diff options
author | Michael Polenchuk <mpolenchuk@mirantis.com> | 2017-05-24 12:44:05 +0400 |
---|---|---|
committer | Michael Polenchuk <mpolenchuk@mirantis.com> | 2017-05-24 12:47:57 +0400 |
commit | a6daf4ece3f05600ad66fea55c5220d07a71cef1 (patch) | |
tree | 988e0e370b7c2683f10eff189f2ba7b276b24923 /mcp/reclass/classes/system/salt | |
parent | 7b4fbdd9be1a234c345b21ebf0eafcf7f5187f26 (diff) |
[mcp] Bring in reclass system salt models
Change-Id: I1a865b7524f3a5242544e60e6b36b1092721c58b
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Diffstat (limited to 'mcp/reclass/classes/system/salt')
68 files changed, 1650 insertions, 0 deletions
diff --git a/mcp/reclass/classes/system/salt/control/cluster/cicd_control_cluster.yml b/mcp/reclass/classes/system/salt/control/cluster/cicd_control_cluster.yml new file mode 100644 index 000000000..82366a8ff --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/cicd_control_cluster.yml @@ -0,0 +1,29 @@ +parameters: + salt: + control: + size: + cicd.control: + cpu: 8 + ram: 32768 + disk_profile: large + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + cid01: + name: ${_param:cicd_control_node01_hostname} + provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: cicd.control + cid02: + name: ${_param:cicd_control_node02_hostname} + provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: cicd.control + cid03: + name: ${_param:cicd_control_node03_hostname} + provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: cicd.control diff --git a/mcp/reclass/classes/system/salt/control/cluster/infra_idm_cluster.yml b/mcp/reclass/classes/system/salt/control/cluster/infra_idm_cluster.yml new file mode 100644 index 000000000..3db87a27e --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/infra_idm_cluster.yml @@ -0,0 +1,26 @@ +parameters: + salt: + control: + size: + infra.idm: + cpu: 4 + ram: 8192 + disk_profile: large + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + idm01: + provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_centos7_image} + size: infra.idm + idm02: + provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_centos7_image} + size: infra.idm + idm03: + provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_centos7_image} + size: infra.idm diff --git a/mcp/reclass/classes/system/salt/control/cluster/infra_integration_single.yml b/mcp/reclass/classes/system/salt/control/cluster/infra_integration_single.yml new file mode 100644 index 000000000..66de89559 --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/infra_integration_single.yml @@ -0,0 +1,19 @@ +parameters: + salt: + control: + size: + infra.integration: + cpu: 4 + ram: 8192 + disk_profile: small + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + cid01: + name: ${_param:cicd_control_node01_hostname} + provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: infra.integration diff --git a/mcp/reclass/classes/system/salt/control/cluster/infra_proxy_cluster.yml b/mcp/reclass/classes/system/salt/control/cluster/infra_proxy_cluster.yml new file mode 100644 index 000000000..f3453ff82 --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/infra_proxy_cluster.yml @@ -0,0 +1,24 @@ +parameters: + salt: + control: + size: + infra.proxy: + cpu: 32 + ram: 65536 + disk_profile: small + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + prx01: + name: ${_param:openstack_proxy_node01_hostname} + provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: infra.proxy + prx02: + name: ${_param:openstack_proxy_node01_hostname} + provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: infra.proxy diff --git a/mcp/reclass/classes/system/salt/control/cluster/infra_proxy_single.yml b/mcp/reclass/classes/system/salt/control/cluster/infra_proxy_single.yml new file mode 100644 index 000000000..7d092fa27 --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/infra_proxy_single.yml @@ -0,0 +1,19 @@ +parameters: + salt: + control: + size: + infra.proxy: + cpu: 32 + ram: 65536 + disk_profile: small + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + prx01: + name: ${_param:openstack_proxy_node01_hostname} + provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: infra.proxy diff --git a/mcp/reclass/classes/system/salt/control/cluster/infra_storage_single.yml b/mcp/reclass/classes/system/salt/control/cluster/infra_storage_single.yml new file mode 100644 index 000000000..ca8ce26c9 --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/infra_storage_single.yml @@ -0,0 +1,18 @@ +parameters: + salt: + control: + size: + infra.storage: + cpu: 4 + ram: 8192 + disk_profile: xxxlarge + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + sto01: + provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: infra.storage diff --git a/mcp/reclass/classes/system/salt/control/cluster/infra_version_control_single.yml b/mcp/reclass/classes/system/salt/control/cluster/infra_version_control_single.yml new file mode 100644 index 000000000..10e01aba3 --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/infra_version_control_single.yml @@ -0,0 +1,18 @@ +parameters: + salt: + control: + size: + infra.version_control: + cpu: 4 + ram: 8192 + disk_profile: small + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + git01: + provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: infra.version_control diff --git a/mcp/reclass/classes/system/salt/control/cluster/opencontrail_analytics_cluster.yml b/mcp/reclass/classes/system/salt/control/cluster/opencontrail_analytics_cluster.yml new file mode 100644 index 000000000..37fb60ac3 --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/opencontrail_analytics_cluster.yml @@ -0,0 +1,29 @@ +parameters: + salt: + control: + size: + opencontrail.analytics: + cpu: 32 + ram: 65536 + disk_profile: small + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + nal01: + name: ${_param:opencontrail_analytics_node01_hostname} + provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: opencontrail.analytics + nal02: + name: ${_param:opencontrail_analytics_node02_hostname} + provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: opencontrail.analytics + nal03: + name: ${_param:opencontrail_analytics_node03_hostname} + provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: opencontrail.analytics diff --git a/mcp/reclass/classes/system/salt/control/cluster/opencontrail_control_cluster.yml b/mcp/reclass/classes/system/salt/control/cluster/opencontrail_control_cluster.yml new file mode 100644 index 000000000..10ddf5e25 --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/opencontrail_control_cluster.yml @@ -0,0 +1,29 @@ +parameters: + salt: + control: + size: + opencontrail.control: + cpu: 32 + ram: 65536 + disk_profile: small + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + ntw01: + name: ${_param:opencontrail_control_node01_hostname} + provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: opencontrail.control + ntw02: + name: ${_param:opencontrail_control_node02_hostname} + provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: opencontrail.control + ntw03: + name: ${_param:opencontrail_control_node03_hostname} + provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: opencontrail.control diff --git a/mcp/reclass/classes/system/salt/control/cluster/openstack_benchmark_single.yml b/mcp/reclass/classes/system/salt/control/cluster/openstack_benchmark_single.yml new file mode 100644 index 000000000..0677320a6 --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/openstack_benchmark_single.yml @@ -0,0 +1,18 @@ +parameters: + salt: + control: + size: + openstack.benchmark: + cpu: 2 + ram: 4096 + disk_profile: small + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + bmk01: + provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: openstack.benchmark diff --git a/mcp/reclass/classes/system/salt/control/cluster/openstack_billing_single.yml b/mcp/reclass/classes/system/salt/control/cluster/openstack_billing_single.yml new file mode 100644 index 000000000..f8dacf725 --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/openstack_billing_single.yml @@ -0,0 +1,18 @@ +parameters: + salt: + control: + size: + openstack.billing: + cpu: 4 + ram: 8192 + disk_profile: large + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + bil01: + provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: openstack.control diff --git a/mcp/reclass/classes/system/salt/control/cluster/openstack_control_cluster.yml b/mcp/reclass/classes/system/salt/control/cluster/openstack_control_cluster.yml new file mode 100644 index 000000000..f28a7d069 --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/openstack_control_cluster.yml @@ -0,0 +1,29 @@ +parameters: + salt: + control: + size: + openstack.control: + cpu: 32 + ram: 65536 + disk_profile: small + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + ctl01: + name: ${_param:openstack_control_node01_hostname} + provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: openstack.control + ctl02: + name: ${_param:openstack_control_node02_hostname} + provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: openstack.control + ctl03: + name: ${_param:openstack_control_node03_hostname} + provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: openstack.control diff --git a/mcp/reclass/classes/system/salt/control/cluster/openstack_database_cluster.yml b/mcp/reclass/classes/system/salt/control/cluster/openstack_database_cluster.yml new file mode 100644 index 000000000..2a00308e3 --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/openstack_database_cluster.yml @@ -0,0 +1,29 @@ +parameters: + salt: + control: + size: + openstack.database: + cpu: 32 + ram: 65536 + disk_profile: small + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + dbs01: + name: ${_param:openstack_database_node01_hostname} + provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: openstack.database + dbs02: + name: ${_param:openstack_database_node02_hostname} + provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: openstack.database + dbs03: + name: ${_param:openstack_database_node03_hostname} + provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: openstack.database diff --git a/mcp/reclass/classes/system/salt/control/cluster/openstack_dns_cluster.yml b/mcp/reclass/classes/system/salt/control/cluster/openstack_dns_cluster.yml new file mode 100644 index 000000000..71af5c139 --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/openstack_dns_cluster.yml @@ -0,0 +1,22 @@ +parameters: + salt: + control: + size: + openstack.dns: + cpu: 2 + ram: 4096 + disk_profile: small + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + dns01: + provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: openstack.dns + dns02: + provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: openstack.dns diff --git a/mcp/reclass/classes/system/salt/control/cluster/openstack_gateway_cluster.yml b/mcp/reclass/classes/system/salt/control/cluster/openstack_gateway_cluster.yml new file mode 100644 index 000000000..5d2a20a77 --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/openstack_gateway_cluster.yml @@ -0,0 +1,26 @@ +parameters: + salt: + control: + size: + openstack.gateway: + cpu: 32 + ram: 65536 + disk_profile: small + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + gtw01: + provider: kvm01.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: openstack.gateway + gtw02: + provider: kvm01.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: openstack.gateway + gtw03: + provider: kvm01.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: openstack.gateway diff --git a/mcp/reclass/classes/system/salt/control/cluster/openstack_gateway_single.yml b/mcp/reclass/classes/system/salt/control/cluster/openstack_gateway_single.yml new file mode 100644 index 000000000..e10d1b2ff --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/openstack_gateway_single.yml @@ -0,0 +1,18 @@ +parameters: + salt: + control: + size: + openstack.gateway: + cpu: 32 + ram: 65536 + disk_profile: small + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + gtw01: + provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: openstack.gateway diff --git a/mcp/reclass/classes/system/salt/control/cluster/openstack_message_queue_cluster.yml b/mcp/reclass/classes/system/salt/control/cluster/openstack_message_queue_cluster.yml new file mode 100644 index 000000000..cab5adb2d --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/openstack_message_queue_cluster.yml @@ -0,0 +1,29 @@ +parameters: + salt: + control: + size: + openstack.message_queue: + cpu: 32 + ram: 65536 + disk_profile: small + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + msg01: + name: ${_param:openstack_message_queue_node01_hostname} + provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: openstack.message_queue + msg02: + name: ${_param:openstack_message_queue_node02_hostname} + provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: openstack.message_queue + msg03: + name: ${_param:openstack_message_queue_node03_hostname} + provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: openstack.message_queue diff --git a/mcp/reclass/classes/system/salt/control/cluster/openstack_proxy_cluster.yml b/mcp/reclass/classes/system/salt/control/cluster/openstack_proxy_cluster.yml new file mode 100644 index 000000000..628dcd885 --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/openstack_proxy_cluster.yml @@ -0,0 +1,25 @@ +parameters: + salt: + control: + size: + openstack.proxy: + cpu: 32 + ram: 65536 + disk_profile: small + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + prx01: + name: ${_param:openstack_proxy_node01_hostname} + provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: openstack.proxy + prx02: + name: ${_param:openstack_proxy_node02_hostname} + provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: openstack.proxy + diff --git a/mcp/reclass/classes/system/salt/control/cluster/openstack_proxy_single.yml b/mcp/reclass/classes/system/salt/control/cluster/openstack_proxy_single.yml new file mode 100644 index 000000000..8ad0baf6f --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/openstack_proxy_single.yml @@ -0,0 +1,19 @@ +parameters: + salt: + control: + size: + openstack.proxy: + cpu: 32 + ram: 65536 + disk_profile: small + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + prx01: + name: ${_param:openstack_proxy_node01_hostname} + provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: openstack.proxy diff --git a/mcp/reclass/classes/system/salt/control/cluster/openstack_telemetry_cluster.yml b/mcp/reclass/classes/system/salt/control/cluster/openstack_telemetry_cluster.yml new file mode 100644 index 000000000..633b98483 --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/openstack_telemetry_cluster.yml @@ -0,0 +1,29 @@ +parameters: + salt: + control: + size: + openstack.telemetry: + cpu: 4 + ram: 8192 + disk_profile: large + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + mdb01: + name: ${_param:openstack_telemetry_node01_hostname} + provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: openstack.telemetry + mdb02: + name: ${_param:openstack_telemetry_node02_hostname} + provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: openstack.telemetry + mdb03: + name: ${_param:openstack_telemetry_node03_hostname} + provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_trusty_image} + size: openstack.telemetry diff --git a/mcp/reclass/classes/system/salt/control/cluster/openstack_upgrade_single.yml b/mcp/reclass/classes/system/salt/control/cluster/openstack_upgrade_single.yml new file mode 100644 index 000000000..3189f3e94 --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/openstack_upgrade_single.yml @@ -0,0 +1,18 @@ +parameters: + salt: + control: + size: + openstack.upgrade: + cpu: 32 + ram: 65536 + disk_profile: medium + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + upg01: + provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: openstack.upgrade diff --git a/mcp/reclass/classes/system/salt/control/cluster/rsyslog_single.yml b/mcp/reclass/classes/system/salt/control/cluster/rsyslog_single.yml new file mode 100644 index 000000000..76cc77f4e --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/rsyslog_single.yml @@ -0,0 +1,18 @@ +parameters: + salt: + control: + size: + infra.rsyslog: + cpu: 8 + ram: 8192 + disk_profile: xxlarge + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + rsl01: + provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: infra.rsyslog diff --git a/mcp/reclass/classes/system/salt/control/cluster/stacklight_log_cluster.yml b/mcp/reclass/classes/system/salt/control/cluster/stacklight_log_cluster.yml new file mode 100644 index 000000000..330e301e1 --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/stacklight_log_cluster.yml @@ -0,0 +1,29 @@ +parameters: + salt: + control: + size: + stacklight.log: + cpu: 32 + ram: 65536 + disk_profile: small + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + log01: + name: ${_param:stacklight_log_node01_hostname} + provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: stacklight.log + log02: + name: ${_param:stacklight_log_node02_hostname} + provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: stacklight.log + log03: + name: ${_param:stacklight_log_node03_hostname} + provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: stacklight.log diff --git a/mcp/reclass/classes/system/salt/control/cluster/stacklight_server_cluster.yml b/mcp/reclass/classes/system/salt/control/cluster/stacklight_server_cluster.yml new file mode 100644 index 000000000..0055d20a2 --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/stacklight_server_cluster.yml @@ -0,0 +1,29 @@ +parameters: + salt: + control: + size: + stacklight.server: + cpu: 32 + ram: 65536 + disk_profile: small + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + mon01: + name: ${_param:stacklight_monitor_node01_hostname} + provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: stacklight.server + mon02: + name: ${_param:stacklight_monitor_node02_hostname} + provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: stacklight.server + mon03: + name: ${_param:stacklight_monitor_node03_hostname} + provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: stacklight.server diff --git a/mcp/reclass/classes/system/salt/control/cluster/stacklight_telemetry_cluster.yml b/mcp/reclass/classes/system/salt/control/cluster/stacklight_telemetry_cluster.yml new file mode 100644 index 000000000..bfd14b0d8 --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/stacklight_telemetry_cluster.yml @@ -0,0 +1,29 @@ +parameters: + salt: + control: + size: + stacklight.telemetry: + cpu: 32 + ram: 65536 + disk_profile: small + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + mtr01: + name: ${_param:stacklight_telemetry_node01_hostname} + provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: stacklight.telemetry + mtr02: + name: ${_param:stacklight_telemetry_node02_hostname} + provider: ${_param:infra_kvm_node02_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: stacklight.telemetry + mtr03: + name: ${_param:stacklight_telemetry_node03_hostname} + provider: ${_param:infra_kvm_node03_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: stacklight.telemetry diff --git a/mcp/reclass/classes/system/salt/control/cluster/stacklight_telemetry_single.yml b/mcp/reclass/classes/system/salt/control/cluster/stacklight_telemetry_single.yml new file mode 100644 index 000000000..81fd6fb1d --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/cluster/stacklight_telemetry_single.yml @@ -0,0 +1,19 @@ +parameters: + salt: + control: + size: + stacklight.telemetry: + cpu: 32 + ram: 65536 + disk_profile: small + net_profile: default + cluster: + internal: + domain: ${_param:cluster_domain} + engine: virt + node: + mtr01: + name: ${_param:stacklight_telemetry_node01_hostname} + provider: ${_param:infra_kvm_node01_hostname}.${_param:cluster_domain} + image: ${_param:salt_control_xenial_image} + size: stacklight.telemetry diff --git a/mcp/reclass/classes/system/salt/control/virt.yml b/mcp/reclass/classes/system/salt/control/virt.yml new file mode 100644 index 000000000..6ed85378c --- /dev/null +++ b/mcp/reclass/classes/system/salt/control/virt.yml @@ -0,0 +1,47 @@ +classes: + - service.libvirt.server.kvm +parameters: + salt: + control: + enabled: True + virt_enabled: True + virt: + nic: + default: + eth1: + bridge: br0 + model: virtio + eth0: + bridge: br1 + model: virtio + disk: + default: + - system: + size: 50000 + xxxsmall: + - system: + size: 8000 + xxsmall: + - system: + size: 15000 + xsmall: + - system: + size: 30000 + small: + - system: + size: 50000 + medium: + - system: + size: 80000 + large: + - system: + size: 100000 + xlarge: + - system: + size: 150000 + xxlarge: + - system: + size: 300000 + xxxlarge: + - system: + size: 500000 diff --git a/mcp/reclass/classes/system/salt/master/api.yml b/mcp/reclass/classes/system/salt/master/api.yml new file mode 100644 index 000000000..b5ede2f8a --- /dev/null +++ b/mcp/reclass/classes/system/salt/master/api.yml @@ -0,0 +1,31 @@ +parameters: + _param: + salt_master_api_port: 6969 + salt_master_api_permissions: + - '.*' + - '@local' + - '@wheel' # to allow access to all wheel modules + - '@runner' # to allow access to all runner modules + - '@jobs' # to allow access to the jobs runner and/or wheel mo + salt: + api: + enabled: true + bind: + address: 0.0.0.0 + port: ${_param:salt_master_api_port} + master: + command_timeout: 600 + user: + salt: + permissions: ${_param:salt_master_api_permissions} + linux: + system: + user: + salt: + enabled: true + name: salt + password: ${_param:salt_api_password_hash} + home: /var/tmp/salt + sudo: false + system: true + shell: /bin/false diff --git a/mcp/reclass/classes/system/salt/master/formula/git/ccp.yml b/mcp/reclass/classes/system/salt/master/formula/git/ccp.yml new file mode 100644 index 000000000..c8f1c65bb --- /dev/null +++ b/mcp/reclass/classes/system/salt/master/formula/git/ccp.yml @@ -0,0 +1,10 @@ +parameters: + salt: + master: + environment: + dev: + formula: + ccp: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-ccp.git' + revision: ${_param:salt_master_environment_revision} diff --git a/mcp/reclass/classes/system/salt/master/formula/git/foundation.yml b/mcp/reclass/classes/system/salt/master/formula/git/foundation.yml new file mode 100644 index 000000000..7e21699f8 --- /dev/null +++ b/mcp/reclass/classes/system/salt/master/formula/git/foundation.yml @@ -0,0 +1,56 @@ +parameters: + salt: + master: + environment: + dev: + formula: + aptly: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-aptly.git' + revision: ${_param:salt_master_environment_revision} + bind: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-bind.git' + revision: ${_param:salt_master_environment_revision} + gerrit: + module: + gerrit.py: + enabled: true + state: + gerrit.py: + enabled: true + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-gerrit.git' + revision: ${_param:salt_master_environment_revision} + jenkins: + module: + jenkins_common.py: + enabled: true + state: + jenkins_credential.py: + enabled: true + jenkins_job.py: + enabled: true + jenkins_lib.py: + enabled: true + jenkins_node.py: + enabled: true + jenkins_plugin.py: + enabled: true + jenkins_security.py: + enabled: true + jenkins_slack.py: + enabled: true + jenkins_smtp.py: + enabled: true + jenkins_user.py: + enabled: true + jenkins_view.py: + enabled: true + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-jenkins.git' + revision: ${_param:salt_master_environment_revision} + openldap: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-openldap.git' + revision: ${_param:salt_master_environment_revision} diff --git a/mcp/reclass/classes/system/salt/master/formula/git/kubernetes.yml b/mcp/reclass/classes/system/salt/master/formula/git/kubernetes.yml new file mode 100644 index 000000000..fe8ad5dab --- /dev/null +++ b/mcp/reclass/classes/system/salt/master/formula/git/kubernetes.yml @@ -0,0 +1,22 @@ +parameters: + salt: + master: + environment: + dev: + formula: + kubernetes: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-kubernetes.git' + revision: ${_param:salt_master_environment_revision} + etcd: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-etcd.git' + revision: ${_param:salt_master_environment_revision} + bird: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-bird.git' + revision: ${_param:salt_master_environment_revision} + docker: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-docker.git' + revision: ${_param:salt_master_environment_revision}
\ No newline at end of file diff --git a/mcp/reclass/classes/system/salt/master/formula/git/monitoring.yml b/mcp/reclass/classes/system/salt/master/formula/git/monitoring.yml new file mode 100644 index 000000000..e0cf30df1 --- /dev/null +++ b/mcp/reclass/classes/system/salt/master/formula/git/monitoring.yml @@ -0,0 +1,14 @@ +parameters: + salt: + master: + environment: + dev: + formula: + prometheus: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-prometheus.git' + revision: ${_param:salt_master_environment_revision} + telegraf: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-telegraf.git' + revision: ${_param:salt_master_environment_revision} diff --git a/mcp/reclass/classes/system/salt/master/formula/git/openstack.yml b/mcp/reclass/classes/system/salt/master/formula/git/openstack.yml new file mode 100644 index 000000000..36ddfc29b --- /dev/null +++ b/mcp/reclass/classes/system/salt/master/formula/git/openstack.yml @@ -0,0 +1,122 @@ +parameters: + salt: + master: + environment: + dev: + formula: + aodh: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-aodh.git' + revision: ${_param:salt_master_environment_revision} + #avinetworks: + # source: git + # address: '${_param:salt_master_environment_repository}/salt-formula-avinetworks.git' + # revision: ${_param:salt_master_environment_revision} + billometer: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-billometer.git' + revision: ${_param:salt_master_environment_revision} + ceilometer: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-ceilometer.git' + revision: ${_param:salt_master_environment_revision} + ceph: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-ceph.git' + revision: ${_param:salt_master_environment_revision} + cinder: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-cinder.git' + revision: ${_param:salt_master_environment_revision} + designate: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-designate.git' + revision: ${_param:salt_master_environment_revision} + galera: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-galera.git' + revision: ${_param:salt_master_environment_revision} + glance: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-glance.git' + revision: ${_param:salt_master_environment_revision} + glusterfs: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-glusterfs.git' + revision: ${_param:salt_master_environment_revision} + haproxy: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-haproxy.git' + revision: ${_param:salt_master_environment_revision} + heat: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-heat.git' + revision: ${_param:salt_master_environment_revision} + horizon: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-horizon.git' + revision: ${_param:salt_master_environment_revision} + keepalived: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-keepalived.git' + revision: ${_param:salt_master_environment_revision} + keystone: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-keystone.git' + revision: ${_param:salt_master_environment_revision} + memcached: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-memcached.git' + revision: ${_param:salt_master_environment_revision} + mongodb: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-mongodb.git' + revision: ${_param:salt_master_environment_revision} + mysql: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-mysql.git' + revision: ${_param:salt_master_environment_revision} + murano: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-murano.git' + revision: ${_param:salt_master_environment_revision} + neutron: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-neutron.git' + revision: ${_param:salt_master_environment_revision} + nginx: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-nginx.git' + revision: ${_param:salt_master_environment_revision} + nova: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-nova.git' + revision: ${_param:salt_master_environment_revision} + opencontrail: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-opencontrail.git' + revision: ${_param:salt_master_environment_revision} + python: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-python.git' + revision: ${_param:salt_master_environment_revision} + rabbitmq: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-rabbitmq.git' + revision: ${_param:salt_master_environment_revision} + sahara: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-sahara.git' + revision: ${_param:salt_master_environment_revision} + statsd: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-statsd.git' + revision: ${_param:salt_master_environment_revision} + supervisor: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-supervisor.git' + revision: ${_param:salt_master_environment_revision} + swift: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-swift.git' + revision: ${_param:salt_master_environment_revision} diff --git a/mcp/reclass/classes/system/salt/master/formula/git/oss.yml b/mcp/reclass/classes/system/salt/master/formula/git/oss.yml new file mode 100644 index 000000000..e9273873a --- /dev/null +++ b/mcp/reclass/classes/system/salt/master/formula/git/oss.yml @@ -0,0 +1,26 @@ +parameters: + _param: + salt_master_oss_repository: https://gerrit.mcp.mirantis.net/salt-formulas + salt_master_oss_revision: master + salt: + master: + environment: + dev: + formula: + devops_portal: + module: + devops_utils.py: + enabled: true + source: git + address: '${_param:salt_master_oss_repository}/devops-portal.git' + revision: ${_param:salt_master_oss_revision} + rundeck: + module: + rundeck.py: + enabled: true + state: + rundeck_project.py: + enabled: true + source: git + address: '${_param:salt_master_oss_repository}/rundeck.git' + revision: ${_param:salt_master_oss_revision} diff --git a/mcp/reclass/classes/system/salt/master/formula/git/saltstack.yml b/mcp/reclass/classes/system/salt/master/formula/git/saltstack.yml new file mode 100644 index 000000000..d0ca4535a --- /dev/null +++ b/mcp/reclass/classes/system/salt/master/formula/git/saltstack.yml @@ -0,0 +1,49 @@ +parameters: + salt: + master: + environment: + dev: + formula: + backupninja: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-backupninja.git' + revision: ${_param:salt_master_environment_revision} + git: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-git.git' + revision: ${_param:salt_master_environment_revision} + iptables: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-iptables.git' + revision: ${_param:salt_master_environment_revision} + libvirt: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-libvirt.git' + revision: ${_param:salt_master_environment_revision} + linux: + module: + linux_netlink.py: + enabled: true + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-linux.git' + revision: ${_param:salt_master_environment_revision} + ntp: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-ntp.git' + revision: ${_param:salt_master_environment_revision} + openssh: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-openssh.git' + revision: ${_param:salt_master_environment_revision} + reclass: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-reclass.git' + revision: ${_param:salt_master_environment_revision} + salt: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-salt.git' + revision: ${_param:salt_master_environment_revision} + sphinx: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-sphinx.git' + revision: ${_param:salt_master_environment_revision} diff --git a/mcp/reclass/classes/system/salt/master/formula/git/stacklight.yml b/mcp/reclass/classes/system/salt/master/formula/git/stacklight.yml new file mode 100644 index 000000000..ed07d827e --- /dev/null +++ b/mcp/reclass/classes/system/salt/master/formula/git/stacklight.yml @@ -0,0 +1,83 @@ +parameters: + salt: + master: + environment: + dev: + formula: + apache: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-apache.git' + revision: ${_param:salt_master_environment_revision} + collectd: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-collectd.git' + revision: ${_param:salt_master_environment_revision} + elasticsearch: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-elasticsearch.git' + revision: ${_param:salt_master_environment_revision} + grafana: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-grafana.git' + revision: ${_param:salt_master_environment_revision} + state: + grafana3_datasource.py: + enabled: true + grafana3_dashboard.py: + enabled: true + graphite: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-graphite.git' + revision: ${_param:salt_master_environment_revision} + heka: + module: + heka_alarming.py: + enabled: true + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-heka.git' + revision: ${_param:salt_master_environment_revision} + influxdb: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-influxdb.git' + revision: ${_param:salt_master_environment_revision} + java: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-java.git' + revision: ${_param:salt_master_environment_revision} + kibana: + state: + kibana_object.py: + enabled: true + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-kibana.git' + revision: ${_param:salt_master_environment_revision} + nagios: + module: + nagios_alarming.py: + enabled: true + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-nagios.git' + revision: ${_param:salt_master_environment_revision} + postgresql: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-postgresql.git' + revision: ${_param:salt_master_environment_revision} + rabbitmq: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-rabbitmq.git' + revision: ${_param:salt_master_environment_revision} + redis: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-redis.git' + revision: ${_param:salt_master_environment_revision} + rsyslog: + module: + rsyslog_util.py: + enabled: true + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-rsyslog.git' + revision: ${_param:salt_master_environment_revision} + sensu: + source: git + address: '${_param:salt_master_environment_repository}/salt-formula-sensu.git' + revision: ${_param:salt_master_environment_revision} diff --git a/mcp/reclass/classes/system/salt/master/formula/pkg/ccp.yml b/mcp/reclass/classes/system/salt/master/formula/pkg/ccp.yml new file mode 100644 index 000000000..194beb895 --- /dev/null +++ b/mcp/reclass/classes/system/salt/master/formula/pkg/ccp.yml @@ -0,0 +1,9 @@ +parameters: + salt: + master: + environment: + prd: + formula: + ccp: + source: pkg + name: salt-formula-ccp diff --git a/mcp/reclass/classes/system/salt/master/formula/pkg/foundation.yml b/mcp/reclass/classes/system/salt/master/formula/pkg/foundation.yml new file mode 100644 index 000000000..3eed5e900 --- /dev/null +++ b/mcp/reclass/classes/system/salt/master/formula/pkg/foundation.yml @@ -0,0 +1,33 @@ +parameters: + salt: + master: + environment: + prd: + formula: + aptcacher: + source: pkg + name: salt-formula-aptcacher + aptly: + source: pkg + name: salt-formula-aptly + bind: + source: pkg + name: salt-formula-bind + gerrit: + source: pkg + name: salt-formula-gerrit + jenkins: + source: pkg + name: salt-formula-jenkins + freeipa: + source: pkg + name: salt-formula-freeipa + maas: + source: pkg + name: salt-formula-maas + openldap: + source: pkg + name: salt-formula-openldap + lldp: + source: pkg + name: salt-formula-lldp diff --git a/mcp/reclass/classes/system/salt/master/formula/pkg/kubernetes.yml b/mcp/reclass/classes/system/salt/master/formula/pkg/kubernetes.yml new file mode 100644 index 000000000..7b3af30d1 --- /dev/null +++ b/mcp/reclass/classes/system/salt/master/formula/pkg/kubernetes.yml @@ -0,0 +1,18 @@ +parameters: + salt: + master: + environment: + prd: + formula: + kubernetes: + source: pkg + name: salt-formula-kubernetes + etcd: + source: pkg + name: salt-formula-etcd + bird: + source: pkg + name: salt-formula-bird + docker: + source: pkg + name: salt-formula-docker
\ No newline at end of file diff --git a/mcp/reclass/classes/system/salt/master/formula/pkg/monitoring.yml b/mcp/reclass/classes/system/salt/master/formula/pkg/monitoring.yml new file mode 100644 index 000000000..375cbd88b --- /dev/null +++ b/mcp/reclass/classes/system/salt/master/formula/pkg/monitoring.yml @@ -0,0 +1,12 @@ +parameters: + salt: + master: + environment: + prd: + formula: + prometheus: + source: pkg + name: salt-formula-prometheus + telegraf: + source: pkg + name: salt-formula-telegraf diff --git a/mcp/reclass/classes/system/salt/master/formula/pkg/openstack.yml b/mcp/reclass/classes/system/salt/master/formula/pkg/openstack.yml new file mode 100644 index 000000000..b1222d1e6 --- /dev/null +++ b/mcp/reclass/classes/system/salt/master/formula/pkg/openstack.yml @@ -0,0 +1,93 @@ +parameters: + salt: + master: + environment: + prd: + formula: + aodh: + source: pkg + name: salt-formula-aodh + #avinetworks: + # source: pkg + # name: salt-formula-avinetworks + billometer: + source: pkg + name: salt-formula-billometer + ceilometer: + source: pkg + name: salt-formula-ceilometer + ceph: + source: pkg + name: salt-formula-ceph + cinder: + source: pkg + name: salt-formula-cinder + galera: + source: pkg + name: salt-formula-galera + glance: + source: pkg + name: salt-formula-glance + glusterfs: + source: pkg + name: salt-formula-glusterfs + designate: + source: pkg + name: salt-formula-designate + haproxy: + source: pkg + name: salt-formula-haproxy + heat: + source: pkg + name: salt-formula-heat + horizon: + source: pkg + name: salt-formula-horizon + keepalived: + source: pkg + name: salt-formula-keepalived + keystone: + source: pkg + name: salt-formula-keystone + memcached: + source: pkg + name: salt-formula-memcached + mongodb: + source: pkg + name: salt-formula-mongodb + mysql: + source: pkg + name: salt-formula-mysql + murano: + source: pkg + name: salt-formula-murano + neutron: + source: pkg + name: salt-formula-neutron + nginx: + source: pkg + name: salt-formula-nginx + nova: + source: pkg + name: salt-formula-nova + opencontrail: + source: pkg + name: salt-formula-opencontrail + python: + source: pkg + name: salt-formula-python + rabbitmq: + source: pkg + name: salt-formula-rabbitmq + sahara: + source: pkg + name: salt-formula-sahara + statsd: + source: pkg + name: salt-formula-statsd + supervisor: + source: pkg + name: salt-formula-supervisor + swift: + source: pkg + name: salt-formula-swift diff --git a/mcp/reclass/classes/system/salt/master/formula/pkg/oss.yml b/mcp/reclass/classes/system/salt/master/formula/pkg/oss.yml new file mode 100644 index 000000000..45739d23e --- /dev/null +++ b/mcp/reclass/classes/system/salt/master/formula/pkg/oss.yml @@ -0,0 +1,12 @@ +parameters: + salt: + master: + environment: + prd: + formula: + devops_portal: + source: pkg + name: salt-formula-devops-portal + rundeck: + source: pkg + name: salt-formula-rundeck diff --git a/mcp/reclass/classes/system/salt/master/formula/pkg/saltstack.yml b/mcp/reclass/classes/system/salt/master/formula/pkg/saltstack.yml new file mode 100644 index 000000000..eeff26b9e --- /dev/null +++ b/mcp/reclass/classes/system/salt/master/formula/pkg/saltstack.yml @@ -0,0 +1,39 @@ +parameters: + salt: + master: + environment: + prd: + formula: + backupninja: + source: pkg + name: salt-formula-backupninja + git: + source: pkg + name: salt-formula-git + iptables: + source: pkg + name: salt-formula-iptables + libvirt: + source: pkg + name: salt-formula-libvirt + linux: + source: pkg + name: salt-formula-linux + nginx: + source: pkg + name: salt-formula-nginx + ntp: + source: pkg + name: salt-formula-ntp + openssh: + source: pkg + name: salt-formula-openssh + reclass: + source: pkg + name: salt-formula-reclass + salt: + source: pkg + name: salt-formula-salt + sphinx: + source: pkg + name: salt-formula-sphinx diff --git a/mcp/reclass/classes/system/salt/master/formula/pkg/stacklight.yml b/mcp/reclass/classes/system/salt/master/formula/pkg/stacklight.yml new file mode 100644 index 000000000..4fe75c0f0 --- /dev/null +++ b/mcp/reclass/classes/system/salt/master/formula/pkg/stacklight.yml @@ -0,0 +1,54 @@ +parameters: + salt: + master: + environment: + prd: + formula: + apache: + source: pkg + name: salt-formula-apache + collectd: + source: pkg + name: salt-formula-collectd + elasticsearch: + source: pkg + name: salt-formula-elasticsearch + grafana: + source: pkg + name: salt-formula-grafana + graphite: + source: pkg + name: salt-formula-graphite + heka: + source: pkg + name: salt-formula-heka + influxdb: + source: pkg + name: salt-formula-influxdb + java: + source: pkg + name: salt-formula-java + kibana: + source: pkg + name: salt-formula-kibana + #nagios: + # source: pkg + # name: salt-formula-nagios + postgresql: + source: pkg + name: salt-formula-postgresql + rabbitmq: + source: pkg + name: salt-formula-rabbitmq + redis: + source: pkg + name: salt-formula-redis + rsyslog: + source: pkg + name: salt-formula-rsyslog + sensu: + source: pkg + name: salt-formula-sensu + nagios: + source: pkg + name: salt-formula-nagios diff --git a/mcp/reclass/classes/system/salt/master/git.yml b/mcp/reclass/classes/system/salt/master/git.yml new file mode 100644 index 000000000..267bdb192 --- /dev/null +++ b/mcp/reclass/classes/system/salt/master/git.yml @@ -0,0 +1,14 @@ +classes: +- system.salt.master.single +- system.salt.master.formula.git.ccp +- system.salt.master.formula.git.foundation +- system.salt.master.formula.git.kubernetes +- system.salt.master.formula.git.openstack +- system.salt.master.formula.git.oss +- system.salt.master.formula.git.saltstack +- system.salt.master.formula.git.stacklight +- system.salt.master.formula.git.monitoring +parameters: + _param: + salt_master_environment_repository: "https://github.com/salt-formulas" + salt_master_environment_revision: master diff --git a/mcp/reclass/classes/system/salt/master/pkg.yml b/mcp/reclass/classes/system/salt/master/pkg.yml new file mode 100644 index 000000000..1001d49de --- /dev/null +++ b/mcp/reclass/classes/system/salt/master/pkg.yml @@ -0,0 +1,11 @@ +classes: +- system.salt.master.single +- system.salt.master.formula.pkg.ccp +- system.salt.master.formula.pkg.foundation +- system.salt.master.formula.pkg.kubernetes +- system.salt.master.formula.pkg.openstack +- system.salt.master.formula.pkg.oss +- system.salt.master.formula.pkg.saltstack +- system.salt.master.formula.pkg.stacklight +- system.salt.master.formula.pkg.monitoring +- system.linux.system.repo.mcp.salt diff --git a/mcp/reclass/classes/system/salt/master/single.yml b/mcp/reclass/classes/system/salt/master/single.yml new file mode 100644 index 000000000..9764a970a --- /dev/null +++ b/mcp/reclass/classes/system/salt/master/single.yml @@ -0,0 +1,19 @@ +classes: +- service.git.client +- service.salt.master.single +parameters: + linux: + system: + sysctl: + net.core.rmem_max: 16777216 + net.core.wmem_max: 16777216 + net.ipv4.tcp_rmem: 4096 87380 16777216 + net.ipv4.tcp_wmem: 4096 87380 16777216 + salt: + master: + accept_policy: auto_accept + worker_threads: 40 + command_timeout: 10 + peer: + '.*': + - x509.sign_remote_certificate diff --git a/mcp/reclass/classes/system/salt/minion/ca/salt_master.yml b/mcp/reclass/classes/system/salt/minion/ca/salt_master.yml new file mode 100644 index 000000000..87cd6e6c0 --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/ca/salt_master.yml @@ -0,0 +1,29 @@ +parameters: + _param: + salt_minion_ca_common_name: Salt Master CA + salt_minion_ca_country: cz + salt_minion_ca_locality: Prague + salt_minion_ca_organization: Mirantis + salt_minion_ca_days_valid_authority: 3650 + salt_minion_ca_days_valid_certificate: 365 + salt: + minion: + ca: + salt_master_ca: + common_name: ${_param:salt_minion_ca_common_name} + country: ${_param:salt_minion_ca_country} + locality: ${_param:salt_minion_ca_locality} + organization: ${_param:salt_minion_ca_organization} + signing_policy: + cert_server: + type: v3_edge_cert_server + minions: '*' + cert_client: + type: v3_edge_cert_client + minions: '*' + cert_open: + type: v3_edge_cert_open + minions: '*' + days_valid: + authority: ${_param:salt_minion_ca_days_valid_authority} + certificate: ${_param:salt_minion_ca_days_valid_certificate} diff --git a/mcp/reclass/classes/system/salt/minion/cert/ceph/init.yml b/mcp/reclass/classes/system/salt/minion/cert/ceph/init.yml new file mode 100644 index 000000000..8b2e61ce8 --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/cert/ceph/init.yml @@ -0,0 +1,12 @@ +parameters: + _param: + salt_minion_ca_authority: salt_master_ca + salt: + minion: + cert: + ceph: + host: ${_param:salt_minion_ca_host} + signing_policy: cert_server + authority: ${_param:salt_minion_ca_authority} + common_name: ${_param:cluster_public_host} + diff --git a/mcp/reclass/classes/system/salt/minion/cert/ceph/openstack.yml b/mcp/reclass/classes/system/salt/minion/cert/ceph/openstack.yml new file mode 100644 index 000000000..664352da9 --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/cert/ceph/openstack.yml @@ -0,0 +1,11 @@ +classes: +- system.salt.minion.cert.ceph +parameters: + _param: + salt_pki_ceph_alt_names: IP:${_param:cluster_public_host},DNS:${_param:cluster_public_host} + salt: + minion: + cert: + ceph: + common_name: ceph + alternative_names: IP:127.0.0.1,${_param:salt_pki_ceph_alt_names} diff --git a/mcp/reclass/classes/system/salt/minion/cert/ceph/pki.yml b/mcp/reclass/classes/system/salt/minion/cert/ceph/pki.yml new file mode 100644 index 000000000..37e4fc5ad --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/cert/ceph/pki.yml @@ -0,0 +1,8 @@ +parameters: + salt: + minion: + cert: + ceph: + key_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:ceph:common_name}.key + cert_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:ceph:common_name}.crt + all_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:ceph:common_name}-chain-with-key.pem diff --git a/mcp/reclass/classes/system/salt/minion/cert/etcd_client.yml b/mcp/reclass/classes/system/salt/minion/cert/etcd_client.yml new file mode 100644 index 000000000..90b41da7f --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/cert/etcd_client.yml @@ -0,0 +1,18 @@ +parameters: + salt: + minion: + cert: + etcd_client: + host: ${_param:salt_minion_ca_host} + authority: ${_param:salt_minion_ca_authority} + common_name: ${linux:system:name} + signing_policy: cert_open + alternative_names: IP:${_param:cluster_local_address},DNS:${linux:system:name},DNS:${linux:network:fqdn} + extended_key_usage: clientAuth + key_usage: "digitalSignature,nonRepudiation,keyEncipherment" + key_file: /var/lib/etcd/etcd-client.key + cert_file: /var/lib/etcd/etcd-client.crt + all_file: /var/lib/etcd/etcd-client.pem + ca_file: /var/lib/etcd/ca.pem + user: etcd + group: etcd diff --git a/mcp/reclass/classes/system/salt/minion/cert/etcd_server.yml b/mcp/reclass/classes/system/salt/minion/cert/etcd_server.yml new file mode 100644 index 000000000..ea26a4052 --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/cert/etcd_server.yml @@ -0,0 +1,18 @@ +parameters: + salt: + minion: + cert: + etcd_server: + host: ${_param:salt_minion_ca_host} + authority: ${_param:salt_minion_ca_authority} + common_name: ${linux:system:name} + signing_policy: cert_open + alternative_names: IP:127.0.0.1,IP:${_param:cluster_vip_address},IP:${_param:cluster_local_address},DNS:${linux:system:name},DNS:${linux:network:fqdn} + extended_key_usage: serverAuth,clientAuth + key_usage: "digitalSignature,nonRepudiation,keyEncipherment" + key_file: /var/lib/etcd/etcd-server.key + cert_file: /var/lib/etcd/etcd-server.crt + all_file: /var/lib/etcd/etcd-server.pem + ca_file: /var/lib/etcd/ca.pem + user: etcd + group: etcd diff --git a/mcp/reclass/classes/system/salt/minion/cert/k8s_client.yml b/mcp/reclass/classes/system/salt/minion/cert/k8s_client.yml new file mode 100644 index 000000000..06d83c4a1 --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/cert/k8s_client.yml @@ -0,0 +1,13 @@ +parameters: + salt: + minion: + cert: + k8s_client: + host: ${_param:salt_minion_ca_host} + authority: ${_param:salt_minion_ca_authority} + key_file: /etc/kubernetes/ssl/kubelet-client.key + cert_file: /etc/kubernetes/ssl/kubelet-client.crt + ca_file: /etc/kubernetes/ssl/ca-kubernetes.crt + common_name: kubelet-client + signing_policy: cert_client + alternative_names: IP:${_param:cluster_vip_address},IP:${_param:cluster_node01_address},IP:${_param:cluster_node02_address},IP:${_param:cluster_node03_address},IP:${_param:kubernetes_internal_api_address}
\ No newline at end of file diff --git a/mcp/reclass/classes/system/salt/minion/cert/k8s_client_single.yml b/mcp/reclass/classes/system/salt/minion/cert/k8s_client_single.yml new file mode 100644 index 000000000..179d534be --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/cert/k8s_client_single.yml @@ -0,0 +1,13 @@ +parameters: + salt: + minion: + cert: + k8s_client: + host: ${_param:salt_minion_ca_host} + authority: ${_param:salt_minion_ca_authority} + key_file: /etc/kubernetes/ssl/kubelet-client.key + cert_file: /etc/kubernetes/ssl/kubelet-client.crt + ca_file: /etc/kubernetes/ssl/ca-kubernetes.crt + common_name: kubelet-client + signing_policy: cert_client + alternative_names: IP:${_param:control_address},IP:${_param:kubernetes_internal_api_address}
\ No newline at end of file diff --git a/mcp/reclass/classes/system/salt/minion/cert/k8s_server.yml b/mcp/reclass/classes/system/salt/minion/cert/k8s_server.yml new file mode 100644 index 000000000..603d3691d --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/cert/k8s_server.yml @@ -0,0 +1,13 @@ +parameters: + salt: + minion: + cert: + k8s_server: + host: ${_param:salt_minion_ca_host} + authority: ${_param:salt_minion_ca_authority} + common_name: kubernetes-server + key_file: /srv/salt/env/${_param:salt_master_base_environment}/_certs/kubernetes/kubernetes-server.key + cert_file: /srv/salt/env/${_param:salt_master_base_environment}/_certs/kubernetes/kubernetes-server.crt + all_file: /srv/salt/env/${_param:salt_master_base_environment}/_certs/kubernetes/kubernetes-server.pem + signing_policy: cert_server + alternative_names: IP:${_param:cluster_vip_address},IP:${_param:cluster_node01_address},IP:${_param:cluster_node02_address},IP:${_param:cluster_node03_address},IP:${_param:kubernetes_internal_api_address},DNS:kubernetes.default,DNS:kubernetes.default.svc diff --git a/mcp/reclass/classes/system/salt/minion/cert/k8s_server_single.yml b/mcp/reclass/classes/system/salt/minion/cert/k8s_server_single.yml new file mode 100644 index 000000000..33637e4a8 --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/cert/k8s_server_single.yml @@ -0,0 +1,13 @@ +parameters: + salt: + minion: + cert: + k8s_server: + host: ${_param:salt_minion_ca_host} + authority: ${_param:salt_minion_ca_authority} + common_name: kubernetes-server + key_file: /srv/salt/env/${_param:salt_master_base_environment}/_certs/kubernetes/kubernetes-server.key + cert_file: /srv/salt/env/${_param:salt_master_base_environment}/_certs/kubernetes/kubernetes-server.crt + all_file: /srv/salt/env/${_param:salt_master_base_environment}/_certs/kubernetes/kubernetes-server.pem + signing_policy: cert_server + alternative_names: IP:${_param:control_address},IP:${_param:kubernetes_internal_api_address} diff --git a/mcp/reclass/classes/system/salt/minion/cert/prometheus_server.yml b/mcp/reclass/classes/system/salt/minion/cert/prometheus_server.yml new file mode 100644 index 000000000..30a0711a1 --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/cert/prometheus_server.yml @@ -0,0 +1,13 @@ +parameters: + salt: + minion: + cert: + prometheus_server: + host: ${_param:salt_minion_ca_host} + authority: ${_param:salt_minion_ca_authority} + key_file: ${prometheus:server:dir:config}/prometheus-server.key + cert_file: ${prometheus:server:dir:config}/prometheus-server.crt + common_name: prometheus-server + signing_policy: cert_client + alternative_names: IP:${_param:cluster_vip_address},IP:${_param:cluster_node01_address},IP:${_param:cluster_node02_address},IP:${_param:cluster_node03_address},IP:${_param:kubernetes_internal_api_address} + mode: '0444' diff --git a/mcp/reclass/classes/system/salt/minion/cert/proxy/cicd.yml b/mcp/reclass/classes/system/salt/minion/cert/proxy/cicd.yml new file mode 100644 index 000000000..5fb5b280a --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/cert/proxy/cicd.yml @@ -0,0 +1,15 @@ +classes: +- system.salt.minion.cert.proxy +parameters: + salt: + minion: + cert: + proxy: + alternative_names: "DNS:${_param:cluster_public_host}, DNS:*.${_param:cluster_public_host}, IP:${_param:control_vip_address}, IP:${_param:single_address}" + key_file: /etc/haproxy/ssl/${_param:cluster_public_host}.key + cert_file: /etc/haproxy/ssl/${_param:cluster_public_host}.crt + all_file: /etc/haproxy/ssl/${_param:cluster_public_host}-all.pem + ca_file: /etc/haproxy/ssl/${_param:salt_minion_ca_authority}-ca.crt + user: root + group: haproxy + mode: 640
\ No newline at end of file diff --git a/mcp/reclass/classes/system/salt/minion/cert/proxy/init.yml b/mcp/reclass/classes/system/salt/minion/cert/proxy/init.yml new file mode 100644 index 000000000..fac9aa554 --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/cert/proxy/init.yml @@ -0,0 +1,11 @@ +parameters: + _param: + salt_minion_ca_authority: salt_master_ca + salt: + minion: + cert: + proxy: + host: ${_param:salt_minion_ca_host} + signing_policy: cert_server + authority: ${_param:salt_minion_ca_authority} + common_name: ${_param:cluster_public_host} diff --git a/mcp/reclass/classes/system/salt/minion/cert/proxy/openstack.yml b/mcp/reclass/classes/system/salt/minion/cert/proxy/openstack.yml new file mode 100644 index 000000000..627d96bd6 --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/cert/proxy/openstack.yml @@ -0,0 +1,11 @@ +classes: +- system.salt.minion.cert.proxy +parameters: + _param: + salt_pki_proxy_alt_names: IP:${_param:cluster_public_host},DNS:${_param:cluster_public_host},DNS:proxy.${_param:cluster_public_host},DNS:horizon.${_param:cluster_public_host} + salt: + minion: + cert: + proxy: + common_name: proxy + alternative_names: IP:127.0.0.1,${_param:salt_pki_proxy_alt_names} diff --git a/mcp/reclass/classes/system/salt/minion/cert/proxy/pki.yml b/mcp/reclass/classes/system/salt/minion/cert/proxy/pki.yml new file mode 100644 index 000000000..731aea625 --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/cert/proxy/pki.yml @@ -0,0 +1,8 @@ +parameters: + salt: + minion: + cert: + proxy: + key_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:proxy:common_name}.key + cert_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:proxy:common_name}.crt + all_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:proxy:common_name}-chain-with-key.pem diff --git a/mcp/reclass/classes/system/salt/minion/cert/swift/init.yml b/mcp/reclass/classes/system/salt/minion/cert/swift/init.yml new file mode 100644 index 000000000..28859cf23 --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/cert/swift/init.yml @@ -0,0 +1,11 @@ +parameters: + _param: + salt_minion_ca_authority: salt_master_ca + salt: + minion: + cert: + swift: + host: ${_param:salt_minion_ca_host} + signing_policy: cert_server + authority: ${_param:salt_minion_ca_authority} + common_name: ${_param:cluster_public_host} diff --git a/mcp/reclass/classes/system/salt/minion/cert/swift/openstack.yml b/mcp/reclass/classes/system/salt/minion/cert/swift/openstack.yml new file mode 100644 index 000000000..5560e1b46 --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/cert/swift/openstack.yml @@ -0,0 +1,11 @@ +classes: +- system.salt.minion.cert.swift +parameters: + _param: + salt_pki_swift_alt_names: IP:${_param:cluster_public_host},DNS:${_param:cluster_public_host} + salt: + minion: + cert: + swift: + common_name: swift + alternative_names: IP:127.0.0.1,${_param:salt_pki_swift_alt_names} diff --git a/mcp/reclass/classes/system/salt/minion/cert/swift/pki.yml b/mcp/reclass/classes/system/salt/minion/cert/swift/pki.yml new file mode 100644 index 000000000..3195e48fc --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/cert/swift/pki.yml @@ -0,0 +1,8 @@ +parameters: + salt: + minion: + cert: + swift: + key_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:swift:common_name}.key + cert_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:swift:common_name}.crt + all_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:swift:common_name}-chain-with-key.pem diff --git a/mcp/reclass/classes/system/salt/minion/cert/wildcard/init.yml b/mcp/reclass/classes/system/salt/minion/cert/wildcard/init.yml new file mode 100644 index 000000000..29748958c --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/cert/wildcard/init.yml @@ -0,0 +1,16 @@ +parameters: + _param: + salt_minion_ca_authority: salt_master_ca + salt_pki_wildcard_alt_names: IP:${_param:cluster_public_host},DNS:${_param:cluster_public_host},DNS:*.${_param:cluster_public_host},DNS:${_param:cluster_domain},DNS:*.${_param:cluster_domain} + salt: + minion: + cert: + proxy: + host: ${_param:salt_minion_ca_host} + signing_policy: cert_server + authority: ${_param:salt_minion_ca_authority} + common_name: wildcard + alternative_names: IP:127.0.0.1,${_param:salt_pki_wildcard_alt_names} + key_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:wildcard:common_name}.key + cert_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:wildcard:common_name}.crt + all_file: /srv/salt/pki/${_param:cluster_name}/${salt:minion:cert:wildcard:common_name}-chain-with-key.pem diff --git a/mcp/reclass/classes/system/salt/minion/master.yml b/mcp/reclass/classes/system/salt/minion/master.yml new file mode 100644 index 000000000..fbeb1782d --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/master.yml @@ -0,0 +1,2 @@ +classes: +- service.salt.minion.master diff --git a/mcp/reclass/classes/system/salt/minion/masters.yml b/mcp/reclass/classes/system/salt/minion/masters.yml new file mode 100644 index 000000000..829474ac7 --- /dev/null +++ b/mcp/reclass/classes/system/salt/minion/masters.yml @@ -0,0 +1,7 @@ +parameters: + salt: + minion: + master_type: failover + masters: + - host: ${_param:infra_config_deploy_address} + - host: ${_param:infra_config_address} |