summaryrefslogtreecommitdiffstats
path: root/mcp/reclass/classes/cluster/mcp-common-noha
diff options
context:
space:
mode:
authorMichael Polenchuk <mpolenchuk@mirantis.com>2018-06-27 18:11:35 +0400
committerMichael Polenchuk <mpolenchuk@mirantis.com>2018-07-24 13:25:34 +0400
commitac6d9c6ee11c0ae352608032228ae20f843dd014 (patch)
treebdb3471310cb03ceb9bd345d4129dbf0c187a0c5 /mcp/reclass/classes/cluster/mcp-common-noha
parent24572d5956da62b1492c053cac82037b266a6739 (diff)
Bring in Barbican service onboard
Change-Id: I68759360c9dd8f8cf422161e21ed15df6c694e84 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Diffstat (limited to 'mcp/reclass/classes/cluster/mcp-common-noha')
-rw-r--r--mcp/reclass/classes/cluster/mcp-common-noha/haproxy_openstack_api.yml22
-rw-r--r--mcp/reclass/classes/cluster/mcp-common-noha/openstack_compute.yml5
-rw-r--r--mcp/reclass/classes/cluster/mcp-common-noha/openstack_control.yml27
-rw-r--r--mcp/reclass/classes/cluster/mcp-common-noha/openstack_init.yml.j29
4 files changed, 62 insertions, 1 deletions
diff --git a/mcp/reclass/classes/cluster/mcp-common-noha/haproxy_openstack_api.yml b/mcp/reclass/classes/cluster/mcp-common-noha/haproxy_openstack_api.yml
index 9fe5247a4..595e14b68 100644
--- a/mcp/reclass/classes/cluster/mcp-common-noha/haproxy_openstack_api.yml
+++ b/mcp/reclass/classes/cluster/mcp-common-noha/haproxy_openstack_api.yml
@@ -153,3 +153,25 @@ parameters:
host: ${_param:cluster_node01_address}
port: 8042
params: ${_param:haproxy_check}
+ barbican_api:
+ type: openstack-service
+ service_name: barbican
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 9311
+ servers:
+ - name: ctl01
+ host: ${_param:cluster_node01_address}
+ port: 9311
+ params: ${_param:haproxy_check}
+ barbican_admin_api:
+ type: openstack-service
+ service_name: barbican
+ binds:
+ - address: ${_param:cluster_vip_address}
+ port: 9312
+ servers:
+ - name: ctl01
+ host: ${_param:cluster_node01_address}
+ port: 9312
+ params: ${_param:haproxy_check}
diff --git a/mcp/reclass/classes/cluster/mcp-common-noha/openstack_compute.yml b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_compute.yml
index bfa46ac5c..673853e69 100644
--- a/mcp/reclass/classes/cluster/mcp-common-noha/openstack_compute.yml
+++ b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_compute.yml
@@ -16,6 +16,7 @@ classes:
- system.ceilometer.client.cinder_volume
- system.ceilometer.agent.polling.default
- system.linux.system.repo.mcp.openstack
+ - service.barbican.client.single
- cluster.mcp-common-noha.openstack_compute_pdf
parameters:
_param:
@@ -34,6 +35,8 @@ parameters:
user: neutron
tenant: service
password: ${_param:keystone_neutron_password}
+ barbican:
+ enabled: ${_param:barbican_integration_enabled}
neutron:
compute:
notification: true
@@ -54,6 +57,8 @@ parameters:
host: ${_param:cluster_local_address}
message_queue:
host: ${_param:cluster_local_address}
+ barbican:
+ enabled: ${_param:barbican_integration_enabled}
nfs:
client:
mount:
diff --git a/mcp/reclass/classes/cluster/mcp-common-noha/openstack_control.yml b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_control.yml
index f458281ce..0eeff7c05 100644
--- a/mcp/reclass/classes/cluster/mcp-common-noha/openstack_control.yml
+++ b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_control.yml
@@ -26,6 +26,7 @@ classes:
- system.keystone.client.service.aodh
- system.keystone.client.service.gnocchi
- system.keystone.client.service.panko
+ - system.keystone.client.service.barbican
- system.glance.control.single
- system.nova.control.single
- system.cinder.control.single
@@ -42,6 +43,9 @@ classes:
- system.galera.server.database.aodh
- system.galera.server.database.gnocchi
- system.galera.server.database.panko
+ - system.galera.server.database.barbican
+ - system.barbican.server.single
+ - service.barbican.server.plugin.simple_crypto
- service.redis.server.single
- service.ceilometer.server.single
- system.ceilometer.server.coordination.redis
@@ -55,6 +59,7 @@ classes:
- service.panko.server.single
- system.apache.server.site.gnocchi
- system.apache.server.site.panko
+ - system.apache.server.site.barbican
- system.horizon.server.single
- service.haproxy.proxy.single
- cluster.mcp-common-noha.haproxy_openstack_api
@@ -99,6 +104,12 @@ parameters:
engine: file
images: []
workers: 1
+ barbican:
+ enabled: ${_param:barbican_integration_enabled}
+ cinder:
+ controller:
+ barbican:
+ enabled: ${_param:barbican_integration_enabled}
nova:
controller:
networking: dvr
@@ -111,6 +122,8 @@ parameters:
novncproxy_port: 6080
vncproxy_url: http://${_param:cluster_vip_address}:6080
workers: 1
+ barbican:
+ enabled: ${_param:barbican_integration_enabled}
horizon:
server:
# yamllint disable-line rule:truthy
@@ -162,6 +175,18 @@ parameters:
apache:
server:
site:
- gnocchi:
+ gnocchi: &wsgi_threads
wsgi:
threads: 1
+ barbican:
+ <<: *wsgi_threads
+ barbican_admin:
+ <<: *wsgi_threads
+ barbican:
+ server:
+ ks_notifications_enable: true
+ store:
+ software:
+ crypto_plugin: simple_crypto
+ store_plugin: store_crypto
+ global_default: true
diff --git a/mcp/reclass/classes/cluster/mcp-common-noha/openstack_init.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_init.yml.j2
index 872156574..2e0a13175 100644
--- a/mcp/reclass/classes/cluster/mcp-common-noha/openstack_init.yml.j2
+++ b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_init.yml.j2
@@ -85,6 +85,15 @@ parameters:
horizon_identity_host: ${_param:cluster_vip_address}
horizon_identity_encryption: none
horizon_identity_version: 3
+
+ barbican_version: ${_param:openstack_version}
+ barbican_service_host: ${_param:cluster_local_address}
+ apache_barbican_api_address: ${_param:single_address}
+ mysql_barbican_password: opnfv_secret
+ keystone_barbican_password: opnfv_secret
+ barbican_simple_crypto_kek: "YWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXoxMjM0NTY="
+ barbican_integration_enabled: false
+
aodh_version: ${_param:openstack_version}
keystone_aodh_password: opnfv_secret
aodh_service_host: ${_param:cluster_local_address}