summaryrefslogtreecommitdiffstats
path: root/mcp/reclass/classes/cluster/mcp-common-ha
diff options
context:
space:
mode:
authorMichael Polenchuk <mpolenchuk@mirantis.com>2018-06-27 18:11:35 +0400
committerMichael Polenchuk <mpolenchuk@mirantis.com>2018-07-24 13:25:34 +0400
commitac6d9c6ee11c0ae352608032228ae20f843dd014 (patch)
treebdb3471310cb03ceb9bd345d4129dbf0c187a0c5 /mcp/reclass/classes/cluster/mcp-common-ha
parent24572d5956da62b1492c053cac82037b266a6739 (diff)
Bring in Barbican service onboard
Change-Id: I68759360c9dd8f8cf422161e21ed15df6c694e84 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Diffstat (limited to 'mcp/reclass/classes/cluster/mcp-common-ha')
-rw-r--r--mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute.yml5
-rw-r--r--mcp/reclass/classes/cluster/mcp-common-ha/openstack_control.yml.j216
-rw-r--r--mcp/reclass/classes/cluster/mcp-common-ha/openstack_control_init.yml1
-rw-r--r--mcp/reclass/classes/cluster/mcp-common-ha/openstack_database.yml1
-rw-r--r--mcp/reclass/classes/cluster/mcp-common-ha/openstack_init.yml.j28
5 files changed, 31 insertions, 0 deletions
diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute.yml b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute.yml
index 7f1cb3a0b..df90bc451 100644
--- a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute.yml
+++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute.yml
@@ -17,6 +17,7 @@ classes:
- system.cinder.volume.backend.lvm
- system.ceilometer.agent.cluster
- system.ceilometer.agent.polling.default
+ - service.barbican.client.cluster
- cluster.mcp-common-ha.openstack_compute_pdf
- cluster.mcp-common-ha.include.maas_proxy
- cluster.mcp-common-ha.include.lab_proxy_pdf
@@ -52,6 +53,8 @@ parameters:
volume_group: ${linux:storage:lvm:cinder-vg:name}
database:
connection_recycle_time: ${_param:db_connection_recycle_time}
+ barbican:
+ enabled: ${_param:barbican_integration_enabled}
linux:
storage:
lvm:
@@ -74,3 +77,5 @@ parameters:
compute:
disk_cachemodes: file=directsync,block=none
preallocate_images: space
+ barbican:
+ enabled: ${_param:barbican_integration_enabled}
diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control.yml.j2
index 0189e038c..28d727eaa 100644
--- a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control.yml.j2
+++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control.yml.j2
@@ -20,6 +20,9 @@ classes:
- system.heat.server.cluster
- system.designate.server.cluster
- system.designate.server.backend.bind
+ - system.barbican.server.cluster
+ - system.apache.server.site.barbican
+ - service.barbican.server.plugin.simple_crypto
- system.bind.server.single
- system.haproxy.proxy.listen.openstack.placement
- system.glusterfs.client.cluster
@@ -71,6 +74,8 @@ parameters:
controller: &db_conn_recycle_time
database:
connection_recycle_time: ${_param:db_connection_recycle_time}
+ barbican:
+ enabled: ${_param:barbican_integration_enabled}
cinder:
controller:
<<: *db_conn_recycle_time
@@ -149,6 +154,17 @@ parameters:
neutron_api:
# Set source balancing
type: heat
+ barbican:
+ server:
+ ks_notifications_enable: true
+ store:
+ software:
+ crypto_plugin: simple_crypto
+ store_plugin: store_crypto
+ global_default: true
+ database:
+ connection_recycle_time: ${_param:db_connection_recycle_time}
+ host: ${_param:openstack_database_address}
bind:
server:
control:
diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control_init.yml b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control_init.yml
index 0664c5399..7310833b8 100644
--- a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control_init.yml
+++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control_init.yml
@@ -16,6 +16,7 @@ classes:
- system.keystone.client.service.designate
- system.keystone.client.service.gnocchi
- system.keystone.client.service.panko
+ - system.keystone.client.service.barbican
- system.keystone.client.v3.service.keystone
parameters:
keystone:
diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_database.yml b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_database.yml
index 89c485e0f..badfa3a3c 100644
--- a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_database.yml
+++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_database.yml
@@ -21,6 +21,7 @@ classes:
- system.galera.server.database.nova
- system.galera.server.database.neutron
- system.galera.server.database.panko
+ - system.galera.server.database.barbican
parameters:
_param:
keepalived_vip_interface: ${_param:single_nic}
diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_init.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_init.yml.j2
index b0f28f9f1..9be8b4543 100644
--- a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_init.yml.j2
+++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_init.yml.j2
@@ -184,6 +184,14 @@ parameters:
keystone_neutron_password: opnfv_secret
keystone_nova_password: opnfv_secret
keystone_designate_password: opnfv_secret
+
+ barbican_version: ${_param:openstack_version}
+ barbican_service_host: ${_param:openstack_control_address}
+ mysql_barbican_password: opnfv_secret
+ keystone_barbican_password: opnfv_secret
+ barbican_simple_crypto_kek: "YWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXoxMjM0NTY="
+ barbican_integration_enabled: false
+
ceilometer_secret_key: opnfv_secret
horizon_version: ${_param:openstack_version}
horizon_secret_key: opaesee8Que2yahJoh9fo0eefo1Aeyo6ahyei8zeiboh3aeth5loth7ieNa5xi5e