1 files changed, 65 insertions, 14 deletions

diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control.yml.j2
index 0189e038c..b3ab9e2c7 100644
--- a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control.yml.j2
+++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control.yml.j2
@@ -7,8 +7,6 @@
 ##############################################################################
 ---
 classes:
-  - system.linux.system.repo.mcp.mirror.v1.openstack
-  - system.linux.system.repo.glusterfs
   - system.ceilometer.client
   - system.memcached.server.single
   - system.keystone.server.cluster
@@ -20,11 +18,17 @@ classes:
   - system.heat.server.cluster
   - system.designate.server.cluster
   - system.designate.server.backend.bind
+  - system.barbican.server.cluster
+  - system.apache.server.site.barbican
+  - service.barbican.server.plugin.simple_crypto
+  - system.apache.server.single
   - system.bind.server.single
   - system.haproxy.proxy.listen.openstack.placement
   - system.glusterfs.client.cluster
   - system.glusterfs.client.volume.glance
   - system.glusterfs.client.volume.keystone
+  - cluster.all-mcp-arch-common.backports
+  - cluster.mcp-common-ha.glusterfs_repo
 {%- if not conf.MCP_VCP %}
   # sync from kvm
   - service.keepalived.cluster.single
@@ -42,13 +46,13 @@ classes:
   # - system.salt.control.cluster.stacklight_log_cluster
   # - system.salt.control.cluster.stacklight_telemetry_cluster
   - cluster.mcp-common-ha.infra.kvm_pdf
-  - cluster.mcp-common-ha.include.maas_proxy
-  - cluster.mcp-common-ha.include.lab_proxy_pdf
+  - cluster.all-mcp-arch-common.opnfv.maas_proxy
+  - cluster.all-mcp-arch-common.opnfv.lab_proxy_pdf
 {%- endif %}
 parameters:
   _param:
 {%- if not conf.MCP_VCP %}
-    linux_system_codename: xenial  # sync from kvm
+    linux_system_codename: bionic  # sync from kvm
     # For NOVCP, we switch keepalived VIPs, to keep cluster_vip_address in ctl
     single_nic: br-ctl  # for keepalive_vip_interface interpolation
     control_nic: ~      # Dummy value to keep reclass 1.5.2 happy
@@ -66,28 +70,60 @@ parameters:
     cluster_node03_hostname: ${_param:openstack_control_node03_hostname}
     cluster_node03_address: ${_param:openstack_control_node03_address}
     nova_vncproxy_url: https://${_param:cluster_public_host}:6080
-    glusterfs_version: '3.13'
+    barbican_integration_enabled: 'false'
+    fernet_rotation_driver: 'shared_filesystem'
+    credential_rotation_driver: 'shared_filesystem'
+  common_conn_recycle_time: &db_conn_recycle_time
+    database:
+      connection_recycle_time: ${_param:db_connection_recycle_time}
   nova:
-    controller: &db_conn_recycle_time
-      database:
-        connection_recycle_time: ${_param:db_connection_recycle_time}
+    controller:
+      <<: *db_conn_recycle_time
+      barbican:
+        enabled: ${_param:barbican_integration_enabled}
+      pkgs:
+        - nova-api
+        - nova-conductor
+        - nova-consoleauth
+        - nova-scheduler
+        - nova-novncproxy
+        - python3-novaclient
   cinder:
     controller:
+      pkgs:
+        - cinder-api
+        - cinder-scheduler
       <<: *db_conn_recycle_time
   neutron:
     server:
       <<: *db_conn_recycle_time
       vlan_aware_vms: true
       root_helper_daemon: false
+      agent_down_time: 300
+      global_physnet_mtu: ${_param:interface_mtu}
+      backend:
+        external_mtu: ${_param:interface_mtu}
+      pkgs:
+        - neutron-server
   keystone:
     server:
       <<: *db_conn_recycle_time
       cacert: /etc/ssl/certs/mcp_os_cacert
       openrc_extra:
-        volume_device_name: vdc
+        volume_device_name: sdc
+      pkgs:
+        - keystone
+        - python3-memcache
+        - python3-openstackclient
   glance:
     server:
       <<: *db_conn_recycle_time
+      identity:
+        barbican_endpoint: ${barbican:server:host_href}
+      pkgs:
+        - glance
+      services:
+        - glance-api
 {%- if conf.MCP_VCP %}
   heat:
     server:
@@ -104,6 +140,9 @@ parameters:
         host: ${_param:openstack_proxy_control_address}
         port: 8003
         protocol: http
+  apache:
+    server:
+      mod_wsgi: libapache2-mod-wsgi-py3
 {%- else %}
   libvirt:
     server:
@@ -120,7 +159,8 @@ parameters:
   apache:
     server:
       bind:
-        ~ports: ~
+        listen_default_ports: false
+      mod_wsgi: libapache2-mod-wsgi-py3
   # sync from common-ha kvm role
   glusterfs:
     server:
@@ -146,9 +186,17 @@ parameters:
       listen:
         heat_cloudwatch_api:
           enabled: false
-        neutron_api:
-          # Set source balancing
-          type: heat
+  barbican:
+    server:
+      ks_notifications_enable: true
+      store:
+        software:
+          crypto_plugin: simple_crypto
+          store_plugin: store_crypto
+          global_default: true
+      database:
+        connection_recycle_time: ${_param:db_connection_recycle_time}
+        host: ${_param:openstack_database_address}
   bind:
     server:
       control:
@@ -164,6 +212,9 @@ parameters:
           keys:
             - designate
   designate:
+    _support:
+      sphinx:
+        enabled: False  # Workaround broken meta/sphinx.yml in salt-formula-designate
     server:
       pools:
         default: