..91155e74f --- /dev/null +++ b/mcp/reclass/classes/system/keepalived/cluster/instance/openstack_telemetry_vip.yml @@ -0,0 +1,19 @@ +applications: +- keepalived +classes: +- service.keepalived.support +parameters: + _param: + keepalived_openstack_telemetry_vip_address: ${_param:cluster_vip_address} + keepalived_openstack_telemetry_vip_password: password + keepalived_openstack_telemetry_vip_interface: eth1 + keepalived: + cluster: + enabled: true + instance: + openstack_telemetry_vip: + address: ${_param:keepalived_openstack_telemetry_vip_address} + password: ${_param:keepalived_openstack_telemetry_vip_password} + interface: ${_param:keepalived_openstack_telemetry_vip_interface} + virtual_router_id: 230 + priority: 101 diff --git a/mcp/reclass/classes/system/keepalived/cluster/instance/openstack_web_public_vip.yml b/mcp/reclass/classes/system/keepalived/cluster/instance/openstack_web_public_vip.yml new file mode 100644 index 000000000..8279b65a5 --- /dev/null +++ b/mcp/reclass/classes/system/keepalived/cluster/instance/openstack_web_public_vip.yml @@ -0,0 +1,19 @@ +applications: +- keepalived +classes: +- service.keepalived.support +parameters: + _param: + keepalived_openstack_web_public_vip_address: ${_param:cluster_vip_address} + keepalived_openstack_web_public_vip_password: password + keepalived_openstack_web_public_vip_interface: eth1 + keepalived: + cluster: + enabled: true + instance: + openstack_web_public_vip: + address: ${_param:keepalived_openstack_web_public_vip_address} + password: ${_param:keepalived_openstack_web_public_vip_password} + interface: ${_param:keepalived_openstack_web_public_vip_interface} + virtual_router_id: 132 + priority: ${_param:keepalived_vip_priority} diff --git a/mcp/reclass/classes/system/keepalived/cluster/instance/prometheus_server_vip.yml b/mcp/reclass/classes/system/keepalived/cluster/instance/prometheus_server_vip.yml new file mode 100644 index 000000000..7bde70258 --- /dev/null +++ b/mcp/reclass/classes/system/keepalived/cluster/instance/prometheus_server_vip.yml @@ -0,0 +1,18 @@ +applications: +- keepalived +classes: +- service.keepalived.support +parameters: + _param: + keepalived_vip_priority: 101 + keepalived: + cluster: + enabled: true + instance: + prometheus_server_vip: + address: ${_param:keepalived_prometheus_vip_address} + password: ${_param:keepalived_prometheus_vip_password} + interface: ${_param:keepalived_prometheus_vip_interface} + virtual_router_id: 105 + priority: ${_param:keepalived_vip_priority} + diff --git a/mcp/reclass/classes/system/keepalived/cluster/instance/stacklight_log_vip.yml b/mcp/reclass/classes/system/keepalived/cluster/instance/stacklight_log_vip.yml new file mode 100644 index 000000000..caa67548c --- /dev/null +++ b/mcp/reclass/classes/system/keepalived/cluster/instance/stacklight_log_vip.yml @@ -0,0 +1,15 @@ +applications: +- keepalived +classes: +- service.keepalived.support +parameters: + keepalived: + cluster: + enabled: true + instance: + stacklight_log_vip: + address: ${_param:keepalived_stacklight_log_vip_address} + password: ${_param:keepalived_stacklight_log_vip_password} + interface: ${_param:keepalived_stacklight_log_vip_interface} + virtual_router_id: 110 + priority: 101 diff --git a/mcp/reclass/classes/system/keepalived/cluster/instance/stacklight_monitor_vip.yml b/mcp/reclass/classes/system/keepalived/cluster/instance/stacklight_monitor_vip.yml new file mode 100644 index 000000000..28a6b6923 --- /dev/null +++ b/mcp/reclass/classes/system/keepalived/cluster/instance/stacklight_monitor_vip.yml @@ -0,0 +1,15 @@ +applications: +- keepalived +classes: +- service.keepalived.support +parameters: + keepalived: + cluster: + enabled: true + instance: + stacklight_monitor_vip: + address: ${_param:keepalived_stacklight_monitor_vip_address} + password: ${_param:keepalived_stacklight_monitor_vip_password} + interface: ${_param:keepalived_stacklight_monitor_vip_interface} + virtual_router_id: 100 + priority: 101 diff --git a/mcp/reclass/classes/system/keepalived/cluster/instance/stacklight_telemetry_vip.yml b/mcp/reclass/classes/system/keepalived/cluster/instance/stacklight_telemetry_vip.yml new file mode 100644 index 000000000..e7d31a50a --- /dev/null +++ b/mcp/reclass/classes/system/keepalived/cluster/instance/stacklight_telemetry_vip.yml @@ -0,0 +1,15 @@ +applications: +- keepalived +classes: +- service.keepalived.support +parameters: + keepalived: + cluster: + enabled: true + instance: + stacklight_telemetry_vip: + address: ${_param:keepalived_stacklight_telemetry_vip_address} + password: ${_param:keepalived_stacklight_telemetry_vip_password} + interface: ${_param:keepalived_stacklight_telemetry_vip_interface} + virtual_router_id: 120 + priority: 101 diff --git a/mcp/reclass/classes/system/keystone/client/service/aodh.yml b/mcp/reclass/classes/system/keystone/client/service/aodh.yml new file mode 100644 index 000000000..51de0ca89 --- /dev/null +++ b/mcp/reclass/classes/system/keystone/client/service/aodh.yml @@ -0,0 +1,30 @@ +parameters: + _param: + cluster_public_protocol: https + keystone: + client: + server: + identity: + project: + service: + user: + aodh: + is_admin: true + password: ${_param:keystone_aodh_password} + email: ${_param:admin_email} + service: + aodh: + type: alarming + description: OpenStack Alarming Service + endpoints: + - region: ${_param:openstack_region} + public_address: ${_param:cluster_public_host} + public_protocol: ${_param:cluster_public_protocol} + public_port: 8042 + public_path: '/' + internal_address: ${_param:aodh_service_host} + internal_port: 8042 + internal_path: '/' + admin_address: ${_param:aodh_service_host} + admin_port: 8042 + admin_path: '/' diff --git a/mcp/reclass/classes/system/keystone/client/service/billometer.yml b/mcp/reclass/classes/system/keystone/client/service/billometer.yml new file mode 100644 index 000000000..3728aa54c --- /dev/null +++ b/mcp/reclass/classes/system/keystone/client/service/billometer.yml @@ -0,0 +1,30 @@ +parameters: + _param: + cluster_public_protocol: https + keystone: + client: + server: + identity: + project: + service: + user: + billometer: + is_admin: true + password: ${_param:keystone_billometer_password} + email: ${_param:admin_email} + service: + billometer: + type: billing + description: OpenStack Billing Service + endpoints: + - region: ${_param:openstack_region} + public_address: ${_param:cluster_public_host} + public_protocol: ${_param:cluster_public_protocol} + public_port: 9753 + public_path: '/v1' + internal_address: ${_param:billometer_service_host} + internal_port: 9753 + internal_path: '/v1' + admin_address: ${_param:billometer_service_host} + admin_port: 9753 + admin_path: '/v1' diff --git a/mcp/reclass/classes/system/keystone/client/service/ceilometer.yml b/mcp/reclass/classes/system/keystone/client/service/ceilometer.yml new file mode 100644 index 000000000..4c59f80f3 --- /dev/null +++ b/mcp/reclass/classes/system/keystone/client/service/ceilometer.yml @@ -0,0 +1,30 @@ +parameters: + _param: + cluster_public_protocol: https + keystone: + client: + server: + identity: + project: + service: + user: + ceilometer: + is_admin: true + password: ${_param:keystone_ceilometer_password} + email: ${_param:admin_email} + service: + ceilometer: + type: metering + description: OpenStack Telemetry Service + endpoints: + - region: ${_param:openstack_region} + public_address: ${_param:cluster_public_host} + public_protocol: ${_param:cluster_public_protocol} + public_port: 8777 + public_path: '/' + internal_address: ${_param:ceilometer_service_host} + internal_port: 8777 + internal_path: '/' + admin_address: ${_param:ceilometer_service_host} + admin_port: 8777 + admin_path: '/' diff --git a/mcp/reclass/classes/system/keystone/client/service/cinder.yml b/mcp/reclass/classes/system/keystone/client/service/cinder.yml new file mode 100644 index 000000000..ffb55102a --- /dev/null +++ b/mcp/reclass/classes/system/keystone/client/service/cinder.yml @@ -0,0 +1,30 @@ +parameters: + _param: + cluster_public_protocol: https + keystone: + client: + server: + identity: + project: + service: + user: + cinder: + is_admin: true + password: ${_param:keystone_cinder_password} + email: ${_param:admin_email} + service: + cinder: + type: volume + description: OpenStack Volume Service + endpoints: + - region: ${_param:openstack_region} + public_address: ${_param:cluster_public_host} + public_protocol: ${_param:cluster_public_protocol} + public_port: 8776 + public_path: '/v1/$(project_id)s' + internal_address: ${_param:cinder_service_host} + internal_port: 8776 + internal_path: '/v1/$(project_id)s' + admin_address: ${_param:cinder_service_host} + admin_port: 8776 + admin_path: '/v1/$(project_id)s' diff --git a/mcp/reclass/classes/system/keystone/client/service/cinder2.yml b/mcp/reclass/classes/system/keystone/client/service/cinder2.yml new file mode 100644 index 000000000..e0e2636c5 --- /dev/null +++ b/mcp/reclass/classes/system/keystone/client/service/cinder2.yml @@ -0,0 +1,30 @@ +parameters: + _param: + cluster_public_protocol: https + keystone: + client: + server: + identity: + project: + service: + user: + cinder: + is_admin: true + password: ${_param:keystone_cinder_password} + email: ${_param:admin_email} + service: + cinderv2: + type: volumev2 + description: OpenStack Volume Service v2 + endpoints: + - region: ${_param:openstack_region} + public_address: ${_param:cluster_public_host} + public_protocol: ${_param:cluster_public_protocol} + public_port: 8776 + public_path: '/v2/$(project_id)s' + internal_address: ${_param:cinder_service_host} + internal_port: 8776 + internal_path: '/v2/$(project_id)s' + admin_address: ${_param:cinder_service_host} + admin_port: 8776 + admin_path: '/v2/$(project_id)s' diff --git a/mcp/reclass/classes/system/keystone/client/service/cinder3.yml b/mcp/reclass/classes/system/keystone/client/service/cinder3.yml new file mode 100644 index 000000000..43a805cf3 --- /dev/null +++ b/mcp/reclass/classes/system/keystone/client/service/cinder3.yml @@ -0,0 +1,31 @@ +parameters: + _param: + cluster_public_protocol: https + keystone: + client: + server: + identity: + project: + service: + user: + cinder: + is_admin: true + password: ${_param:keystone_cinder_password} + email: ${_param:admin_email} + service: + cinderv3: + type: volumev3 + description: OpenStack Volume Service v3 + endpoints: + - region: ${_param:openstack_region} + public_address: ${_param:cluster_public_host} + public_protocol: ${_param:cluster_public_protocol} + public_port: 8776 + public_path: '/v3/$(project_id)s' + internal_address: ${_param:cinder_service_host} + internal_port: 8776 + internal_path: '/v3/$(project_id)s' + admin_address: ${_param:cinder_service_host} + admin_port: 8776 + admin_path: '/v3/$(project_id)s' + diff --git a/mcp/reclass/classes/system/keystone/client/service/designate.yml b/mcp/reclass/classes/system/keystone/client/service/designate.yml new file mode 100644 index 000000000..4018712c7 --- /dev/null +++ b/mcp/reclass/classes/system/keystone/client/service/designate.yml @@ -0,0 +1,30 @@ +parameters: + _param: + cluster_public_protocol: https + keystone: + client: + server: + identity: + project: + service: + user: + designate: + is_admin: true + password: ${_param:keystone_designate_password} + email: ${_param:admin_email} + service: + designate: + type: dns + description: OpenStack DNS service + endpoints: + - region: ${_param:openstack_region} + public_address: ${_param:cluster_public_host} + public_protocol: ${_param:cluster_public_protocol} + public_port: 9001 + public_path: '/' + internal_address: ${_param:designate_service_host} + internal_port: 9001 + internal_path: '/' + admin_address: ${_param:designate_service_host} + admin_port: 9001 + admin_path: '/' diff --git a/mcp/reclass/classes/system/keystone/client/service/glance.yml b/mcp/reclass/classes/system/keystone/client/service/glance.yml new file mode 100644 index 000000000..365917b9f --- /dev/null +++ b/mcp/reclass/classes/system/keystone/client/service/glance.yml @@ -0,0 +1,30 @@ +parameters: + _param: + cluster_public_protocol: https + keystone: + client: + server: + identity: + project: + service: + user: + glance: + is_admin: true + password: ${_param:keystone_glance_password} + email: ${_param:admin_email} + service: + glance: + type: image + description: OpenStack Image Service + endpoints: + - region: ${_param:openstack_region} + public_address: ${_param:cluster_public_host} + public_protocol: ${_param:cluster_public_protocol} + public_port: 9292 + public_path: '' + internal_address: ${_param:glance_service_host} + internal_port: 9292 + internal_path: '' + admin_address: ${_param:glance_service_host} + admin_port: 9292 + admin_path: '' diff --git a/mcp/reclass/classes/system/keystone/client/service/glare.yml b/mcp/reclass/classes/system/keystone/client/service/glare.yml new file mode 100644 index 000000000..78c7d1f8d --- /dev/null +++ b/mcp/reclass/classes/system/keystone/client/service/glare.yml @@ -0,0 +1,31 @@ +parameters: + _param: + cluster_public_protocol: https + keystone: + client: + server: + identity: + project: + service: + user: + glance: + is_admin: true + password: ${_param:keystone_glance_password} + email: ${_param:admin_email} + service: + glare: + type: artifact + description: OpenStack Image Artifact Service + endpoints: + - region: ${_param:openstack_region} + public_address: ${_param:cluster_public_host} + public_protocol: ${_param:cluster_public_protocol} + public_port: 9494 + public_path: '' + internal_address: ${_param:glance_service_host} + internal_port: 9494 + internal_path: '' + admin_address: ${_param:glance_service_host} + admin_port: 9494 + admin_path: '' + diff --git a/mcp/reclass/classes/system/keystone/client/service/heat-cfn.yml b/mcp/reclass/classes/system/keystone/client/service/heat-cfn.yml new file mode 100644 index 000000000..343ff461d --- /dev/null +++ b/mcp/reclass/classes/system/keystone/client/service/heat-cfn.yml @@ -0,0 +1,23 @@ +parameters: + _param: + cluster_public_protocol: https + keystone: + client: + server: + identity: + service: + heat-cfn: + type: cloudformation + description: OpenStack CloudFormation Service + endpoints: + - region: ${_param:openstack_region} + public_address: ${_param:cluster_public_host} + public_protocol: ${_param:cluster_public_protocol} + public_port: 8000 + public_path: '/v1' + internal_address: ${_param:heat_service_host} + internal_port: 8000 + internal_path: '/v1' + admin_address: ${_param:heat_service_host} + admin_port: 8000 + admin_path: '/v1' diff --git a/mcp/reclass/classes/system/keystone/client/service/heat.yml b/mcp/reclass/classes/system/keystone/client/service/heat.yml new file mode 100644 index 000000000..d7eadd543 --- /dev/null +++ b/mcp/reclass/classes/system/keystone/client/service/heat.yml @@ -0,0 +1,33 @@ +parameters: + _param: + cluster_public_protocol: https + keystone: + client: + server: + identity: + roles: + - heat_stack_user + - heat_stack_owner + project: + service: + user: + heat: + is_admin: true + password: ${_param:keystone_heat_password} + email: ${_param:admin_email} + service: + heat: + type: orchestration + description: OpenStack Orchestration Service + endpoints: + - region: ${_param:openstack_region} + public_address: ${_param:cluster_public_host} + public_protocol: ${_param:cluster_public_protocol} + public_port: 8004 + public_path: '/v1/%(project_id)s' + internal_address: ${_param:heat_service_host} + internal_port: 8004 + internal_path: '/v1/%(project_id)s' + admin_address: ${_param:heat_service_host} + admin_port: 8004 + admin_path: '/v1/%(project_id)s' diff --git a/mcp/reclass/classes/system/keystone/client/service/keystone.yml b/mcp/reclass/classes/system/keystone/client/service/keystone.yml new file mode 100644 index 000000000..af3acfca2 --- /dev/null +++ b/mcp/reclass/classes/system/keystone/client/service/keystone.yml @@ -0,0 +1,23 @@ +parameters: + _param: + cluster_public_protocol: https + keystone: + client: + server: + identity: + service: + keystone: + type: identity + description: OpenStack Identity Service + endpoints: + - region: ${_param:openstack_region} + public_address: ${_param:cluster_public_host} + public_protocol: ${_param:cluster_public_protocol} + public_port: 5000 + public_path: '/v2.0' + internal_address: ${_param:keystone_service_host} + internal_port: 5000 + internal_path: '/v2.0' + admin_address: ${_param:keystone_service_host} + admin_port: 35357 + admin_path: '/v2.0' diff --git a/mcp/reclass/classes/system/keystone/client/service/keystone3.yml b/mcp/reclass/classes/system/keystone/client/service/keystone3.yml new file mode 100644 index 000000000..9dd9eef6e --- /dev/null +++ b/mcp/reclass/classes/system/keystone/client/service/keystone3.yml @@ -0,0 +1,23 @@ +parameters: + _param: + cluster_public_protocol: https + keystone: + client: + server: + identity: + service: + keystone3: + type: identity + description: OpenStack Identity Service v3 + endpoints: + - region: ${_param:openstack_region} + public_address: ${_param:cluster_public_host} + public_protocol: ${_param:cluster_public_protocol} + public_port: 5000 + public_path: '/v3' + internal_address: ${_param:keystone_service_host} + internal_port: 5000 + internal_path: '/v3' + admin_address: ${_param:keystone_service_host} + admin_port: 35357 + admin_path: '/v3' diff --git a/mcp/reclass/classes/system/keystone/client/service/murano.yml b/mcp/reclass/classes/system/keystone/client/service/murano.yml new file mode 100644 index 000000000..5e6503885 --- /dev/null +++ b/mcp/reclass/classes/system/keystone/client/service/murano.yml @@ -0,0 +1,30 @@ +parameters: + _param: + cluster_public_protocol: https + keystone: + client: + server: + identity: + project: + service: + user: + murano: + is_admin: true + password: ${_param:keystone_murano_password} + email: ${_param:admin_email} + service: + murano: + type: application-catalog + description: Application Catalog for OpenStack + endpoints: + - region: ${_param:openstack_region} + public_address: ${_param:cluster_public_host} + public_protocol: ${_param:cluster_public_protocol} + public_port: 8082 + public_path: '' + internal_address: ${_param:murano_service_host} + internal_port: 8082 + internal_path: '' + admin_address: ${_param:murano_service_host} + admin_port: 8082 + admin_path: '' diff --git a/mcp/reclass/classes/system/keystone/client/service/neutron.yml b/mcp/reclass/classes/system/keystone/client/service/neutron.yml new file mode 100644 index 000000000..12fe9fe17 --- /dev/null +++ b/mcp/reclass/classes/system/keystone/client/service/neutron.yml @@ -0,0 +1,30 @@ +parameters: + _param: + cluster_public_protocol: https + keystone: + client: + server: + identity: + project: + service: + user: + neutron: + is_admin: true + password: ${_param:keystone_neutron_password} + email: ${_param:admin_email} + service: + neutron: + type: network + description: OpenStack Networking Service + endpoints: + - region: ${_param:openstack_region} + public_address: ${_param:cluster_public_host} + public_protocol: ${_param:cluster_public_protocol} + public_port: 9696 + public_path: '/' + internal_address: ${_param:neutron_service_host} + internal_port: 9696 + internal_path: '/' + admin_address: ${_param:neutron_service_host} + admin_port: 9696 + admin_path: '/' diff --git a/mcp/reclass/classes/system/keystone/client/service/nova-ec2.yml b/mcp/reclass/classes/system/keystone/client/service/nova-ec2.yml new file mode 100644 index 000000000..586701cb0 --- /dev/null +++ b/mcp/reclass/classes/system/keystone/client/service/nova-ec2.yml @@ -0,0 +1,23 @@ +parameters: + _param: + cluster_public_protocol: https + keystone: + client: + server: + identity: + service: + nova-ec2: + type: ec2 + description: OpenStack EC2 Service + endpoints: + - region: ${_param:openstack_region} + public_address: ${_param:cluster_public_host} + public_protocol: ${_param:cluster_public_protocol} + public_port: 8773 + public_path: '/services/Cloud' + internal_address: ${_param:nova_service_host} + internal_port: 8773 + internal_path: '/services/Cloud' + admin_address: ${_param:nova_service_host} + admin_port: 8773 + admin_path: '/services/Admin' diff --git a/mcp/reclass/classes/system/keystone/client/service/nova-placement.yml b/mcp/reclass/classes/system/keystone/client/service/nova-placement.yml new file mode 100644 index 000000000..61b54550d --- /dev/null +++ b/mcp/reclass/classes/system/keystone/client/service/nova-placement.yml @@ -0,0 +1,23 @@ +parameters: + _param: + cluster_public_protocol: https + keystone: + client: + server: + identity: + service: + placement: + type: placement + description: OpenStack Placement API + endpoints: + - region: ${_param:openstack_region} + public_address: ${_param:cluster_public_host} + public_protocol: ${_param:cluster_public_protocol} + public_port: '8778' + public_path: '' + internal_address: ${_param:nova_service_host} + internal_port: '8778' + internal_path: '' + admin_address: ${_param:nova_service_host} + admin_port: '8778' + admin_path: '' diff --git a/mcp/reclass/classes/system/keystone/client/service/nova.yml b/mcp/reclass/classes/system/keystone/client/service/nova.yml new file mode 100644 index 000000000..a0d698ba7 --- /dev/null +++ b/mcp/reclass/classes/system/keystone/client/service/nova.yml @@ -0,0 +1,30 @@ +parameters: + _param: + cluster_public_protocol: https + keystone: + client: + server: + identity: + project: + service: + user: + nova: + is_admin: true + password: ${_param:keystone_nova_password} + email: ${_param:admin_email} + service: + nova: + type: compute + description: OpenStack Compute Service + endpoints: + - region: ${_param:openstack_region} + public_address: ${_param:cluster_public_host} + public_protocol: ${_param:cluster_public_protocol} + public_port: 8774 + public_path: '/v2/$(project_id)s' + internal_address: ${_param:nova_service_host} + internal_port: 8774 + internal_path: '/v2/$(project_id)s' + admin_address: ${_param:nova_service_host} + admin_port: 8774 + admin_path: '/v2/$(project_id)s' diff --git a/mcp/reclass/classes/system/keystone/client/service/nova21.yml b/mcp/reclass/classes/system/keystone/client/service/nova21.yml new file mode 100644 index 000000000..328aefd7c --- /dev/null +++ b/mcp/reclass/classes/system/keystone/client/service/nova21.yml @@ -0,0 +1,45 @@ +parameters: + _param: + cluster_public_protocol: https + keystone: + client: + server: + identity: + project: + service: + user: + nova: + is_admin: true + password: ${_param:keystone_nova_password} + email: ${_param:admin_email} + service: + nova20: + type: compute_legacy + description: OpenStack Compute Service + endpoints: + - region: ${_param:openstack_region} + public_address: ${_param:cluster_public_host} + public_protocol: ${_param:cluster_public_protocol} + public_port: 8774 + public_path: '/v2/$(project_id)s' + internal_address: ${_param:nova_service_host} + internal_port: 8774 + internal_path: '/v2/$(project_id)s' + admin_address: ${_param:nova_service_host} + admin_port: 8774 + admin_path: '/v2/$(project_id)s' + nova: + type: compute + description: OpenStack Compute Service v2.1 + endpoints: + - region: ${_param:openstack_region} + public_address: ${_param:cluster_public_host} + public_protocol: ${_param:cluster_public_protocol} + public_port: 8774 + public_path: '/v2.1/$(project_id)s' + internal_address: ${_param:nova_service_host} + internal_port: 8774 + internal_path: '/v2.1/$(project_id)s' + admin_address: ${_param:nova_service_host} + admin_port: 8774 + admin_path: '/v2.1/$(project_id)s' diff --git a/mcp/reclass/classes/system/keystone/client/service/radosgw-s3.yml b/mcp/reclass/classes/system/keystone/client/service/radosgw-s3.yml new file mode 100644 index 000000000..06d82991b --- /dev/null +++ b/mcp/reclass/classes/system/keystone/client/service/radosgw-s3.yml @@ -0,0 +1,31 @@ +parameters: + _param: + cluster_public_protocol: https + radosgw_s3_cluster_port: 8081 + keystone: + client: + server: + identity: + project: + service: + user: + swift: + is_admin: true + password: ${_param:keystone_swift_password} + email: ${_param:admin_email} + service: + radosgw-s3: + type: s3 + description: S3 Service (radosgw) + endpoints: + - region: ${_param:openstack_region} + public_address: ${_param:cluster_public_host} + public_protocol: ${_param:cluster_public_protocol} + public_port: ${_param:radosgw_s3_cluster_port} + public_path: '/' # /$(project_id)s + internal_address: ${_param:radosgw_service_host} + internal_port: ${_param:radosgw_s3_cluster_port} + internal_path: '/' + admin_address: ${_param:radosgw_service_host} + admin_port: ${_param:radosgw_s3_cluster_port} + admin_path: '/' diff --git a/mcp/reclass/classes/system/keystone/client/service/radosgw-swift.yml b/mcp/reclass/classes/system/keystone/client/service/radosgw-swift.yml new file mode 100644 index 000000000..9c7547e54 --- /dev/null +++ b/mcp/reclass/classes/system/keystone/client/service/radosgw-swift.yml @@ -0,0 +1,30 @@ +parameters: + _param: + cluster_public_protocol: https + keystone: + client: + server: + identity: + project: + service: + user: + swift: + is_admin: true + password: ${_param:keystone_swift_password} + email: ${_param:admin_email} + service: + radosgw-swift: + type: object-store + description: Swift Service (radosgw) + endpoints: + - region: ${_param:openstack_region} + public_address: ${_param:cluster_public_host} + public_protocol: ${_param:cluster_public_protocol} + public_port: 8081 + public_path: '/swift/v1' # /$(project_id)s + internal_address: ${_param:radosgw_service_host} + internal_port: 8081 + internal_path: '/swift/v1' + admin_address: ${_param:radosgw_service_host} + admin_port: 8081 + admin_path: '/swift/v1' diff --git a/mcp/reclass/classes/system/keystone/client/service/sahara.yml b/mcp/reclass/classes/system/keystone/client/service/sahara.yml new file mode 100644 index 000000000..84a0b9621 --- /dev/null +++ b/mcp/reclass/classes/system/keystone/client/service/sahara.yml @@ -0,0 +1,30 @@ +parameters: + _param: + cluster_public_protocol: https + keystone: + client: + server: + identity: + project: + service: + user: + sahara: + is_admin: true + password: ${_param:keystone_sahara_password} + email: ${_param:admin_email} + service: + sahara: + type: data-processing + description: Sahara Data Processing + endpoints: + - region: ${_param:openstack_region} + public_address: ${_param:cluster_public_host} + public_protocol: ${_param:cluster_public_protocol} + public_port: 8386 + public_path: '/v1.1/%(project_id)s' + internal_address: ${_param:sahara_service_host} + internal_port: 8386 + internal_path: '/v1.1/%(project_id)s' + admin_address: ${_param:sahara_service_host} + admin_port: 8386 + admin_path: '/v1.1/%(project_id)s' diff --git a/mcp/reclass/classes/system/keystone/client/service/swift-s3.yml b/mcp/reclass/classes/system/keystone/client/service/swift-s3.yml new file mode 100644 index 000000000..5880487c9 --- /dev/null +++ b/mcp/reclass/classes/system/keystone/client/service/swift-s3.yml @@ -0,0 +1,31 @@ +parameters: + _param: + cluster_public_protocol: https + keystone: + client: + server: + identity: + project: + service: + user: + swift: + is_admin: true + password: ${_param:keystone_swift_password} + email: ${_param:admin_email} + service: + swift-s3: + type: object-store + description: S3 Service (swift) + region: ${_param:openstack_region} + endpoints: + - region: ${_param:openstack_region} + public_address: ${_param:cluster_public_host} + public_protocol: ${_param:cluster_public_protocol} + public_port: 8080 + public_path: '/v1/AUTH_%(project_id)s' + internal_address: ${_param:swift_service_host} + internal_port: 8080 + internal_path: '/v1/AUTH_%(project_id)s' + admin_address: ${_param:swift_service_host} + admin_port: 8080 + admin_path: '/' diff --git a/mcp/reclass/classes/system/keystone/client/service/swift.yml b/mcp/reclass/classes/system/keystone/client/service/swift.yml new file mode 100644 index 000000000..781fab9c6 --- /dev/null +++ b/mcp/reclass/classes/system/keystone/client/service/swift.yml @@ -0,0 +1,30 @@ +parameters: + _param: + cluster_public_protocol: https + keystone: + client: + server: + identity: + project: + service: + user: + swift: + is_admin: true + password: ${_param:keystone_swift_password} + email: ${_param:admin_email} + service: + swift: + type: object-store + description: Swift Service + endpoints: + - region: ${_param:openstack_region} + public_address: ${_param:cluster_public_host} + public_protocol: ${_param:cluster_public_protocol} + public_port: 8080 + public_path: '/v1/AUTH_%(project_id)s' + internal_address: ${_param:swift_service_host} + internal_port: 8080 + internal_path: '/v1/AUTH_%(project_id)s' + admin_address: ${_param:swift_service_host} + admin_port: 8080 + admin_path: '/' diff --git a/mcp/reclass/classes/system/keystone/client/single.yml b/mcp/reclass/classes/system/keystone/client/single.yml new file mode 100644 index 000000000..6d7a4c689 --- /dev/null +++ b/mcp/reclass/classes/system/keystone/client/single.yml @@ -0,0 +1,40 @@ +classes: +- system.keystone.client.service.cinder +- system.keystone.client.service.cinder2 +- system.keystone.client.service.glance +- system.keystone.client.service.heat +- system.keystone.client.service.heat-cfn +- system.keystone.client.service.keystone +- system.keystone.client.service.neutron +- system.keystone.client.service.nova-ec2 +parameters: + linux: + system: + job: + keystone_job_rotate: + command: '/usr/bin/keystone-manage fernet_rotate --keystone-user keystone --keystone-group keystone >> /var/log/key_rotation_log 2>> /var/log/key_rotation_log' + enabled: true + user: root + minute: 0 + keystone: + client: + enabled: true + server: + identity: + admin: + host: ${_param:keystone_service_host} + port: 35357 + token: ${_param:keystone_service_token} + roles: + - admin + - Member + project: + service: + description: "OpenStack Service tenant" + admin: + description: "OpenStack Admin tenant" + user: + admin: + is_admin: true + password: ${_param:keystone_admin_password} + email: ${_param:admin_email} diff --git a/mcp/reclass/classes/system/keystone/server/cluster.yml b/mcp/reclass/classes/system/keystone/server/cluster.yml new file mode 100644 index 000000000..f077faf0d --- /dev/null +++ b/mcp/reclass/classes/system/keystone/server/cluster.yml @@ -0,0 +1,46 @@ +classes: +- service.keystone.server.cluster +- service.keepalived.cluster.single +- system.haproxy.proxy.listen.openstack.keystone +parameters: + keystone: + server: + enabled: true + version: ${_param:keystone_version} + service_token: ${_param:keystone_service_token} + service_tenant: service + admin_tenant: admin + admin_name: admin + admin_password: ${_param:keystone_admin_password} + admin_email: ${_param:admin_email} + bind: + address: ${_param:cluster_local_address} + private_address: ${_param:cluster_vip_address} + private_port: 35357 + public_address: ${_param:cluster_vip_address} + public_port: 5000 + region: ${_param:openstack_region} + database: + engine: mysql + host: ${_param:openstack_database_address} + name: keystone + password: ${_param:mysql_keystone_password} + user: keystone + tokens: + engine: fernet + expiration: 3600 + max_active_keys: 3 + location: /var/lib/keystone/fernet-keys + message_queue: + engine: rabbitmq + members: + - host: ${_param:openstack_message_queue_node01_address} + - host: ${_param:openstack_message_queue_node02_address} + - host: ${_param:openstack_message_queue_node03_address} + user: openstack + password: ${_param:rabbitmq_openstack_password} + virtual_host: '/openstack' + ha_queues: true + auth_methods: + - password + - token diff --git a/mcp/reclass/classes/system/keystone/server/notification/cadf.yml b/mcp/reclass/classes/system/keystone/server/notification/cadf.yml new file mode 100644 index 000000000..dffb278a7 --- /dev/null +++ b/mcp/reclass/classes/system/keystone/server/notification/cadf.yml @@ -0,0 +1,4 @@ +parameters: + keystone: + server: + notification_format: cadf diff --git a/mcp/reclass/classes/system/keystone/server/notification/messagingv2.yml b/mcp/reclass/classes/system/keystone/server/notification/messagingv2.yml new file mode 100644 index 000000000..2cc7e6430 --- /dev/null +++ b/mcp/reclass/classes/system/keystone/server/notification/messagingv2.yml @@ -0,0 +1,6 @@ +parameters: + keystone: + server: + notification: + driver: messagingv2 + topics: "${_param:openstack_notification_topics}" diff --git a/mcp/reclass/classes/system/keystone/server/single.yml b/mcp/reclass/classes/system/keystone/server/single.yml new file mode 100644 index 000000000..aae179f27 --- /dev/null +++ b/mcp/reclass/classes/system/keystone/server/single.yml @@ -0,0 +1,53 @@ +classes: +- service.keystone.server.single +parameters: + _param: + keystone_service_token: token + keystone_admin_password: password + mysql_admin_user: root + mysql_admin_password: password + mysql_keystone_password: password + keystone: + server: + enabled: true + version: ${_param:keystone_version} + service_token: ${_param:keystone_service_token} + service_tenant: service + admin_tenant: admin + admin_name: admin + admin_password: ${_param:keystone_admin_password} + admin_email: ${_param:admin_email} + bind: + address: ${_param:single_address} + private_address: ${_param:single_address} + private_port: 35357 + public_address: ${_param:single_address} + public_port: 5000 + region: ${_param:openstack_region} + database: + engine: mysql + host: ${_param:single_address} + name: keystone + password: ${_param:mysql_keystone_password} + user: keystone + tokens: + engine: fernet + expiration: 3600 + max_active_keys: 3 + location: /var/lib/keystone/fernet-keys + message_queue: + engine: rabbitmq + host: ${_param:single_address} + user: openstack + password: ${_param:rabbitmq_openstack_password} + virtual_host: '/openstack' + ha_queues: true + roles: + - admin + - Member + - image_manager + auth_methods: + - password + - token + database: + host: 127.0.0.1 diff --git a/mcp/reclass/classes/system/keystone/server/websso.yml b/mcp/reclass/classes/system/keystone/server/websso.yml new file mode 100644 index 000000000..0960ccb32 --- /dev/null +++ b/mcp/reclass/classes/system/keystone/server/websso.yml @@ -0,0 +1,15 @@ +classes: +- service.shibboleth.server.cluster +parameters: + keystone: + server: + websso: + protocol: saml2 + remote_id_attribute: Shib-Identity-Provider + federation_driver: keystone.contrib.federation.backends.sql.Federation + trusted_dashboard: + - https://${_param:cluster_public_host}/auth/websso/ + - https://${_param:proxy_vip_host}/auth/websso/ + auth_methods: + - saml2 + - external diff --git a/mcp/reclass/classes/system/keystone/server/wsgi.yml b/mcp/reclass/classes/system/keystone/server/wsgi.yml new file mode 100644 index 000000000..2c8a19deb --- /dev/null +++ b/mcp/reclass/classes/system/keystone/server/wsgi.yml @@ -0,0 +1,19 @@ +classes: +- system.apache.server.single +parameters: + keystone: + server: + service_name: apache2 + apache: + server: + enabled: true + default_mpm: event + site: + keystone: + enabled: true + type: keystone + name: wsgi + host: + name: ${linux:network:fqdn} + modules: + - wsgi diff --git a/mcp/reclass/classes/system/linux/network/interface/single_dhcp.yml b/mcp/reclass/classes/system/linux/network/interface/single_dhcp.yml new file mode 100644 index 000000000..c3a69ab7f --- /dev/null +++ b/mcp/reclass/classes/system/linux/network/interface/single_dhcp.yml @@ -0,0 +1,9 @@ +parameters: + linux: + network: + interface: + primary_interface: + enabled: true + name: ${_param:primary_interface} + type: eth + proto: dhcp diff --git a/mcp/reclass/classes/system/linux/network/interface/single_ovs_dvr.yml b/mcp/reclass/classes/system/linux/network/interface/single_ovs_dvr.yml new file mode 100644 index 000000000..482bd028a --- /dev/null +++ b/mcp/reclass/classes/system/linux/network/interface/single_ovs_dvr.yml @@ -0,0 +1,67 @@ +parameters: + _param: + primary_interface: eth1 + tenant_interface: eth2 + external_interface: eth3 + interface_mtu: 9000 + linux: + network: + bridge: openvswitch + interface: + primary_interface: + enabled: true + name: ${_param:primary_interface} + type: eth + mtu: ${_param:interface_mtu} + proto: manual + tenant_interface: + enabled: true + name: ${_param:tenant_interface} + type: eth + mtu: ${_param:interface_mtu} + proto: manual + external_interface: + enabled: true + name: ${_param:external_interface} + type: eth + mtu: ${_param:interface_mtu} + proto: manual + br-int: + enabled: true + mtu: ${_param:interface_mtu} + type: ovs_bridge + br-floating: + enabled: true + mtu: ${_param:interface_mtu} + type: ovs_bridge + float-to-ex: + enabled: true + type: ovs_port + mtu: 65000 + bridge: br-floating + br-mgmt: + enabled: true + type: bridge + mtu: ${_param:interface_mtu} + address: ${_param:single_address} + netmask: 255.255.255.0 + use_interfaces: + - ${_param:primary_interface} + br-mesh: + enabled: true + type: bridge + mtu: ${_param:interface_mtu} + address: ${_param:tenant_address} + netmask: 255.255.255.0 + use_interfaces: + - ${_param:tenant_interface} + br-ex: + enabled: true + type: bridge + mtu: ${_param:interface_mtu} + address: ${_param:external_address} + netmask: 255.255.255.0 + use_interfaces: + - ${_param:external_interface} + use_ovs_ports: + - float-to-ex \ No newline at end of file diff --git a/mcp/reclass/classes/system/linux/network/interface/single_static.yml b/mcp/reclass/classes/system/linux/network/interface/single_static.yml new file mode 100644 index 000000000..18f46a255 --- /dev/null +++ b/mcp/reclass/classes/system/linux/network/interface/single_static.yml @@ -0,0 +1,10 @@ +parameters: + linux: + network: + interface: + primary_interface: + enabled: true + name: ${_param:primary_interface} + type: eth + proto: manual + address: ${_param:single_address} \ No newline at end of file diff --git a/mcp/reclass/classes/system/linux/storage/loopback.yml b/mcp/reclass/classes/system/linux/storage/loopback.yml new file mode 100644 index 000000000..adbbe65f3 --- /dev/null +++ b/mcp/reclass/classes/system/linux/storage/loopback.yml @@ -0,0 +1,8 @@ +parameters: + linux: + storage: + enabled: true + loopback: + loop0: + file: "/srv/disk0" + size: ${_param:loopback_device_size}G diff --git a/mcp/reclass/classes/system/linux/system/haveged.yml b/mcp/reclass/classes/system/linux/system/haveged.yml new file mode 100644 index 000000000..5c0be1512 --- /dev/null +++ b/mcp/reclass/classes/system/linux/system/haveged.yml @@ -0,0 +1,5 @@ +parameters: + linux: + system: + haveged: + enabled: true diff --git a/mcp/reclass/classes/system/linux/system/lowmem.yml b/mcp/reclass/classes/system/linux/system/lowmem.yml new file mode 100644 index 000000000..e1f119384 --- /dev/null +++ b/mcp/reclass/classes/system/linux/system/lowmem.yml @@ -0,0 +1,17 @@ +parameters: + linux: + storage: + swap: + swap01: + enabled: true + engine: file + device: /var/tmp/swap01 + size: 2048 +# opencontrail: +# database: +# max_heap_size: "1G" +# heap_newsize: "200M" +# rabbitmq: +# server: +# memory: +# vm_high_watermark: 0.2 diff --git a/mcp/reclass/classes/system/linux/system/motd/dynamic.yml b/mcp/reclass/classes/system/linux/system/motd/dynamic.yml new file mode 100644 index 000000000..9589e8ef9 --- /dev/null +++ b/mcp/reclass/classes/system/linux/system/motd/dynamic.yml @@ -0,0 +1,19 @@ +parameters: + linux: + system: + motd: + - warning: | + #!/bin/sh + printf "WARNING: This is private network.\n" + printf " Unauthorized access is strictly prohibited.\n" + printf "\n" + - info: | + #!/bin/sh + printf -- "------------------------------------------------------\n" + printf " Hostname | $(hostname)\n" + printf " Domain | $(hostname -d)\n" + printf " System | %s\n" "$(lsb_release -s -d)" + printf " Kernel | %s\n" "$(uname -r)" + printf " Uptime | %s\n" "$(uptime -p)" + printf " Load Average | %s\n" "$(cat /proc/loadavg | awk '{print $1", "$2", "$3}')" + printf -- "------------------------------------------------------\n" diff --git a/mcp/reclass/classes/system/linux/system/motd/static.yml b/mcp/reclass/classes/system/linux/system/motd/static.yml new file mode 100644 index 000000000..774abc67f --- /dev/null +++ b/mcp/reclass/classes/system/linux/system/motd/static.yml @@ -0,0 +1,12 @@ +parameters: + linux: + system: + motd: | + WARNING: This is private network + Unauthorized access is strictly prohibited + + ------------------------------------------------------ + Hostname | ${linux:system:name} + Domain | ${linux:system:domain} + ------------------------------------------------------ + diff --git a/mcp/reclass/classes/system/linux/system/prompt/init.yml b/mcp/reclass/classes/system/linux/system/prompt/init.yml new file mode 100644 index 000000000..2f0120d8c --- /dev/null +++ b/mcp/reclass/classes/system/linux/system/prompt/init.yml @@ -0,0 +1,7 @@ +parameters: + linux: + system: + prompt: + default: \\n\\[\\033[0;37m\\]\\D{%y/%m/%d %H:%M:%S} ${linux:system:name}.${linux:system:domain}\\[\\e[0m\\]\\n\\[\\e[1;39m\\][\\u@\\h:\\w]\\[\\e[0m\\] + bash: + preserve_history: true diff --git a/mcp/reclass/classes/system/linux/system/prompt/production.yml b/mcp/reclass/classes/system/linux/system/prompt/production.yml new file mode 100644 index 000000000..f8784605d --- /dev/null +++ b/mcp/reclass/classes/system/linux/system/prompt/production.yml @@ -0,0 +1,7 @@ +classes: + - system.linux.system.prompt +parameters: + linux: + system: + prompt: + default: \\n\\[\\033[0;37m\\]\\D{%y/%m/%d %H:%M:%S} ${linux:system:name}.${linux:system:domain}\\[\\e[0m\\]\\n\\[\\e[1;31m\\][\\u@\\h:\\w]\\[\\e[0m\\] diff --git a/mcp/reclass/classes/system/linux/system/repo/cassandra.yml b/mcp/reclass/classes/system/linux/system/repo/cassandra.yml new file mode 100644 index 000000000..74fb02119 --- /dev/null +++ b/mcp/reclass/classes/system/linux/system/repo/cassandra.yml @@ -0,0 +1,10 @@ +parameters: + _param: + linux_repo_cassandra_component: 21x + linux: + system: + repo: + cassandra: + source: "deb http://www.apache.org/dist/cassandra/debian/ ${_param:linux_repo_cassandra_component} main" + architectures: amd64 + key_url: "https://www.apache.org/dist/cassandra/KEYS" diff --git a/mcp/reclass/classes/system/linux/system/repo/docker.yml b/mcp/reclass/classes/system/linux/system/repo/docker.yml new file mode 100644 index 000000000..6eae575d0 --- /dev/null +++ b/mcp/reclass/classes/system/linux/system/repo/docker.yml @@ -0,0 +1,9 @@ +parameters: + linux: + system: + repo: + docker: + source: "deb https://apt.dockerproject.org/repo ubuntu-${_param:linux_system_codename} main" + architectures: amd64 + key_id: 58118E89F3A912897C070ADBF76221572C52609D + key_server: hkp://p80.pool.sks-keyservers.net:80 diff --git a/mcp/reclass/classes/system/linux/system/repo/elasticsearch.yml b/mcp/reclass/classes/system/linux/system/repo/elasticsearch.yml new file mode 100644 index 000000000..60f6fd075 --- /dev/null +++ b/mcp/reclass/classes/system/linux/system/repo/elasticsearch.yml @@ -0,0 +1,8 @@ +parameters: + linux: + system: + repo: + elasticsearch: + source: "deb http://packages.elastic.co/elasticsearch/2.x/debian stable main" + architectures: amd64 + key_url: "https://packages.elastic.co/GPG-KEY-elasticsearch" \ No newline at end of file diff --git a/mcp/reclass/classes/system/linux/system/repo/glusterfs.yml b/mcp/reclass/classes/system/linux/system/repo/glusterfs.yml new file mode 100644 index 000000000..fb331f0f3 --- /dev/null +++ b/mcp/reclass/classes/system/linux/system/repo/glusterfs.yml @@ -0,0 +1,11 @@ +parameters: + _param: + glusterfs_version: 3.8 + linux: + system: + repo: + glusterfs-ppa: + source: "deb http://ppa.launchpad.net/gluster/glusterfs-${_param:glusterfs_version}/ubuntu ${_param:linux_system_codename} main" + architectures: amd64 + key_id: 3FE869A9 + key_server: keyserver.ubuntu.com diff --git a/mcp/reclass/classes/system/linux/system/repo/grafana.yml b/mcp/reclass/classes/system/linux/system/repo/grafana.yml new file mode 100644 index 000000000..c1c8a5b35 --- /dev/null +++ b/mcp/reclass/classes/system/linux/system/repo/grafana.yml @@ -0,0 +1,8 @@ +parameters: + linux: + system: + repo: + grafana: + enabled: true + source: 'deb https://packagecloud.io/grafana/stable/debian/ jessie main' + key_url: 'https://packagecloud.io/gpg.key' diff --git a/mcp/reclass/classes/system/linux/system/repo/influxdb.yml b/mcp/reclass/classes/system/linux/system/repo/influxdb.yml new file mode 100644 index 000000000..b9345039d --- /dev/null +++ b/mcp/reclass/classes/system/linux/system/repo/influxdb.yml @@ -0,0 +1,8 @@ +parameters: + linux: + system: + repo: + influxdb: + source: 'deb [arch=amd64] https://repos.influxdata.com/ubuntu ${_param:linux_system_codename} stable' + architectures: amd64 + key_url: 'https://repos.influxdata.com/influxdb.key' \ No newline at end of file diff --git a/mcp/reclass/classes/system/linux/system/repo/kibana.yml b/mcp/reclass/classes/system/linux/system/repo/kibana.yml new file mode 100644 index 000000000..425141d10 --- /dev/null +++ b/mcp/reclass/classes/system/linux/system/repo/kibana.yml @@ -0,0 +1,7 @@ +parameters: + linux: + system: + repo: + kibana: + source: "deb https://packages.elastic.co/kibana/4.6/debian stable main" + key_url: "https://packages.elastic.co/GPG-KEY-elasticsearch" diff --git a/mcp/reclass/classes/system/linux/system/repo/mcp/extra.yml b/mcp/reclass/classes/system/linux/system/repo/mcp/extra.yml new file mode 100644 index 000000000..00de9eacd --- /dev/null +++ b/mcp/reclass/classes/system/linux/system/repo/mcp/extra.yml @@ -0,0 +1,15 @@ +parameters: + _param: + apt_mk_version: stable + linux: + system: + repo: + mcp_extra: + source: "deb [arch=amd64] http://apt-mk.mirantis.com/${_param:linux_system_codename}/ ${_param:apt_mk_version} extra" + architectures: amd64 + key_url: "http://apt-mk.mirantis.com/public.gpg" + clean_file: true + pin: + - pin: 'release a=${_param:apt_mk_version}' + priority: 1100 + package: '*' diff --git a/mcp/reclass/classes/system/linux/system/repo/mcp/openstack.yml b/mcp/reclass/classes/system/linux/system/repo/mcp/openstack.yml new file mode 100644 index 000000000..9f26821d0 --- /dev/null +++ b/mcp/reclass/classes/system/linux/system/repo/mcp/openstack.yml @@ -0,0 +1,54 @@ +parameters: + _param: + apt_mk_version: stable + linux: + system: + repo: + mirantis_openstack: + source: "deb http://mirror.fuel-infra.org/mcp-repos/${_param:openstack_version}/${_param:linux_system_codename} ${_param:openstack_version} main" + architectures: amd64 + key_url: "http://mirror.fuel-infra.org/mcp-repos/${_param:openstack_version}/${_param:linux_system_codename}/archive-mcp${_param:openstack_version}.key" + pin: + - pin: 'release a=${_param:openstack_version}' + priority: 1100 + package: '*' + mirantis_openstack_hotfix: + source: "deb http://mirror.fuel-infra.org/mcp-repos/${_param:openstack_version}/${_param:linux_system_codename} ${_param:openstack_version}-hotfix main" + architectures: amd64 + key_url: "http://mirror.fuel-infra.org/mcp-repos/${_param:openstack_version}/${_param:linux_system_codename}/archive-mcp${_param:openstack_version}.key" + pin: + - pin: 'release a=${_param:openstack_version}-hotfix' + priority: 1100 + package: '*' + mirantis_openstack_security: + source: "deb http://mirror.fuel-infra.org/mcp-repos/${_param:openstack_version}/${_param:linux_system_codename} ${_param:openstack_version}-security main" + architectures: amd64 + key_url: "http://mirror.fuel-infra.org/mcp-repos/${_param:openstack_version}/${_param:linux_system_codename}/archive-mcp${_param:openstack_version}.key" + pin: + - pin: 'release a=${_param:openstack_version}-security' + priority: 1100 + package: '*' + mirantis_openstack_updates: + source: "deb http://mirror.fuel-infra.org/mcp-repos/${_param:openstack_version}/${_param:linux_system_codename} ${_param:openstack_version}-updates main" + architectures: amd64 + key_url: "http://mirror.fuel-infra.org/mcp-repos/${_param:openstack_version}/${_param:linux_system_codename}/archive-mcp${_param:openstack_version}.key" + pin: + - pin: 'release a=${_param:openstack_version}-uptades' + priority: 1100 + package: '*' + mirantis_openstack_holdback: + source: "deb http://mirror.fuel-infra.org/mcp-repos/${_param:openstack_version}/${_param:linux_system_codename} ${_param:openstack_version}-holdback main" + architectures: amd64 + key_url: "http://mirror.fuel-infra.org/mcp-repos/${_param:openstack_version}/${_param:linux_system_codename}/archive-mcp${_param:openstack_version}.key" + pin: + - pin: 'release a=${_param:openstack_version}-holdback' + priority: 1100 + package: '*' + mk_openstack: + source: "deb [arch=amd64] http://apt-mk.mirantis.com/${_param:linux_system_codename}/ ${_param:apt_mk_version} ${_param:openstack_version}" + architectures: amd64 + key_url: "http://apt-mk.mirantis.com/public.gpg" + pin: + - pin: 'release a=${_param:apt_mk_version}' + priority: 1100 + package: '*' diff --git a/mcp/reclass/classes/system/linux/system/repo/mcp/salt.yml b/mcp/reclass/classes/system/linux/system/repo/mcp/salt.yml new file mode 100644 index 000000000..d40cc5fbe --- /dev/null +++ b/mcp/reclass/classes/system/linux/system/repo/mcp/salt.yml @@ -0,0 +1,15 @@ +parameters: + _param: + apt_mk_version: stable + linux: + system: + repo: + mcp_salt: + source: "deb [arch=amd64] http://apt-mk.mirantis.com/${_param:linux_system_codename}/ ${_param:apt_mk_version} salt" + architectures: amd64 + key_url: "http://apt-mk.mirantis.com/public.gpg" + clean_file: true + pin: + - pin: 'release a=${_param:apt_mk_version}' + priority: 1100 + package: '*' diff --git a/mcp/reclass/classes/system/linux/system/repo/saltstack/xenial.yml b/mcp/reclass/classes/system/linux/system/repo/saltstack/xenial.yml new file mode 100644 index 000000000..aca462a67 --- /dev/null +++ b/mcp/reclass/classes/system/linux/system/repo/saltstack/xenial.yml @@ -0,0 +1,10 @@ +parameters: + _param: + salt_version: 2016.3 + linux: + system: + repo: + salt: + source: "deb http://repo.saltstack.com/apt/ubuntu/16.04/amd64/${_param:salt_version} xenial main" + architectures: amd64 + key_url: "http://repo.saltstack.com/apt/ubuntu/16.04/amd64/${_param:salt_version}/SALTSTACK-GPG-KEY.pub" \ No newline at end of file diff --git a/mcp/reclass/classes/system/linux/system/repo/sensu.yml b/mcp/reclass/classes/system/linux/system/repo/sensu.yml new file mode 100644 index 000000000..1ea368712 --- /dev/null +++ b/mcp/reclass/classes/system/linux/system/repo/sensu.yml @@ -0,0 +1,8 @@ +parameters: + linux: + system: + repo: + sensu: + source: "deb https://sensu.global.ssl.fastly.net/apt ${_param:linux_system_codename} main" + architectures: amd64 + key_url: "https://sensu.global.ssl.fastly.net/apt/pubkey.gpg" \ No newline at end of file diff --git a/mcp/reclass/classes/system/linux/system/repo/ubuntu.yml b/mcp/reclass/classes/system/linux/system/repo/ubuntu.yml new file mode 100644 index 000000000..d36bcc1f0 --- /dev/null +++ b/mcp/reclass/classes/system/linux/system/repo/ubuntu.yml @@ -0,0 +1,22 @@ +parameters: + linux: + system: + repo: + ubuntu: + source: "deb [arch=amd64] http://archive.ubuntu.com/ubuntu/ ${_param:linux_system_codename} main restricted universe" + architectures: amd64 + default: true + key_id: 437D05B5 + key_server: keyserver.ubuntu.com + ubuntu_updates: + source: "deb [arch=amd64] http://archive.ubuntu.com/ubuntu/ ${_param:linux_system_codename}-updates main restricted universe" + architectures: amd64 + default: true + key_id: 437D05B5 + key_server: keyserver.ubuntu.com + ubuntu_security: + source: "deb [arch=amd64] http://archive.ubuntu.com/ubuntu/ ${_param:linux_system_codename}-security main restricted universe" + architectures: amd64 + default: true + key_id: 437D05B5 + key_server: keyserver.ubuntu.com \ No newline at end of file diff --git a/mcp/reclass/classes/system/linux/system/single.yml b/mcp/reclass/classes/system/linux/system/single.yml new file mode 100644 index 000000000..056fb9863 --- /dev/null +++ b/mcp/reclass/classes/system/linux/system/single.yml @@ -0,0 +1,58 @@ +classes: +- service.linux.system +- service.salt.minion.master +- system.ntp.client.single +parameters: + linux: + system: + package: + python-msgpack: + version: latest + cloud-init: + version: purged + mcelog: + version: latest + kernel: + modules: + - nf_conntrack + sysctl: + net.ipv4.tcp_keepalive_intvl: 3 + net.ipv4.tcp_keepalive_time: 30 + net.ipv4.tcp_keepalive_probes: 8 + fs.file-max: 124165 + net.core.somaxconn: 4096 + vm.swappiness: 10 + net.nf_conntrack_max: 1048576 + net.ipv4.tcp_retries2: 5 + net.ipv4.tcp_max_syn_backlog: 8192 + net.ipv4.neigh.default.gc_thresh1: 4096 + net.ipv4.neigh.default.gc_thresh2: 8192 + net.ipv4.neigh.default.gc_thresh3: 16384 + net.core.netdev_max_backlog: 261144 + kernel.panic: 60 + cpu: + governor: performance + timezone: UTC + locale: + en_US.UTF-8: + enabled: true + default: true + cs_CZ.UTF-8: + enabled: true + limit: + default: + enabled: true + domain: "*" + limits: + - type: hard + item: nofile + value: 307200 + - type: soft + item: nofile + value: 307200 + - type: soft + item: nproc + value: 307200 + - type: hard + item: nproc + value: 307200 diff --git a/mcp/reclass/classes/system/linux/system/sudo.yml b/mcp/reclass/classes/system/linux/system/sudo.yml new file mode 100644 index 000000000..1668c1277 --- /dev/null +++ b/mcp/reclass/classes/system/linux/system/sudo.yml @@ -0,0 +1,43 @@ +parameters: + _param: + sudo_shells: + - /bin/sh + - /bin/ksh + - /bin/bash + - /bin/rbash + - /bin/dash + - /bin/zsh + - /bin/csh + - /bin/fish + - /bin/tcsh + - /usr/bin/login + - /usr/bin/su + - /usr/su + sudo_restricted_su: + - /bin/vi* /etc/sudoers* + - /bin/nano /etc/sudoers* + - /bin/emacs /etc/sudoers* + - /bin/su - root + - /bin/su - + - /bin/su + - /usr/sbin/visudo + sudo_coreutils_safe: + - /usr/bin/less + sudo_rabbitmq_safe: + - /usr/sbin/rabbitmqctl status + - /usr/sbin/rabbitmqctl cluster_status + - /usr/sbin/rabbitmqctl list_queues* + sudo_salt_safe: + - /usr/bin/salt * state* + - /usr/bin/salt * service* + - /usr/bin/salt * pillar* + - /usr/bin/salt * grains* + - /usr/bin/salt * saltutil* + - /usr/bin/salt * test.ping + - /usr/bin/salt-call state* + - /usr/bin/salt-call service* + - /usr/bin/salt-call pillar* + - /usr/bin/salt-call grains* + - /usr/bin/salt-call saltutil* + sudo_salt_trusted: + - /usr/bin/salt* diff --git a/mcp/reclass/classes/system/maas/region/cluster.yml b/mcp/reclass/classes/system/maas/region/cluster.yml new file mode 100644 index 000000000..8df6ea8a8 --- /dev/null +++ b/mcp/reclass/classes/system/maas/region/cluster.yml @@ -0,0 +1,12 @@ +classes: + - system.maas.region.single + - system.keepalived.server.cluster_maas +parameters: + _param: + cluster_vip_address: 10.0.175.80 + maas: + cluster: + enabled: true + role: ${_param:maas_cluster_role} + region: + host: ${_param:cluster_vip_address} \ No newline at end of file diff --git a/mcp/reclass/classes/system/maas/region/single.yml b/mcp/reclass/classes/system/maas/region/single.yml new file mode 100644 index 000000000..569d47540 --- /dev/null +++ b/mcp/reclass/classes/system/maas/region/single.yml @@ -0,0 +1,16 @@ +classes: + - service.maas.region.single + - service.maas.region.vendor_repo +parameters: + maas: + region: + theme: mirantis + enable_iframe: True + bind: + host: ${_param:cluster_vip_address} + database: + engine: postgresql + host: 10.0.175.10 + name: maasdb + password: password + username: maas \ No newline at end of file diff --git a/mcp/reclass/classes/system/memcached/server/single.yml b/mcp/reclass/classes/system/memcached/server/single.yml new file mode 100644 index 000000000..7577e89e4 --- /dev/null +++ b/mcp/reclass/classes/system/memcached/server/single.yml @@ -0,0 +1,2 @@ +classes: +- service.memcached.server.single diff --git a/mcp/reclass/classes/system/mongodb/server/cluster.yml b/mcp/reclass/classes/system/mongodb/server/cluster.yml new file mode 100644 index 000000000..f3c16d677 --- /dev/null +++ b/mcp/reclass/classes/system/mongodb/server/cluster.yml @@ -0,0 +1,11 @@ +classes: +- service.mongodb.server.cluster +parameters: + _param: + mongodb_server_replica_set: mongodb + mongodb_master: mdb01 + mongodb_server_members: + - host: mdb01 + priority: 2 + - host: mdb02 + - host: mdb03 diff --git a/mcp/reclass/classes/system/mongodb/server/database/ceilometer.yml b/mcp/reclass/classes/system/mongodb/server/database/ceilometer.yml new file mode 100644 index 000000000..4adabc052 --- /dev/null +++ b/mcp/reclass/classes/system/mongodb/server/database/ceilometer.yml @@ -0,0 +1,10 @@ +parameters: + mongodb: + server: + database: + ceilometer: + enabled: true + password: ${_param:mongodb_ceilometer_password} + users: + - name: ceilometer + password: ${_param:mongodb_ceilometer_password} diff --git a/mcp/reclass/classes/system/mongodb/server/single.yml b/mcp/reclass/classes/system/mongodb/server/single.yml new file mode 100644 index 000000000..c3d6ccaf1 --- /dev/null +++ b/mcp/reclass/classes/system/mongodb/server/single.yml @@ -0,0 +1,5 @@ +classes: +- service.mongodb.server.single +parameters: + _param: + mongodb_server_replica_set: ceilometer diff --git a/mcp/reclass/classes/system/mysql/client/database/aodh.yml b/mcp/reclass/classes/system/mysql/client/database/aodh.yml new file mode 100644 index 000000000..92a2b2929 --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database/aodh.yml @@ -0,0 +1,17 @@ +parameters: + mysql: + client: + server: + database: + database: + aodh: + encoding: utf8 + users: + - name: aodh + password: ${_param:mysql_aodh_password} + host: '%' + rights: all + - name: aodh + password: ${_param:mysql_aodh_password} + host: ${_param:single_address} + rights: all \ No newline at end of file diff --git a/mcp/reclass/classes/system/mysql/client/database/ceilometer.yml b/mcp/reclass/classes/system/mysql/client/database/ceilometer.yml new file mode 100644 index 000000000..436bf9755 --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database/ceilometer.yml @@ -0,0 +1,17 @@ +parameters: + mysql: + client: + server: + database: + database: + ceilometer: + encoding: utf8 + users: + - name: ceilometer + password: ${_param:mysql_ceilometer_password} + host: '%' + rights: all + - name: ceilometer + password: ${_param:mysql_ceilometer_password} + host: ${_param:single_address} + rights: all diff --git a/mcp/reclass/classes/system/mysql/client/database/cinder.yml b/mcp/reclass/classes/system/mysql/client/database/cinder.yml new file mode 100644 index 000000000..4d6783b07 --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database/cinder.yml @@ -0,0 +1,17 @@ +parameters: + mysql: + client: + server: + database: + database: + cinder: + encoding: utf8 + users: + - name: cinder + password: ${_param:mysql_cinder_password} + host: '%' + rights: all + - name: cinder + password: ${_param:mysql_cinder_password} + host: ${_param:single_address} + rights: all diff --git a/mcp/reclass/classes/system/mysql/client/database/designate.yml b/mcp/reclass/classes/system/mysql/client/database/designate.yml new file mode 100644 index 000000000..cee6ff135 --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database/designate.yml @@ -0,0 +1,17 @@ +parameters: + mysql: + client: + server: + database: + database: + designate: + encoding: utf8 + users: + - name: designate + password: ${_param:mysql_designate_password} + host: '%' + rights: all + - name: designate + password: ${_param:mysql_designate_password} + host: ${_param:single_address} + rights: all \ No newline at end of file diff --git a/mcp/reclass/classes/system/mysql/client/database/designate_pool_manager.yml b/mcp/reclass/classes/system/mysql/client/database/designate_pool_manager.yml new file mode 100644 index 000000000..6913bd450 --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database/designate_pool_manager.yml @@ -0,0 +1,17 @@ +parameters: + mysql: + client: + server: + database: + database: + designate_pool_manager: + encoding: utf8 + users: + - name: designate + password: ${_param:mysql_designate_password} + host: '%' + rights: all + - name: designate + password: ${_param:mysql_designate_password} + host: ${_param:single_address} + rights: all diff --git a/mcp/reclass/classes/system/mysql/client/database/glance.yml b/mcp/reclass/classes/system/mysql/client/database/glance.yml new file mode 100644 index 000000000..b93b3434a --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database/glance.yml @@ -0,0 +1,17 @@ +parameters: + mysql: + client: + server: + database: + database: + glance: + encoding: utf8 + users: + - name: glance + password: ${_param:mysql_glance_password} + host: '%' + rights: all + - name: glance + password: ${_param:mysql_glance_password} + host: ${_param:single_address} + rights: all diff --git a/mcp/reclass/classes/system/mysql/client/database/grafana.yml b/mcp/reclass/classes/system/mysql/client/database/grafana.yml new file mode 100644 index 000000000..a2899f060 --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database/grafana.yml @@ -0,0 +1,17 @@ +parameters: + mysql: + client: + server: + database: + database: + grafana: + encoding: utf8 + users: + - name: grafana + password: ${_param:mysql_grafana_password} + host: '%' + rights: all + - name: grafana + password: ${_param:mysql_grafana_password} + host: ${_param:single_address} + rights: all diff --git a/mcp/reclass/classes/system/mysql/client/database/heat.yml b/mcp/reclass/classes/system/mysql/client/database/heat.yml new file mode 100644 index 000000000..51aae8fbb --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database/heat.yml @@ -0,0 +1,17 @@ +parameters: + mysql: + client: + server: + database: + database: + heat: + encoding: utf8 + users: + - name: heat + password: ${_param:mysql_heat_password} + host: '%' + rights: all + - name: heat + password: ${_param:mysql_heat_password} + host: ${_param:single_address} + rights: all diff --git a/mcp/reclass/classes/system/mysql/client/database/keystone.yml b/mcp/reclass/classes/system/mysql/client/database/keystone.yml new file mode 100644 index 000000000..09885dd85 --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database/keystone.yml @@ -0,0 +1,17 @@ +parameters: + mysql: + client: + server: + database: + database: + keystone: + encoding: utf8 + users: + - name: keystone + password: ${_param:mysql_keystone_password} + host: '%' + rights: all + - name: keystone + password: ${_param:mysql_keystone_password} + host: ${_param:single_address} + rights: all diff --git a/mcp/reclass/classes/system/mysql/client/database/murano.yml b/mcp/reclass/classes/system/mysql/client/database/murano.yml new file mode 100644 index 000000000..561ea3dcd --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database/murano.yml @@ -0,0 +1,17 @@ +parameters: + mysql: + client: + server: + database: + database: + murano: + encoding: utf8 + users: + - name: murano + password: ${_param:mysql_murano_password} + host: '%' + rights: all + - name: murano + password: ${_param:mysql_murano_password} + host: ${_param:single_address} + rights: all \ No newline at end of file diff --git a/mcp/reclass/classes/system/mysql/client/database/neutron.yml b/mcp/reclass/classes/system/mysql/client/database/neutron.yml new file mode 100644 index 000000000..94d972253 --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database/neutron.yml @@ -0,0 +1,17 @@ +parameters: + mysql: + client: + server: + database: + database: + neutron: + encoding: utf8 + users: + - name: neutron + password: ${_param:mysql_neutron_password} + host: '%' + rights: all + - name: neutron + password: ${_param:mysql_neutron_password} + host: ${_param:single_address} + rights: all diff --git a/mcp/reclass/classes/system/mysql/client/database/nova.yml b/mcp/reclass/classes/system/mysql/client/database/nova.yml new file mode 100644 index 000000000..930b2805a --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database/nova.yml @@ -0,0 +1,17 @@ +parameters: + mysql: + client: + server: + database: + database: + nova: + encoding: utf8 + users: + - name: nova + password: ${_param:mysql_nova_password} + host: '%' + rights: all + - name: nova + password: ${_param:mysql_nova_password} + host: ${_param:single_address} + rights: all diff --git a/mcp/reclass/classes/system/mysql/client/database/nova_api.yml b/mcp/reclass/classes/system/mysql/client/database/nova_api.yml new file mode 100644 index 000000000..a8fbd59f0 --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database/nova_api.yml @@ -0,0 +1,28 @@ +parameters: + mysql: + client: + server: + database: + database: + nova_api: + encoding: utf8 + users: + - name: nova + password: ${_param:mysql_nova_password} + host: '%' + rights: all + - name: nova + password: ${_param:mysql_nova_password} + host: ${_param:single_address} + rights: all + nova_cell0: + encoding: utf8 + users: + - name: nova + password: ${_param:mysql_nova_password} + host: '%' + rights: all + - name: nova + password: ${_param:mysql_nova_password} + host: ${_param:single_address} + rights: all diff --git a/mcp/reclass/classes/system/mysql/client/database/sahara.yml b/mcp/reclass/classes/system/mysql/client/database/sahara.yml new file mode 100644 index 000000000..86497d8e8 --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database/sahara.yml @@ -0,0 +1,17 @@ +parameters: + mysql: + client: + server: + database: + database: + sahara: + encoding: utf8 + users: + - name: sahara + password: ${_param:mysql_sahara_password} + host: '%' + rights: all + - name: sahara + password: ${_param:mysql_sahara_password} + host: ${_param:single_address} + rights: all diff --git a/mcp/reclass/classes/system/mysql/client/database_init/aodh.yml b/mcp/reclass/classes/system/mysql/client/database_init/aodh.yml new file mode 100644 index 000000000..5a88169a7 --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database_init/aodh.yml @@ -0,0 +1,15 @@ +classes: +- system.mysql.client.database.aodh +parameters: + mysql: + client: + enabled: true + server: + database: + database: + aodh: + initial_data: + engine: backupninja + source: ${_param:backupninja_backup_host} + host: ${linux:network:fqdn} + database: aodh diff --git a/mcp/reclass/classes/system/mysql/client/database_init/ceilometer.yml b/mcp/reclass/classes/system/mysql/client/database_init/ceilometer.yml new file mode 100644 index 000000000..7f13c6d67 --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database_init/ceilometer.yml @@ -0,0 +1,15 @@ +classes: +- system.mysql.client.database.ceilometer +parameters: + mysql: + client: + enabled: true + server: + database: + database: + ceilometer: + initial_data: + engine: backupninja + source: ${_param:backupninja_backup_host} + host: ${linux:network:fqdn} + database: ceilometer diff --git a/mcp/reclass/classes/system/mysql/client/database_init/cinder.yml b/mcp/reclass/classes/system/mysql/client/database_init/cinder.yml new file mode 100644 index 000000000..9614aad0d --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database_init/cinder.yml @@ -0,0 +1,15 @@ +classes: +- system.mysql.client.database.cinder +parameters: + mysql: + client: + enabled: true + server: + database: + database: + cinder: + initial_data: + engine: backupninja + source: ${_param:backupninja_backup_host} + host: ${linux:network:fqdn} + database: cinder diff --git a/mcp/reclass/classes/system/mysql/client/database_init/designate.yml b/mcp/reclass/classes/system/mysql/client/database_init/designate.yml new file mode 100644 index 000000000..99d0036c5 --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database_init/designate.yml @@ -0,0 +1,15 @@ +classes: +- system.mysql.client.database.designate +parameters: + mysql: + client: + enabled: true + server: + database: + database: + designate: + initial_data: + engine: backupninja + source: ${_param:backupninja_backup_host} + host: ${linux:network:fqdn} + database: designate diff --git a/mcp/reclass/classes/system/mysql/client/database_init/designate_pool_manager.yml b/mcp/reclass/classes/system/mysql/client/database_init/designate_pool_manager.yml new file mode 100644 index 000000000..6a5b385ed --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database_init/designate_pool_manager.yml @@ -0,0 +1,15 @@ +classes: +- system.mysql.client.database.designate_pool_manager +parameters: + mysql: + client: + enabled: true + server: + database: + database: + designate_pool_manager: + initial_data: + engine: backupninja + source: ${_param:backupninja_backup_host} + host: ${linux:network:fqdn} + database: designate_pool_manager diff --git a/mcp/reclass/classes/system/mysql/client/database_init/glance.yml b/mcp/reclass/classes/system/mysql/client/database_init/glance.yml new file mode 100644 index 000000000..703c603b2 --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database_init/glance.yml @@ -0,0 +1,15 @@ +classes: +- system.mysql.client.database.glance +parameters: + mysql: + client: + enabled: true + server: + database: + database: + glance: + initial_data: + engine: backupninja + source: ${_param:backupninja_backup_host} + host: ${linux:network:fqdn} + database: glance diff --git a/mcp/reclass/classes/system/mysql/client/database_init/grafana.yml b/mcp/reclass/classes/system/mysql/client/database_init/grafana.yml new file mode 100644 index 000000000..aeb2e2630 --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database_init/grafana.yml @@ -0,0 +1,15 @@ +classes: +- system.mysql.client.database.grafana +parameters: + mysql: + client: + enabled: true + server: + database: + database: + grafana: + initial_data: + engine: backupninja + source: ${_param:backupninja_backup_host} + host: ${linux:network:fqdn} + database: grafana diff --git a/mcp/reclass/classes/system/mysql/client/database_init/heat.yml b/mcp/reclass/classes/system/mysql/client/database_init/heat.yml new file mode 100644 index 000000000..c7a0f00c3 --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database_init/heat.yml @@ -0,0 +1,15 @@ +classes: +- system.mysql.client.database.heat +parameters: + mysql: + client: + enabled: true + server: + database: + database: + heat: + initial_data: + engine: backupninja + source: ${_param:backupninja_backup_host} + host: ${linux:network:fqdn} + database: heat diff --git a/mcp/reclass/classes/system/mysql/client/database_init/keystone.yml b/mcp/reclass/classes/system/mysql/client/database_init/keystone.yml new file mode 100644 index 000000000..555cae6df --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database_init/keystone.yml @@ -0,0 +1,15 @@ +classes: +- system.mysql.client.database.keystone +parameters: + mysql: + client: + enabled: true + server: + database: + database: + keystone: + initial_data: + engine: backupninja + source: ${_param:backupninja_backup_host} + host: ${linux:network:fqdn} + database: keystone diff --git a/mcp/reclass/classes/system/mysql/client/database_init/murano.yml b/mcp/reclass/classes/system/mysql/client/database_init/murano.yml new file mode 100644 index 000000000..13515e708 --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database_init/murano.yml @@ -0,0 +1,15 @@ +classes: +- system.mysql.client.database.murano +parameters: + mysql: + client: + enabled: true + server: + database: + database: + murano: + initial_data: + engine: backupninja + source: ${_param:backupninja_backup_host} + host: ${linux:network:fqdn} + database: murano diff --git a/mcp/reclass/classes/system/mysql/client/database_init/neutron.yml b/mcp/reclass/classes/system/mysql/client/database_init/neutron.yml new file mode 100644 index 000000000..405f3e6b1 --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database_init/neutron.yml @@ -0,0 +1,15 @@ +classes: +- system.mysql.client.database.neutron +parameters: + mysql: + client: + enabled: true + server: + database: + database: + neutron: + initial_data: + engine: backupninja + source: ${_param:backupninja_backup_host} + host: ${linux:network:fqdn} + database: neutron diff --git a/mcp/reclass/classes/system/mysql/client/database_init/nova.yml b/mcp/reclass/classes/system/mysql/client/database_init/nova.yml new file mode 100644 index 000000000..f1ee6cf47 --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database_init/nova.yml @@ -0,0 +1,15 @@ +classes: +- system.mysql.client.database.nova +parameters: + mysql: + client: + enabled: true + server: + database: + database: + nova: + initial_data: + engine: backupninja + source: ${_param:backupninja_backup_host} + host: ${linux:network:fqdn} + database: nova diff --git a/mcp/reclass/classes/system/mysql/client/database_init/nova_api.yml b/mcp/reclass/classes/system/mysql/client/database_init/nova_api.yml new file mode 100644 index 000000000..2fa8630a7 --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database_init/nova_api.yml @@ -0,0 +1,21 @@ +classes: +- system.mysql.client.database.nova_api +parameters: + mysql: + client: + enabled: true + server: + database: + database: + nova_api: + initial_data: + engine: backupninja + source: ${_param:backupninja_backup_host} + host: ${linux:network:fqdn} + database: nova_api + nova_cell0: + initial_data: + engine: backupninja + source: ${_param:backupninja_backup_host} + host: ${linux:network:fqdn} + database: nova_cell0 diff --git a/mcp/reclass/classes/system/mysql/client/database_init/sahara.yml b/mcp/reclass/classes/system/mysql/client/database_init/sahara.yml new file mode 100644 index 000000000..ef3d981e0 --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database_init/sahara.yml @@ -0,0 +1,15 @@ +classes: +- system.mysql.client.database.sahara +parameters: + mysql: + client: + enabled: true + server: + database: + database: + sahara: + initial_data: + engine: backupninja + source: ${_param:backupninja_backup_host} + host: ${linux:network:fqdn} + database: sahara diff --git a/mcp/reclass/classes/system/mysql/client/database_upgrade/aodh.yml b/mcp/reclass/classes/system/mysql/client/database_upgrade/aodh.yml new file mode 100644 index 000000000..d363161f6 --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database_upgrade/aodh.yml @@ -0,0 +1,23 @@ +parameters: + mysql: + client: + server: + database: + database: + aodh_upgrade: + encoding: utf8 + users: + - name: aodh + password: ${_param:mysql_aodh_password} + host: '%' + rights: all + - name: aodh + password: ${_param:mysql_aodh_password} + host: ${_param:single_address} + rights: all + initial_data: + engine: backupninja + source: ${_param:backupninja_backup_host} + host: ${linux:network:fqdn} + database: aodh + diff --git a/mcp/reclass/classes/system/mysql/client/database_upgrade/ceilometer.yml b/mcp/reclass/classes/system/mysql/client/database_upgrade/ceilometer.yml new file mode 100644 index 000000000..5344b4bd9 --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database_upgrade/ceilometer.yml @@ -0,0 +1,23 @@ +parameters: + mysql: + client: + server: + database: + database: + ceilometer_upgrade: + encoding: utf8 + users: + - name: ceilometer + password: ${_param:mysql_ceilometer_password} + host: '%' + rights: all + - name: ceilometer + password: ${_param:mysql_ceilometer_password} + host: ${_param:single_address} + rights: all + initial_data: + engine: backupninja + source: ${_param:backupninja_backup_host} + host: ${linux:network:fqdn} + database: ceilometer + diff --git a/mcp/reclass/classes/system/mysql/client/database_upgrade/cinder.yml b/mcp/reclass/classes/system/mysql/client/database_upgrade/cinder.yml new file mode 100644 index 000000000..bafc70ddd --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database_upgrade/cinder.yml @@ -0,0 +1,22 @@ +parameters: + mysql: + client: + server: + database: + database: + cinder_upgrade: + encoding: utf8 + users: + - name: cinder + password: ${_param:mysql_cinder_password} + host: '%' + rights: all + - name: cinder + password: ${_param:mysql_cinder_password} + host: ${_param:single_address} + rights: all + initial_data: + engine: backupninja + source: ${_param:backupninja_backup_host} + host: ${linux:network:fqdn} + database: cinder \ No newline at end of file diff --git a/mcp/reclass/classes/system/mysql/client/database_upgrade/designate.yml b/mcp/reclass/classes/system/mysql/client/database_upgrade/designate.yml new file mode 100644 index 000000000..48b7fce64 --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database_upgrade/designate.yml @@ -0,0 +1,22 @@ +parameters: + mysql: + client: + server: + database: + database: + designate_upgrade: + encoding: utf8 + users: + - name: designate + password: ${_param:mysql_designate_password} + host: '%' + rights: all + - name: designate + password: ${_param:mysql_designate_password} + host: ${_param:single_address} + rights: all + initial_data: + engine: backupninja + source: ${_param:backupninja_backup_host} + host: ${linux:network:fqdn} + database: designate \ No newline at end of file diff --git a/mcp/reclass/classes/system/mysql/client/database_upgrade/designate_pool_manager.yml b/mcp/reclass/classes/system/mysql/client/database_upgrade/designate_pool_manager.yml new file mode 100644 index 000000000..26dd9756f --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database_upgrade/designate_pool_manager.yml @@ -0,0 +1,22 @@ +parameters: + mysql: + client: + server: + database: + database: + designate_pool_manager_upgrade: + encoding: utf8 + users: + - name: designate + password: ${_param:mysql_designate_password} + host: '%' + rights: all + - name: designate + password: ${_param:mysql_designate_password} + host: ${_param:single_address} + rights: all + initial_data: + engine: backupninja + source: ${_param:backupninja_backup_host} + host: ${linux:network:fqdn} + database: designate_pool_manager \ No newline at end of file diff --git a/mcp/reclass/classes/system/mysql/client/database_upgrade/glance.yml b/mcp/reclass/classes/system/mysql/client/database_upgrade/glance.yml new file mode 100644 index 000000000..bebe6047d --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database_upgrade/glance.yml @@ -0,0 +1,22 @@ +parameters: + mysql: + client: + server: + database: + database: + glance_upgrade: + encoding: utf8 + users: + - name: glance + password: ${_param:mysql_glance_password} + host: '%' + rights: all + - name: glance + password: ${_param:mysql_glance_password} + host: ${_param:single_address} + rights: all + initial_data: + engine: backupninja + source: ${_param:backupninja_backup_host} + host: ${linux:network:fqdn} + database: glance diff --git a/mcp/reclass/classes/system/mysql/client/database_upgrade/grafana.yml b/mcp/reclass/classes/system/mysql/client/database_upgrade/grafana.yml new file mode 100644 index 000000000..7759a66cc --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database_upgrade/grafana.yml @@ -0,0 +1,22 @@ +parameters: + mysql: + client: + server: + database: + database: + grafana_upgrade: + encoding: utf8 + users: + - name: grafana + password: ${_param:mysql_grafana_password} + host: '%' + rights: all + - name: grafana + password: ${_param:mysql_grafana_password} + host: ${_param:single_address} + rights: all + initial_data: + engine: backupninja + source: ${_param:backupninja_backup_host} + host: ${linux:network:fqdn} + database: grafana \ No newline at end of file diff --git a/mcp/reclass/classes/system/mysql/client/database_upgrade/heat.yml b/mcp/reclass/classes/system/mysql/client/database_upgrade/heat.yml new file mode 100644 index 000000000..24e4cb1fd --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database_upgrade/heat.yml @@ -0,0 +1,22 @@ +parameters: + mysql: + client: + server: + database: + database: + heat_upgrade: + encoding: utf8 + users: + - name: heat + password: ${_param:mysql_heat_password} + host: '%' + rights: all + - name: heat + password: ${_param:mysql_heat_password} + host: ${_param:single_address} + rights: all + initial_data: + engine: backupninja + source: ${_param:backupninja_backup_host} + host: ${linux:network:fqdn} + database: heat \ No newline at end of file diff --git a/mcp/reclass/classes/system/mysql/client/database_upgrade/keystone.yml b/mcp/reclass/classes/system/mysql/client/database_upgrade/keystone.yml new file mode 100644 index 000000000..826566261 --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database_upgrade/keystone.yml @@ -0,0 +1,22 @@ +parameters: + mysql: + client: + server: + database: + database: + keystone_upgrade: + encoding: utf8 + users: + - name: keystone + password: ${_param:mysql_keystone_password} + host: '%' + rights: all + - name: keystone + password: ${_param:mysql_keystone_password} + host: ${_param:single_address} + rights: all + initial_data: + engine: backupninja + source: ${_param:backupninja_backup_host} + host: ${linux:network:fqdn} + database: keystone \ No newline at end of file diff --git a/mcp/reclass/classes/system/mysql/client/database_upgrade/murano.yml b/mcp/reclass/classes/system/mysql/client/database_upgrade/murano.yml new file mode 100644 index 000000000..2223ce687 --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database_upgrade/murano.yml @@ -0,0 +1,22 @@ +parameters: + mysql: + client: + server: + database: + database: + murano_upgrade: + encoding: utf8 + users: + - name: murano + password: ${_param:mysql_murano_password} + host: '%' + rights: all + - name: murano + password: ${_param:mysql_murano_password} + host: ${_param:single_address} + rights: all + initial_data: + engine: backupninja + source: ${_param:backupninja_backup_host} + host: ${linux:network:fqdn} + database: murano \ No newline at end of file diff --git a/mcp/reclass/classes/system/mysql/client/database_upgrade/neutron.yml b/mcp/reclass/classes/system/mysql/client/database_upgrade/neutron.yml new file mode 100644 index 000000000..7dd723c6f --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database_upgrade/neutron.yml @@ -0,0 +1,22 @@ +parameters: + mysql: + client: + server: + database: + database: + neutron_upgrade: + encoding: utf8 + users: + - name: neutron + password: ${_param:mysql_neutron_password} + host: '%' + rights: all + - name: neutron + password: ${_param:mysql_neutron_password} + host: ${_param:single_address} + rights: all + initial_data: + engine: backupninja + source: ${_param:backupninja_backup_host} + host: ${linux:network:fqdn} + database: neutron \ No newline at end of file diff --git a/mcp/reclass/classes/system/mysql/client/database_upgrade/nova.yml b/mcp/reclass/classes/system/mysql/client/database_upgrade/nova.yml new file mode 100644 index 000000000..699c9c310 --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database_upgrade/nova.yml @@ -0,0 +1,22 @@ +parameters: + mysql: + client: + server: + database: + database: + nova_upgrade: + encoding: utf8 + users: + - name: nova + password: ${_param:mysql_nova_password} + host: '%' + rights: all + - name: nova + password: ${_param:mysql_nova_password} + host: ${_param:single_address} + rights: all + initial_data: + engine: backupninja + source: ${_param:backupninja_backup_host} + host: ${linux:network:fqdn} + database: nova \ No newline at end of file diff --git a/mcp/reclass/classes/system/mysql/client/database_upgrade/nova_api.yml b/mcp/reclass/classes/system/mysql/client/database_upgrade/nova_api.yml new file mode 100644 index 000000000..8bb33c8f9 --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database_upgrade/nova_api.yml @@ -0,0 +1,38 @@ +parameters: + mysql: + client: + server: + database: + database: + nova_upgrade_api: + encoding: utf8 + users: + - name: nova + password: ${_param:mysql_nova_password} + host: '%' + rights: all + - name: nova + password: ${_param:mysql_nova_password} + host: ${_param:single_address} + rights: all + initial_data: + engine: backupninja + source: ${_param:backupninja_backup_host} + host: ${linux:network:fqdn} + database: nova_api + nova_upgrade_cell0: + encoding: utf8 + users: + - name: nova + password: ${_param:mysql_nova_password} + host: '%' + rights: all + - name: nova + password: ${_param:mysql_nova_password} + host: ${_param:single_address} + rights: all + initial_data: + engine: backupninja + source: ${_param:backupninja_backup_host} + host: ${linux:network:fqdn} + database: nova_cell0 \ No newline at end of file diff --git a/mcp/reclass/classes/system/mysql/client/database_upgrade/sahara.yml b/mcp/reclass/classes/system/mysql/client/database_upgrade/sahara.yml new file mode 100644 index 000000000..73618d07a --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/database_upgrade/sahara.yml @@ -0,0 +1,22 @@ +parameters: + mysql: + client: + server: + database: + database: + sahara_upgrade: + encoding: utf8 + users: + - name: sahara + password: ${_param:mysql_sahara_password} + host: '%' + rights: all + - name: sahara + password: ${_param:mysql_sahara_password} + host: ${_param:single_address} + rights: all + initial_data: + engine: backupninja + source: ${_param:backupninja_backup_host} + host: ${linux:network:fqdn} + database: sahara \ No newline at end of file diff --git a/mcp/reclass/classes/system/mysql/client/init.yml b/mcp/reclass/classes/system/mysql/client/init.yml new file mode 100644 index 000000000..4cea41a77 --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/init.yml @@ -0,0 +1,14 @@ +parameters: + _param: + mysql_client_host: localhost + mysql: + client: + enabled: true + server: + database: + admin: + host: ${_param:mysql_client_host} + port: 3306 + user: ${_param:mysql_admin_user} + password: ${_param:mysql_admin_password} + encoding: utf8 diff --git a/mcp/reclass/classes/system/mysql/client/single.yml b/mcp/reclass/classes/system/mysql/client/single.yml new file mode 100644 index 000000000..f518a878a --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/single.yml @@ -0,0 +1,11 @@ +classes: +- system.mysql.client +- system.mysql.client.database.aodh +- system.mysql.client.database.ceilometer +- system.mysql.client.database.cinder +- system.mysql.client.database.glance +- system.mysql.client.database.heat +- system.mysql.client.database.keystone +- system.mysql.client.database.nova +- system.mysql.client.database.nova_api +- system.mysql.client.database.neutron diff --git a/mcp/reclass/classes/system/mysql/client/single_init.yml b/mcp/reclass/classes/system/mysql/client/single_init.yml new file mode 100644 index 000000000..0c2004991 --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/single_init.yml @@ -0,0 +1,24 @@ +classes: +- system.mysql.client.database_init.aodh +- system.mysql.client.database_init.ceilometer +- system.mysql.client.database_init.cinder +- system.mysql.client.database_init.glance +- system.mysql.client.database_init.heat +- system.mysql.client.database_init.keystone +- system.mysql.client.database_init.nova +- system.mysql.client.database_init.nova_api +- system.mysql.client.database_init.neutron +parameters: + _param: + mysql_client_host: localhost + mysql: + client: + enabled: true + server: + database: + admin: + host: ${_param:mysql_client_host} + port: 3306 + user: ${_param:mysql_admin_user} + password: ${_param:mysql_admin_password} + encoding: utf8 diff --git a/mcp/reclass/classes/system/mysql/client/single_upgrade.yml b/mcp/reclass/classes/system/mysql/client/single_upgrade.yml new file mode 100644 index 000000000..595d3f7b0 --- /dev/null +++ b/mcp/reclass/classes/system/mysql/client/single_upgrade.yml @@ -0,0 +1,25 @@ +classes: +- system.mysql.client.database_upgrade.aodh +- system.mysql.client.database_upgrade.ceilometer +- system.mysql.client.database_upgrade.cinder +- system.mysql.client.database_upgrade.glance +- system.mysql.client.database_upgrade.heat +- system.mysql.client.database_upgrade.keystone +- system.mysql.client.database_upgrade.nova +- system.mysql.client.database_upgrade.nova_api +- system.mysql.client.database_upgrade.neutron +- service.mysql.client.single +parameters: + _param: + mysql_client_host: localhost + mysql: + client: + enabled: true + server: + database: + admin: + host: ${_param:mysql_client_host} + port: 3306 + user: ${_param:mysql_admin_user} + password: ${_param:mysql_admin_password} + encoding: utf8 diff --git a/mcp/reclass/classes/system/neutron/compute/cluster.yml b/mcp/reclass/classes/system/neutron/compute/cluster.yml new file mode 100644 index 000000000..989700645 --- /dev/null +++ b/mcp/reclass/classes/system/neutron/compute/cluster.yml @@ -0,0 +1,15 @@ +classes: +- service.neutron.compute.single +parameters: + neutron: + compute: + dvr: ${_param:neutron_compute_dvr} + agent_mode: ${_param:neutron_compute_agent_mode} + external_access: ${_param:neutron_compute_external_access} + backend: + tenant_network_types: ${_param:neutron_tenant_network_types}" + message_queue: + members: + - host: ${_param:openstack_message_queue_node01_address} + - host: ${_param:openstack_message_queue_node02_address} + - host: ${_param:openstack_message_queue_node03_address} \ No newline at end of file diff --git a/mcp/reclass/classes/system/neutron/compute/nfv/dpdk.yml b/mcp/reclass/classes/system/neutron/compute/nfv/dpdk.yml new file mode 100644 index 000000000..90f909588 --- /dev/null +++ b/mcp/reclass/classes/system/neutron/compute/nfv/dpdk.yml @@ -0,0 +1,17 @@ +parameters: + _param: + compute_dpdk_driver: uio + linux: + network: + bridge: openvswitch + dpdk: + enabled: true + driver: "${_param:compute_dpdk_driver}" + openvswitch: + pmd_cpu_mask: "${_param:compute_ovs_pmd_cpu_mask}" + dpdk_socket_mem: "${_param:compute_ovs_dpdk_socket_mem}" + dpdk_lcore_mask: "${_param:compute_ovs_dpdk_lcore_mask}" + memory_channels: "${_param:compute_ovs_memory_channels}" + neutron: + compute: + dpdk: True diff --git a/mcp/reclass/classes/system/neutron/compute/nfv/sriov.yml b/mcp/reclass/classes/system/neutron/compute/nfv/sriov.yml new file mode 100644 index 000000000..882e703aa --- /dev/null +++ b/mcp/reclass/classes/system/neutron/compute/nfv/sriov.yml @@ -0,0 +1,8 @@ +parameters: + neutron: + compute: + backend: + sriov: + sriov_nic01: + devname: ${_param:sriov_nic01_device_name} + physical_network: ${_param:sriov_nic01_physical_network} diff --git a/mcp/reclass/classes/system/neutron/compute/notification/messagingv2.yml b/mcp/reclass/classes/system/neutron/compute/notification/messagingv2.yml new file mode 100644 index 000000000..0e9d34a77 --- /dev/null +++ b/mcp/reclass/classes/system/neutron/compute/notification/messagingv2.yml @@ -0,0 +1,6 @@ +parameters: + neutron: + compute: + notification: + driver: messagingv2 + topics: "${_param:openstack_notification_topics}" diff --git a/mcp/reclass/classes/system/neutron/control/cluster.yml b/mcp/reclass/classes/system/neutron/control/cluster.yml new file mode 100644 index 000000000..dd1d3eedf --- /dev/null +++ b/mcp/reclass/classes/system/neutron/control/cluster.yml @@ -0,0 +1,45 @@ +classes: +- service.keepalived.cluster.single +- service.haproxy.proxy.single +- service.neutron.control.cluster +- system.haproxy.proxy.listen.openstack.neutron +parameters: + mysql: + server: + database: + neutron: + encoding: utf8 + users: + - name: neutron + password: ${_param:mysql_neutron_password} + host: '%' + rights: all + - name: neutron + password: ${_param:mysql_neutron_password} + host: ${_param:cluster_local_address} + rights: all + haproxy: + proxy: + listen: + neutron_api: + type: openstack-service + service_name: neutron + binds: + - address: ${_param:cluster_vip_address} + port: 9696 + servers: + - name: ctl01 + host: ${_param:cluster_node01_address} + port: 9696 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl02 + host: ${_param:cluster_node02_address} + port: 9696 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl03 + host: ${_param:cluster_node03_address} + port: 9696 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + neutron: + server: + plugin: contrail diff --git a/mcp/reclass/classes/system/neutron/control/notification/cadf.yml b/mcp/reclass/classes/system/neutron/control/notification/cadf.yml new file mode 100644 index 000000000..f00f96f31 --- /dev/null +++ b/mcp/reclass/classes/system/neutron/control/notification/cadf.yml @@ -0,0 +1,5 @@ +parameters: + neutron: + server: + audit: + enabled: true diff --git a/mcp/reclass/classes/system/neutron/control/notification/messagingv2.yml b/mcp/reclass/classes/system/neutron/control/notification/messagingv2.yml new file mode 100644 index 000000000..70e86181a --- /dev/null +++ b/mcp/reclass/classes/system/neutron/control/notification/messagingv2.yml @@ -0,0 +1,6 @@ +parameters: + neutron: + server: + notification: + driver: messagingv2 + topics: "${_param:openstack_notification_topics}" diff --git a/mcp/reclass/classes/system/neutron/control/opencontrail/cluster.yml b/mcp/reclass/classes/system/neutron/control/opencontrail/cluster.yml new file mode 100644 index 000000000..caaaf6d12 --- /dev/null +++ b/mcp/reclass/classes/system/neutron/control/opencontrail/cluster.yml @@ -0,0 +1,44 @@ +classes: +- service.keepalived.cluster.single +- service.haproxy.proxy.single +- service.neutron.control.cluster +- system.haproxy.proxy.listen.openstack.neutron +parameters: + mysql: + server: + database: + neutron: + encoding: utf8 + users: + - name: neutron + password: ${_param:mysql_neutron_password} + host: '%' + rights: all + - name: neutron + password: ${_param:mysql_neutron_password} + host: ${_param:cluster_local_address} + rights: all + neutron: + server: + dns_domain: ${_param:cluster_domain} + database: + host: ${_param:openstack_database_address} + identity: + region: ${_param:openstack_region} + host: ${_param:openstack_control_address} + message_queue: + members: + - host: ${_param:openstack_message_queue_node01_address} + - host: ${_param:openstack_message_queue_node02_address} + - host: ${_param:openstack_message_queue_node03_address} + compute: + host: ${_param:openstack_control_address} + region: ${_param:openstack_region} + backend: + engine: contrail + host: ${_param:opencontrail_control_address} + port: 8082 + user: admin + password: ${_param:keystone_admin_password} + tenant: admin + token: ${_param:keystone_service_token} \ No newline at end of file diff --git a/mcp/reclass/classes/system/neutron/control/openvswitch/cluster.yml b/mcp/reclass/classes/system/neutron/control/openvswitch/cluster.yml new file mode 100644 index 000000000..dc8e0c53f --- /dev/null +++ b/mcp/reclass/classes/system/neutron/control/openvswitch/cluster.yml @@ -0,0 +1,71 @@ +classes: +- service.keepalived.cluster.single +- service.haproxy.proxy.single +- service.neutron.control.cluster +parameters: + _param: + neutron_control_dvr: True + neutron_l3_ha: False + neutron_global_physnet_mtu: 1500 + neutron_external_mtu: 1500 + neutron_tenant_network_types: "flat,vxlan" + neutron: + server: + plugin: ml2 + global_physnet_mtu: ${_param:neutron_global_physnet_mtu} + l3_ha: ${_param:neutron_l3_ha} + dvr: ${_param:neutron_control_dvr} + backend: + engine: ml2 + tenant_network_types: "${_param:neutron_tenant_network_types}" + external_mtu: ${_param:neutron_external_mtu} + mechanism: + ovs: + driver: openvswitch + compute: + region: ${_param:openstack_region} + database: + host: ${_param:openstack_database_address} + identity: + region: ${_param:openstack_region} + message_queue: + members: + - host: ${_param:openstack_message_queue_node01_address} + - host: ${_param:openstack_message_queue_node02_address} + - host: ${_param:openstack_message_queue_node03_address} + mysql: + server: + database: + neutron: + encoding: utf8 + users: + - name: neutron + password: ${_param:mysql_neutron_password} + host: '%' + rights: all + - name: neutron + password: ${_param:mysql_neutron_password} + host: ${_param:cluster_local_address} + rights: all + haproxy: + proxy: + listen: + neutron_api: + type: openstack-service + service_name: neutron + binds: + - address: ${_param:cluster_vip_address} + port: 9696 + servers: + - name: ctl01 + host: ${_param:cluster_node01_address} + port: 9696 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl02 + host: ${_param:cluster_node02_address} + port: 9696 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 + - name: ctl03 + host: ${_param:cluster_node03_address} + port: 9696 + params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 diff --git a/mcp/reclass/classes/system/neutron/control/openvswitch/dpdk.yml b/mcp/reclass/classes/system/neutron/control/openvswitch/dpdk.yml new file mode 100644 index 000000000..f7191c772 --- /dev/null +++ b/mcp/reclass/classes/system/neutron/control/openvswitch/dpdk.yml @@ -0,0 +1,4 @@ +parameters: + neutron: + server: + dpdk: True \ No newline at end of file diff --git a/mcp/reclass/classes/system/neutron/control/openvswitch/single.yml b/mcp/reclass/classes/system/neutron/control/openvswitch/single.yml new file mode 100644 index 000000000..6601db1e9 --- /dev/null +++ b/mcp/reclass/classes/system/neutron/control/openvswitch/single.yml @@ -0,0 +1,45 @@ +classes: +- service.neutron.control.single +parameters: + _param: + neutron_control_dvr: True + neutron_l3_ha: False + neutron_global_physnet_mtu: 1500 + neutron_external_mtu: 1500 + neutron_tenant_network_types: "flat,vxlan" + neutron: + server: + plugin: ml2 + global_physnet_mtu: ${_param:neutron_global_physnet_mtu} + l3_ha: ${_param:neutron_l3_ha} + dvr: ${_param:neutron_control_dvr} + backend: + engine: ml2 + tenant_network_types: "${_param:neutron_tenant_network_types}" + external_mtu: ${_param:neutron_external_mtu} + mechanism: + ovs: + driver: openvswitch + compute: + region: ${_param:openstack_region} + database: + host: ${_param:openstack_database_address} + identity: + region: ${_param:openstack_region} + message_queue: + members: + - host: ${_param:openstack_message_queue_node01_address} + mysql: + server: + database: + neutron: + encoding: utf8 + users: + - name: neutron + password: ${_param:mysql_neutron_password} + host: '%' + rights: all + - name: neutron + password: ${_param:mysql_neutron_password} + host: ${_param:cluster_local_address} + rights: all \ No newline at end of file diff --git a/mcp/reclass/classes/system/neutron/control/openvswitch/sriov.yml b/mcp/reclass/classes/system/neutron/control/openvswitch/sriov.yml new file mode 100644 index 000000000..38f5d29b0 --- /dev/null +++ b/mcp/reclass/classes/system/neutron/control/openvswitch/sriov.yml @@ -0,0 +1,7 @@ +parameters: + neutron: + server: + backend: + mechanism: + sriov: + driver: sriovnicswitch diff --git a/mcp/reclass/classes/system/neutron/control/single.yml b/mcp/reclass/classes/system/neutron/control/single.yml new file mode 100644 index 000000000..663ec329e --- /dev/null +++ b/mcp/reclass/classes/system/neutron/control/single.yml @@ -0,0 +1,22 @@ +classes: +- service.neutron.control.single +parameters: + neutron: + server: + database: + host: ${_param:single_address} + mysql: + server: + database: + neutron: + encoding: utf8 + users: + - name: neutron + password: ${_param:mysql_neutron_password} + host: '%' + rights: all + - name: neutron + password: ${_param:mysql_neutron_password} + host: ${_param:single_address} + rights: all + diff --git a/mcp/reclass/classes/system/neutron/gateway/cluster.yml b/mcp/reclass/classes/system/neutron/gateway/cluster.yml new file mode 100644 index 000000000..99699f7d8 --- /dev/null +++ b/mcp/reclass/classes/system/neutron/gateway/cluster.yml @@ -0,0 +1,14 @@ +classes: +- service.neutron.gateway.single +parameters: + neutron: + gateway: + dvr: ${_param:neutron_gateway_dvr} + agent_mode: ${_param:neutron_gateway_agent_mode} + backend: + tenant_network_types: ${_param:neutron_tenant_network_types}" + message_queue: + members: + - host: ${_param:openstack_message_queue_node01_address} + - host: ${_param:openstack_message_queue_node02_address} + - host: ${_param:openstack_message_queue_node03_address} diff --git a/mcp/reclass/classes/system/neutron/gateway/notification/messagingv2.yml b/mcp/reclass/classes/system/neutron/gateway/notification/messagingv2.yml new file mode 100644 index 000000000..6363c3927 --- /dev/null +++ b/mcp/reclass/classes/system/neutron/gateway/notification/messagingv2.yml @@ -0,0 +1,6 @@ +parameters: + neutron: + gateway: + notification: + driver: messagingv2 + topics: "${_param:openstack_notification_topics}" diff --git a/mcp/reclass/classes/system/nova/compute/cluster.yml b/mcp/reclass/classes/system/nova/compute/cluster.yml new file mode 100644 index 000000000..4d07a3e9d --- /dev/null +++ b/mcp/reclass/classes/system/nova/compute/cluster.yml @@ -0,0 +1,95 @@ +classes: +- service.nova.compute.kvm +parameters: + _param: + nova_vncproxy_url: https://${_param:cluster_public_host}:6080 + nova_compute_virtualization: kvm + nova_compute_avail_zone: + nova_aggregates: [] + nova_compute_ssh_public: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCltIn93BcTMzNK/n2eBze6PyTkmIgdDkeXNR9X4DqE48Va80ojv2pq8xuaBxiNITJzyl+4p4UvTTXo+HmuX8qbHvqgMGXvuPUCpndEfb2r67f6vpMqPwMgBrUg2ZKgN4OsSDHU+H0dia0cEaTjz5pvbUy9lIsSyhrqOUVF9reJq+boAvVEedm8fUqiZuiejAw2D27+rRtdEPgsKMnh3626YEsr963q4rjU/JssV/iKMNu7mk2a+koOrJ+aHvcVU8zJjfA0YghoeVT/I3GLU/MB/4tD/RyR8GM+UYbI4sgAC7ZOCdQyHdJgnEzx3SJIwcS65U0T2XYvn2qXHXqJ9iGZ root@mirantis.com + nova_compute_ssh_private: | + -----BEGIN RSA PRIVATE KEY----- + MIIEpAIBAAKCAQEApbSJ/dwXEzMzSv59ngc3uj8k5JiIHQ5HlzUfV+A6hOPFWvNK + I79qavMbmgcYjSEyc8pfuKeFL0016Ph5rl/Kmx76oDBl77j1AqZ3RH29q+u3+r6T + Kj8DIAa1INmSoDeDrEgx1Ph9HYmtHBGk48+ab21MvZSLEsoa6jlFRfa3iavm6AL1 + RHnZvH1KombonowMNg9u/q0bXRD4LCjJ4d+tumBLK/et6uK41PybLFf4ijDbu5pN + mvpKDqyfmh73FVPMyY3wNGIIaHlU/yNxi1PzAf+LQ/0ckfBjPlGGyOLIAAu2TgnU + Mh3SYJxM8d0iSMHEuuVNE9l2L59qlx16ifYhmQIDAQABAoIBAQCYpqbwvE5tm59H + GQb0C8Ykx4LfLD1INx1wiLmlJKYEQihPTw0fvXj1qZvl21+cs9ZcoTRpUbn6B3EA + e9bs8sYc/P75j1x46LSdimkZKZUPygkk72d3ZbElUciOyKCxBDNDBQcTIQ9xpKFa + 2E5Ep72npNMrWqp71r/Qwo20lEIkikIgAFPBgraxn5xIEdo59vzXNZsvyoIRi5p4 + ayH9nWSAXdF1YU3p3ljtHD8o2G/0d2TWGmjrd9vztc6tgXjp0PF60vDNgcJiudBg + oNLDK/e5a44GJxlVDdJ84ESb7GprRStYmddl22xnI1SXlg87+t0QQwzR0CCtWXrz + neXkicHhAoGBANkG9tOZfErhSL/jmsElQTNPcMNQkPiJzEmOIpr6jgSzCusPT/QD + PnVwB42GC5+Zhd4e88BsTzECxPXmKk7r1cBKeJTg/ejgsrSfVAZqMsfhbp3mGOiH + jymF+zC6Urj5q/Zkof8pEFICtyA5zlHvZmsQL9PDiqXIWALki2JvIDPdAoGBAMN2 + O+LWOM9qqwgSMaFY8VUdDdbmLx/ZMGWQ//Tx42WM8SU+cCpGTLDHHR0qC0gnRsV7 + V63DySEwiHn4I1cQ/AMijRxuw4Dkgk2YMRlgsAbVWO7aIlECWjSg+pRjNeA7If4D + 5L/gu6wZIv1vu8/fvOwRpPUzhWjGN5Z0RyvYc7btAoGALNnrmL9XmIIGbuGy0cfJ + OblpLHQyAas4tNrS/ARb5Uy7LOj1NRCWj96fMPhK3qjzqXvsFBBOLWrNGaR/id/j + ROIfGWWGE+KcDAgBbXH1HKnSGn+7FhMt2v79coyPG/s9NqaFdB4gaVJ2VgqcQQKg + v++QcssulCRbS/2/cJBWr2ECgYAJFCDL9G9HEwlGorGzcNIkxeiyppZhwFDDJuz8 + j4+kU9uPg0rqa8F8JINxq1ZCz7A10/jKlWFuLTbpk2Dw1lUeQCiVvX9PKU30FLGT + IC6M4rPyxCb75EQUVbXN1p3WAGkfx0aEsweEgtZhNyNeEGJSBK/Iw8/agfpq/pOf + sboOMQKBgQClKmrAYKWnwdPPka3msyjl/AXDruR4XFvMlOPKbs3nYstolE7eR94F + 7xDyBz85icFU0rceYQetwFH2p5tRL0GcUQhJmJFgIL0OXdCQvRNJrT3iS00N1aUo + SG9MrLHCd5l60aCUQg0UA5ed7Hd6SA314k+HwxJno9/wJ+voBeacMg== + -----END RSA PRIVATE KEY----- + openssh: + client: + enabled: True + user: {} + stricthostkeychecking: False + nova: + compute: + version: ${_param:nova_version} + enabled: true + virtualization: ${_param:nova_compute_virtualization} + availability_zone: ${_param:nova_compute_avail_zone} + aggregates: ${_param:nova_aggregates} + heal_instance_info_cache_interval: 60 + vncproxy_url: ${_param:nova_vncproxy_url} + bind: + vnc_address: ${_param:cluster_local_address} + vnc_port: 6080 + vnc_name: 0.0.0.0 + database: + engine: mysql + host: ${_param:openstack_database_address} + port: 3306 + name: nova + user: nova + password: ${_param:mysql_nova_password} + identity: + engine: keystone + region: ${_param:openstack_region} + host: ${_param:cluster_vip_address} + port: 35357 + user: nova + password: ${_param:keystone_nova_password} + tenant: service + message_queue: + engine: rabbitmq + port: 5672 + user: openstack + password: ${_param:rabbitmq_openstack_password} + virtual_host: '/openstack' + members: + - host: ${_param:openstack_message_queue_node01_address} + - host: ${_param:openstack_message_queue_node02_address} + - host: ${_param:openstack_message_queue_node03_address} + image: + engine: glance + host: ${_param:cluster_vip_address} + port: 9292 + network: + engine: neutron + region: ${_param:openstack_region} + host: ${_param:neutron_service_host} + port: 9696 + user: neutron + tenant: service + password: ${_param:keystone_neutron_password} + user: + public_key: ${_param:nova_compute_ssh_public} + private_key: ${_param:nova_compute_ssh_private} diff --git a/mcp/reclass/classes/system/nova/compute/nfv/cpu_pinning.yml b/mcp/reclass/classes/system/nova/compute/nfv/cpu_pinning.yml new file mode 100644 index 000000000..3e97838cd --- /dev/null +++ b/mcp/reclass/classes/system/nova/compute/nfv/cpu_pinning.yml @@ -0,0 +1,8 @@ +parameters: + nova: + compute: + vcpu_pin_set: ${_param:nova_cpu_pinning} + linux: + system: + kernel: + isolcpu: ${_param:compute_kernel_isolcpu} \ No newline at end of file diff --git a/mcp/reclass/classes/system/nova/compute/nfv/hugepages.yml b/mcp/reclass/classes/system/nova/compute/nfv/hugepages.yml new file mode 100644 index 000000000..6778f9481 --- /dev/null +++ b/mcp/reclass/classes/system/nova/compute/nfv/hugepages.yml @@ -0,0 +1,18 @@ +parameters: + _param: + compute_hugepages_size: 1G + compute_hugepages_mount: /mnt/hugepages_1G + linux: + system: + kernel: + hugepages: + large: + default: true + size: ${_param:compute_hugepages_size} + count: ${_param:compute_hugepages_count} + mount_point: ${_param:compute_hugepages_mount} + nova: + compute: + hugepages: + mount_points: + - path: ${_param:compute_hugepages_mount} \ No newline at end of file diff --git a/mcp/reclass/classes/system/nova/compute/nfv/sriov.yml b/mcp/reclass/classes/system/nova/compute/nfv/sriov.yml new file mode 100644 index 000000000..b93363c80 --- /dev/null +++ b/mcp/reclass/classes/system/nova/compute/nfv/sriov.yml @@ -0,0 +1,21 @@ +parameters: + _param: + sriov_nic01_physical_network: physnet1 + sriov_unsafe_interrupts: False + nova: + compute: + sriov: + sriov_nic01: + devname: ${_param:sriov_nic01_device_name} + physical_network: ${_param:sriov_nic01_physical_network} + linux: + system: + kernel: + sriov: True + unsafe_interrupts: ${_param:sriov_unsafe_interrupts} + rc: + local: | + #!/bin/sh -e + # Enabling ${_param:sriov_nic01_numvfs} VFs on ${_param:sriov_nic01_device_name} PF + echo ${_param:sriov_nic01_numvfs} > /sys/class/net/${_param:sriov_nic01_device_name}/device/sriov_numvfs; sleep 2; ip link set ${_param:sriov_nic01_device_name} up + exit 0 \ No newline at end of file diff --git a/mcp/reclass/classes/system/nova/compute/notification/messagingv2.yml b/mcp/reclass/classes/system/nova/compute/notification/messagingv2.yml new file mode 100644 index 000000000..59ec94dcd --- /dev/null +++ b/mcp/reclass/classes/system/nova/compute/notification/messagingv2.yml @@ -0,0 +1,8 @@ +parameters: + nova: + compute: + notification: + driver: messagingv2 + topics: "${_param:openstack_notification_topics}" + notify_on: + state_change: vm_and_task_state diff --git a/mcp/reclass/classes/system/nova/compute/single.yml b/mcp/reclass/classes/system/nova/compute/single.yml new file mode 100644 index 000000000..f50b93767 --- /dev/null +++ b/mcp/reclass/classes/system/nova/compute/single.yml @@ -0,0 +1,91 @@ +applications: +- nova +classes: +- service.nova.compute.kvm +parameters: + _param: + nova_vncproxy_url: https://${_param:cluster_public_host}:6080 + nova_compute_ssh_public: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCltIn93BcTMzNK/n2eBze6PyTkmIgdDkeXNR9X4DqE48Va80ojv2pq8xuaBxiNITJzyl+4p4UvTTXo+HmuX8qbHvqgMGXvuPUCpndEfb2r67f6vpMqPwMgBrUg2ZKgN4OsSDHU+H0dia0cEaTjz5pvbUy9lIsSyhrqOUVF9reJq+boAvVEedm8fUqiZuiejAw2D27+rRtdEPgsKMnh3626YEsr963q4rjU/JssV/iKMNu7mk2a+koOrJ+aHvcVU8zJjfA0YghoeVT/I3GLU/MB/4tD/RyR8GM+UYbI4sgAC7ZOCdQyHdJgnEzx3SJIwcS65U0T2XYvn2qXHXqJ9iGZ root@mirantis.com + nova_compute_avail_zone: + nova_compute_ssh_private: | + -----BEGIN RSA PRIVATE KEY----- + MIIEpAIBAAKCAQEApbSJ/dwXEzMzSv59ngc3uj8k5JiIHQ5HlzUfV+A6hOPFWvNK + I79qavMbmgcYjSEyc8pfuKeFL0016Ph5rl/Kmx76oDBl77j1AqZ3RH29q+u3+r6T + Kj8DIAa1INmSoDeDrEgx1Ph9HYmtHBGk48+ab21MvZSLEsoa6jlFRfa3iavm6AL1 + RHnZvH1KombonowMNg9u/q0bXRD4LCjJ4d+tumBLK/et6uK41PybLFf4ijDbu5pN + mvpKDqyfmh73FVPMyY3wNGIIaHlU/yNxi1PzAf+LQ/0ckfBjPlGGyOLIAAu2TgnU + Mh3SYJxM8d0iSMHEuuVNE9l2L59qlx16ifYhmQIDAQABAoIBAQCYpqbwvE5tm59H + GQb0C8Ykx4LfLD1INx1wiLmlJKYEQihPTw0fvXj1qZvl21+cs9ZcoTRpUbn6B3EA + e9bs8sYc/P75j1x46LSdimkZKZUPygkk72d3ZbElUciOyKCxBDNDBQcTIQ9xpKFa + 2E5Ep72npNMrWqp71r/Qwo20lEIkikIgAFPBgraxn5xIEdo59vzXNZsvyoIRi5p4 + ayH9nWSAXdF1YU3p3ljtHD8o2G/0d2TWGmjrd9vztc6tgXjp0PF60vDNgcJiudBg + oNLDK/e5a44GJxlVDdJ84ESb7GprRStYmddl22xnI1SXlg87+t0QQwzR0CCtWXrz + neXkicHhAoGBANkG9tOZfErhSL/jmsElQTNPcMNQkPiJzEmOIpr6jgSzCusPT/QD + PnVwB42GC5+Zhd4e88BsTzECxPXmKk7r1cBKeJTg/ejgsrSfVAZqMsfhbp3mGOiH + jymF+zC6Urj5q/Zkof8pEFICtyA5zlHvZmsQL9PDiqXIWALki2JvIDPdAoGBAMN2 + O+LWOM9qqwgSMaFY8VUdDdbmLx/ZMGWQ//Tx42WM8SU+cCpGTLDHHR0qC0gnRsV7 + V63DySEwiHn4I1cQ/AMijRxuw4Dkgk2YMRlgsAbVWO7aIlECWjSg+pRjNeA7If4D + 5L/gu6wZIv1vu8/fvOwRpPUzhWjGN5Z0RyvYc7btAoGALNnrmL9XmIIGbuGy0cfJ + OblpLHQyAas4tNrS/ARb5Uy7LOj1NRCWj96fMPhK3qjzqXvsFBBOLWrNGaR/id/j + ROIfGWWGE+KcDAgBbXH1HKnSGn+7FhMt2v79coyPG/s9NqaFdB4gaVJ2VgqcQQKg + v++QcssulCRbS/2/cJBWr2ECgYAJFCDL9G9HEwlGorGzcNIkxeiyppZhwFDDJuz8 + j4+kU9uPg0rqa8F8JINxq1ZCz7A10/jKlWFuLTbpk2Dw1lUeQCiVvX9PKU30FLGT + IC6M4rPyxCb75EQUVbXN1p3WAGkfx0aEsweEgtZhNyNeEGJSBK/Iw8/agfpq/pOf + sboOMQKBgQClKmrAYKWnwdPPka3msyjl/AXDruR4XFvMlOPKbs3nYstolE7eR94F + 7xDyBz85icFU0rceYQetwFH2p5tRL0GcUQhJmJFgIL0OXdCQvRNJrT3iS00N1aUo + SG9MrLHCd5l60aCUQg0UA5ed7Hd6SA314k+HwxJno9/wJ+voBeacMg== + -----END RSA PRIVATE KEY----- + openssh: + client: + enabled: True + user: {} + stricthostkeychecking: False + nova: + compute: + version: ${_param:nova_version} + disable_flow_collection: true + enabled: true + virtualization: kvm + availability_zone: ${_param:nova_compute_avail_zone} + vncproxy_url: ${_param:nova_vncproxy_url} + bind: + vnc_address: ${_param:control_address} + vnc_port: 6080 + vnc_name: 0.0.0.0 + database: + engine: mysql + host: ${_param:control_address} + port: 3306 + name: nova + user: nova + password: ${_param:mysql_nova_password} + identity: + engine: keystone + host: ${_param:control_address} + port: 35357 + user: nova + password: ${_param:keystone_nova_password} + tenant: service + message_queue: + engine: rabbitmq + host: ${_param:control_address} + port: 5672 + user: openstack + password: ${_param:rabbitmq_openstack_password} + virtual_host: '/openstack' + image: + engine: glance + host: ${_param:control_address} + port: 9292 + network: + engine: neutron + host: ${_param:control_address} + port: 9696 + cache: + engine: memcached + members: + - host: 127.0.0.1 + port: 11211 + user: + public_key: ${_param:nova_compute_ssh_public} + private_key: ${_param:nova_compute_ssh_private} diff --git a/mcp/reclass/classes/system/nova/compute/storage/ceph.yml b/mcp/reclass/classes/system/nova/compute/storage/ceph.yml new file mode 100644 index 000000000..7cb24cbcc --- /dev/null +++ b/mcp/reclass/classes/system/nova/compute/storage/ceph.yml @@ -0,0 +1,10 @@ +parameters: + nova: + compute: + ceph: + enabled: true + ephemeral: yes + rbd_pool: ${_param:nova_storage_pool} + secret_uuid: ${_param:nova_storage_secret_uuid} + client_cinder_key: ${_param:nova_storage_client_key} + rbd_user: ${_param:nova_storage_user} \ No newline at end of file diff --git a/mcp/reclass/classes/system/nova/control/cluster.yml b/mcp/reclass/classes/system/nova/control/cluster.yml new file mode 100644 index 000000000..d47c5e197 --- /dev/null +++ b/mcp/reclass/classes/system/nova/control/cluster.yml @@ -0,0 +1,75 @@ +classes: +- service.haproxy.proxy.single +- service.nova.control.cluster +- service.keepalived.cluster.single +- system.haproxy.proxy.listen.openstack.nova +- system.haproxy.proxy.listen.openstack.novnc +parameters: + _param: + nova_vncproxy_url: http://${_param:cluster_vip_address}:6080 + nova_cpu_allocation_ratio: 16.0 + nova_ram_allocation_ratio: 1.5 + nova_disk_allocation_ratio: 1.0 + metadata_password: metadataPass + nova: + controller: + enabled: true + version: ${_param:nova_version} + vncproxy_url: ${_param:nova_vncproxy_url} + security_group: false + dhcp_domain: novalocal + scheduler_default_filters: "DifferentHostFilter,RetryFilter,AvailabilityZoneFilter,RamFilter,CoreFilter,DiskFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter,PciPassthroughFilter,NUMATopologyFilter,AggregateInstanceExtraSpecsFilter" + cpu_allocation_ratio: ${_param:nova_cpu_allocation_ratio} + ram_allocation_ratio: ${_param:nova_ram_allocation_ratio} + disk_allocation_ratio: ${_param:nova_disk_allocation_ratio} + workers: 8 + logging: + - engine: syslog + facility: local0 + heka: + enabled: true + bind: + private_address: ${_param:cluster_local_address} + public_address: ${_param:cluster_vip_address} + public_name: ${_param:cluster_vip_address} + novncproxy_address: ${_param:cluster_local_address} + novncproxy_port: 6080 + database: + engine: mysql + host: ${_param:openstack_database_address} + port: 3306 + name: nova + user: nova + password: ${_param:mysql_nova_password} + identity: + engine: keystone + region: ${_param:openstack_region} + host: ${_param:cluster_vip_address} + port: 35357 + user: nova + password: ${_param:keystone_nova_password} + tenant: service + message_queue: + engine: rabbitmq + port: 5672 + user: openstack + password: ${_param:rabbitmq_openstack_password} + virtual_host: '/openstack' + members: + - host: ${_param:openstack_message_queue_node01_address} + - host: ${_param:openstack_message_queue_node02_address} + - host: ${_param:openstack_message_queue_node03_address} + glance: + host: ${_param:cluster_vip_address} + port: 9292 + network: + engine: neutron + region: ${_param:openstack_region} + host: ${_param:neutron_service_host} + user: neutron + password: ${_param:keystone_neutron_password} + port: 9696 + mtu: 1500 + tenant: service + metadata: + password: ${_param:metadata_password} diff --git a/mcp/reclass/classes/system/nova/control/notification/cadf.yml b/mcp/reclass/classes/system/nova/control/notification/cadf.yml new file mode 100644 index 000000000..2f2b1b19b --- /dev/null +++ b/mcp/reclass/classes/system/nova/control/notification/cadf.yml @@ -0,0 +1,5 @@ +parameters: + nova: + controller: + audit: + enabled: true diff --git a/mcp/reclass/classes/system/nova/control/notification/messagingv2.yml b/mcp/reclass/classes/system/nova/control/notification/messagingv2.yml new file mode 100644 index 000000000..5ed801322 --- /dev/null +++ b/mcp/reclass/classes/system/nova/control/notification/messagingv2.yml @@ -0,0 +1,6 @@ +parameters: + nova: + controller: + notification: + driver: messagingv2 + topics: "${_param:openstack_notification_topics}" diff --git a/mcp/reclass/classes/system/nova/control/single.yml b/mcp/reclass/classes/system/nova/control/single.yml new file mode 100644 index 000000000..00182a370 --- /dev/null +++ b/mcp/reclass/classes/system/nova/control/single.yml @@ -0,0 +1,7 @@ +classes: +- service.nova.control.single +parameters: + nova: + controller: + database: + host: ${_param:single_address} diff --git a/mcp/reclass/classes/system/ntp/client/single.yml b/mcp/reclass/classes/system/ntp/client/single.yml new file mode 100644 index 000000000..80e70d974 --- /dev/null +++ b/mcp/reclass/classes/system/ntp/client/single.yml @@ -0,0 +1,6 @@ +classes: +- service.ntp.client +parameters: + ntp: + client: + mode7: true diff --git a/mcp/reclass/classes/system/rabbitmq/server/cluster.yml b/mcp/reclass/classes/system/rabbitmq/server/cluster.yml new file mode 100644 index 000000000..c9de9a8bc --- /dev/null +++ b/mcp/reclass/classes/system/rabbitmq/server/cluster.yml @@ -0,0 +1,4 @@ +classes: +- service.rabbitmq.server.cluster +- service.keepalived.cluster.single +- service.haproxy.proxy.single \ No newline at end of file diff --git a/mcp/reclass/classes/system/rabbitmq/server/single.yml b/mcp/reclass/classes/system/rabbitmq/server/single.yml new file mode 100644 index 000000000..6183f8197 --- /dev/null +++ b/mcp/reclass/classes/system/rabbitmq/server/single.yml @@ -0,0 +1,2 @@ +classes: +- service.rabbitmq.server.single diff --git a/mcp/reclass/classes/system/rabbitmq/server/vhost/catalog.yml b/mcp/reclass/classes/system/rabbitmq/server/vhost/catalog.yml new file mode 100644 index 000000000..23cb0f216 --- /dev/null +++ b/mcp/reclass/classes/system/rabbitmq/server/vhost/catalog.yml @@ -0,0 +1,20 @@ +parameters: + rabbitmq: + server: + host: + '/murano': + enabled: true + user: openstack + password: ${_param:rabbitmq_murano_agent_password} + policies: + - name: HA + pattern: '^(?!amq\.).*' + definition: '{"ha-mode": "all", "message-ttl": 120000}' + admin: + name: admin + password: zeQuooQu47eed8esahpie2Lai8En9ohp + bind: + address: ${_param:single_address} + management: + bind: + address: ${_param:single_address} diff --git a/mcp/reclass/classes/system/rabbitmq/server/vhost/monitoring.yml b/mcp/reclass/classes/system/rabbitmq/server/vhost/monitoring.yml new file mode 100644 index 000000000..af272b9e5 --- /dev/null +++ b/mcp/reclass/classes/system/rabbitmq/server/vhost/monitoring.yml @@ -0,0 +1,8 @@ +parameters: + rabbitmq: + server: + host: + '/monitor': + enabled: true + user: monitor + password: ${_param:rabbitmq_monitor_password} diff --git a/mcp/reclass/classes/system/rabbitmq/server/vhost/openstack.yml b/mcp/reclass/classes/system/rabbitmq/server/vhost/openstack.yml new file mode 100644 index 000000000..962bc0adc --- /dev/null +++ b/mcp/reclass/classes/system/rabbitmq/server/vhost/openstack.yml @@ -0,0 +1,20 @@ +parameters: + rabbitmq: + server: + host: + '/': + enabled: true + user: guest + password: guest + policies: + - name: HA + pattern: '^(?!amq\.).*' + definition: '{"ha-mode": "all", "message-ttl": 120000}' + '/openstack': + enabled: true + user: openstack + password: ${_param:rabbitmq_openstack_password} + policies: + - name: HA + pattern: '^(?!amq\.).*' + definition: '{"ha-mode": "all", "message-ttl": 120000}' diff --git a/mcp/reclass/classes/system/reclass/storage/salt.yml b/mcp/reclass/classes/system/reclass/storage/salt.yml new file mode 100644 index 000000000..0a21cdbfd --- /dev/null +++ b/mcp/reclass/classes/system/reclass/storage/salt.yml @@ -0,0 +1,16 @@ +classes: +- service.reclass.storage.salt +- service.git.client +parameters: + reclass: + storage: + data_source: + engine: git + address: '${_param:reclass_data_repository}' + branch: ${_param:reclass_data_revision} + salt: + master: + pillar: + engine: reclass + data_dir: /srv/salt/reclass + diff --git a/mcp/reclass/classes/system/reclass/storage/system/cicd_control_cluster.yml b/mcp/reclass/classes/system/reclass/storage/system/cicd_control_cluster.yml new file mode 100644 index 000000000..547ba6145 --- /dev/null +++ b/mcp/reclass/classes/system/reclass/storage/system/cicd_control_cluster.yml @@ -0,0 +1,41 @@ +parameters: + _param: + cicd_control_node01_hostname: cid01 + cicd_control_node02_hostname: cid02 + cicd_control_node03_hostname: cid03 + reclass: + storage: + node: + cicd_control_node01: + name: ${_param:cicd_control_node01_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.cicd.control.leader + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: xenial + single_address: ${_param:cicd_control_node01_address} + keepalived_vip_priority: 103 + cicd_database_id: 1 + cicd_control_node02: + name: ${_param:cicd_control_node02_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.cicd.control.manager + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: xenial + single_address: ${_param:cicd_control_node02_address} + keepalived_vip_priority: 102 + cicd_database_id: 2 + cicd_control_node03: + name: ${_param:cicd_control_node03_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.cicd.control.manager + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: xenial + single_address: ${_param:cicd_control_node03_address} + keepalived_vip_priority: 101 + cicd_database_id: 3 diff --git a/mcp/reclass/classes/system/reclass/storage/system/infra_idm_cluster.yml b/mcp/reclass/classes/system/reclass/storage/system/infra_idm_cluster.yml new file mode 100644 index 000000000..aae23705e --- /dev/null +++ b/mcp/reclass/classes/system/reclass/storage/system/infra_idm_cluster.yml @@ -0,0 +1,35 @@ +parameters: + _param: + infra_idm_node01_hostname: idm01 + infra_idm_node02_hostname: idm02 + infra_idm_node03_hostname: idm03 + reclass: + storage: + node: + infra_idm_node01: + name: ${_param:infra_idm_node01_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.infra.idm + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: centos + single_address: ${_param:infra_idm_node01_address} + infra_idm_node02: + name: ${_param:infra_idm_node02_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.infra.idm + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: centos + single_address: ${_param:infra_idm_node02_address} + infra_idm_node03: + name: ${_param:infra_idm_node03_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.infra.idm + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: centos + single_address: ${_param:infra_idm_node03_address} \ No newline at end of file diff --git a/mcp/reclass/classes/system/reclass/storage/system/infra_proxy_cluster.yml b/mcp/reclass/classes/system/reclass/storage/system/infra_proxy_cluster.yml new file mode 100644 index 000000000..f7c793228 --- /dev/null +++ b/mcp/reclass/classes/system/reclass/storage/system/infra_proxy_cluster.yml @@ -0,0 +1,29 @@ +parameters: + _param: + infra_proxy_node01_hostname: prx01 + infra_proxy_node02_hostname: prx02 + reclass: + storage: + node: + infra_proxy_node01: + name: ${_param:infra_proxy_node01_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.openstack.proxy + - cluster.${_param:cluster_name}.stacklight.proxy + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:infra_proxy_node01_address} + keepalived_vip_priority: 102 + infra_proxy_node02: + name: ${_param:infra_proxy_node02_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.openstack.proxy + - cluster.${_param:cluster_name}.stacklight.proxy + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:infra_proxy_node02_address} + keepalived_vip_priority: 101 diff --git a/mcp/reclass/classes/system/reclass/storage/system/infra_proxy_single.yml b/mcp/reclass/classes/system/reclass/storage/system/infra_proxy_single.yml new file mode 100644 index 000000000..a245e8c43 --- /dev/null +++ b/mcp/reclass/classes/system/reclass/storage/system/infra_proxy_single.yml @@ -0,0 +1,16 @@ +parameters: + _param: + openstack_proxy_node01_hostname: prx01 + reclass: + storage: + node: + openstack_proxy_node01: + name: ${_param:openstack_proxy_node01_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.openstack.proxy + - cluster.${_param:cluster_name}.stacklight.proxy + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:openstack_proxy_node01_address} diff --git a/mcp/reclass/classes/system/reclass/storage/system/kubernetes_control_cluster.yml b/mcp/reclass/classes/system/reclass/storage/system/kubernetes_control_cluster.yml new file mode 100644 index 000000000..5180ab6db --- /dev/null +++ b/mcp/reclass/classes/system/reclass/storage/system/kubernetes_control_cluster.yml @@ -0,0 +1,38 @@ +parameters: + _param: + kubernetes_control_node01_hostname: ctl01 + kubernetes_control_node02_hostname: ctl02 + kubernetes_control_node03_hostname: ctl03 + reclass: + storage: + node: + kubernetes_control_node01: + name: ${_param:kubernetes_control_node01_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.kubernetes.control + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: xenial + single_address: ${_param:kubernetes_control_node01_address} + keepalived_vip_priority: 103 + kubernetes_control_node02: + name: ${_param:kubernetes_control_node02_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.kubernetes.control + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: xenial + single_address: ${_param:kubernetes_control_node02_address} + keepalived_vip_priority: 102 + kubernetes_control_node03: + name: ${_param:kubernetes_control_node03_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.kubernetes.control + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: xenial + single_address: ${_param:kubernetes_control_node03_address} + keepalived_vip_priority: 101 \ No newline at end of file diff --git a/mcp/reclass/classes/system/reclass/storage/system/kubernetes_control_single.yml b/mcp/reclass/classes/system/reclass/storage/system/kubernetes_control_single.yml new file mode 100644 index 000000000..c88e3c351 --- /dev/null +++ b/mcp/reclass/classes/system/reclass/storage/system/kubernetes_control_single.yml @@ -0,0 +1,15 @@ +parameters: + _param: + kubernetes_control_node01_hostname: ctl01 + reclass: + storage: + node: + kubernetes_control_node01: + name: ${_param:kubernetes_control_node01_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.kubernetes.control + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: xenial + single_address: ${_param:kubernetes_control_node01_address} \ No newline at end of file diff --git a/mcp/reclass/classes/system/reclass/storage/system/monitoring_service_cluster.yml b/mcp/reclass/classes/system/reclass/storage/system/monitoring_service_cluster.yml new file mode 100644 index 000000000..630ee32c7 --- /dev/null +++ b/mcp/reclass/classes/system/reclass/storage/system/monitoring_service_cluster.yml @@ -0,0 +1,35 @@ +parameters: + _param: + monitor_node01_hostname: mon01 + monitor_node02_hostname: mon02 + monitor_node03_hostname: mon03 + reclass: + storage: + node: + monitoring_service_node01: + name: ${_param:monitor_node01_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.monitoring.server + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: xenial + single_address: ${_param:monitoring_service_node01_address} + monitoring_service_node02: + name: ${_param:monitor_node02_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.monitoring.server + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: xenial + single_address: ${_param:monitoring_service_node02_address} + monitoring_service_node03: + name: ${_param:monitor_node03_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.monitoring.server + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: xenial + single_address: ${_param:monitoring_service_node03_address} diff --git a/mcp/reclass/classes/system/reclass/storage/system/monitoring_service_single.yml b/mcp/reclass/classes/system/reclass/storage/system/monitoring_service_single.yml new file mode 100644 index 000000000..96805296b --- /dev/null +++ b/mcp/reclass/classes/system/reclass/storage/system/monitoring_service_single.yml @@ -0,0 +1,15 @@ +parameters: + _param: + monitor_node01_hostname: mon01 + reclass: + storage: + node: + monitoring_service_node01: + name: ${_param:monitor_node01_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.monitoring.server + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: xenial + single_address: ${_param:monitoring_service_node01_address} diff --git a/mcp/reclass/classes/system/reclass/storage/system/opencontrail_analytics_cluster.yml b/mcp/reclass/classes/system/reclass/storage/system/opencontrail_analytics_cluster.yml new file mode 100644 index 000000000..6a4b7eeb8 --- /dev/null +++ b/mcp/reclass/classes/system/reclass/storage/system/opencontrail_analytics_cluster.yml @@ -0,0 +1,41 @@ +parameters: + _param: + opencontrail_analytics_node01_hostname: nal01 + opencontrail_analytics_node02_hostname: nal02 + opencontrail_analytics_node03_hostname: nal03 + reclass: + storage: + node: + opencontrail_analytics_node01: + name: ${_param:opencontrail_analytics_node01_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.opencontrail.analytics + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:opencontrail_analytics_node01_address} + keepalived_vip_priority: 103 + opencontrail_database_id: 1 + opencontrail_analytics_node02: + name: ${_param:opencontrail_analytics_node02_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.opencontrail.analytics + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:opencontrail_analytics_node02_address} + keepalived_vip_priority: 102 + opencontrail_database_id: 2 + opencontrail_analytics_node03: + name: ${_param:opencontrail_analytics_node03_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.opencontrail.analytics + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:opencontrail_analytics_node03_address} + keepalived_vip_priority: 101 + opencontrail_database_id: 3 diff --git a/mcp/reclass/classes/system/reclass/storage/system/opencontrail_control_cluster.yml b/mcp/reclass/classes/system/reclass/storage/system/opencontrail_control_cluster.yml new file mode 100644 index 000000000..d0213b354 --- /dev/null +++ b/mcp/reclass/classes/system/reclass/storage/system/opencontrail_control_cluster.yml @@ -0,0 +1,41 @@ +parameters: + _param: + opencontrail_control_node01_hostname: ntw01 + opencontrail_control_node02_hostname: ntw02 + opencontrail_control_node03_hostname: ntw03 + reclass: + storage: + node: + opencontrail_control_node01: + name: ${_param:opencontrail_control_node01_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.opencontrail.control + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:opencontrail_control_node01_address} + keepalived_vip_priority: 103 + opencontrail_database_id: 1 + opencontrail_control_node02: + name: ${_param:opencontrail_control_node02_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.opencontrail.control + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:opencontrail_control_node02_address} + keepalived_vip_priority: 102 + opencontrail_database_id: 2 + opencontrail_control_node03: + name: ${_param:opencontrail_control_node03_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.opencontrail.control + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:opencontrail_control_node03_address} + keepalived_vip_priority: 101 + opencontrail_database_id: 3 diff --git a/mcp/reclass/classes/system/reclass/storage/system/opencontrail_gateway_single.yml b/mcp/reclass/classes/system/reclass/storage/system/opencontrail_gateway_single.yml new file mode 100644 index 000000000..52b278659 --- /dev/null +++ b/mcp/reclass/classes/system/reclass/storage/system/opencontrail_gateway_single.yml @@ -0,0 +1,15 @@ +parameters: + _param: + opencontrail_gateway_hostname: gtw01 + reclass: + storage: + node: + opencontrail_gateway_node01: + name: ${_param:opencontrail_gateway_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.opencontrail.gateway + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:opencontrail_gateway_address} diff --git a/mcp/reclass/classes/system/reclass/storage/system/openstack_benchmark_single.yml b/mcp/reclass/classes/system/reclass/storage/system/openstack_benchmark_single.yml new file mode 100644 index 000000000..a676cc328 --- /dev/null +++ b/mcp/reclass/classes/system/reclass/storage/system/openstack_benchmark_single.yml @@ -0,0 +1,15 @@ +parameters: + _param: + openstack_benchmark_node01_hostname: bmk01 + reclass: + storage: + node: + openstack_benchmark_node01: + name: ${_param:openstack_benchmark_node01_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.openstack.benchmark + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: xenial + single_address: ${_param:openstack_benchmark_node01_address} diff --git a/mcp/reclass/classes/system/reclass/storage/system/openstack_billing_single.yml b/mcp/reclass/classes/system/reclass/storage/system/openstack_billing_single.yml new file mode 100644 index 000000000..5b63ec0f5 --- /dev/null +++ b/mcp/reclass/classes/system/reclass/storage/system/openstack_billing_single.yml @@ -0,0 +1,15 @@ +parameters: + _param: + openstack_billing_hostname: bil01 + reclass: + storage: + node: + opencontrail_billing_node01: + name: ${_param:openstack_billing_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.openstack.billing + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:openstack_billing_address} diff --git a/mcp/reclass/classes/system/reclass/storage/system/openstack_catalog_cluster.yml b/mcp/reclass/classes/system/reclass/storage/system/openstack_catalog_cluster.yml new file mode 100644 index 000000000..332e5d637 --- /dev/null +++ b/mcp/reclass/classes/system/reclass/storage/system/openstack_catalog_cluster.yml @@ -0,0 +1,27 @@ +parameters: + _param: + openstack_catalog_node01_hostname: asc01 + openstack_catalog_node02_hostname: asc02 + reclass: + storage: + node: + openstack_catalog_node01: + name: ${_param:openstack_catalog_node01_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.openstack.catalog + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: ${_param:linux_system_codename} + single_address: ${_param:openstack_catalog_node01_address} + keepalived_vip_priority: 102 + openstack_catalog_node02: + name: ${_param:openstack_catalog_node02_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.openstack.catalog + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: ${_param:linux_system_codename} + single_address: ${_param:openstack_catalog_node02_address} + keepalived_vip_priority: 101 diff --git a/mcp/reclass/classes/system/reclass/storage/system/openstack_catalog_single.yml b/mcp/reclass/classes/system/reclass/storage/system/openstack_catalog_single.yml new file mode 100644 index 000000000..b48ab27a5 --- /dev/null +++ b/mcp/reclass/classes/system/reclass/storage/system/openstack_catalog_single.yml @@ -0,0 +1,15 @@ +parameters: + _param: + openstack_catalog_node01_hostname: asc01 + reclass: + storage: + node: + openstack_catalog_node01: + name: ${_param:openstack_catalog_node01_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.openstack.catalog + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: ${_param:linux_system_codename} + single_address: ${_param:openstack_catalog_node01_address} diff --git a/mcp/reclass/classes/system/reclass/storage/system/openstack_compute_multi.yml b/mcp/reclass/classes/system/reclass/storage/system/openstack_compute_multi.yml new file mode 100644 index 000000000..86092db97 --- /dev/null +++ b/mcp/reclass/classes/system/reclass/storage/system/openstack_compute_multi.yml @@ -0,0 +1,25 @@ +parameters: + _param: + openstack_compute_node01_hostname: cmp01 + openstack_compute_node02_hostname: cmp02 + reclass: + storage: + node: + openstack_compute_node01: + name: ${_param:openstack_compute_node01_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.openstack.compute + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: ${_param:linux_system_codename} + single_address: 172.16.10.105 + openstack_compute_node02: + name: ${_param:openstack_compute_node02_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.openstack.compute + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: ${_param:linux_system_codename} + single_address: 172.16.10.106 diff --git a/mcp/reclass/classes/system/reclass/storage/system/openstack_compute_single.yml b/mcp/reclass/classes/system/reclass/storage/system/openstack_compute_single.yml new file mode 100644 index 000000000..215c0e6f9 --- /dev/null +++ b/mcp/reclass/classes/system/reclass/storage/system/openstack_compute_single.yml @@ -0,0 +1,15 @@ +parameters: + _param: + openstack_compute_node01_hostname: cmp01 + reclass: + storage: + node: + openstack_compute_node01: + name: ${_param:openstack_compute_node01_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.openstack.compute + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: ${_param:linux_system_codename} + single_address: 172.16.10.105 diff --git a/mcp/reclass/classes/system/reclass/storage/system/openstack_control_cluster.yml b/mcp/reclass/classes/system/reclass/storage/system/openstack_control_cluster.yml new file mode 100644 index 000000000..deb25b85a --- /dev/null +++ b/mcp/reclass/classes/system/reclass/storage/system/openstack_control_cluster.yml @@ -0,0 +1,44 @@ +parameters: + _param: + openstack_control_node01_hostname: ctl01 + openstack_control_node02_hostname: ctl02 + openstack_control_node03_hostname: ctl03 + reclass: + storage: + node: + openstack_control_node01: + name: ${_param:openstack_control_node01_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.openstack.control + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:openstack_control_node01_address} + keepalived_vip_priority: 103 + opencontrail_database_id: 1 + rabbitmq_cluster_role: master + openstack_control_node02: + name: ${_param:openstack_control_node02_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.openstack.control + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:openstack_control_node02_address} + keepalived_vip_priority: 102 + opencontrail_database_id: 2 + rabbitmq_cluster_role: slave + openstack_control_node03: + name: ${_param:openstack_control_node03_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.openstack.control + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:openstack_control_node03_address} + keepalived_vip_priority: 101 + opencontrail_database_id: 3 + rabbitmq_cluster_role: slave diff --git a/mcp/reclass/classes/system/reclass/storage/system/openstack_control_upgrade_single.yml b/mcp/reclass/classes/system/reclass/storage/system/openstack_control_upgrade_single.yml new file mode 100644 index 000000000..964e06414 --- /dev/null +++ b/mcp/reclass/classes/system/reclass/storage/system/openstack_control_upgrade_single.yml @@ -0,0 +1,15 @@ +parameters: + _param: + openstack_upgrade_node01_hostname: upg01 + reclass: + storage: + node: + openstack_control_upgrade_node01: + name: ${_param:openstack_upgrade_node01_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.openstack.upgrade + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: xenial + single_address: ${_param:openstack_upgrade_node01_address} diff --git a/mcp/reclass/classes/system/reclass/storage/system/openstack_dashboard_single.yml b/mcp/reclass/classes/system/reclass/storage/system/openstack_dashboard_single.yml new file mode 100644 index 000000000..c2915d35f --- /dev/null +++ b/mcp/reclass/classes/system/reclass/storage/system/openstack_dashboard_single.yml @@ -0,0 +1,15 @@ +parameters: + _param: + openstack_proxy_hostname: prx01 + reclass: + storage: + node: + openstack_proxy_node01: + name: ${_param:openstack_proxy_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.openstack.dashboard + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: 172.16.10.121 diff --git a/mcp/reclass/classes/system/reclass/storage/system/openstack_database_cluster.yml b/mcp/reclass/classes/system/reclass/storage/system/openstack_database_cluster.yml new file mode 100644 index 000000000..33c6d245c --- /dev/null +++ b/mcp/reclass/classes/system/reclass/storage/system/openstack_database_cluster.yml @@ -0,0 +1,44 @@ +parameters: + _param: + openstack_database_node01_hostname: dbs01 + openstack_database_node02_hostname: dbs02 + openstack_database_node03_hostname: dbs03 + reclass: + storage: + node: + openstack_database_node01: + name: ${_param:openstack_database_node01_hostname} + domain: ${_param:cluster_domain} + classes: + - service.galera.master.cluster + - cluster.${_param:cluster_name}.openstack.database + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:openstack_database_node01_address} + keepalived_vip_priority: 103 + mysql_cluster_role: master + openstack_database_node02: + name: ${_param:openstack_database_node02_hostname} + domain: ${_param:cluster_domain} + classes: + - service.galera.slave.cluster + - cluster.${_param:cluster_name}.openstack.database + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:openstack_database_node02_address} + keepalived_vip_priority: 102 + mysql_cluster_role: slave + openstack_database_node03: + name: ${_param:openstack_database_node03_hostname} + domain: ${_param:cluster_domain} + classes: + - service.galera.slave.cluster + - cluster.${_param:cluster_name}.openstack.database + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:openstack_database_node03_address} + keepalived_vip_priority: 101 + mysql_cluster_role: slave diff --git a/mcp/reclass/classes/system/reclass/storage/system/openstack_dns_cluster.yml b/mcp/reclass/classes/system/reclass/storage/system/openstack_dns_cluster.yml new file mode 100644 index 000000000..d134c886f --- /dev/null +++ b/mcp/reclass/classes/system/reclass/storage/system/openstack_dns_cluster.yml @@ -0,0 +1,27 @@ +parameters: + _param: + openstack_dns_node01_hostname: dns01 + openstack_dns_node02_hostname: dns02 + reclass: + storage: + node: + openstack_dns_node01: + name: ${_param:openstack_dns_node01_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.openstack.dns + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:openstack_dns_node01_address} + keepalived_vip_priority: 110 + openstack_dns_node02: + name: ${_param:openstack_dns_node02_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.openstack.dns + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:openstack_dns_node02_address} + keepalived_vip_priority: 111 diff --git a/mcp/reclass/classes/system/reclass/storage/system/openstack_gateway_cluster.yml b/mcp/reclass/classes/system/reclass/storage/system/openstack_gateway_cluster.yml new file mode 100644 index 000000000..f9d44856f --- /dev/null +++ b/mcp/reclass/classes/system/reclass/storage/system/openstack_gateway_cluster.yml @@ -0,0 +1,44 @@ +parameters: + _param: + openstack_gateway_node01_hostname: gtw01 + openstack_gateway_node02_hostname: gtw02 + openstack_gateway_node03_hostname: gtw03 + + openstack_gateway_node01_tenant_address: ${_param:single_address} + openstack_gateway_node02_tenant_address: ${_param:single_address} + openstack_gateway_node03_tenant_address: ${_param:single_address} + reclass: + storage: + node: + openstack_gateway_node01: + name: ${_param:openstack_gateway_node01_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.openstack.gateway + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: ${_param:linux_system_codename} + single_address: ${_param:openstack_gateway_node01_address} + tenant_address: ${_param:openstack_gateway_node01_tenant_address} + openstack_gateway_node02: + name: ${_param:openstack_gateway_node02_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.openstack.gateway + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: ${_param:linux_system_codename} + single_address: ${_param:openstack_gateway_node02_address} + tenant_address: ${_param:openstack_gateway_node02_tenant_address} + openstack_gateway_node03: + name: ${_param:openstack_gateway_node03_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.openstack.gateway + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: ${_param:linux_system_codename} + single_address: ${_param:openstack_gateway_node03_address} + tenant_address: ${_param:openstack_gateway_node03_tenant_address} + + diff --git a/mcp/reclass/classes/system/reclass/storage/system/openstack_gateway_single.yml b/mcp/reclass/classes/system/reclass/storage/system/openstack_gateway_single.yml new file mode 100644 index 000000000..6f1857193 --- /dev/null +++ b/mcp/reclass/classes/system/reclass/storage/system/openstack_gateway_single.yml @@ -0,0 +1,15 @@ +parameters: + _param: + openstack_gateway_node01_hostname: gtw01 + reclass: + storage: + node: + openstack_gateway_node01: + name: ${_param:openstack_gateway_node01_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.openstack.gateway + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: ${_param:linux_system_codename} + single_address: ${_param:openstack_gateway_address} \ No newline at end of file diff --git a/mcp/reclass/classes/system/reclass/storage/system/openstack_message_queue_cluster.yml b/mcp/reclass/classes/system/reclass/storage/system/openstack_message_queue_cluster.yml new file mode 100644 index 000000000..c6a811f91 --- /dev/null +++ b/mcp/reclass/classes/system/reclass/storage/system/openstack_message_queue_cluster.yml @@ -0,0 +1,41 @@ +parameters: + _param: + openstack_message_queue_node01_hostname: msg01 + openstack_message_queue_node02_hostname: msg02 + openstack_message_queue_node03_hostname: msg03 + reclass: + storage: + node: + openstack_message_queue_node01: + name: ${_param:openstack_message_queue_node01_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.openstack.message_queue + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:openstack_message_queue_node01_address} + keepalived_vip_priority: 103 + rabbitmq_cluster_role: master + openstack_message_queue_node02: + name: ${_param:openstack_message_queue_node02_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.openstack.message_queue + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:openstack_message_queue_node02_address} + keepalived_vip_priority: 102 + rabbitmq_cluster_role: slave + openstack_message_queue_node03: + name: ${_param:openstack_message_queue_node03_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.openstack.message_queue + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:openstack_message_queue_node03_address} + keepalived_vip_priority: 101 + rabbitmq_cluster_role: slave diff --git a/mcp/reclass/classes/system/reclass/storage/system/openstack_proxy_cluster.yml b/mcp/reclass/classes/system/reclass/storage/system/openstack_proxy_cluster.yml new file mode 100644 index 000000000..95439fa5c --- /dev/null +++ b/mcp/reclass/classes/system/reclass/storage/system/openstack_proxy_cluster.yml @@ -0,0 +1,27 @@ +parameters: + _param: + openstack_proxy_node01_hostname: prx01 + openstack_proxy_node02_hostname: prx02 + reclass: + storage: + node: + openstack_proxy_node01: + name: ${_param:openstack_proxy_node01_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.openstack.proxy + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:openstack_proxy_node01_address} + keepalived_vip_priority: 102 + openstack_proxy_node02: + name: ${_param:openstack_proxy_node02_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.openstack.proxy + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:openstack_proxy_node02_address} + keepalived_vip_priority: 101 diff --git a/mcp/reclass/classes/system/reclass/storage/system/openstack_proxy_single.yml b/mcp/reclass/classes/system/reclass/storage/system/openstack_proxy_single.yml new file mode 100644 index 000000000..794ca645c --- /dev/null +++ b/mcp/reclass/classes/system/reclass/storage/system/openstack_proxy_single.yml @@ -0,0 +1,15 @@ +parameters: + _param: + openstack_proxy_node01_hostname: prx01 + reclass: + storage: + node: + openstack_proxy_node01: + name: ${_param:openstack_proxy_node01_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.openstack.proxy + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:openstack_proxy_node01_address} diff --git a/mcp/reclass/classes/system/reclass/storage/system/openstack_telemetry_cluster.yml b/mcp/reclass/classes/system/reclass/storage/system/openstack_telemetry_cluster.yml new file mode 100644 index 000000000..d184fc924 --- /dev/null +++ b/mcp/reclass/classes/system/reclass/storage/system/openstack_telemetry_cluster.yml @@ -0,0 +1,38 @@ +parameters: + _param: + openstack_telemetry_node01_hostname: mdb01 + openstack_telemetry_node02_hostname: mdb02 + openstack_telemetry_node03_hostname: mdb03 + reclass: + storage: + node: + openstack_telemetry_node01: + name: ${_param:openstack_telemetry_node01_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.openstack.telemetry + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:openstack_telemetry_node01_address} + keepalived_vip_priority: 103 + openstack_telemetry_node02: + name: ${_param:openstack_telemetry_node02_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.openstack.telemetry + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:openstack_telemetry_node02_address} + keepalived_vip_priority: 102 + openstack_telemetry_node03: + name: ${_param:openstack_telemetry_node03_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.openstack.telemetry + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:openstack_telemetry_node03_address} + keepalived_vip_priority: 101 diff --git a/mcp/reclass/classes/system/reclass/storage/system/physical_control_cluster.yml b/mcp/reclass/classes/system/reclass/storage/system/physical_control_cluster.yml new file mode 100644 index 000000000..4622e09d4 --- /dev/null +++ b/mcp/reclass/classes/system/reclass/storage/system/physical_control_cluster.yml @@ -0,0 +1,57 @@ +parameters: + _param: + infra_kvm_node01_hostname: kvm01 + infra_kvm_node02_hostname: kvm02 + infra_kvm_node03_hostname: kvm03 + + infra_kvm_node01_deploy_address: ${_param:infra_kvm_node01_address} + infra_kvm_node02_deploy_address: ${_param:infra_kvm_node02_address} + infra_kvm_node03_deploy_address: ${_param:infra_kvm_node03_address} + + infra_kvm_node01_storage_address: ${_param:infra_kvm_node01_address} + infra_kvm_node02_storage_address: ${_param:infra_kvm_node02_address} + infra_kvm_node03_storage_address: ${_param:infra_kvm_node03_address} + + infra_kvm_node01_public_address: ${_param:infra_kvm_node01_address} + infra_kvm_node02_public_address: ${_param:infra_kvm_node02_address} + infra_kvm_node03_public_address: ${_param:infra_kvm_node03_address} + + reclass: + storage: + node: + infra_kvm_node01: + name: ${_param:infra_kvm_node01_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.infra.kvm + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:infra_kvm_node01_address} + deploy_address: ${_param:infra_kvm_node01_deploy_address} + public_address: ${_param:infra_kvm_node01_public_address} + storage_address: ${_param:infra_kvm_node01_storage_address} + infra_kvm_node02: + name: ${_param:infra_kvm_node02_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.infra.kvm + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:infra_kvm_node02_address} + deploy_address: ${_param:infra_kvm_node02_deploy_address} + public_address: ${_param:infra_kvm_node02_public_address} + storage_address: ${_param:infra_kvm_node02_storage_address} + infra_kvm_node03: + name: ${_param:infra_kvm_node03_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.infra.kvm + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:infra_kvm_node03_address} + deploy_address: ${_param:infra_kvm_node03_deploy_address} + public_address: ${_param:infra_kvm_node03_public_address} + storage_address: ${_param:infra_kvm_node03_storage_address} diff --git a/mcp/reclass/classes/system/reclass/storage/system/physical_control_full.yml b/mcp/reclass/classes/system/reclass/storage/system/physical_control_full.yml new file mode 100644 index 000000000..0f510a4b1 --- /dev/null +++ b/mcp/reclass/classes/system/reclass/storage/system/physical_control_full.yml @@ -0,0 +1,153 @@ +parameters: + _param: + infra_kvm_node01_hostname: kvm01 + infra_kvm_node02_hostname: kvm02 + infra_kvm_node03_hostname: kvm03 + infra_kvm_node04_hostname: kvm04 + infra_kvm_node05_hostname: kvm05 + infra_kvm_node06_hostname: kvm06 + infra_kvm_node07_hostname: kvm07 + infra_kvm_node08_hostname: kvm08 + infra_kvm_node09_hostname: kvm09 + + infra_kvm_node01_deploy_address: ${_param:infra_kvm_node01_address} + infra_kvm_node02_deploy_address: ${_param:infra_kvm_node02_address} + infra_kvm_node03_deploy_address: ${_param:infra_kvm_node03_address} + infra_kvm_node04_deploy_address: ${_param:infra_kvm_node04_address} + infra_kvm_node05_deploy_address: ${_param:infra_kvm_node05_address} + infra_kvm_node06_deploy_address: ${_param:infra_kvm_node06_address} + infra_kvm_node07_deploy_address: ${_param:infra_kvm_node07_address} + infra_kvm_node08_deploy_address: ${_param:infra_kvm_node08_address} + infra_kvm_node09_deploy_address: ${_param:infra_kvm_node09_address} + + infra_kvm_node01_storage_address: ${_param:infra_kvm_node01_address} + infra_kvm_node02_storage_address: ${_param:infra_kvm_node02_address} + infra_kvm_node03_storage_address: ${_param:infra_kvm_node03_address} + infra_kvm_node04_storage_address: ${_param:infra_kvm_node04_address} + infra_kvm_node05_storage_address: ${_param:infra_kvm_node05_address} + infra_kvm_node06_storage_address: ${_param:infra_kvm_node06_address} + infra_kvm_node07_storage_address: ${_param:infra_kvm_node07_address} + infra_kvm_node08_storage_address: ${_param:infra_kvm_node08_address} + infra_kvm_node09_storage_address: ${_param:infra_kvm_node09_address} + + infra_kvm_node01_public_address: ${_param:infra_kvm_node01_address} + infra_kvm_node02_public_address: ${_param:infra_kvm_node02_address} + infra_kvm_node03_public_address: ${_param:infra_kvm_node03_address} + infra_kvm_node04_public_address: ${_param:infra_kvm_node04_address} + infra_kvm_node05_public_address: ${_param:infra_kvm_node05_address} + infra_kvm_node06_public_address: ${_param:infra_kvm_node06_address} + infra_kvm_node07_public_address: ${_param:infra_kvm_node07_address} + infra_kvm_node08_public_address: ${_param:infra_kvm_node08_address} + infra_kvm_node09_public_address: ${_param:infra_kvm_node09_address} + + reclass: + storage: + node: + infra_kvm_node01: + name: ${_param:infra_kvm_node01_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.infra.kvm + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:infra_kvm_node01_address} + deploy_address: ${_param:infra_kvm_node01_deploy_address} + public_address: ${_param:infra_kvm_node01_public_address} + storage_address: ${_param:infra_kvm_node01_storage_address} + infra_kvm_node02: + name: ${_param:infra_kvm_node02_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.infra.kvm + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:infra_kvm_node02_address} + deploy_address: ${_param:infra_kvm_node02_deploy_address} + public_address: ${_param:infra_kvm_node02_public_address} + storage_address: ${_param:infra_kvm_node02_storage_address} + infra_kvm_node03: + name: ${_param:infra_kvm_node03_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.infra.kvm + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:infra_kvm_node03_address} + deploy_address: ${_param:infra_kvm_node03_deploy_address} + public_address: ${_param:infra_kvm_node03_public_address} + storage_address: ${_param:infra_kvm_node03_storage_address} + infra_kvm_node04: + name: ${_param:infra_kvm_node04_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.infra.kvm + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:infra_kvm_node04_address} + deploy_address: ${_param:infra_kvm_node04_deploy_address} + public_address: ${_param:infra_kvm_node04_public_address} + storage_address: ${_param:infra_kvm_node04_storage_address} + infra_kvm_node05: + name: ${_param:infra_kvm_node05_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.infra.kvm + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:infra_kvm_node05_address} + deploy_address: ${_param:infra_kvm_node05_deploy_address} + public_address: ${_param:infra_kvm_node05_public_address} + storage_address: ${_param:infra_kvm_node05_storage_address} + infra_kvm_node06: + name: ${_param:infra_kvm_node06_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.infra.kvm + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:infra_kvm_node06_address} + deploy_address: ${_param:infra_kvm_node06_deploy_address} + public_address: ${_param:infra_kvm_node06_public_address} + storage_address: ${_param:infra_kvm_node06_storage_address} + infra_kvm_node07: + name: ${_param:infra_kvm_node07_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.infra.kvm + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:infra_kvm_node07_address} + deploy_address: ${_param:infra_kvm_node07_deploy_address} + public_address: ${_param:infra_kvm_node07_public_address} + storage_address: ${_param:infra_kvm_node07_storage_address} + infra_kvm_node08: + name: ${_param:infra_kvm_node08_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.infra.kvm + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:infra_kvm_node08_address} + deploy_address: ${_param:infra_kvm_node08_deploy_address} + public_address: ${_param:infra_kvm_node08_public_address} + storage_address: ${_param:infra_kvm_node08_storage_address} + infra_kvm_node09: + name: ${_param:infra_kvm_node09_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.infra.kvm + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:infra_kvm_node09_address} + deploy_address: ${_param:infra_kvm_node09_deploy_address} + public_address: ${_param:infra_kvm_node09_public_address} + storage_address: ${_param:infra_kvm_node09_storage_address} diff --git a/mcp/reclass/classes/system/reclass/storage/system/physical_control_single.yml b/mcp/reclass/classes/system/reclass/storage/system/physical_control_single.yml new file mode 100644 index 000000000..32f09c307 --- /dev/null +++ b/mcp/reclass/classes/system/reclass/storage/system/physical_control_single.yml @@ -0,0 +1,21 @@ +parameters: + _param: + infra_kvm_node01_hostname: kvm01 + infra_kvm_node01_deploy_address: ${_param:infra_kvm_node01_address} + infra_kvm_node01_storage_address: ${_param:infra_kvm_node01_address} + infra_kvm_node01_public_address: ${_param:infra_kvm_node01_address} + reclass: + storage: + node: + infra_kvm_node01: + name: ${_param:infra_kvm_node01_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.infra.kvm + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: trusty + single_address: ${_param:infra_kvm_node01_address} + deploy_address: ${_param:infra_kvm_node01_deploy_address} + public_address: ${_param:infra_kvm_node01_public_address} + storage_address: ${_param:infra_kvm_node01_storage_address} diff --git a/mcp/reclass/classes/system/reclass/storage/system/rsyslog_single.yml b/mcp/reclass/classes/system/reclass/storage/system/rsyslog_single.yml new file mode 100644 index 000000000..a3eefac56 --- /dev/null +++ b/mcp/reclass/classes/system/reclass/storage/system/rsyslog_single.yml @@ -0,0 +1,15 @@ +parameters: + _param: + rsyslog_node01_hostname: rsl01 + reclass: + storage: + node: + rsyslog_node01: + name: ${_param:rsyslog_node01_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.infra.rsyslog + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: xenial + single_address: ${_param:rsyslog_node01_address} diff --git a/mcp/reclass/classes/system/reclass/storage/system/stacklight_log_cluster.yml b/mcp/reclass/classes/system/reclass/storage/system/stacklight_log_cluster.yml new file mode 100644 index 000000000..4a5da29eb --- /dev/null +++ b/mcp/reclass/classes/system/reclass/storage/system/stacklight_log_cluster.yml @@ -0,0 +1,39 @@ +parameters: + _param: + stacklight_log_node01_hostname: log01 + stacklight_log_node02_hostname: log02 + stacklight_log_node03_hostname: log03 + reclass: + storage: + node: + stacklight_log_node01: + name: ${_param:stacklight_log_node01_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.stacklight.log + - cluster.${_param:cluster_name}.stacklight.log_curator + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: xenial + single_address: ${_param:stacklight_log_node01_address} + keepalived_vip_priority: 103 + stacklight_log_node02: + name: ${_param:stacklight_log_node02_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.stacklight.log + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: xenial + single_address: ${_param:stacklight_log_node02_address} + keepalived_vip_priority: 102 + stacklight_log_node03: + name: ${_param:stacklight_log_node03_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.stacklight.log + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: xenial + single_address: ${_param:stacklight_log_node03_address} + keepalived_vip_priority: 101 diff --git a/mcp/reclass/classes/system/reclass/storage/system/stacklight_monitor_cluster.yml b/mcp/reclass/classes/system/reclass/storage/system/stacklight_monitor_cluster.yml new file mode 100644 index 000000000..f95cf813d --- /dev/null +++ b/mcp/reclass/classes/system/reclass/storage/system/stacklight_monitor_cluster.yml @@ -0,0 +1,44 @@ +parameters: + _param: + stacklight_monitor_node01_hostname: mon01 + stacklight_monitor_node02_hostname: mon02 + stacklight_monitor_node03_hostname: mon03 + reclass: + storage: + node: + stacklight_monitor_node01: + name: ${_param:stacklight_monitor_node01_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.stacklight.monitor + params: + redis_cluster_role: 'master' + rabbitmq_cluster_role: 'master' + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: xenial + single_address: ${_param:stacklight_monitor_node01_address} + keepalived_vip_priority: 103 + stacklight_monitor_node02: + name: ${_param:stacklight_monitor_node02_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.stacklight.monitor + params: + redis_cluster_role: 'slave' + rabbitmq_cluster_role: 'slave' + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: xenial + single_address: ${_param:stacklight_monitor_node02_address} + keepalived_vip_priority: 102 + stacklight_monitor_node03: + name: ${_param:stacklight_monitor_node03_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.stacklight.monitor + params: + redis_cluster_role: 'slave' + rabbitmq_cluster_role: 'slave' + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: xenial + single_address: ${_param:stacklight_monitor_node03_address} + keepalived_vip_priority: 101 diff --git a/mcp/reclass/classes/system/reclass/storage/system/stacklight_server_cluster.yml b/mcp/reclass/classes/system/reclass/storage/system/stacklight_server_cluster.yml new file mode 100644 index 000000000..26b9ebed9 --- /dev/null +++ b/mcp/reclass/classes/system/reclass/storage/system/stacklight_server_cluster.yml @@ -0,0 +1,50 @@ +parameters: + _param: + stacklight_monitor_node01_hostname: mon01 + stacklight_monitor_node02_hostname: mon02 + stacklight_monitor_node03_hostname: mon03 + reclass: + storage: + node: + stacklight_server_node01: + name: ${_param:stacklight_monitor_node01_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.stacklight.server + - system.elasticsearch.client.single + - system.grafana.client.single + - system.kibana.client.single + params: + redis_cluster_role: 'master' + rabbitmq_cluster_role: 'master' + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: xenial + single_address: ${_param:stacklight_monitor_node01_address} + keepalived_vip_priority: 103 + rabbitmq_cluster_role: master + stacklight_server_node02: + name: ${_param:stacklight_monitor_node02_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.stacklight.server + params: + redis_cluster_role: 'slave' + rabbitmq_cluster_role: 'slave' + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: xenial + single_address: ${_param:stacklight_monitor_node02_address} + keepalived_vip_priority: 102 + rabbitmq_cluster_role: slave + stacklight_server_node03: + name: ${_param:stacklight_monitor_node03_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.stacklight.server + params: + redis_cluster_role: 'slave' + rabbitmq_cluster_role: 'slave' + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: xenial + single_address: ${_param:stacklight_monitor_node03_address} + keepalived_vip_priority: 101 + rabbitmq_cluster_role: slave diff --git a/mcp/reclass/classes/system/reclass/storage/system/stacklight_server_single.yml b/mcp/reclass/classes/system/reclass/storage/system/stacklight_server_single.yml new file mode 100644 index 000000000..2b397f6de --- /dev/null +++ b/mcp/reclass/classes/system/reclass/storage/system/stacklight_server_single.yml @@ -0,0 +1,18 @@ +parameters: + _param: + stacklight_monitor_node01_hostname: mon01 + reclass: + storage: + node: + stacklight_server_node01: + name: ${_param:stacklight_monitor_node01_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.stacklight.server + - system.elasticsearch.client.single + - system.grafana.client.single + - system.kibana.client.single + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: xenial + single_address: ${_param:stacklight_monitor_node01_address} diff --git a/mcp/reclass/classes/system/reclass/storage/system/stacklight_telemetry_cluster.yml b/mcp/reclass/classes/system/reclass/storage/system/stacklight_telemetry_cluster.yml new file mode 100644 index 000000000..12b1daebb --- /dev/null +++ b/mcp/reclass/classes/system/reclass/storage/system/stacklight_telemetry_cluster.yml @@ -0,0 +1,38 @@ +parameters: + _param: + stacklight_telemetry_node01_hostname: mtr01 + stacklight_telemetry_node02_hostname: mtr02 + stacklight_telemetry_node03_hostname: mtr03 + reclass: + storage: + node: + stacklight_telemetry_node01: + name: ${_param:stacklight_telemetry_node01_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.stacklight.telemetry + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: xenial + single_address: ${_param:stacklight_telemetry_node01_address} + keepalived_vip_priority: 103 + stacklight_telemetry_node02: + name: ${_param:stacklight_telemetry_node02_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.stacklight.telemetry + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: xenial + single_address: ${_param:stacklight_telemetry_node02_address} + keepalived_vip_priority: 102 + stacklight_telemetry_node03: + name: ${_param:stacklight_telemetry_node03_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.stacklight.telemetry + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: xenial + single_address: ${_param:stacklight_telemetry_node03_address} + keepalived_vip_priority: 101 diff --git a/mcp/reclass/classes/system/reclass/storage/system/stacklight_telemetry_single.yml b/mcp/reclass/classes/system/reclass/storage/system/stacklight_telemetry_single.yml new file mode 100644 index 000000000..bc51b3027 --- /dev/null +++ b/mcp/reclass/classes/system/reclass/storage/system/stacklight_telemetry_single.yml @@ -0,0 +1,16 @@ +parameters: + _param: + stacklight_telemetry_node01_hostname: mtr01 + reclass: + storage: + node: + stacklight_telemetry_node01: + name: ${_param:stacklight_telemetry_node01_hostname} + domain: ${_param:cluster_domain} + classes: + - cluster.${_param:cluster_name}.stacklight.telemetry + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: xenial + single_address: ${_param:stacklight_telemetry_node01_address} + keepalived_vip_priority: 103 \ No newline at end of file diff --git a/mcp/reclass/classes/system/reclass/storage/system/stacklightv2_server_cluster.yml b/mcp/reclass/classes/system/reclass/storage/system/stacklightv2_server_cluster.yml new file mode 100644 index 000000000..c72ac2c81 --- /dev/null +++ b/mcp/reclass/classes/system/reclass/storage/system/stacklightv2_server_cluster.yml @@ -0,0 +1,42 @@ +parameters: + _param: + stacklight_monitor_node01_hostname: mon01 + stacklight_monitor_node02_hostname: mon02 + stacklight_monitor_node03_hostname: mon03 + reclass: + storage: + node: + stacklight_server_node01: + name: ${_param:stacklight_monitor_node01_hostname} + domain: ${_param:cluster_domain} + classes: + - system.docker.swarm.master + - cluster.${_param:cluster_name}.stacklight.server + - cluster.${_param:cluster_name}.stacklight.client + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: xenial + single_address: ${_param:stacklight_monitor_node01_address} + keepalived_vip_priority: 103 + stacklight_server_node02: + name: ${_param:stacklight_monitor_node02_hostname} + domain: ${_param:cluster_domain} + classes: + - system.docker.swarm.manager + - cluster.${_param:cluster_name}.stacklight.server + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: xenial + single_address: ${_param:stacklight_monitor_node02_address} + keepalived_vip_priority: 102 + stacklight_server_node03: + name: ${_param:stacklight_monitor_node03_hostname} + domain: ${_param:cluster_domain} + classes: + - system.docker.swarm.manager + - cluster.${_param:cluster_name}.stacklight.server + params: + salt_master_host: ${_param:reclass_config_master} + linux_system_codename: xenial + single_address: ${_param:stacklight_monitor_node03_address} + keepalived_vip_priority: 101 diff --git a/mcp/reclass/classes/system/rsyslog/client/single.yml b/mcp/reclass/classes/system/rsyslog/client/single.yml new file mode 100644 index 000000000..bf957d071 --- /dev/null +++ b/mcp/reclass/classes/system/rsyslog/client/single.yml @@ -0,0 +1,2 @@ +classes: +- service.rsyslog.client.single diff --git a/mcp/reclass/classes/system/salt/control/cluster/cicd_control_cluster.yml b/mcp/reclass/classes/system/salt/control/cluster/cicd_control_cluster.yml new file mode 100644 index 000000000..82366a8ff --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/cicd_control_cluster.yml @@ -0,0 +1,29 @@ +parameters: + salt: + control: + size: + cicd.control: + cpu: 8 + ram: 32768 + disk_profile: large + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + cid01: + name: ${_param:cicd_control_node01_hostname} + provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: cicd.control + cid02: + name: ${_param:cicd_control_node02_hostname} + provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: cicd.control + cid03: + name: ${_param:cicd_control_node03_hostname} + provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: cicd.control diff --git a/mcp/reclass/classes/system/salt/control/cluster/infra_idm_cluster.yml b/mcp/reclass/classes/system/salt/control/cluster/infra_idm_cluster.yml new file mode 100644 index 000000000..3db87a27e --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/infra_idm_cluster.yml @@ -0,0 +1,26 @@ +parameters: + salt: + control: + size: + infra.idm: + cpu: 4 + ram: 8192 + disk_profile: large + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + idm01: + provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_centos7_image} + size: infra.idm + idm02: + provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_centos7_image} + size: infra.idm + idm03: + provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_centos7_image} + size: infra.idm diff --git a/mcp/reclass/classes/system/salt/control/cluster/infra_integration_single.yml b/mcp/reclass/classes/system/salt/control/cluster/infra_integration_single.yml new file mode 100644 index 000000000..66de89559 --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/infra_integration_single.yml @@ -0,0 +1,19 @@ +parameters: + salt: + control: + size: + infra.integration: + cpu: 4 + ram: 8192 + disk_profile: small + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + cid01: + name: ${_param:cicd_control_node01_hostname} + provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: infra.integration diff --git a/mcp/reclass/classes/system/salt/control/cluster/infra_proxy_cluster.yml b/mcp/reclass/classes/system/salt/control/cluster/infra_proxy_cluster.yml new file mode 100644 index 000000000..f3453ff82 --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/infra_proxy_cluster.yml @@ -0,0 +1,24 @@ +parameters: + salt: + control: + size: + infra.proxy: + cpu: 32 + ram: 65536 + disk_profile: small + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + prx01: + name: ${_param:openstack_proxy_node01_hostname} + provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: infra.proxy + prx02: + name: ${_param:openstack_proxy_node01_hostname} + provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: infra.proxy diff --git a/mcp/reclass/classes/system/salt/control/cluster/infra_proxy_single.yml b/mcp/reclass/classes/system/salt/control/cluster/infra_proxy_single.yml new file mode 100644 index 000000000..7d092fa27 --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/infra_proxy_single.yml @@ -0,0 +1,19 @@ +parameters: + salt: + control: + size: + infra.proxy: + cpu: 32 + ram: 65536 + disk_profile: small + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + prx01: + name: ${_param:openstack_proxy_node01_hostname} + provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: infra.proxy diff --git a/mcp/reclass/classes/system/salt/control/cluster/infra_storage_single.yml b/mcp/reclass/classes/system/salt/control/cluster/infra_storage_single.yml new file mode 100644 index 000000000..ca8ce26c9 --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/infra_storage_single.yml @@ -0,0 +1,18 @@ +parameters: + salt: + control: + size: + infra.storage: + cpu: 4 + ram: 8192 + disk_profile: xxxlarge + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + sto01: + provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: infra.storage diff --git a/mcp/reclass/classes/system/salt/control/cluster/infra_version_control_single.yml b/mcp/reclass/classes/system/salt/control/cluster/infra_version_control_single.yml new file mode 100644 index 000000000..10e01aba3 --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/infra_version_control_single.yml @@ -0,0 +1,18 @@ +parameters: + salt: + control: + size: + infra.version_control: + cpu: 4 + ram: 8192 + disk_profile: small + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + git01: + provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: infra.version_control diff --git a/mcp/reclass/classes/system/salt/control/cluster/opencontrail_analytics_cluster.yml b/mcp/reclass/classes/system/salt/control/cluster/opencontrail_analytics_cluster.yml new file mode 100644 index 000000000..37fb60ac3 --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/opencontrail_analytics_cluster.yml @@ -0,0 +1,29 @@ +parameters: + salt: + control: + size: + opencontrail.analytics: + cpu: 32 + ram: 65536 + disk_profile: small + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + nal01: + name: ${_param:opencontrail_analytics_node01_hostname} + provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: opencontrail.analytics + nal02: + name: ${_param:opencontrail_analytics_node02_hostname} + provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: opencontrail.analytics + nal03: + name: ${_param:opencontrail_analytics_node03_hostname} + provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: opencontrail.analytics diff --git a/mcp/reclass/classes/system/salt/control/cluster/opencontrail_control_cluster.yml b/mcp/reclass/classes/system/salt/control/cluster/opencontrail_control_cluster.yml new file mode 100644 index 000000000..10ddf5e25 --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/opencontrail_control_cluster.yml @@ -0,0 +1,29 @@ +parameters: + salt: + control: + size: + opencontrail.control: + cpu: 32 + ram: 65536 + disk_profile: small + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + ntw01: + name: ${_param:opencontrail_control_node01_hostname} + provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: opencontrail.control + ntw02: + name: ${_param:opencontrail_control_node02_hostname} + provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: opencontrail.control + ntw03: + name: ${_param:opencontrail_control_node03_hostname} + provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: opencontrail.control diff --git a/mcp/reclass/classes/system/salt/control/cluster/openstack_benchmark_single.yml b/mcp/reclass/classes/system/salt/control/cluster/openstack_benchmark_single.yml new file mode 100644 index 000000000..0677320a6 --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/openstack_benchmark_single.yml @@ -0,0 +1,18 @@ +parameters: + salt: + control: + size: + openstack.benchmark: + cpu: 2 + ram: 4096 + disk_profile: small + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + bmk01: + provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: openstack.benchmark diff --git a/mcp/reclass/classes/system/salt/control/cluster/openstack_billing_single.yml b/mcp/reclass/classes/system/salt/control/cluster/openstack_billing_single.yml new file mode 100644 index 000000000..f8dacf725 --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/openstack_billing_single.yml @@ -0,0 +1,18 @@ +parameters: + salt: + control: + size: + openstack.billing: + cpu: 4 + ram: 8192 + disk_profile: large + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + bil01: + provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: openstack.control diff --git a/mcp/reclass/classes/system/salt/control/cluster/openstack_control_cluster.yml b/mcp/reclass/classes/system/salt/control/cluster/openstack_control_cluster.yml new file mode 100644 index 000000000..f28a7d069 --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/openstack_control_cluster.yml @@ -0,0 +1,29 @@ +parameters: + salt: + control: + size: + openstack.control: + cpu: 32 + ram: 65536 + disk_profile: small + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + ctl01: + name: ${_param:openstack_control_node01_hostname} + provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: openstack.control + ctl02: + name: ${_param:openstack_control_node02_hostname} + provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: openstack.control + ctl03: + name: ${_param:openstack_control_node03_hostname} + provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: openstack.control diff --git a/mcp/reclass/classes/system/salt/control/cluster/openstack_database_cluster.yml b/mcp/reclass/classes/system/salt/control/cluster/openstack_database_cluster.yml new file mode 100644 index 000000000..2a00308e3 --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/openstack_database_cluster.yml @@ -0,0 +1,29 @@ +parameters: + salt: + control: + size: + openstack.database: + cpu: 32 + ram: 65536 + disk_profile: small + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + dbs01: + name: ${_param:openstack_database_node01_hostname} + provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: openstack.database + dbs02: + name: ${_param:openstack_database_node02_hostname} + provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: openstack.database + dbs03: + name: ${_param:openstack_database_node03_hostname} + provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: openstack.database diff --git a/mcp/reclass/classes/system/salt/control/cluster/openstack_dns_cluster.yml b/mcp/reclass/classes/system/salt/control/cluster/openstack_dns_cluster.yml new file mode 100644 index 000000000..71af5c139 --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/openstack_dns_cluster.yml @@ -0,0 +1,22 @@ +parameters: + salt: + control: + size: + openstack.dns: + cpu: 2 + ram: 4096 + disk_profile: small + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + dns01: + provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: openstack.dns + dns02: + provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: openstack.dns diff --git a/mcp/reclass/classes/system/salt/control/cluster/openstack_gateway_cluster.yml b/mcp/reclass/classes/system/salt/control/cluster/openstack_gateway_cluster.yml new file mode 100644 index 000000000..5d2a20a77 --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/openstack_gateway_cluster.yml @@ -0,0 +1,26 @@ +parameters: + salt: + control: + size: + openstack.gateway: + cpu: 32 + ram: 65536 + disk_profile: small + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + gtw01: + provider: kvm01.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: openstack.gateway + gtw02: + provider: kvm01.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: openstack.gateway + gtw03: + provider: kvm01.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: openstack.gateway diff --git a/mcp/reclass/classes/system/salt/control/cluster/openstack_gateway_single.yml b/mcp/reclass/classes/system/salt/control/cluster/openstack_gateway_single.yml new file mode 100644 index 000000000..e10d1b2ff --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/openstack_gateway_single.yml @@ -0,0 +1,18 @@ +parameters: + salt: + control: + size: + openstack.gateway: + cpu: 32 + ram: 65536 + disk_profile: small + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + gtw01: + provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: openstack.gateway diff --git a/mcp/reclass/classes/system/salt/control/cluster/openstack_message_queue_cluster.yml b/mcp/reclass/classes/system/salt/control/cluster/openstack_message_queue_cluster.yml new file mode 100644 index 000000000..cab5adb2d --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/openstack_message_queue_cluster.yml @@ -0,0 +1,29 @@ +parameters: + salt: + control: + size: + openstack.message_queue: + cpu: 32 + ram: 65536 + disk_profile: small + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + msg01: + name: ${_param:openstack_message_queue_node01_hostname} + provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: openstack.message_queue + msg02: + name: ${_param:openstack_message_queue_node02_hostname} + provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: openstack.message_queue + msg03: + name: ${_param:openstack_message_queue_node03_hostname} + provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: openstack.message_queue diff --git a/mcp/reclass/classes/system/salt/control/cluster/openstack_proxy_cluster.yml b/mcp/reclass/classes/system/salt/control/cluster/openstack_proxy_cluster.yml new file mode 100644 index 000000000..628dcd885 --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/openstack_proxy_cluster.yml @@ -0,0 +1,25 @@ +parameters: + salt: + control: + size: + openstack.proxy: + cpu: 32 + ram: 65536 + disk_profile: small + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + prx01: + name: ${_param:openstack_proxy_node01_hostname} + provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: openstack.proxy + prx02: + name: ${_param:openstack_proxy_node02_hostname} + provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: openstack.proxy + diff --git a/mcp/reclass/classes/system/salt/control/cluster/openstack_proxy_single.yml b/mcp/reclass/classes/system/salt/control/cluster/openstack_proxy_single.yml new file mode 100644 index 000000000..8ad0baf6f --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/openstack_proxy_single.yml @@ -0,0 +1,19 @@ +parameters: + salt: + control: + size: + openstack.proxy: + cpu: 32 + ram: 65536 + disk_profile: small + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + prx01: + name: ${_param:openstack_proxy_node01_hostname} + provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: openstack.proxy diff --git a/mcp/reclass/classes/system/salt/control/cluster/openstack_telemetry_cluster.yml b/mcp/reclass/classes/system/salt/control/cluster/openstack_telemetry_cluster.yml new file mode 100644 index 000000000..633b98483 --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/openstack_telemetry_cluster.yml @@ -0,0 +1,29 @@ +parameters: + salt: + control: + size: + openstack.telemetry: + cpu: 4 + ram: 8192 + disk_profile: large + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + mdb01: + name: ${_param:openstack_telemetry_node01_hostname} + provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: openstack.telemetry + mdb02: + name: ${_param:openstack_telemetry_node02_hostname} + provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: openstack.telemetry + mdb03: + name: ${_param:openstack_telemetry_node03_hostname} + provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: openstack.telemetry diff --git a/mcp/reclass/classes/system/salt/control/cluster/openstack_upgrade_single.yml b/mcp/reclass/classes/system/salt/control/cluster/openstack_upgrade_single.yml new file mode 100644 index 000000000..3189f3e94 --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/openstack_upgrade_single.yml @@ -0,0 +1,18 @@ +parameters: + salt: + control: + size: + openstack.upgrade: + cpu: 32 + ram: 65536 + disk_profile: medium + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + upg01: + provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: openstack.upgrade diff --git a/mcp/reclass/classes/system/salt/control/cluster/rsyslog_single.yml b/mcp/reclass/classes/system/salt/control/cluster/rsyslog_single.yml new file mode 100644 index 000000000..76cc77f4e --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/rsyslog_single.yml @@ -0,0 +1,18 @@ +parameters: + salt: + control: + size: + infra.rsyslog: + cpu: 8 + ram: 8192 + disk_profile: xxlarge + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + rsl01: + provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: infra.rsyslog diff --git a/mcp/reclass/classes/system/salt/control/cluster/stacklight_log_cluster.yml b/mcp/reclass/classes/system/salt/control/cluster/stacklight_log_cluster.yml new file mode 100644 index 000000000..330e301e1 --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/stacklight_log_cluster.yml @@ -0,0 +1,29 @@ +parameters: + salt: + control: + size: + stacklight.log: + cpu: 32 + ram: 65536 + disk_profile: small + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + log01: + name: ${_param:stacklight_log_node01_hostname} + provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: stacklight.log + log02: + name: ${_param:stacklight_log_node02_hostname} + provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: stacklight.log + log03: + name: ${_param:stacklight_log_node03_hostname} + provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: stacklight.log diff --git a/mcp/reclass/classes/system/salt/control/cluster/stacklight_server_cluster.yml b/mcp/reclass/classes/system/salt/control/cluster/stacklight_server_cluster.yml new file mode 100644 index 000000000..0055d20a2 --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/stacklight_server_cluster.yml @@ -0,0 +1,29 @@ +parameters: + salt: + control: + size: + stacklight.server: + cpu: 32 + ram: 65536 + disk_profile: small + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + mon01: + name: ${_param:stacklight_monitor_node01_hostname} + provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: stacklight.server + mon02: + name: ${_param:stacklight_monitor_node02_hostname} + provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: stacklight.server + mon03: + name: ${_param:stacklight_monitor_node03_hostname} + provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: stacklight.server diff --git a/mcp/reclass/classes/system/salt/control/cluster/stacklight_telemetry_cluster.yml b/mcp/reclass/classes/system/salt/control/cluster/stacklight_telemetry_cluster.yml new file mode 100644 index 000000000..bfd14b0d8 --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/stacklight_telemetry_cluster.yml @@ -0,0 +1,29 @@ +parameters: + salt: + control: + size: + stacklight.telemetry: + cpu: 32 + ram: 65536 + disk_profile: small + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + mtr01: + name: ${_param:stacklight_telemetry_node01_hostname} + provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: stacklight.telemetry + mtr02: + name: ${_param:stacklight_telemetry_node02_hostname} + provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: stacklight.telemetry + mtr03: + name: ${_param:stacklight_telemetry_node03_hostname} + provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: stacklight.telemetry diff --git a/mcp/reclass/classes/system/salt/control/cluster/stacklight_telemetry_single.yml b/mcp/reclass/classes/system/salt/control/cluster/stacklight_telemetry_single.yml new file mode 100644 index 000000000..81fd6fb1d --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/stacklight_telemetry_single.yml @@ -0,0 +1,19 @@ +parameters: + salt: + control: + size: + stacklight.telemetry: + cpu: 32 + ram: 65536 + disk_profile: small + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + mtr01: + name: ${_param:stacklight_telemetry_node01_hostname} + provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: stacklight.telemetry diff --git a/mcp/reclass/classes/system/salt/control/virt.yml b/mcp/reclass/classes/system/salt/control/virt.yml new file mode 100644 index 000000000..6ed85378c --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/virt.yml @@ -0,0 +1,47 @@ +classes: + - service.libvirt.server.kvm +parameters: + salt: + control: + enabled: True + virt_enabled: True + virt: + nic: + default: + eth1: + bridge: br0 + model: virtio + eth0: + bridge: br1 + model: virtio + disk: + default: + - system: + size: 50000 + xxxsmall: + - system: + size: 8000 + xxsmall: + - system: + size: 15000 + xsmall: + - system: + size: 30000 + small: + - system: + size: 50000 + medium: + - system: + size: 80000 + large: + - system: + size: 100000 + xlarge: + - system: + size: 150000 + xxlarge: + - system: + size: 300000 + xxxlarge: + - system: + size: 500000 diff --git a/mcp/reclass/classes/system/salt/master/api.yml b/mcp/reclass/classes/system/salt/master/api.yml new file mode 100644 index 000000000..b5ede2f8a --- /dev/null +++ b/mcp/reclass/classes/system/salt/master/api.yml @@ -0,0 +1,31 @@ +parameters: + _param: + salt_master_api_port: 6969 + salt_master_api_permissions: + - '.*' + - '@local' + - '@wheel' # to allow access to all wheel modules + - '@runner' # to allow access to all runner modules + - '@jobs' # to allow access to the jobs runner and/or wheel mo + salt: + api: + enabled: true + bind: + address: 0.0.0.0 + port: ${_param:salt_master_api_port} + master: + command_timeout: 600 + user: + salt: + permissions: ${_param:salt_master_api_permissions} + linux: + system: + user: + salt: + enabled: true + name: salt + password: ${_param:salt_api_password_hash} + home: /var/tmp/salt + sudo: false + system: true + shell: /bin/false diff --git a/mcp/reclass/classes/system/salt/master/formula/git/ccp.yml b/mcp/reclass/classes/system/salt/master/formula/git/ccp.yml new file mode 100644 index 000000000..c8f1c65bb --- /dev/null +++ b/mcp/reclass/classes/system/salt/master/formula/git/ccp.yml @@ -0,0 +1,10 @@ +parameters: + salt: + master: + environment: + dev: + formula: + ccp: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-ccp.git' + revision: ${_param:salt_master_environment_revision} diff --git a/mcp/reclass/classes/system/salt/master/formula/git/foundation.yml b/mcp/reclass/classes/system/salt/master/formula/git/foundation.yml new file mode 100644 index 000000000..7e21699f8 --- /dev/null +++ b/mcp/reclass/classes/system/salt/master/formula/git/foundation.yml @@ -0,0 +1,56 @@ +parameters: + salt: + master: + environment: + dev: + formula: + aptly: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-aptly.git' + revision: ${_param:salt_master_environment_revision} + bind: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-bind.git' + revision: ${_param:salt_master_environment_revision} + gerrit: + module: + gerrit.py: + enabled: true + state: + gerrit.py: + enabled: true + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-gerrit.git' + revision: ${_param:salt_master_environment_revision} + jenkins: + module: + jenkins_common.py: + enabled: true + state: + jenkins_credential.py: + enabled: true + jenkins_job.py: + enabled: true + jenkins_lib.py: + enabled: true + jenkins_node.py: + enabled: true + jenkins_plugin.py: + enabled: true + jenkins_security.py: + enabled: true + jenkins_slack.py: + enabled: true + jenkins_smtp.py: + enabled: true + jenkins_user.py: + enabled: true + jenkins_view.py: + enabled: true + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-jenkins.git' + revision: ${_param:salt_master_environment_revision} + openldap: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-openldap.git' + revision: ${_param:salt_master_environment_revision} diff --git a/mcp/reclass/classes/system/salt/master/formula/git/kubernetes.yml b/mcp/reclass/classes/system/salt/master/formula/git/kubernetes.yml new file mode 100644 index 000000000..fe8ad5dab --- /dev/null +++ b/mcp/reclass/classes/system/salt/master/formula/git/kubernetes.yml @@ -0,0 +1,22 @@ +parameters: + salt: + master: + environment: + dev: + formula: + kubernetes: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-kubernetes.git' + revision: ${_param:salt_master_environment_revision} + etcd: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-etcd.git' + revision: ${_param:salt_master_environment_revision} + bird: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-bird.git' + revision: ${_param:salt_master_environment_revision} + docker: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-docker.git' + revision: ${_param:salt_master_environment_revision} \ No newline at end of file diff --git a/mcp/reclass/classes/system/salt/master/formula/git/monitoring.yml b/mcp/reclass/classes/system/salt/master/formula/git/monitoring.yml new file mode 100644 index 000000000..e0cf30df1 --- /dev/null +++ b/mcp/reclass/classes/system/salt/master/formula/git/monitoring.yml @@ -0,0 +1,14 @@ +parameters: + salt: + master: + environment: + dev: + formula: + prometheus: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-prometheus.git' + revision: ${_param:salt_master_environment_revision} + telegraf: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-telegraf.git' + revision: ${_param:salt_master_environment_revision} diff --git a/mcp/reclass/classes/system/salt/master/formula/git/openstack.yml b/mcp/reclass/classes/system/salt/master/formula/git/openstack.yml new file mode 100644 index 000000000..36ddfc29b --- /dev/null +++ b/mcp/reclass/classes/system/salt/master/formula/git/openstack.yml @@ -0,0 +1,122 @@ +parameters: + salt: + master: + environment: + dev: + formula: + aodh: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-aodh.git' + revision: ${_param:salt_master_environment_revision} + #avinetworks: + # source: git + # address: '${_param:salt_master_environment_repository}/salt-formula-avinetworks.git' + # revision: ${_param:salt_master_environment_revision} + billometer: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-billometer.git' + revision: ${_param:salt_master_environment_revision} + ceilometer: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-ceilometer.git' + revision: ${_param:salt_master_environment_revision} + ceph: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-ceph.git' + revision: ${_param:salt_master_environment_revision} + cinder: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-cinder.git' + revision: ${_param:salt_master_environment_revision} + designate: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-designate.git' + revision: ${_param:salt_master_environment_revision} + galera: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-galera.git' + revision: ${_param:salt_master_environment_revision} + glance: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-glance.git' + revision: ${_param:salt_master_environment_revision} + glusterfs: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-glusterfs.git' + revision: ${_param:salt_master_environment_revision} + haproxy: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-haproxy.git' + revision: ${_param:salt_master_environment_revision} + heat: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-heat.git' + revision: ${_param:salt_master_environment_revision} + horizon: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-horizon.git' + revision: ${_param:salt_master_environment_revision} + keepalived: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-keepalived.git' + revision: ${_param:salt_master_environment_revision} + keystone: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-keystone.git' + revision: ${_param:salt_master_environment_revision} + memcached: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-memcached.git' + revision: ${_param:salt_master_environment_revision} + mongodb: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-mongodb.git' + revision: ${_param:salt_master_environment_revision} + mysql: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-mysql.git' + revision: ${_param:salt_master_environment_revision} + murano: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-murano.git' + revision: ${_param:salt_master_environment_revision} + neutron: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-neutron.git' + revision: ${_param:salt_master_environment_revision} + nginx: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-nginx.git' + revision: ${_param:salt_master_environment_revision} + nova: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-nova.git' + revision: ${_param:salt_master_environment_revision} + opencontrail: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-opencontrail.git' + revision: ${_param:salt_master_environment_revision} + python: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-python.git' + revision: ${_param:salt_master_environment_revision} + rabbitmq: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-rabbitmq.git' + revision: ${_param:salt_master_environment_revision} + sahara: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-sahara.git' + revision: ${_param:salt_master_environment_revision} + statsd: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-statsd.git' + revision: ${_param:salt_master_environment_revision} + supervisor: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-supervisor.git' + revision: ${_param:salt_master_environment_revision} + swift: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-swift.git' + revision: ${_param:salt_master_environment_revision} diff --git a/mcp/reclass/classes/system/salt/master/formula/git/oss.yml b/mcp/reclass/classes/system/salt/master/formula/git/oss.yml new file mode 100644 index 000000000..e9273873a --- /dev/null +++ b/mcp/reclass/classes/system/salt/master/formula/git/oss.yml @@ -0,0 +1,26 @@ +parameters: + _param: + salt_master_oss_repository: https://gerrit.mcp.mirantis.net/salt-formulas + salt_master_oss_revision: master + salt: + master: + environment: + dev: + formula: + devops_portal: + module: + devops_utils.py: + enabled: true + source: git + address: '${_param:salt_master_oss_repository}/devops-portal.git' + revision: ${_param:salt_master_oss_revision} + rundeck: + module: + rundeck.py: + enabled: true + state: + rundeck_project.py: + enabled: true + source: git + address: '${_param:salt_master_oss_repository}/rundeck.git' + revision: ${_param:salt_master_oss_revision} diff --git a/mcp/reclass/classes/system/salt/master/formula/git/saltstack.yml b/mcp/reclass/classes/system/salt/master/formula/git/saltstack.yml new file mode 100644 index 000000000..d0ca4535a --- /dev/null +++ b/mcp/reclass/classes/system/salt/master/formula/git/saltstack.yml @@ -0,0 +1,49 @@ +parameters: + salt: + master: + environment: + dev: + formula: + backupninja: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-backupninja.git' + revision: ${_param:salt_master_environment_revision} + git: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-git.git' + revision: ${_param:salt_master_environment_revision} + iptables: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-iptables.git' + revision: ${_param:salt_master_environment_revision} + libvirt: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-libvirt.git' + revision: ${_param:salt_master_environment_revision} + linux: + module: + linux_netlink.py: + enabled: true + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-linux.git' + revision: ${_param:salt_master_environment_revision} + ntp: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-ntp.git' + revision: ${_param:salt_master_environment_revision} + openssh: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-openssh.git' + revision: ${_param:salt_master_environment_revision} + reclass: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-reclass.git' + revision: ${_param:salt_master_environment_revision} + salt: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-salt.git' + revision: ${_param:salt_master_environment_revision} + sphinx: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-sphinx.git' + revision: ${_param:salt_master_environment_revision} diff --git a/mcp/reclass/classes/system/salt/master/formula/git/stacklight.yml b/mcp/reclass/classes/system/salt/master/formula/git/stacklight.yml new file mode 100644 index 000000000..ed07d827e --- /dev/null +++ b/mcp/reclass/classes/system/salt/master/formula/git/stacklight.yml @@ -0,0 +1,83 @@ +parameters: + salt: + master: + environment: + dev: + formula: + apache: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-apache.git' + revision: ${_param:salt_master_environment_revision} + collectd: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-collectd.git' + revision: ${_param:salt_master_environment_revision} + elasticsearch: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-elasticsearch.git' + revision: ${_param:salt_master_environment_revision} + grafana: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-grafana.git' + revision: ${_param:salt_master_environment_revision} + state: + grafana3_datasource.py: + enabled: true + grafana3_dashboard.py: + enabled: true + graphite: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-graphite.git' + revision: ${_param:salt_master_environment_revision} + heka: + module: + heka_alarming.py: + enabled: true + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-heka.git' + revision: ${_param:salt_master_environment_revision} + influxdb: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-influxdb.git' + revision: ${_param:salt_master_environment_revision} + java: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-java.git' + revision: ${_param:salt_master_environment_revision} + kibana: + state: + kibana_object.py: + enabled: true + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-kibana.git' + revision: ${_param:salt_master_environment_revision} + nagios: + module: + nagios_alarming.py: + enabled: true + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-nagios.git' + revision: ${_param:salt_master_environment_revision} + postgresql: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-postgresql.git' + revision: ${_param:salt_master_environment_revision} + rabbitmq: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-rabbitmq.git' + revision: ${_param:salt_master_environment_revision} + redis: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-redis.git' + revision: ${_param:salt_master_environment_revision} + rsyslog: + module: + rsyslog_util.py: + enabled: true + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-rsyslog.git' + revision: ${_param:salt_master_environment_revision} + sensu: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-sensu.git' + revision: ${_param:salt_master_environment_revision} diff --git a/mcp/reclass/classes/system/salt/master/formula/pkg/ccp.yml b/mcp/reclass/classes/system/salt/master/formula/pkg/ccp.yml new file mode 100644 index 000000000..194beb895 --- /dev/null +++ b/mcp/reclass/classes/system/salt/master/formula/pkg/ccp.yml @@ -0,0 +1,9 @@ +parameters: + salt: + master: + environment: + prd: + formula: + ccp: + source: pkg + name: salt-formula-ccp diff --git a/mcp/reclass/classes/system/salt/master/formula/pkg/foundation.yml b/mcp/reclass/classes/system/salt/master/formula/pkg/foundation.yml new file mode 100644 index 000000000..3eed5e900 --- /dev/null +++ b/mcp/reclass/classes/system/salt/master/formula/pkg/foundation.yml @@ -0,0 +1,33 @@ +parameters: + salt: + master: + environment: + prd: + formula: + aptcacher: + source: pkg + name: salt-formula-aptcacher + aptly: + source: pkg + name: salt-formula-aptly + bind: + source: pkg + name: salt-formula-bind + gerrit: + source: pkg + name: salt-formula-gerrit + jenkins: + source: pkg + name: salt-formula-jenkins + freeipa: + source: pkg + name: salt-formula-freeipa + maas: + source: pkg + name: salt-formula-maas + openldap: + source: pkg + name: salt-formula-openldap + lldp: + source: pkg + name: salt-formula-lldp diff --git a/mcp/reclass/classes/system/salt/master/formula/pkg/kubernetes.yml b/mcp/reclass/classes/system/salt/master/formula/pkg/kubernetes.yml new file mode 100644 index 000000000..7b3af30d1 --- /dev/null +++ b/mcp/reclass/classes/system/salt/master/formula/pkg/kubernetes.yml @@ -0,0 +1,18 @@ +parameters: + salt: + master: + environment: + prd: + formula: + kubernetes: + source: pkg + name: salt-formula-kubernetes + etcd: + source: pkg + name: salt-formula-etcd + bird: + source: pkg + name: salt-formula-bird + docker: + source: pkg + name: salt-formula-docker \ No newline at end of file diff --git a/mcp/reclass/classes/system/salt/master/formula/pkg/monitoring.yml b/mcp/reclass/classes/system/salt/master/formula/pkg/monitoring.yml new file mode 100644 index 000000000..375cbd88b --- /dev/null +++ b/mcp/reclass/classes/system/salt/master/formula/pkg/monitoring.yml @@ -0,0 +1,12 @@ +parameters: + salt: + master: + environment: + prd: + formula: + prometheus: + source: pkg + name: salt-formula-prometheus + telegraf: + source: pkg + name: salt-formula-telegraf diff --git a/mcp/reclass/classes/system/salt/master/formula/pkg/openstack.yml b/mcp/reclass/classes/system/salt/master/formula/pkg/openstack.yml new file mode 100644 index 000000000..b1222d1e6 --- /dev/null +++ b/mcp/reclass/classes/system/salt/master/formula/pkg/openstack.yml @@ -0,0 +1,93 @@ +parameters: + salt: + master: + environment: + prd: + formula: + aodh: + source: pkg + name: salt-formula-aodh + #avinetworks: + # source: pkg + # name: salt-formula-avinetworks + billometer: + source: pkg + name: salt-formula-billometer + ceilometer: + source: pkg + name: salt-formula-ceilometer + ceph: + source: pkg + name: salt-formula-ceph + cinder: + source: pkg + name: salt-formula-cinder + galera: + source: pkg + name: salt-formula-galera + glance: + source: pkg + name: salt-formula-glance + glusterfs: + source: pkg + name: salt-formula-glusterfs + designate: + source: pkg + name: salt-formula-designate + haproxy: + source: pkg + name: salt-formula-haproxy + heat: + source: pkg + name: salt-formula-heat + horizon: + source: pkg + name: salt-formula-horizon + keepalived: + source: pkg + name: salt-formula-keepalived + keystone: + source: pkg + name: salt-formula-keystone + memcached: + source: pkg + name: salt-formula-memcached + mongodb: + source: pkg + name: salt-formula-mongodb + mysql: + source: pkg + name: salt-formula-mysql + murano: + source: pkg + name: salt-formula-murano + neutron: + source: pkg + name: salt-formula-neutron + nginx: + source: pkg + name: salt-formula-nginx + nova: + source: pkg + name: salt-formula-nova + opencontrail: + source: pkg + name: salt-formula-opencontrail + python: + source: pkg + name: salt-formula-python + rabbitmq: + source: pkg + name: salt-formula-rabbitmq + sahara: + source: pkg + name: salt-formula-sahara + statsd: + source: pkg + name: salt-formula-statsd + supervisor: + source: pkg + name: salt-formula-supervisor + swift: + source: pkg + name: salt-formula-swift diff --git a/mcp/reclass/classes/system/salt/master/formula/pkg/oss.yml b/mcp/reclass/classes/system/salt/master/formula/pkg/oss.yml new file mode 100644 index 000000000..45739d23e --- /dev/null +++ b/mcp/reclass/classes/system/salt/master/formula/pkg/oss.yml @@ -0,0 +1,12 @@ +parameters: + salt: + master: + environment: + prd: + formula: + devops_portal: + source: pkg + name: salt-formula-devops-portal + rundeck: + source: pkg + name: salt-formula-rundeck diff --git a/mcp/reclass/classes/system/salt/master/formula/pkg/saltstack.yml b/mcp/reclass/classes/system/salt/master/formula/pkg/saltstack.yml new file mode 100644 index 000000000..eeff26b9e --- /dev/null +++ b/mcp/reclass/classes/system/salt/master/formula/pkg/saltstack.yml @@ -0,0 +1,39 @@ +parameters: + salt: + master: + environment: + prd: + formula: + backupninja: + source: pkg + name: salt-formula-backupninja + git: + source: pkg + name: salt-formula-git + iptables: + source: pkg + name: salt-formula-iptables + libvirt: + source: pkg + name: salt-formula-libvirt + linux: + source: pkg + name: salt-formula-linux + nginx: + source: pkg + name: salt-formula-nginx + ntp: + source: pkg + name: salt-formula-ntp + openssh: + source: pkg + name: salt-formula-openssh + reclass: + source: pkg + name: salt-formula-reclass + salt: + source: pkg + name: salt-formula-salt + sphinx: + source: pkg + name: salt-formula-sphinx diff --git a/mcp/reclass/classes/system/salt/master/formula/pkg/stacklight.yml b/mcp/reclass/classes/system/salt/master/formula/pkg/stacklight.yml new file mode 100644 index 000000000..4fe75c0f0 --- /dev/null +++ b/mcp/reclass/classes/system/salt/master/formula/pkg/stacklight.yml @@ -0,0 +1,54 @@ +parameters: + salt: + master: + environment: + prd: + formula: + apache: + source: pkg + name: salt-formula-apache + collectd: + source: pkg + name: salt-formula-collectd + elasticsearch: + source: pkg + name: salt-formula-elasticsearch + grafana: + source: pkg + name: salt-formula-grafana + graphite: + source: pkg + name: salt-formula-graphite + heka: + source: pkg + name: salt-formula-heka + influxdb: + source: pkg + name: salt-formula-influxdb + java: + source: pkg + name: salt-formula-java + kibana: + source: pkg + name: salt-formula-kibana + #nagios: + # source: pkg + # name: salt-formula-nagios + postgresql: + source: pkg + name: salt-formula-postgresql + rabbitmq: + source: pkg + name: salt-formula-rabbitmq + redis: + source: pkg + name: salt-formula-redis + rsyslog: + source: pkg + name: salt-formula-rsyslog + sensu: + source: pkg + name: salt-formula-sensu + nagios: + source: pkg + name: salt-formula-nagios diff --git a/mcp/reclass/classes/system/salt/master/git.yml b/mcp/reclass/classes/system/salt/master/git.yml new file mode 100644 index 000000000..267bdb192 --- /dev/null +++ b/mcp/reclass/classes/system/salt/master/git.yml @@ -0,0 +1,14 @@ +classes: +- system.salt.master.single +- system.salt.master.formula.git.ccp +- system.salt.master.formula.git.foundation +- system.salt.master.formula.git.kubernetes +- system.salt.master.formula.git.openstack +- system.salt.master.formula.git.oss +- system.salt.master.formula.git.saltstack +- system.salt.master.formula.git.stacklight +- system.salt.master.formula.git.monitoring +parameters: + _param: + salt_master_environment_repository: "https://github.com/salt-formulas" + salt_master_environment_revision: master diff --git a/mcp/reclass/classes/system/salt/master/pkg.yml b/mcp/reclass/classes/system/salt/master/pkg.yml new file mode 100644 index 000000000..1001d49de --- /dev/null +++ b/mcp/reclass/classes/system/salt/master/pkg.yml @@ -0,0 +1,11 @@ +classes: +- system.salt.master.single +- system.salt.master.formula.pkg.ccp +- system.salt.master.formula.pkg.foundation +- system.salt.master.formula.pkg.kubernetes +- system.salt.master.formula.pkg.openstack +- system.salt.master.formula.pkg.oss +- system.salt.master.formula.pkg.saltstack +- system.salt.master.formula.pkg.stacklight +- system.salt.master.formula.pkg.monitoring +- system.linux.system.repo.mcp.salt diff --git a/mcp/reclass/classes/system/salt/master/single.yml b/mcp/reclass/classes/system/salt/master/single.yml new file mode 100644 index 000000000..9764a970a --- /dev/null +++ b/mcp/reclass/classes/system/salt/master/single.yml @@ -0,0 +1,19 @@ +classes: +- service.git.client +- service.salt.master.single +parameters: + linux: + system: + sysctl: + net.core.rmem_max: 16777216 + net.core.wmem_max: 16777216 + net.ipv4.tcp_rmem: 4096 87380 16777216 + net.ipv4.tcp_wmem: 4096 87380 16777216 + salt: + master: + accept_policy: auto_accept + worker_threads: 40 + command_timeout: 10 + peer: + '.*': + - x509.sign_remote_certificate diff --git a/mcp/reclass/classes/system/salt/minion/ca/salt_master.yml b/mcp/reclass/classes/system/salt/minion/ca/salt_master.yml new file mode 100644 index 000000000..87cd6e6c0 --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/ca/salt_master.yml @@ -0,0 +1,29 @@ +parameters: + _param: + salt_minion_ca_common_name: Salt Master CA + salt_minion_ca_country: cz + salt_minion_ca_locality: Prague + salt_minion_ca_organization: Mirantis + salt_minion_ca_days_valid_authority: 3650 + salt_minion_ca_days_valid_certificate: 365 + salt: + minion: + ca: + salt_master_ca: + common_name: ${_param:salt_minion_ca_common_name} + country: ${_param:salt_minion_ca_country} + locality: ${_param:salt_minion_ca_locality} + organization: ${_param:salt_minion_ca_organization} + signing_policy: + cert_server: + type: v3_edge_cert_server + minions: '*' + cert_client: + type: v3_edge_cert_client + minions: '*' + cert_open: + type: v3_edge_cert_open + minions: '*' + days_valid: + authority: ${_param:salt_minion_ca_days_valid_authority} + certificate: ${_param:salt_minion_ca_days_valid_certificate} diff --git a/mcp/reclass/classes/system/salt/minion/cert/ceph/init.yml b/mcp/reclass/classes/system/salt/minion/cert/ceph/init.yml new file mode 100644 index 000000000..8b2e61ce8 --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/cert/ceph/init.yml @@ -0,0 +1,12 @@ +parameters: + _param: + salt_minion_ca_authority: salt_master_ca + salt: + minion: + cert: + ceph: + host: ${_param:salt_minion_ca_host} + signing_policy: cert_server + authority: ${_param:salt_minion_ca_authority} + common_name: ${_param:cluster_public_host} + diff --git a/mcp/reclass/classes/system/salt/minion/cert/ceph/openstack.yml b/mcp/reclass/classes/system/salt/minion/cert/ceph/openstack.yml new file mode 100644 index 000000000..664352da9 --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/cert/ceph/openstack.yml @@ -0,0 +1,11 @@ +classes: +- system.salt.minion.cert.ceph +parameters: + _param: + salt_pki_ceph_alt_names: IP:${_param:cluster_public_host},DNS:${_param:cluster_public_host} + salt: + minion: + cert: + ceph: + common_name: ceph + alternative_names: IP:127.0.0.1,${_param:salt_pki_ceph_alt_names} diff --git a/mcp/reclass/classes/system/salt/minion/cert/ceph/pki.yml b/mcp/reclass/classes/system/salt/minion/cert/ceph/pki.yml new file mode 100644 index 000000000..37e4fc5ad --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/cert/ceph/pki.yml @@ -0,0 +1,8 @@ +parameters: + salt: + minion: + cert: + ceph: + key_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:ceph:common_name}.key + cert_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:ceph:common_name}.crt + all_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:ceph:common_name}-chain-with-key.pem diff --git a/mcp/reclass/classes/system/salt/minion/cert/etcd_client.yml b/mcp/reclass/classes/system/salt/minion/cert/etcd_client.yml new file mode 100644 index 000000000..90b41da7f --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/cert/etcd_client.yml @@ -0,0 +1,18 @@ +parameters: + salt: + minion: + cert: + etcd_client: + host: ${_param:salt_minion_ca_host} + authority: ${_param:salt_minion_ca_authority} + common_name: ${linux:system:name} + signing_policy: cert_open + alternative_names: IP:${_param:cluster_local_address},DNS:${linux:system:name},DNS:${linux:network:fqdn} + extended_key_usage: clientAuth + key_usage: "digitalSignature,nonRepudiation,keyEncipherment" + key_file: /var/lib/etcd/etcd-client.key + cert_file: /var/lib/etcd/etcd-client.crt + all_file: /var/lib/etcd/etcd-client.pem + ca_file: /var/lib/etcd/ca.pem + user: etcd + group: etcd diff --git a/mcp/reclass/classes/system/salt/minion/cert/etcd_server.yml b/mcp/reclass/classes/system/salt/minion/cert/etcd_server.yml new file mode 100644 index 000000000..ea26a4052 --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/cert/etcd_server.yml @@ -0,0 +1,18 @@ +parameters: + salt: + minion: + cert: + etcd_server: + host: ${_param:salt_minion_ca_host} + authority: ${_param:salt_minion_ca_authority} + common_name: ${linux:system:name} + signing_policy: cert_open + alternative_names: IP:127.0.0.1,IP:${_param:cluster_vip_address},IP:${_param:cluster_local_address},DNS:${linux:system:name},DNS:${linux:network:fqdn} + extended_key_usage: serverAuth,clientAuth + key_usage: "digitalSignature,nonRepudiation,keyEncipherment" + key_file: /var/lib/etcd/etcd-server.key + cert_file: /var/lib/etcd/etcd-server.crt + all_file: /var/lib/etcd/etcd-server.pem + ca_file: /var/lib/etcd/ca.pem + user: etcd + group: etcd diff --git a/mcp/reclass/classes/system/salt/minion/cert/k8s_client.yml b/mcp/reclass/classes/system/salt/minion/cert/k8s_client.yml new file mode 100644 index 000000000..06d83c4a1 --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/cert/k8s_client.yml @@ -0,0 +1,13 @@ +parameters: + salt: + minion: + cert: + k8s_client: + host: ${_param:salt_minion_ca_host} + authority: ${_param:salt_minion_ca_authority} + key_file: /etc/kubernetes/ssl/kubelet-client.key + cert_file: /etc/kubernetes/ssl/kubelet-client.crt + ca_file: /etc/kubernetes/ssl/ca-kubernetes.crt + common_name: kubelet-client + signing_policy: cert_client + alternative_names: IP:${_param:cluster_vip_address},IP:${_param:cluster_node01_address},IP:${_param:cluster_node02_address},IP:${_param:cluster_node03_address},IP:${_param:kubernetes_internal_api_address} \ No newline at end of file diff --git a/mcp/reclass/classes/system/salt/minion/cert/k8s_client_single.yml b/mcp/reclass/classes/system/salt/minion/cert/k8s_client_single.yml new file mode 100644 index 000000000..179d534be --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/cert/k8s_client_single.yml @@ -0,0 +1,13 @@ +parameters: + salt: + minion: + cert: + k8s_client: + host: ${_param:salt_minion_ca_host} + authority: ${_param:salt_minion_ca_authority} + key_file: /etc/kubernetes/ssl/kubelet-client.key + cert_file: /etc/kubernetes/ssl/kubelet-client.crt + ca_file: /etc/kubernetes/ssl/ca-kubernetes.crt + common_name: kubelet-client + signing_policy: cert_client + alternative_names: IP:${_param:control_address},IP:${_param:kubernetes_internal_api_address} \ No newline at end of file diff --git a/mcp/reclass/classes/system/salt/minion/cert/k8s_server.yml b/mcp/reclass/classes/system/salt/minion/cert/k8s_server.yml new file mode 100644 index 000000000..603d3691d --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/cert/k8s_server.yml @@ -0,0 +1,13 @@ +parameters: + salt: + minion: + cert: + k8s_server: + host: ${_param:salt_minion_ca_host} + authority: ${_param:salt_minion_ca_authority} + common_name: kubernetes-server + key_file: /srv/salt/env/${_param:salt_master_base_environment}/_certs/kubernetes/kubernetes-server.key + cert_file: /srv/salt/env/${_param:salt_master_base_environment}/_certs/kubernetes/kubernetes-server.crt + all_file: /srv/salt/env/${_param:salt_master_base_environment}/_certs/kubernetes/kubernetes-server.pem + signing_policy: cert_server + alternative_names: IP:${_param:cluster_vip_address},IP:${_param:cluster_node01_address},IP:${_param:cluster_node02_address},IP:${_param:cluster_node03_address},IP:${_param:kubernetes_internal_api_address},DNS:kubernetes.default,DNS:kubernetes.default.svc diff --git a/mcp/reclass/classes/system/salt/minion/cert/k8s_server_single.yml b/mcp/reclass/classes/system/salt/minion/cert/k8s_server_single.yml new file mode 100644 index 000000000..33637e4a8 --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/cert/k8s_server_single.yml @@ -0,0 +1,13 @@ +parameters: + salt: + minion: + cert: + k8s_server: + host: ${_param:salt_minion_ca_host} + authority: ${_param:salt_minion_ca_authority} + common_name: kubernetes-server + key_file: /srv/salt/env/${_param:salt_master_base_environment}/_certs/kubernetes/kubernetes-server.key + cert_file: /srv/salt/env/${_param:salt_master_base_environment}/_certs/kubernetes/kubernetes-server.crt + all_file: /srv/salt/env/${_param:salt_master_base_environment}/_certs/kubernetes/kubernetes-server.pem + signing_policy: cert_server + alternative_names: IP:${_param:control_address},IP:${_param:kubernetes_internal_api_address} diff --git a/mcp/reclass/classes/system/salt/minion/cert/prometheus_server.yml b/mcp/reclass/classes/system/salt/minion/cert/prometheus_server.yml new file mode 100644 index 000000000..30a0711a1 --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/cert/prometheus_server.yml @@ -0,0 +1,13 @@ +parameters: + salt: + minion: + cert: + prometheus_server: + host: ${_param:salt_minion_ca_host} + authority: ${_param:salt_minion_ca_authority} + key_file: ${prometheus:server:dir:config}/prometheus-server.key + cert_file: ${prometheus:server:dir:config}/prometheus-server.crt + common_name: prometheus-server + signing_policy: cert_client + alternative_names: IP:${_param:cluster_vip_address},IP:${_param:cluster_node01_address},IP:${_param:cluster_node02_address},IP:${_param:cluster_node03_address},IP:${_param:kubernetes_internal_api_address} + mode: '0444' diff --git a/mcp/reclass/classes/system/salt/minion/cert/proxy/cicd.yml b/mcp/reclass/classes/system/salt/minion/cert/proxy/cicd.yml new file mode 100644 index 000000000..5fb5b280a --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/cert/proxy/cicd.yml @@ -0,0 +1,15 @@ +classes: +- system.salt.minion.cert.proxy +parameters: + salt: + minion: + cert: + proxy: + alternative_names: "DNS:${_param:cluster_public_host}, DNS:*.${_param:cluster_public_host}, IP:${_param:control_vip_address}, IP:${_param:single_address}" + key_file: /etc/haproxy/ssl/${_param:cluster_public_host}.key + cert_file: /etc/haproxy/ssl/${_param:cluster_public_host}.crt + all_file: /etc/haproxy/ssl/${_param:cluster_public_host}-all.pem + ca_file: /etc/haproxy/ssl/${_param:salt_minion_ca_authority}-ca.crt + user: root + group: haproxy + mode: 640 \ No newline at end of file diff --git a/mcp/reclass/classes/system/salt/minion/cert/proxy/init.yml b/mcp/reclass/classes/system/salt/minion/cert/proxy/init.yml new file mode 100644 index 000000000..fac9aa554 --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/cert/proxy/init.yml @@ -0,0 +1,11 @@ +parameters: + _param: + salt_minion_ca_authority: salt_master_ca + salt: + minion: + cert: + proxy: + host: ${_param:salt_minion_ca_host} + signing_policy: cert_server + authority: ${_param:salt_minion_ca_authority} + common_name: ${_param:cluster_public_host} diff --git a/mcp/reclass/classes/system/salt/minion/cert/proxy/openstack.yml b/mcp/reclass/classes/system/salt/minion/cert/proxy/openstack.yml new file mode 100644 index 000000000..627d96bd6 --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/cert/proxy/openstack.yml @@ -0,0 +1,11 @@ +classes: +- system.salt.minion.cert.proxy +parameters: + _param: + salt_pki_proxy_alt_names: IP:${_param:cluster_public_host},DNS:${_param:cluster_public_host},DNS:proxy.${_param:cluster_public_host},DNS:horizon.${_param:cluster_public_host} + salt: + minion: + cert: + proxy: + common_name: proxy + alternative_names: IP:127.0.0.1,${_param:salt_pki_proxy_alt_names} diff --git a/mcp/reclass/classes/system/salt/minion/cert/proxy/pki.yml b/mcp/reclass/classes/system/salt/minion/cert/proxy/pki.yml new file mode 100644 index 000000000..731aea625 --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/cert/proxy/pki.yml @@ -0,0 +1,8 @@ +parameters: + salt: + minion: + cert: + proxy: + key_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:proxy:common_name}.key + cert_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:proxy:common_name}.crt + all_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:proxy:common_name}-chain-with-key.pem diff --git a/mcp/reclass/classes/system/salt/minion/cert/swift/init.yml b/mcp/reclass/classes/system/salt/minion/cert/swift/init.yml new file mode 100644 index 000000000..28859cf23 --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/cert/swift/init.yml @@ -0,0 +1,11 @@ +parameters: + _param: + salt_minion_ca_authority: salt_master_ca + salt: + minion: + cert: + swift: + host: ${_param:salt_minion_ca_host} + signing_policy: cert_server + authority: ${_param:salt_minion_ca_authority} + common_name: ${_param:cluster_public_host} diff --git a/mcp/reclass/classes/system/salt/minion/cert/swift/openstack.yml b/mcp/reclass/classes/system/salt/minion/cert/swift/openstack.yml new file mode 100644 index 000000000..5560e1b46 --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/cert/swift/openstack.yml @@ -0,0 +1,11 @@ +classes: +- system.salt.minion.cert.swift +parameters: + _param: + salt_pki_swift_alt_names: IP:${_param:cluster_public_host},DNS:${_param:cluster_public_host} + salt: + minion: + cert: + swift: + common_name: swift + alternative_names: IP:127.0.0.1,${_param:salt_pki_swift_alt_names} diff --git a/mcp/reclass/classes/system/salt/minion/cert/swift/pki.yml b/mcp/reclass/classes/system/salt/minion/cert/swift/pki.yml new file mode 100644 index 000000000..3195e48fc --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/cert/swift/pki.yml @@ -0,0 +1,8 @@ +parameters: + salt: + minion: + cert: + swift: + key_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:swift:common_name}.key + cert_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:swift:common_name}.crt + all_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:swift:common_name}-chain-with-key.pem diff --git a/mcp/reclass/classes/system/salt/minion/cert/wildcard/init.yml b/mcp/reclass/classes/system/salt/minion/cert/wildcard/init.yml new file mode 100644 index 000000000..29748958c --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/cert/wildcard/init.yml @@ -0,0 +1,16 @@ +parameters: + _param: + salt_minion_ca_authority: salt_master_ca + salt_pki_wildcard_alt_names: IP:${_param:cluster_public_host},DNS:${_param:cluster_public_host},DNS:*.${_param:cluster_public_host},DNS:${_param:cluster_domain},DNS:*.${_param:cluster_domain} + salt: + minion: + cert: + proxy: + host: ${_param:salt_minion_ca_host} + signing_policy: cert_server + authority: ${_param:salt_minion_ca_authority} + common_name: wildcard + alternative_names: IP:127.0.0.1,${_param:salt_pki_wildcard_alt_names} + key_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:wildcard:common_name}.key + cert_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:wildcard:common_name}.crt + all_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:wildcard:common_name}-chain-with-key.pem diff --git a/mcp/reclass/classes/system/salt/minion/master.yml b/mcp/reclass/classes/system/salt/minion/master.yml new file mode 100644 index 000000000..fbeb1782d --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/master.yml @@ -0,0 +1,2 @@ +classes: +- service.salt.minion.master diff --git a/mcp/reclass/classes/system/salt/minion/masters.yml b/mcp/reclass/classes/system/salt/minion/masters.yml new file mode 100644 index 000000000..829474ac7 --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/masters.yml @@ -0,0 +1,7 @@ +parameters: + salt: + minion: + master_type: failover + masters: + - host: ${_param:infra_config_deploy_address} + - host: ${_param:infra_config_address} diff --git a/mcp/reclass/nodes/cfg01.virtual-mcp-ocata-ovs.local.yml b/mcp/reclass/nodes/cfg01.virtual-mcp-ocata-ovs.local.yml new file mode 100644 index 000000000..43202d6d2 --- /dev/null +++ b/mcp/reclass/nodes/cfg01.virtual-mcp-ocata-ovs.local.yml @@ -0,0 +1,10 @@ +classes: +- cluster.virtual-mcp-ocata-ovs.infra.config +parameters: + _param: + linux_system_codename: xenial + reclass_data_revision: master + linux: + system: + name: cfg01 + domain: virtual-mcp-ocata-ovs.local