From 8de9c24300817b9d0ce4f2bfb2ab63643d895a1a Mon Sep 17 00:00:00 2001
From: Michael Polenchuk <mpolenchuk@mirantis.com>
Date: Wed, 15 Aug 2018 14:07:32 +0400
Subject: Turn off default apache ports

Change-Id: I0377615ff19e39aca74b90d2ff7e7b2cd5cd6ccb
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
---
 mcp/config/states/openstack_ha                                       | 2 +-
 mcp/config/states/openstack_noha                                     | 2 +-
 mcp/reclass/classes/cluster/mcp-common-ha/openstack_control.yml.j2   | 3 ++-
 mcp/reclass/classes/cluster/mcp-common-ha/openstack_proxy.yml.j2     | 5 +++++
 mcp/reclass/classes/cluster/mcp-common-ha/openstack_telemetry.yml.j2 | 2 ++
 mcp/reclass/classes/cluster/mcp-common-noha/openstack_control.yml    | 3 +++
 6 files changed, 14 insertions(+), 3 deletions(-)

diff --git a/mcp/config/states/openstack_ha b/mcp/config/states/openstack_ha
index 12d6ae656..d7d8cbd45 100755
--- a/mcp/config/states/openstack_ha
+++ b/mcp/config/states/openstack_ha
@@ -68,7 +68,7 @@ salt -I 'aodh:server' state.sls aodh -b 1
 salt -I 'ceilometer:server' state.sls ceilometer
 salt -I 'ceilometer:agent' state.sls ceilometer
 
-salt -I 'horizon:server' state.sls horizon
+salt -I 'horizon:server' state.sls apache,horizon
 salt -I 'nginx:server' state.sls nginx
 
 cluster_public_host=$(salt -C 'I@nginx:server and *01*' --out=yaml \
diff --git a/mcp/config/states/openstack_noha b/mcp/config/states/openstack_noha
index 02530236a..9a42d4813 100755
--- a/mcp/config/states/openstack_noha
+++ b/mcp/config/states/openstack_noha
@@ -56,4 +56,4 @@ salt -I 'aodh:server' state.sls aodh
 salt -I 'ceilometer:server' state.sls ceilometer
 salt -I 'ceilometer:agent' state.sls ceilometer
 
-salt -I 'horizon:server' state.sls horizon
+salt -I 'horizon:server' state.sls apache,horizon
diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control.yml.j2
index 33c74fda6..f9fe73aee 100644
--- a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control.yml.j2
+++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control.yml.j2
@@ -23,6 +23,7 @@ classes:
   - system.barbican.server.cluster
   - system.apache.server.site.barbican
   - service.barbican.server.plugin.simple_crypto
+  - system.apache.server.single
   - system.bind.server.single
   - system.haproxy.proxy.listen.openstack.placement
   - system.glusterfs.client.cluster
@@ -125,7 +126,7 @@ parameters:
   apache:
     server:
       bind:
-        ~ports: ~
+        listen_default_ports: false
   # sync from common-ha kvm role
   glusterfs:
     server:
diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_proxy.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_proxy.yml.j2
index d7ccff532..c23b50993 100644
--- a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_proxy.yml.j2
+++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_proxy.yml.j2
@@ -14,6 +14,7 @@ classes:
   - system.nginx.server.proxy.openstack_web
   - system.nginx.server.proxy.openstack.aodh
   - system.nginx.server.proxy.openstack.ceilometer
+  - system.apache.server.single
   - system.horizon.server.single
   - system.salt.minion.cert.proxy
   - system.sphinx.server.doc.reclass
@@ -93,3 +94,7 @@ parameters:
       vrrp_scripts:
         check_pidof:
           args: 'nginx'
+  apache:
+    server:
+      bind:
+        listen_default_ports: false
diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_telemetry.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_telemetry.yml.j2
index c55ea0049..9a9144ca7 100644
--- a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_telemetry.yml.j2
+++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_telemetry.yml.j2
@@ -69,6 +69,8 @@ parameters:
         - python-memcache
   apache:
     server:
+      bind:
+        listen_default_ports: false
       ~modules:
         - rewrite
 {%- if conf.MCP_VCP %} {#- wsgi module will be enabled by a different class inherited later #}
diff --git a/mcp/reclass/classes/cluster/mcp-common-noha/openstack_control.yml b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_control.yml
index 0eeff7c05..8ba9c6966 100644
--- a/mcp/reclass/classes/cluster/mcp-common-noha/openstack_control.yml
+++ b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_control.yml
@@ -60,6 +60,7 @@ classes:
   - system.apache.server.site.gnocchi
   - system.apache.server.site.panko
   - system.apache.server.site.barbican
+  - system.apache.server.single
   - system.horizon.server.single
   - service.haproxy.proxy.single
   - cluster.mcp-common-noha.haproxy_openstack_api
@@ -174,6 +175,8 @@ parameters:
       root_helper_daemon: false
   apache:
     server:
+      bind:
+        listen_default_ports: false
       site:
         gnocchi: &wsgi_threads
           wsgi:
-- 
cgit 1.2.3-korg