From 90c0b369c01a2185fe86651f8ad9e0a172d6941d Mon Sep 17 00:00:00 2001 From: Alexandru Avadanii Date: Sun, 17 Dec 2017 19:34:18 +0100 Subject: [baremetal] MaaS: Enable HTTP proxy Instead of using NAT on the mas01 node for all cluster node outgoing traffic, use the MaaS built-in proxy for APT traffic to leverage its caching capabilities too. Also enable the proxy for salt minions, so they can access public keyservers et al. Cleanup public DNS from kvm nodes, interferes with MaaS proxy. Add example config for global env proxy, but don't enable it: - default environment settings - /etc/environment (via reclass); The MaaS proxy will not be used (at least for now) on nodes: - cfg01; - mas01; NOTE: We can't yet drop the maas.pxe_nat state completely, as certain Openstack services are still accessed via public addresses from ctl nodes. JIRA: FUEL-317 JIRA: FUEL-318 Change-Id: I6c5f6872bb94afb838580571080e808bc262fc68 Signed-off-by: Alexandru Avadanii --- .../baremetal-mcp-pike-common-ha/include/proxy.yml | 23 ++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/include/proxy.yml (limited to 'mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/include/proxy.yml') diff --git a/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/include/proxy.yml b/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/include/proxy.yml new file mode 100644 index 000000000..5d7475812 --- /dev/null +++ b/mcp/reclass/classes/cluster/baremetal-mcp-pike-common-ha/include/proxy.yml @@ -0,0 +1,23 @@ +############################################################################## +# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +parameters: + # NOTE: Apt proxy is set by curtin, Salt minion proxy is configured below, + # only enable proxy via /etc/environment if you need it for smth else + # linux: + # system: + # env: + # http_proxy: http://${_param:infra_maas_node01_deploy_address}:8000 + # https_proxy: http://${_param:infra_maas_node01_deploy_address}:8000 + # no_proxy: + # - .local + salt: + minion: + proxy: + host: ${_param:infra_maas_node01_deploy_address} + port: 8000 -- cgit 1.2.3-korg '/>
path: root/tests/test_apex_clean.py
blob: 2a436a7ccdc5f4e82602476d084417765849d7b7 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41