+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: 'drydock/BootAction/v1'
-metadata:
- schema: 'metadata/Document/v1'
- name: i40evf_blacklist
- storagePolicy: 'cleartext'
- layeringDefinition:
- abstract: false
- layer: site
- labels:
- application: 'drydock'
-data:
- signaling: false
- node_filter:
- filter_set_type: 'union'
- filter_set:
- - filter_type: 'union'
- assets:
- - path: /etc/modprobe.d/sriov_blacklist.conf
- type: file
- permissions: '644'
- data_pipeline:
- - utf8_decode
- data: |
- blacklist i40evf
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: 'drydock/BootAction/v1'
-metadata:
- schema: 'metadata/Document/v1'
- name: calico-ip-rules
- storagePolicy: 'cleartext'
- layeringDefinition:
- abstract: false
- layer: site
- labels:
- application: 'drydock'
- substitutions:
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .kubernetes.pod_cidr
- dest:
- path: .assets[0].data
- pattern: DH_SUB_POD_CIDR
-data:
- signaling: false
- assets:
- - path: /etc/systemd/system/configure-ip-rules.service
- type: unit
- permissions: '444'
- data: |-
- [Unit]
- Description=IP Rules Initialization Service
- After=network-online.target local-fs.target
-
- [Service]
- Type=simple
- ExecStart=/opt/configure-ip-rules.sh -g 172.29.1.1 -c 10.98.0.0/16 -s 172.29.1.128/29
-
- [Install]
- WantedBy=multi-user.target
- data_pipeline:
- - utf8_decode
- - path: /opt/configure-ip-rules.sh
- type: file
- permissions: '700'
- data_pipeline:
- - utf8_decode
- data: |-
- #!/bin/bash
- set -ex
-
- function usage() {
- cat <<EOU
- Options are:
-
- -c POD_CIDR The pod CIDR for the Kubernetes cluster, e.g. 10.98.0.0/16
- -i INTERFACE The interface for internal pod traffic, e.g. bond1.2006
- -o OVERLAP_CIDR (optional) This CIDR will be routed via the VRRP IP on
- INTERFACE. It is used to provide a work around when
- complete Calico routes cannot be received via BGP.
- e.g. 10.96.0.0/15. NOTE: This must include the POD_CIDR.
- -s SERVICE_CIDR (optional) A routable CIDR to configure for ingress, maas,
- e.g. 135.21.99.192/29
- EOU
- }
-
- SERVICE_CIDR=
- OVERLAP_CIDR=
-
- while getopts ":c:hi:o:s:" o; do
- case "${o}" in
- c)
- POD_CIDR=${OPTARG}
- ;;
- h)
- usage
- exit 0
- ;;
- i)
- INTERFACE=${OPTARG}
- ;;
- o)
- OVERLAP_CIDR=${OPTARG}
- ;;
- s)
- SERVICE_CIDR=${OPTARG}
- ;;
- \?)
- echo "Unknown option: -${OPTARG}" >&2
- exit 1
- ;;
- :)
- echo "Missing argument for option: -${OPTARG}" >&2
- exit 1
- ;;
- *)
- echo "Unimplemented option: -${OPTARG}" >&2
- exit 1
- ;;
- esac
- done
- shift $((OPTIND-1))
-
- if [ "x$POD_CIDR" == "x" ]; then
- echo "Missing pod CIDR, e.g -c 10.98.0.0/16" >&2
- usage
- exit 1
- fi
-
- if [ "x$INTERFACE" == "x" ]; then
- echo "Missing interface, e.g. -i bond1.2006" >&2
- usage
- exit 1
- fi
-
- while ! ip route list dev "${INTERFACE}" > /dev/null; do
- echo Waiting for device "${INTERFACE}" to be ready. >&2
- sleep 5
- done
-
- intra_vrrp_ip=$(ip route list dev "${INTERFACE}" | awk '($2~/via/){print $3}' | head -n 1)
-
- TABLE="1500"
-
- # Setup a routing table for traffic from service IPs
- ip route flush table "${TABLE}"
- ip route add default via "${intra_vrrp_ip}" table "${TABLE}"
-
- if [ "x$OVERLAP_CIDR" != "x" ]; then
- # NOTE(mb874d): This is a work-around for nodes not receiving complete
- # routes via BGP. It may also be required for brownfield large sites.
- ip route add "${OVERLAP_CIDR}" via "${intra_vrrp_ip}"
- fi
-
- if [ "x$SERVICE_CIDR" != "x" ]; then
- # Traffic from the service IPs to pods should use the pod network.
- ip rule add \
- from "${SERVICE_CIDR}" \
- to "${POD_CIDR}" \
- lookup main \
- pref 10000
- # Other traffic from service IPs should only use the VRRP IP
- ip rule add \
- from "${SERVICE_CIDR}" \
- lookup "${TABLE}" \
- pref 10100
- fi
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: 'drydock/BootAction/v1'
-metadata:
- schema: 'metadata/Document/v1'
- name: promjoin
- storagePolicy: 'cleartext'
- layeringDefinition:
- abstract: false
- layer: site
- labels:
- application: 'drydock'
-data:
- signaling: false
- node_filter:
- filter_set_type: 'union'
- filter_set:
- - filter_type: 'union'
- node_names:
- - 'aknode41'
- - 'aknode42'
- # TODO(alanmeadows) move what is global about this document - everything except nodenames to global
- assets:
- - path: /opt/promjoin.sh
- type: file
- permissions: '555'
- # TODO(alanmeadows) You must replace the ip= parameter below with the appropriate MaaS network name of the network
- # you should use to contact kubernetes in the case below, this is cab24_mgmt
- location: promenade+http://promenade-api.ucp.svc.cluster.local/api/v1.0/join-scripts?design_ref={{ action.design_ref | urlencode }}&hostname={{ node.hostname }}&ip={{ node.network.calico.ip }}{% for k, v in node.labels.items() %}&labels.dynamic={{ k }}={{ v }}{% endfor %}
- location_pipeline:
- - template
- data_pipeline:
- - utf8_decode
- - path: /lib/systemd/system/promjoin.service
- type: unit
- permissions: '600'
- data: |-
- W1VuaXRdCkRlc2NyaXB0aW9uPVByb21lbmFkZSBJbml0aWFsaXphdGlvbiBTZXJ2aWNlCkFmdGVy
- PW5ldHdvcmstb25saW5lLnRhcmdldCBsb2NhbC1mcy50YXJnZXQKQ29uZGl0aW9uUGF0aEV4aXN0
- cz0hL3Zhci9saWIvcHJvbS5kb25lCgpbU2VydmljZV0KVHlwZT1zaW1wbGUKRXhlY1N0YXJ0PS9v
- cHQvcHJvbWpvaW4uc2gKCltJbnN0YWxsXQpXYW50ZWRCeT1tdWx0aS11c2VyLnRhcmdldAo=
- data_pipeline:
- - base64_decode
- - utf8_decode
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: 'drydock/BaremetalNode/v1'
-metadata:
- schema: 'metadata/Document/v1'
- name: aknode41
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data:
- host_profile: ControlPlane
- # the hostname for a server, could be used in multiple DNS domains to
- # represent different interfaces
- addressing:
- # Which network the address applies to. If a network appears in addressing
- # that isn't assigned to an interface, design validation will fail
- - network: oob
- address: 192.168.41.41
- - network: pxe
- # The address assigned. Either a explicit IPv4 or IPv6 address
- # or dhcp or slaac
- address: 172.30.2.41
- - network: oam
- address: 192.168.2.41
- - network: storage
- address: 172.31.2.41
- - network: overlay
- address: 10.0.102.41
- - network: calico
- address: 172.29.1.41
- metadata:
- rack: RACK01
- tags:
- - 'masters'
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: 'drydock/BaremetalNode/v1'
-metadata:
- schema: 'metadata/Document/v1'
- name: aknode42
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data:
- host_profile: ControlPlane
- # the hostname for a server, could be used in multiple DNS domains to
- # represent different interfaces
- addressing:
- # Which network the address applies to. If a network appears in addressing
- # that isn't assigned to an interface, design validation will fail
- - network: oob
- address: 192.168.41.42
- - network: pxe
- # The address assigned. Either a explicit IPv4 or IPv6 address
- # or dhcp or slaac
- address: 172.30.2.42
- - network: oam
- address: 192.168.2.42
- - network: storage
- address: 172.31.2.42
- - network: overlay
- address: 10.0.102.42
- - network: calico
- address: 172.29.1.42
- metadata:
- rack: RACK01
- tags:
- - 'masters'
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: shipyard/DeploymentConfiguration/v1
-metadata:
- schema: metadata/Document/v1
- name: deployment-configuration
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data:
- armada:
- manifest: 'full-site'
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: pegleg/CommonAddresses/v1
-metadata:
- schema: metadata/Document/v1
- name: common-addresses
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data:
- calico:
- ip_autodetection_method: interface=bond0.44
- etcd:
- service_ip: 10.96.232.136
-
- dns:
- cluster_domain: cluster.local
- service_ip: 10.96.0.10
- upstream_servers:
- - 192.168.2.85
- - 8.8.8.8
- - 8.8.8.8
- upstream_servers_joined: '192.168.2.85,8.8.8.8'
- ingress_domain: dellgen10.akraino.org
- genesis:
- hostname: aknode40
- ip: 172.29.1.40
-
- bootstrap:
- ip: 172.30.2.40
-
- kubernetes:
- api_service_ip: 10.96.0.1
- etcd_service_ip: 10.96.0.2
- pod_cidr: 10.98.0.0/16
- service_cidr: 10.96.0.0/15
- apiserver_port: 6443
- haproxy_port: 6553
- service_node_port_range: 30000-32767
-
- etcd:
- container_port: 2379
- haproxy_port: 2378
-
- masters:
- - hostname: aknode41
- - hostname: aknode42
-
- proxy:
- http: ""
- https: ""
- no_proxy: []
-
- node_ports:
- drydock_api: 30000
- maas_api: 30001
- maas_proxy: 31800 # hardcoded in MAAS
- shipyard_api: 30003
- airflow_web: 30004
-
- ntp:
- servers_joined: '0.ubuntu.pool.ntp.org,1.ubuntu.pool.ntp.org,2.ubuntu.pool.ntp.org'
-
- # Used for FQDN setup/definition
- domain:
- url: dellgen10.lab.akraino.org
-
- ldap:
- base_url: 'its-a-ldap.example.com'
- url: 'ldap://its-a-ldap.example.com'
- auth_path: DC=test,DC=test,DC=com?sAMAccountName?sub?memberof=CN=test,OU=Application,OU=Groups,DC=test,DC=test,DC=com
- common_name: AP-NC_Test_Users
- subdomain: testitservices
- domain: example
-
- storage:
- ceph:
- public_cidr: '172.31.2.0/24'
- cluster_cidr: '172.31.2.0/24'
-
- neutron:
- tunnel_device: 'bond0.45'
- external_iface: 'bond0'
-
- openvswitch:
- external_iface: 'bond0'
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: 'drydock/NetworkLink/v1'
-metadata:
- schema: 'metadata/Document/v1'
- name: oob
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data:
- labels:
- noconfig: enabled
- bonding:
- mode: disabled
- mtu: 9000
- linkspeed: auto
- trunking:
- mode: disabled
- default_network: oob
- allowed_networks:
- - oob
-...
----
-schema: 'drydock/Network/v1'
-metadata:
- schema: 'metadata/Document/v1'
- name: oob
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data:
- cidr: 192.168.41.0/24
- routes:
- - subnet: '0.0.0.0/0'
- gateway: 192.168.41.1
- ranges:
- - type: static
- start: 192.168.41.13
- end: 192.168.41.254
-...
----
-schema: 'drydock/NetworkLink/v1'
-metadata:
- schema: 'metadata/Document/v1'
- name: pxe
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data:
- bonding:
- mode: disabled
- mtu: 9000
- linkspeed: auto
- trunking:
- mode: disabled
- default_network: pxe
- allowed_networks:
- - pxe
-...
----
-schema: 'drydock/Network/v1'
-metadata:
- schema: 'metadata/Document/v1'
- name: pxe
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data:
- cidr: 172.30.2.0/24
- routes:
- - subnet: '0.0.0.0/0'
- gateway: 172.30.2.40
- ranges:
- - type: reserved
- start: 172.30.2.2
- end: 172.30.2.10
- - type: static
- start: 172.30.2.11
- end: 172.30.2.200
- - type: dhcp
- start: 172.30.2.201
- end: 172.30.2.254
- dns:
- domain: lab.akraino.org
- servers: '192.168.2.85 8.8.8.8 8.8.4.4'
-...
----
-schema: 'drydock/NetworkLink/v1'
-metadata:
- schema: 'metadata/Document/v1'
- name: bond0
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data:
- bonding:
- mode: 802.3ad
- hash: layer3+4
- peer_rate: fast
- mon_rate: 100
- up_delay: 1000
- down_delay: 3000
- mtu: 9000
- linkspeed: auto
- trunking:
- mode: 802.1q
- allowed_networks:
- - oam
- - storage
- - overlay
- - calico
-...
----
-schema: 'drydock/Network/v1'
-metadata:
- schema: 'metadata/Document/v1'
- name: oam
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data:
- vlan: '41'
- mtu: 9000
- cidr: 192.168.2.0/24
- routes:
- - subnet: '0.0.0.0/0'
- gateway: 192.168.2.200
- ranges:
- - type: reserved
- start: 192.168.2.84
- end: 192.168.2.86
- - type: static
- start: 192.168.2.40
- end: 192.168.2.45
- dns:
- domain: lab.akraino.org
- servers: '192.168.2.85 8.8.8.8 8.8.4.4'
-...
----
-schema: 'drydock/Network/v1'
-metadata:
- schema: 'metadata/Document/v1'
- name: storage
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data:
- vlan: '42'
- mtu: 9000
- cidr: 172.31.2.0/24
- ranges:
- - type: static
- start: 172.31.2.11
- end: 172.31.2.254
-...
----
-schema: 'drydock/Network/v1'
-metadata:
- schema: 'metadata/Document/v1'
- name: overlay
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data:
- vlan: '45'
- mtu: 9000
- cidr: 10.0.102.0/24
- ranges:
- - type: static
- start: 10.0.102.11
- end: 10.0.102.254
-...
----
-schema: 'drydock/Network/v1'
-metadata:
- schema: 'metadata/Document/v1'
- name: calico
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data:
- vlan: '44'
- mtu: 9000
- cidr: 172.29.1.0/24
- ranges:
- - type: static
- start: 172.29.1.5
- end: 172.29.1.254
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: promenade/PKICatalog/v1
-metadata:
- schema: metadata/Document/v1
- name: cluster-certificates
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data:
- certificate_authorities:
- kubernetes:
- description: CA for Kubernetes components
- certificates:
- - document_name: apiserver
- description: Service certificate for Kubernetes apiserver
- common_name: apiserver
- hosts:
- - localhost
- - 127.0.0.1
- - 10.96.0.1
- kubernetes_service_names:
- - kubernetes.default.svc.cluster.local
- - document_name: kubelet-genesis
- common_name: system:node:aknode40
- hosts:
- - aknode40
- - 192.168.2.40
- - 172.29.1.40
- - 172.30.2.40
- groups:
- - system:nodes
- - document_name: kubelet-aknode40
- common_name: system:node:aknode40
- hosts:
- - aknode40
- - 192.168.2.40
- - 172.29.1.40
- - 172.30.2.40
- groups:
- - system:nodes
- - document_name: kubelet-aknode41
- common_name: system:node:aknode41
- hosts:
- - aknode41
- - 192.168.2.41
- - 172.29.1.41
- - 172.30.2.41
- groups:
- - system:nodes
- - document_name: kubelet-aknode42
- common_name: system:node:aknode42
- hosts:
- - aknode42
- - 192.168.2.42
- - 172.29.1.42
- - 172.30.2.42
- groups:
- - system:nodes
- - document_name: scheduler
- description: Service certificate for Kubernetes scheduler
- common_name: system:kube-scheduler
- - document_name: controller-manager
- description: certificate for controller-manager
- common_name: system:kube-controller-manager
- - document_name: admin
- common_name: admin
- groups:
- - system:masters
- - document_name: armada
- common_name: armada
- groups:
- - system:masters
- kubernetes-etcd:
- description: Certificates for Kubernetes's etcd servers
- certificates:
- - document_name: apiserver-etcd
- description: etcd client certificate for use by Kubernetes apiserver
- common_name: apiserver
- # NOTE(mark-burnett): hosts not required for client certificates
- - document_name: kubernetes-etcd-anchor
- description: anchor
- common_name: anchor
- - document_name: kubernetes-etcd-genesis
- common_name: kubernetes-etcd-genesis
- hosts:
- - aknode40
- - 192.168.2.40
- - 172.29.1.40
- - 172.30.2.40
- - 127.0.0.1
- - localhost
- - kubernetes-etcd.kube-system.svc.cluster.local
- - 10.96.0.2
- - document_name: kubernetes-etcd-aknode40
- common_name: kubernetes-etcd-aknode40
- hosts:
- - aknode40
- - 192.168.2.40
- - 172.29.1.40
- - 172.30.2.40
- - 127.0.0.1
- - localhost
- - kubernetes-etcd.kube-system.svc.cluster.local
- - 10.96.0.2
- - document_name: kubernetes-etcd-aknode41
- common_name: kubernetes-etcd-aknode41
- hosts:
- - aknode41
- - 192.168.2.41
- - 172.29.1.41
- - 172.30.2.41
- - 127.0.0.1
- - localhost
- - kubernetes-etcd.kube-system.svc.cluster.local
- - 10.96.0.2
- - document_name: kubernetes-etcd-aknode42
- common_name: kubernetes-etcd-aknode42
- hosts:
- - aknode42
- - 192.168.2.42
- - 172.29.1.42
- - 172.30.2.42
- - 127.0.0.1
- - localhost
- - kubernetes-etcd.kube-system.svc.cluster.local
- - 10.96.0.2
- kubernetes-etcd-peer:
- certificates:
- - document_name: kubernetes-etcd-genesis-peer
- common_name: kubernetes-etcd-genesis-peer
- hosts:
- - aknode40
- - 192.168.2.40
- - 172.29.1.40
- - 172.30.2.40
- - 127.0.0.1
- - localhost
- - kubernetes-etcd.kube-system.svc.cluster.local
- - 10.96.0.2
- - document_name: kubernetes-etcd-aknode40-peer
- common_name: kubernetes-etcd-aknode40-peer
- hosts:
- - aknode40
- - 192.168.2.40
- - 172.29.1.40
- - 172.30.2.40
- - 127.0.0.1
- - localhost
- - kubernetes-etcd.kube-system.svc.cluster.local
- - 10.96.0.2
- - document_name: kubernetes-etcd-aknode41-peer
- common_name: kubernetes-etcd-aknode41-peer
- hosts:
- - aknode41
- - 192.168.2.41
- - 172.29.1.41
- - 172.30.2.41
- - 127.0.0.1
- - localhost
- - kubernetes-etcd.kube-system.svc.cluster.local
- - 10.96.0.2
- - document_name: kubernetes-etcd-aknode42-peer
- common_name: kubernetes-etcd-aknode42-peer
- hosts:
- - aknode42
- - 192.168.2.42
- - 172.29.1.42
- - 172.30.2.42
- - 127.0.0.1
- - localhost
- - kubernetes-etcd.kube-system.svc.cluster.local
- - 10.96.0.2
- calico-etcd:
- description: Certificates for Calico etcd client traffic
- certificates:
- - document_name: calico-etcd-anchor
- description: anchor
- common_name: anchor
- - document_name: calico-etcd-aknode40
- common_name: calico-etcd-aknode40
- hosts:
- - aknode40
- - 192.168.2.40
- - 172.29.1.40
- - 172.30.2.40
- - 127.0.0.1
- - localhost
- - 10.96.232.136
- - document_name: calico-etcd-aknode41
- common_name: calico-etcd-aknode41
- hosts:
- - aknode41
- - 192.168.2.41
- - 172.29.1.41
- - 172.30.2.41
- - 127.0.0.1
- - localhost
- - 10.96.232.136
- - document_name: calico-etcd-aknode42
- common_name: calico-etcd-aknode42
- hosts:
- - aknode42
- - 192.168.2.42
- - 172.29.1.42
- - 172.30.2.42
- - 127.0.0.1
- - localhost
- - 10.96.232.136
- - document_name: calico-node
- common_name: calcico-node
- calico-etcd-peer:
- description: Certificates for Calico etcd clients
- certificates:
- - document_name: calico-etcd-aknode40-peer
- common_name: calico-etcd-aknode40-peer
- hosts:
- - aknode40
- - 192.168.2.40
- - 172.29.1.40
- - 172.30.2.40
- - 127.0.0.1
- - localhost
- - 10.96.232.136
- - document_name: calico-etcd-aknode41-peer
- common_name: calico-etcd-aknode41-peer
- hosts:
- - aknode41
- - 192.168.2.41
- - 172.29.1.41
- - 172.30.2.41
- - 127.0.0.1
- - localhost
- - 10.96.232.136
- - document_name: calico-etcd-aknode42-peer
- common_name: calico-etcd-aknode42-peer
- hosts:
- - aknode42
- - 192.168.2.42
- - 172.29.1.42
- - 172.30.2.42
- - 127.0.0.1
- - localhost
- - 10.96.232.136
- - document_name: calico-node-peer
- common_name: calcico-node-peer
- keypairs:
- - name: service-account
- description: Service account signing key for use by Kubernetes controller-manager.
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: promenade/Genesis/v1
-metadata:
- schema: metadata/Document/v1
- name: genesis-site
- layeringDefinition:
- abstract: false
- layer: site
- parentSelector:
- name: genesis-global
- actions:
- - method: replace
- path: .labels.dynamic
- - method: merge
- path: .
- storagePolicy: cleartext
-data:
- labels:
- dynamic:
- - beta.kubernetes.io/fluentd-ds-ready=true
- - calico-etcd=enabled
- - ceph-mds=enabled
- - ceph-mon=enabled
- - ceph-osd=enabled
- - ceph-rgw=enabled
- - ceph-mgr=enabled
- - kube-dns=enabled
- - kube-ingress=enabled
- - kubernetes-apiserver=enabled
- - kubernetes-controller-manager=enabled
- - kubernetes-etcd=enabled
- - kubernetes-scheduler=enabled
- - promenade-genesis=enabled
- - ucp-control-plane=enabled
- - maas-control-plane=enabled
- - ceph-osd-bootstrap=enabled
- - openstack-libvirt=kernel
- - openvswitch=enabled
- - openstack-control-plane=enabled
- - openstack-nova-compute=enabled
- - sriov=enabled
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: 'drydock/HardwareProfile/v1'
-metadata:
- schema: 'metadata/Document/v1'
- name: DELL_HP_Generic
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data:
- vendor: DELL
- generation: '10'
- hw_version: '3'
- bios_version: '2.8'
- boot_mode: bios
- bootstrap_protocol: pxe
- pxe_interface: 0
- device_aliases: {}
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: drydock/HostProfile/v1
-metadata:
- schema: metadata/Document/v1
- name: ComputePlane
- storagePolicy: cleartext
- labels:
- hosttype: ComputePlane
- layeringDefinition:
- abstract: false
- layer: site
- substitutions:
- - dest:
- path: .oob.credential
- src:
- schema: deckhand/Passphrase/v1
- name: ipmi_admin_password
- path: .
-data:
- hardware_profile: DELL_HP_Generic
- oob:
- type: 'ipmi'
- network: 'oob'
- account: 'root'
- primary_network: 'oam'
- hardware_profile: DELL_HP_Generic
- interfaces:
- pxe:
- device_link: pxe
- slaves:
- - 'eno3'
- networks:
- - 'pxe'
- bond0:
- device_link: bond0
- slaves:
- - 'enp94s0f0'
- - 'enp94s0f1'
- networks:
- - 'oam'
- - 'storage'
- - 'overlay'
- - 'calico'
- p1p1:
- slaves:
- - 'sriov_nic01'
- sriov:
- vf_count: 32 # Currently ignored
- trustedmode: false
- p3p2:
- slaves:
- - 'sriov_nic02'
- sriov:
- vf_count: 32 # Currently ignored
- trustedmode: false
- storage:
- physical_devices:
- sdg:
- labels:
- bootdrive: 'true'
- partitions:
- - name: 'root'
- size: '20g'
- filesystem:
- mountpoint: '/'
- fstype: 'ext4'
- mount_options: 'defaults'
- - name: 'boot'
- size: '1g'
- filesystem:
- mountpoint: '/boot'
- fstype: 'ext4'
- mount_options: 'defaults'
- - name: 'var'
- size: '>300g'
- filesystem:
- mountpoint: '/var'
- fstype: 'ext4'
- mount_options: 'defaults'
- sdh:
- partitions:
- - name: 'nova'
- size: '99%'
- filesystem:
- mountpoint: '/var/lib/nova'
- fstype: 'ext4'
- mount_options: 'defaults'
- platform:
- image: 'xenial'
- kernel: 'hwe-16.04'
- kernel_params:
- console: 'ttyS1,115200n8'
- intel_iommu: 'on'
- iommu: 'pt'
- amd_iommu: 'on'
- transparent_hugepage: 'never'
- hugepagesz: 'hardwareprofile:hugepages.dpdk.size'
- hugepages: 'hardwareprofile:hugepages.dpdk.count'
- default_hugepagesz: 'hardwareprofile:hugepages.dpdk.size'
- isolcpus: 'hardwareprofile:cpuset.kvm'
- metadata:
- owner_data:
- openstack-nova-compute: enabled
- openvswitch: enabled
- openstack-libvirt: kernel
- sriov: enabled
- beta.kubernetes.io/fluentd-ds-ready: 'true'
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: drydock/HostProfile/v1
-metadata:
- schema: metadata/Document/v1
- name: ControlPlane
- storagePolicy: cleartext
- labels:
- hosttype: ControlPlane
- layeringDefinition:
- abstract: false
- layer: site
- substitutions:
- - dest:
- path: .oob.credential
- src:
- schema: deckhand/Passphrase/v1
- name: ipmi_admin_password
- path: .
-data:
- oob:
- type: 'ipmi'
- network: 'oob'
- account: 'root'
- primary_network: 'oam'
- hardware_profile: DELL_HP_Generic
- interfaces:
- pxe:
- device_link: pxe
- slaves:
- - 'eno3'
- networks:
- - 'pxe'
- bond0:
- device_link: bond0
- slaves:
- - 'enp94s0f0'
- - 'enp94s0f1'
- networks:
- - 'oam'
- - 'storage'
- - 'overlay'
- - 'calico'
- p1p1:
- slaves:
- - 'sriov_nic01'
- sriov:
- vf_count: 32 # Currently ignored
- trustedmode: false
- p3p2:
- slaves:
- - 'sriov_nic02'
- sriov:
- vf_count: 32 # Currently ignored
- trustedmode: false
- storage:
- physical_devices:
- sdg:
- labels:
- bootdrive: 'true'
- partitions:
- - name: 'root'
- size: '20g'
- filesystem:
- mountpoint: '/'
- fstype: 'ext4'
- mount_options: 'defaults'
- - name: 'boot'
- size: '1g'
- filesystem:
- mountpoint: '/boot'
- fstype: 'ext4'
- mount_options: 'defaults'
- - name: 'var'
- size: '100g'
- filesystem:
- mountpoint: '/var'
- fstype: 'ext4'
- mount_options: 'defaults'
- sdh:
- partitions:
- - name: 'ceph'
- size: '300g'
- filesystem:
- mountpoint: '/var/lib/ceph/journal'
- fstype: 'ext4'
- mount_options: 'defaults'
- platform:
- image: 'xenial'
- kernel: 'hwe-16.04'
- kernel_params:
- console: 'ttyS1,115200n8'
- intel_iommu: 'on'
- iommu: 'pt'
- amd_iommu: 'on'
- transparent_hugepage: 'never'
- hugepagesz: 'hardwareprofile:hugepages.dpdk.size'
- hugepages: 'hardwareprofile:hugepages.dpdk.count'
- default_hugepagesz: 'hardwareprofile:hugepages.dpdk.size'
- isolcpus: 'hardwareprofile:cpuset.kvm'
- metadata:
- owner_data:
- control-plane: enabled
- ucp-control-plane: enabled
- openstack-control-plane: enabled
- openstack-heat: enabled
- openstack-keystone: enabled
- openstack-rabbitmq: enabled
- openstack-dns-helper: enabled
- openstack-mariadb: enabled
- openstack-nova-control: enabled
- openstack-etcd: enabled
- openstack-mistral: enabled
- openstack-memcached: enabled
- openstack-glance: enabled
- openstack-horizon: enabled
- openstack-cinder-control: enabled
- openstack-cinder-volume: control
- openstack-neutron: enabled
- openstack-libvirt: kernel
- openvswitch: enabled
- openstack-nova-compute: enabled
- ucp-barbican: enabled
- ceph-bootstrap: enabled
- ceph-mon: enabled
- ceph-mgr: enabled
- ceph-osd: enabled
- ceph-mds: enabled
- ceph-rgw: enabled
- ucp-maas: enabled
- kube-dns: enabled
- kubernetes-apiserver: enabled
- kubernetes-controller-manager: enabled
- kubernetes-etcd: enabled
- kubernetes-scheduler: enabled
- tiller-helm: enabled
- kube-etcd: enabled
- calico-policy: enabled
- calico-node: enabled
- calico-etcd: enabled
- ucp-armada: enabled
- ucp-drydock: enabled
- ucp-deckhand: enabled
- ucp-shipyard: enabled
- IAM: enabled
- ucp-promenade: enabled
- prometheus-server: enabled
- prometheus-client: enabled
- fluentd: enabled
- influxdb: enabled
- kibana: enabled
- elasticsearch-client: enabled
- elasticsearch-master: enabled
- elasticsearch-data: enabled
- postgresql: enabled
- kube-ingress: enabled
- sriov: enabled
- beta.kubernetes.io/fluentd-ds-ready: 'true'
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: 'drydock/Region/v1'
-metadata:
- schema: 'metadata/Document/v1'
- name: dellgen10
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
- substitutions:
- - dest:
- path: .authorized_keys[0]
- src:
- schema: deckhand/PublicKey/v1
- name: localadmin_ssh_public_key
- path: .
-data:
- tag_definitions: []
- authorized_keys: []
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-# self-signed certifacte generated based on
-# https://libvirt.org/remote.html#Remote_certificates
-metadata:
- layeringDefinition:
- abstract: false
- layer: site
- name: ingress-crt
- schema: metadata/Document/v1
- storagePolicy: cleartext
-schema: deckhand/Certificate/v1
-data: |
- -----BEGIN CERTIFICATE-----
- MIIFKzCCA5OgAwIBAgIMW2h6FCcFdKeaw3vnMA0GCSqGSIb3DQEBCwUAMBIxEDAO
- BgNVBAMTB0FpcnNoaXAwHhcNMTgwODA2MTY0MDUyWhcNMTkwODA2MTY0MDUyWjBJ
- MTUwMwYDVQQDEyxpbmdyZXNzLmFpcnNoaXAtc2Vhd29ydGh5LmF0bGFudGFmb3Vu
- ZHJ5LmNvbTEQMA4GA1UEChMHQWlyc2hpcDCCAaIwDQYJKoZIhvcNAQEBBQADggGP
- ADCCAYoCggGBALvNHm/G/ylh6aPcvrhOcb4qz1BjcNtnxH8bzZng/rMeX3W2AzjC
- r2JloJcDvOLBp/TkLOZPImnFW2/GCwktxPgXZuBTPzFV50g77KsPFw0fn3Si7+bs
- F22tLhdOGk6MQj/WW4pKGHqdw1/VbPwOHBT+I4/scR1L2SZxYtSFIKGenHJH+PMV
- bCdwnNOR80F8KRzK5iZs/r6S/QqVheieARSWWnk2+TtkM1BloGOhLSd+ZkWh9VO1
- eOnZowkaDAJwD/G6zoSr5n+beaXzDnEcoVXFSwd4FLoV+om77o92XmZ4rVw0vTMO
- k6jVwmkdT+dM2K2hLUG/TXWoV2/Qms70gzDOs85RtAkTPe4Ohtdpr51Q0hd35TKG
- YLKzX/OPblD68iYJYSBvMPpAVTbFYVPW1AQx8wWfannYbMoeL8XTEOKfkqm90YP9
- EhIdtmw4D7GZxlzG5FXXutmT9sqLfqlRu/RynAhBP8NQvw74WumhOe8r7GhCwgzC
- gaPLGjeekoS6LQIDAQABo4IBSDCCAUQwDAYDVR0TAQH/BAIwADCBzQYDVR0RBIHF
- MIHCgixpbmdyZXNzLmFpcnNoaXAtc2Vhd29ydGh5LmF0bGFudGFmb3VuZHJ5LmNv
- bYIta2V5c3RvbmUuYWlyc2hpcC1zZWF3b3J0aHkuYXRsYW50YWZvdW5kcnkuY29t
- gilub3ZhLmFpcnNoaXAtc2Vhd29ydGh5LmF0bGFudGFmb3VuZHJ5LmNvbYIsaG9y
- aXpvbi5haXJzaGlwLXNlYXdvcnRoeS5hdGxhbnRhZm91bmRyeS5jb22HBAoXFQuH
- BAoXFgswEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0PAQH/BAUDAwegADAdBgNV
- HQ4EFgQUfTAjNgn/1U1Uh1MJDYT2m4dzhsYwHwYDVR0jBBgwFoAUJFuXPZo6RzfE
- BlJjnnk5jhcP4wIwDQYJKoZIhvcNAQELBQADggGBAE2ISWmrxqrledJI3aLaS9Yw
- WsZc8O8CnIyLoxrE85vUubFjuI9ixC/6dJxl2iB1n0H8JgmFREox32Q4+kDJI8V/
- X9x0PFpRzL7QEPrLZhW94Yis3sOphLW0rf0t06ZepdHHeodYJu1pVMDmLq6bKXdX
- vo+/WwKnZBXC1qPbXJByv/CN9MtViXOnBGORFRTJPb6U8379LNWclJ/LW12yTwNk
- JGIbZU61Vxu+2nLIabmmRoODH2jomgMOMMzLgjT3Hvw3whe8GrUoxDiPYQVTDGNm
- ly6m+5B1Nx06fkZazonozeaOhSQ7RblUSbo+w8TJmLRzD9ft7p4vpjBGxRADMcuF
- DOjATgdZeisBUHTGEO0P6wJOBQuCFMX9AVl+u8ZpcuRaRaN+pBE6/BqcHBB6qV/N
- w2DdNtP8BrJ3kJVNEDIo5oTbH5SToxgA4hWBV42M1rB+5vIMDKN3rwVDdNKWYhYc
- VZpU3V9V6JzSW1O2w4Wu9PdbWJD9oSvC0qJgnjOXzg==
- -----END CERTIFICATE-----
-...
----
-metadata:
- layeringDefinition:
- abstract: false
- layer: site
- name: ingress-ca
- schema: metadata/Document/v1
- storagePolicy: cleartext
-schema: deckhand/CertificateAuthority/v1
-data: |
- -----BEGIN CERTIFICATE-----
- MIID7TCCAlWgAwIBAgIMW2h3tgSwie0Ypx8eMA0GCSqGSIb3DQEBCwUAMBIxEDAO
- BgNVBAMTB0FpcnNoaXAwHhcNMTgwODA2MTYzMDQ2WhcNMTkwODA2MTYzMDQ2WjAS
- MRAwDgYDVQQDEwdBaXJzaGlwMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKC
- AYEAny0Nqu9U2tXdCCTNzD2T62htMmBLg3CmzWajfbfFl7ALqzo3HgbbY3PxTHDE
- OJ/lwdm0HkEaGfEDXhJd06WZsa8+fKGqhKXvZXwXx5mJ8LCGxz6xiaxwo9lnKe6V
- o3YX7bJ5YIVxQ2jhvZo+dY8Z/buloi2Tp2HbqTejKULH9+qdiQTDXAnyR0NLqzJ0
- YQ4v4yU3zix3nBi8z29lQekGO9quNEka3nw2n0Gxmq5z1bNALGCF5F759mVkB0uT
- fPGF+zm9eqlqAgduYg7R+JYUumVHvIoRY454GtAdZHTJHJZP0gQSGJsLff8ROFpI
- GVYsOZhJXU9Ihc5VBC5PMErbmCn0YkuxAWNOYBstZ8l+uY6YiPoFV5Ulc/8M0If+
- T6jbqzWoFC+4ysgY95RKOw53S4o/T6AFwiIKIw0xp3UfHCf6kr5Y0+XdDn5CXpJB
- d1KK3PoUWzPSsxcUMXvgKWT4x1vsCId21dn1SmVSOEBhM08VZfjd5bvL9Xjt/E0j
- mUqDAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcEADAd
- BgNVHQ4EFgQUJFuXPZo6RzfEBlJjnnk5jhcP4wIwDQYJKoZIhvcNAQELBQADggGB
- AJaoEtnDoWUUs4nSSqIGcoCfpIO0oqVp8DvkBOcxz5Rz8vMVJSC24/UnuCD2Wknx
- 2V/E3edXIeRo7duhPtNCT7c8OKY/pJsZQTgOczn4rphoD1pmAIPZmpG6ssPadPiM
- EP8xWJHZt8NXG7D5kJX2COvBvgNeWXL6MF7Tv8+t5xzt59Vitdb/7lm9Z6jjpvN+
- zoG0pKx3XYESsnLAVAf00F+kWwds/3x3gQywUAQUDER0jliYUE5id+sojp357Cl9
- XtY+8zSnTduuP8CfMhwv5p6j9xbqacfT7AzpQ6cy4xcQ7MA6JBQcxbaq4NtvIf6+
- d/5N9d8LGnfXdCd9iwNy9Qk23Ea0SNhnk9F/NqGBPakU4TbHh4iTYMC/+hDGInpO
- TIRelTidNBFNaIBg3Z0vsh0lDwbt/xhpXip+ZVBqKMTtktEceiVGru9cYUQA2tKI
- XNoc5s0uQGMpdFzgED4lXZf+n7yGVMKohvi7Yn96HqujGIrVH6qThsI6m7pUSz40
- +g==
- -----END CERTIFICATE-----
-...
----
-metadata:
- layeringDefinition:
- abstract: false
- layer: site
- name: ingress-key
- schema: metadata/Document/v1
- storagePolicy: cleartext
-schema: deckhand/CertificateKey/v1
-data: |
- -----BEGIN RSA PRIVATE KEY-----
- MIIG4wIBAAKCAYEAu80eb8b/KWHpo9y+uE5xvirPUGNw22fEfxvNmeD+sx5fdbYD
- OMKvYmWglwO84sGn9OQs5k8iacVbb8YLCS3E+Bdm4FM/MVXnSDvsqw8XDR+fdKLv
- 5uwXba0uF04aToxCP9ZbikoYep3DX9Vs/A4cFP4jj+xxHUvZJnFi1IUgoZ6cckf4
- 8xVsJ3Cc05HzQXwpHMrmJmz+vpL9CpWF6J4BFJZaeTb5O2QzUGWgY6EtJ35mRaH1
- U7V46dmjCRoMAnAP8brOhKvmf5t5pfMOcRyhVcVLB3gUuhX6ibvuj3ZeZnitXDS9
- Mw6TqNXCaR1P50zYraEtQb9NdahXb9CazvSDMM6zzlG0CRM97g6G12mvnVDSF3fl
- MoZgsrNf849uUPryJglhIG8w+kBVNsVhU9bUBDHzBZ9qedhsyh4vxdMQ4p+Sqb3R
- g/0SEh22bDgPsZnGXMbkVde62ZP2yot+qVG79HKcCEE/w1C/Dvha6aE57yvsaELC
- DMKBo8saN56ShLotAgMBAAECggGAYzZDhA1+sx/0zApL/xYB5NK83t0Ju/8fwX6w
- qUBBjeLXz1mubgf7m2HQ6ragzLI9xpPcXHcl2PbYDT50ig7R5baHNK8FzUxyeKif
- qOa56Mbx+C4zyqyi2+AHX2x1XVWfkhXuGip2sCA0HKalgqr5juWLZ/ci8rUlLLft
- 3BPQX1FpmL4I+HIyxsspLmQGPGwZVAqkd1xRX+BLKZJAQdlm/LdJaIvwMr4Glcx6
- ZOe68QhHgzXCYsyV6gR9qstF2OvVuLa2mUc7EzYInFIFhXUdAAwmDqkuuLRdRQhf
- Ur8nqQW33T0cG0GBUzgBI5YmSPJvTSzcPmeSyNVx2/Yb0pkuXtCw67oDcAsN4nW8
- uls49E2RaiLJYsy5vPsX5aJNcAxw/CWLdadQ3ukviD/MDJbpTl4F52GOVYL6K4XH
- g5TJjj7xzjmK3ldR/Kscg7HpCitQLGUYdgIsAFdspXf4aSIa68IjDrc5NsJZuMzc
- PbVHrw7QYNfHY7VNdUlOVqH5lS3BAoHBANRqKrQXtnJmM006TCEJXdcN/5M685jz
- +L4Ox0Rhrq8ROgcN5q/hjKb6kP/MccQ9voGQOl9TKEyinGNdTtyc/fuH7RNlQwpS
- HT+vEzVEcrSe8UFs8c6oJnHFO72ylFcibFf56LvbI3L8BZXp7gPSPQkp5f1NWEZk
- X5bUL4UNiOm0diltba/ofxywF0M9WGD00eqi0Q29JRlvun+355j06CENxRoonNZC
- wk1evIxhhckP9zLjI2Ykb1hV6yzwPWtmyQKBwQDiVgru/B396KhzDhLl5AL+pBWA
- GsfiCbmPLh6W6V5VzldB4+GlMRrJ4zSjZQ3/nvX5KepqjMn1N6LQpZQUI/YShCKE
- mW0XMiAfbp2d23MRMjLD8L/bIoBHQOPkCaMjbmyDOlCagWakEvHJO/TieVgTmYk6
- mtEYVjJFWI9OCNMAHdl8ovWr3p+8YbVZ8LLv5ZO/V1cIjczoNQ6p8LG/pPMTDLXM
- ScN9a8z3f8LQLBHBlu0155xvt95PQLAon/x21kUCgcAvPVk36hoiQQZhw3hQ1JNx
- E2TmanLobkHAiurYE11VA+DC1t2Z+fBc5la+/MnEWfL3P4srzgOlX3imRIcYWzXE
- 7crUyG1ray2kDxyXeRyFfN+srDzut8is/q81lfSVmEs+GY8f0DGHDfN0Dq1nXidC
- 1XWXqs7aANKdaZ0T2xm61+57ciG1wGAckjDqPEdecLQKmaEijBEnIgj5BH5WLwk8
- 6KIQGj4fDIPHzyzhj4LAX3ObdpZVzf6RR7JgsSEHtLkCgcBROW2dDC87MqZY++D+
- TVBhz8LDgVjgHntQDc3+fGtVQcKAq+YLYU7qyrXWOWrHpGVDcK5mZHYJoVi1peY5
- QBqL1I2KpoDGxT9P6GN6BgoKTsh3FsvTOVNtvrTJ3keEbJlWkrPgbrXGBeJtRC4C
- pGdeSUg9FtgY8r4BsuFisLoAHbYyC008y5zpfusVBtNAUlQuY4qhUDoLzxafF/jB
- /NEasgH/+SzFss0QuPHRwS7yGVaxdJfoY8TNDjrpqVhx0T0CgcEAvKG4UoWvT8gJ
- pIeeAxxnv9yrMxgpntu4RXPDHgfX5tva6EaM3r3nLXjd9FVtlQ4cNBMhp9HNhS3a
- dK+oEDcBysVxxfltlS2Bx0+gQf3WxgBCJwayKe3i/XCDza92EENgxTPmqB1LHiq5
- 2b5aOl2Y5fP0eX6UryxRc443c/ejMHw4lGwnno0qpRk9M9Ucqv5J96QCfAlBSQQS
- gOG9cypL0kBWzCejn9W4av8HkM8Noqd7Tqul1onv/46OBaX51kt3
- -----END RSA PRIVATE KEY-----
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: ceph_fsid
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 3e2a3755-863a-423b-bf19-e8b5bf7f3d95
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_infra_addons_jenkins_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 0ca991324505e13f7a77
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_keystone_ldap_mechid_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 5aacc198d8a1edeff4a8
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_oslo_cache_secret_key
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 083d87906595da201c0b
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: deckhand/PublicKey/v1
-metadata:
- schema: metadata/Document/v1
- name: localadmin_ssh_public_key
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC/n4mNLAj3XKG2fcm+8eVe0NUlNH0g8DA8KJ53rSLKccm8gm4UgLmGOJyBfUloQZMuOpU6a+hexN4ECCliqI7+KUmgJgsvLkJ3OUMNTEVu9tDX5mdXeffsufaqFkAdmbJ/9PMPiPQ3/UqbbtyEcqoZAwUWf4ggAWSp00SGE1Okg+skPSbDzPVHb4810eXZT1yoIg29HAenJNNrsVxvnMT2kw2OYmLfxgEUh1Ev4c5LnUog4GXBDHQtHAwaIoTu9s/q8VIvGav62RJVFn3U1D0jkiwDLSIFn8ezORQ4YkSidwdSrtqsqa2TJ0E5w/n5h5IVGO9neY8YlXrgynLd4Y+7 root@pocnjrsv132
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: pegleg/SiteDefinition/v1
-metadata:
- schema: metadata/Document/v1
- layeringDefinition:
- abstract: false
- layer: site
- name: dellgen10
- storagePolicy: cleartext
-data:
- revision: v4.0
- site_type: foundry
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: armada/Chart/v1
-metadata:
- schema: metadata/Document/v1
- replacement: true
- name: kubernetes-calico
- layeringDefinition:
- abstract: false
- layer: site
- parentSelector:
- name: kubernetes-calico-global
- actions:
- - method: merge
- path: .
- storagePolicy: cleartext
-data:
- values:
- networking:
- settings:
- mesh: "off"
- ippool:
- ipip:
- enabled: "false"
- mode: "cross-subnet"
- bgp:
- asnumber: 65531
- ipv4:
- additional_cidrs:
- - 172.29.1.128/29
- peers:
- - apiVersion: v1
- kind: bgpPeer
- metadata:
- peerIP: 172.29.1.1
- scope: global
- spec:
- asnumber: 65001
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: armada/Chart/v1
-metadata:
- schema: metadata/Document/v1
- name: kubernetes-calico-etcd
- layeringDefinition:
- abstract: false
- layer: site
- parentSelector:
- name: kubernetes-calico-etcd-global
- actions:
- - method: merge
- path: .
- storagePolicy: cleartext
- substitutions:
-
- # Chart source
- - src:
- schema: pegleg/SoftwareVersions/v1
- name: software-versions
- path: .charts.kubernetes.calico.etcd
- dest:
- path: .source
-
- # Image versions
- - src:
- schema: pegleg/SoftwareVersions/v1
- name: software-versions
- path: .images.calico.etcd
- dest:
- path: .values.images.tags
-
- # IP addresses
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .calico.etcd.service_ip
- dest:
- path: .values.service.ip
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .calico.etcd.service_ip
- dest:
- path: .values.anchor.etcdctl_endpoint
-
- # CAs
- - src:
- schema: deckhand/CertificateAuthority/v1
- name: calico-etcd
- path: .
- dest:
- path: .values.secrets.tls.client.ca
- - src:
- schema: deckhand/CertificateAuthority/v1
- name: calico-etcd-peer
- path: .
- dest:
- path: .values.secrets.tls.peer.ca
-
- # Anchor client cert
- - src:
- schema: deckhand/Certificate/v1
- name: calico-etcd-anchor
- path: .
- dest:
- path: .values.secrets.anchor.tls.cert
- - src:
- schema: deckhand/CertificateKey/v1
- name: calico-etcd-anchor
- path: .
- dest:
- path: .values.secrets.anchor.tls.key
-
- # Node names
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .masters[0].hostname
- dest:
- path: .values.nodes[0].name
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .masters[1].hostname
- dest:
- path: .values.nodes[1].name
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .genesis.hostname
- dest:
- path: .values.nodes[2].name
-
- # Server certs
- - src:
- schema: deckhand/Certificate/v1
- name: calico-etcd-aknode41
- path: .
- dest:
- path: .values.nodes[0].tls.client.cert
- - src:
- schema: deckhand/CertificateKey/v1
- name: calico-etcd-aknode41
- path: .
- dest:
- path: .values.nodes[0].tls.client.key
- - src:
- schema: deckhand/Certificate/v1
- name: calico-etcd-aknode41-peer
- path: .
- dest:
- path: .values.nodes[0].tls.peer.cert
- - src:
- schema: deckhand/CertificateKey/v1
- name: calico-etcd-aknode41-peer
- path: .
- dest:
- path: .values.nodes[0].tls.peer.key
- - src:
- schema: deckhand/Certificate/v1
- name: calico-etcd-aknode42
- path: .
- dest:
- path: .values.nodes[1].tls.client.cert
- - src:
- schema: deckhand/CertificateKey/v1
- name: calico-etcd-aknode42
- path: .
- dest:
- path: .values.nodes[1].tls.client.key
- - src:
- schema: deckhand/Certificate/v1
- name: calico-etcd-aknode42-peer
- path: .
- dest:
- path: .values.nodes[1].tls.peer.cert
- - src:
- schema: deckhand/CertificateKey/v1
- name: calico-etcd-aknode42-peer
- path: .
- dest:
- path: .values.nodes[1].tls.peer.key
-
- # NOTE(mb874d): Be sure we generate these certs for genesis.
- - src:
- schema: deckhand/Certificate/v1
- name: calico-etcd-aknode40
- path: .
- dest:
- path: .values.nodes[2].tls.client.cert
- - src:
- schema: deckhand/CertificateKey/v1
- name: calico-etcd-aknode40
- path: .
- dest:
- path: .values.nodes[2].tls.client.key
- - src:
- schema: deckhand/Certificate/v1
- name: calico-etcd-aknode40-peer
- path: .
- dest:
- path: .values.nodes[2].tls.peer.cert
- - src:
- schema: deckhand/CertificateKey/v1
- name: calico-etcd-aknode40-peer
- path: .
- dest:
- path: .values.nodes[2].tls.peer.key
-
-data:
- values:
- manifests:
- test_etcd_health: false
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: armada/Chart/v1
-metadata:
- schema: metadata/Document/v1
- name: coredns
- replacement: true
- layeringDefinition:
- abstract: false
- layer: site
- parentSelector:
- name: coredns-global
- actions:
- - method: replace
- path: .values.conf.coredns.corefile
- - method: merge
- path: .
- storagePolicy: cleartext
- substitutions:
- # Zones
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .dns.cluster_domain
- dest:
- path: .values.conf.coredns.corefile
- pattern: '(CLUSTER_DOMAIN)'
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .kubernetes.service_cidr
- dest:
- path: .values.conf.coredns.corefile
- pattern: '(SERVICE_CIDR)'
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .kubernetes.pod_cidr
- dest:
- path: .values.conf.coredns.corefile
- pattern: '(POD_CIDR)'
-
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .dns.upstream_servers[0]
- dest:
- path: .values.conf.coredns.corefile
- pattern: '(UPSTREAM1)'
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .dns.upstream_servers[1]
- dest:
- path: .values.conf.coredns.corefile
- pattern: '(UPSTREAM2)'
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .dns.upstream_servers[2]
- dest:
- path: .values.conf.coredns.corefile
- pattern: '(UPSTREAM3)'
-data:
- values:
- conf:
- coredns:
- # TODO(alanmeadows) this needs to be adjusted to use substition
- corefile: |
- .:53 {
- errors
- health
- autopath @kubernetes
- kubernetes CLUSTER_DOMAIN SERVICE_CIDR POD_CIDR {
- pods insecure
- fallthrough in-addr.arpa ip6.arpa
- upstream UPSTREAM1
- upstream UPSTREAM2
- upstream UPSTREAM3
- }
- prometheus :9153
- proxy . UPSTREAM1
- proxy . UPSTREAM2
- proxy . UPSTREAM3
- cache 30
- }
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: armada/Chart/v1
-metadata:
- schema: metadata/Document/v1
- name: kubernetes-etcd
- layeringDefinition:
- abstract: false
- layer: site
- parentSelector:
- name: kubernetes-etcd-global
- actions:
- - method: merge
- path: .
- storagePolicy: cleartext
- substitutions:
-
- # Chart source
- - src:
- schema: pegleg/SoftwareVersions/v1
- name: software-versions
- path: .charts.kubernetes.etcd
- dest:
- path: .source
-
- # Images
- - src:
- schema: pegleg/SoftwareVersions/v1
- name: software-versions
- path: .images.kubernetes.etcd
- dest:
- path: .values.images.tags
-
- # IP addresses
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .kubernetes.etcd_service_ip
- dest:
- path: .values.service.ip
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .kubernetes.etcd_service_ip
- dest:
- path: .values.anchor.etcdctl_endpoint
-
- # CAs
- - src:
- schema: deckhand/CertificateAuthority/v1
- name: kubernetes-etcd
- path: .
- dest:
- path: .values.secrets.tls.client.ca
- - src:
- schema: deckhand/CertificateAuthority/v1
- name: kubernetes-etcd-peer
- path: .
- dest:
- path: .values.secrets.tls.peer.ca
-
- - src:
- schema: deckhand/Certificate/v1
- name: kubernetes-etcd-anchor
- path: .
- dest:
- path: .values.secrets.anchor.tls.cert
- - src:
- schema: deckhand/CertificateKey/v1
- name: kubernetes-etcd-anchor
- path: .
- dest:
- path: .values.secrets.anchor.tls.key
-
- # Node names
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .masters[0].hostname
- dest:
- path: .values.nodes[0].name
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .masters[1].hostname
- dest:
- path: .values.nodes[1].name
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .genesis.hostname
- dest:
- path: .values.nodes[2].name
-
- # Server certs
- - src:
- schema: deckhand/Certificate/v1
- name: kubernetes-etcd-aknode41
- path: .
- dest:
- path: .values.nodes[0].tls.client.cert
- - src:
- schema: deckhand/CertificateKey/v1
- name: kubernetes-etcd-aknode41
- path: .
- dest:
- path: .values.nodes[0].tls.client.key
- - src:
- schema: deckhand/Certificate/v1
- name: kubernetes-etcd-aknode41-peer
- path: .
- dest:
- path: .values.nodes[0].tls.peer.cert
- - src:
- schema: deckhand/CertificateKey/v1
- name: kubernetes-etcd-aknode41-peer
- path: .
- dest:
- path: .values.nodes[0].tls.peer.key
- - src:
- schema: deckhand/Certificate/v1
- name: kubernetes-etcd-aknode42
- path: .
- dest:
- path: .values.nodes[1].tls.client.cert
- - src:
- schema: deckhand/CertificateKey/v1
- name: kubernetes-etcd-aknode42
- path: .
- dest:
- path: .values.nodes[1].tls.client.key
- - src:
- schema: deckhand/Certificate/v1
- name: kubernetes-etcd-aknode42-peer
- path: .
- dest:
- path: .values.nodes[1].tls.peer.cert
- - src:
- schema: deckhand/CertificateKey/v1
- name: kubernetes-etcd-aknode42-peer
- path: .
- dest:
- path: .values.nodes[1].tls.peer.key
-
- # Genesis node
- - src:
- schema: deckhand/Certificate/v1
- name: kubernetes-etcd-genesis
- path: .
- dest:
- path: .values.nodes[2].tls.client.cert
- - src:
- schema: deckhand/CertificateKey/v1
- name: kubernetes-etcd-genesis
- path: .
- dest:
- path: .values.nodes[2].tls.client.key
- - src:
- schema: deckhand/Certificate/v1
- name: kubernetes-etcd-genesis-peer
- path: .
- dest:
- path: .values.nodes[2].tls.peer.cert
- - src:
- schema: deckhand/CertificateKey/v1
- name: kubernetes-etcd-genesis-peer
- path: $
- dest:
- path: .values.nodes[2].tls.peer.key
-
-data: {}
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: armada/Chart/v1
-metadata:
- schema: metadata/Document/v1
- name: ingress-kube-system
- layeringDefinition:
- abstract: false
- layer: site
- parentSelector:
- ingress: kube-system
- actions:
- - method: merge
- path: .
- storagePolicy: cleartext
-data: {}
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: armada/Chart/v1
-metadata:
- schema: metadata/Document/v1
- name: elasticsearch
- layeringDefinition:
- abstract: false
- layer: site
- parentSelector:
- hosttype: elasticsearch-global
- actions:
- - method: merge
- path: .
- storagePolicy: cleartext
-data: {}
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: armada/Chart/v1
-metadata:
- schema: metadata/Document/v1
- name: fluent-logging
- layeringDefinition:
- abstract: false
- layer: site
- parentSelector:
- hosttype: fluent-logging-global
- actions:
- - method: merge
- path: .
- storagePolicy: cleartext
-data: {}
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: armada/Chart/v1
-metadata:
- schema: metadata/Document/v1
- name: neutron
- replacement: true
- labels:
- component: neutron
- layeringDefinition:
- abstract: false
- layer: site
- parentSelector:
- name: neutron-global
- actions:
- - method: merge
- path: .
- storagePolicy: cleartext
-data:
- values:
- labels:
- agent:
- sriov:
- node_selector_key: sriov
- node_selector_value: enabled
- network:
- backend:
- - openvswitch
- - sriov
- interface:
- sriov:
- - device: enp135s0f0
- num_vfs: 32
- promisc: false
- - device: enp135s0f1
- num_vfs: 32
- promisc: false
- conf:
- plugins:
- openvswitch_agent:
- ovs:
- bridge_mappings: bond0:br-bond0
- sriov_agent:
- securitygroup:
- firewall_driver: neutron.agent.firewall.NoopFirewallDriver
- sriov_nic:
- exclude_devices: null
- physical_device_mappings: 'sriovnet1:enp135s0f0,sriovnet2:enp135s0f1'
- ml2_conf:
- ml2:
- mechanism_drivers: l2population,openvswitch,sriovnicswitch
- ml2_type_vlan:
- network_vlan_ranges: bond0:46:300,sriovnet1:2001:3000,sriovnet2:2001:3000
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: armada/Chart/v1
-metadata:
- schema: metadata/Document/v1
- name: nova
- labels:
- component: nova
- layeringDefinition:
- abstract: false
- layer: site
- parentSelector:
- name: nova-global
- actions:
- - method: merge
- path: .
- storagePolicy: cleartext
-data:
- values:
- network:
- backend:
- - openvswitch
- - sriov
- conf:
- nova:
- filter_scheduler:
- enabled_filters: "RetryFilter, AvailabilityZoneFilter, RamFilter, ComputeFilter, ComputeCapabilitiesFilter, ImagePropertiesFilter, ServerGroupAntiAffinityFilter, ServerGroupAffinityFilter, PciPassthroughFilter, NUMATopologyFilter, DifferentHostFilter, SameHostFilter"
- libvirt:
- virt_type: kvm
- DEFAULT:
- vcpu_pin_set: "4-21,26-43,48-65,72-87"
- vif_plugging_is_fatal: False
- vif_plugging_timeout: 30
- pci:
- alias: '{ "vendor_id":"10de", "product_id":"1db4", "name":"V100", "device_type":"type-PCI" }'
- passthrough_whitelist: '{"vendor_id": "10de", "product_id": "1db4"}'
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: armada/Chart/v1
-metadata:
- schema: metadata/Document/v1
- name: ucp-ceph-client-update
- layeringDefinition:
- abstract: false
- layer: site
- parentSelector:
- name: ucp-ceph-client-update-global
- actions:
- - method: merge
- path: .
- storagePolicy: cleartext
-data:
- values:
- conf:
- pool:
- target:
- osd: 18
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: armada/Chart/v1
-metadata:
- schema: metadata/Document/v1
- name: ucp-ceph-client
- layeringDefinition:
- abstract: false
- layer: site
- parentSelector:
- name: ucp-ceph-client-global
- actions:
- - method: merge
- path: .
- storagePolicy: cleartext
-data:
- values:
- conf:
- pool:
- target:
- osd: 6
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: armada/Chart/v1
-metadata:
- schema: metadata/Document/v1
- name: ucp-ceph-osd
- layeringDefinition:
- abstract: false
- layer: site
- parentSelector:
- name: ucp-ceph-osd-global
- actions:
- - method: replace
- path: .values.conf.storage.osd
- - method: merge
- path: .
- storagePolicy: cleartext
-data:
- values:
- conf:
- storage:
- osd:
- - data:
- type: block-logical
- location: /dev/sda
- journal:
- type: directory
- location: /var/lib/ceph/journal/journal-sda
- - data:
- type: block-logical
- location: /dev/sdb
- journal:
- type: directory
- location: /var/lib/ceph/journal/journal-sdb
- - data:
- type: block-logical
- location: /dev/sdc
- journal:
- type: directory
- location: /var/lib/ceph/journal/journal-sdc
- - data:
- type: block-logical
- location: /dev/sdd
- journal:
- type: directory
- location: /var/lib/ceph/journal/journal-sdd
- - data:
- type: block-logical
- location: /dev/sde
- journal:
- type: directory
- location: /var/lib/ceph/journal/journal-sde
- - data:
- type: block-logical
- location: /dev/sdf
- journal:
- type: directory
- location: /var/lib/ceph/journal/journal-sdf
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: armada/Chart/v1
-metadata:
- schema: metadata/Document/v1
- name: ucp-divingbell
- layeringDefinition:
- abstract: false
- layer: site
- parentSelector:
- name: ucp-divingbell-global
- actions:
- - method: merge
- path: .
- storagePolicy: cleartext
- substitutions:
- - dest:
- path: .values.conf.uamlite.users[0].user_sshkeys[0]
- src:
- schema: deckhand/PublicKey/v1
- name: localadmin_ssh_public_key
- path: .
-
-data:
- values:
- conf:
- uamlite:
- users:
- - user_name: localadmin
- user_sudo: true
- user_sshkeys: []
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: armada/Chart/v1
-metadata:
- schema: metadata/Document/v1
- name: ucp-maas
- layeringDefinition:
- abstract: false
- layer: site
- parentSelector:
- name: ucp-maas-global
- actions:
- - method: replace
- path: .values.conf.maas.proxy
- - method: merge
- path: .
- storagePolicy: cleartext
-data:
- values:
- conf:
- maas:
- ntp:
- disable_ntpd_region: true
- disable_ntpd_rack: true
- images:
- default_os: 'ubuntu'
- default_image: 'xenial'
- default_kernel: 'hwe-16.04'
- proxy:
- proxy_enabled: 'false'
- peer_proxy_enabled: false
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: armada/Chart/v1
-metadata:
- schema: metadata/Document/v1
- name: ucp-promenade
- layeringDefinition:
- abstract: false
- layer: site
- parentSelector:
- name: ucp-promenade-global
- actions:
- - method: merge
- path: .
- storagePolicy: cleartext
-data:
- values:
- pod:
- env:
- promenade_api:
- - name: no_proxy
- value: localhost,127.0.0.1,192.168.0.0/16,172.0.0.0/8,10.0.0.0/8
- - name: NO_PROXY
- value: localhost,127.0.0.1,192.168.0.0/16,172.0.0.0/8,10.0.0.0/8
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: pegleg/CommonSoftwareConfig/v1
-metadata:
- schema: metadata/Document/v1
- name: common-software-config
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data:
- osh:
- region_name: RegionOne
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: pegleg/EndpointCatalogue/v1
-metadata:
- schema: metadata/Document/v1
- name: ucp_endpoints
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
- # substitutions:
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .ucp.identity.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .ucp.shipyard.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .ceph.object_store.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .ceph.ceph_object_store.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .ceph.object_store.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .ceph.object_store.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .ceph.object_store.host_fqdn_override.public.tls.key
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .ceph.ceph_object_store.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .ceph.ceph_object_store.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .ceph.ceph_object_store.host_fqdn_override.public.tls.key
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .ucp.identity.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .ucp.identity.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .ucp.identity.host_fqdn_override.public.tls.key
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .ucp.shipyard.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .ucp.shipyard.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .ucp.shipyard.host_fqdn_override.public.tls.key
-data:
- ucp:
- identity:
- namespace: ucp
- name: keystone
- hosts:
- default: keystone-api
- public: keystone
- host_fqdn_override:
- default: null
- # public:
- # host: iam.DOMAIN
- path:
- default: /v3
- scheme:
- default: http
- # public: https
- port:
- admin:
- default: 35357
- api:
- default: 80
- public: 80
- armada:
- name: armada
- hosts:
- default: armada-api
- public: armada
- port:
- api:
- default: 8000
- path:
- default: /api/v1.0
- scheme:
- default: http
- host_fqdn_override:
- default: null
- deckhand:
- name: deckhand
- hosts:
- default: deckhand-int
- public: deckhand-api
- port:
- api:
- default: 9000
- path:
- default: /api/v1.0
- scheme:
- default: http
- host_fqdn_override:
- default: null
- postgresql:
- name: postgresql
- hosts:
- default: postgresql
- path: /DB_NAME
- scheme: postgresql+psycopg2
- port:
- postgresql:
- default: 5432
- host_fqdn_override:
- default: null
- postgresql_airflow_celery:
- name: postgresql_airflow_celery_db
- hosts:
- default: postgresql
- path: /DB_NAME
- scheme: db+postgresql
- port:
- postgresql:
- default: 5432
- host_fqdn_override:
- default: null
- oslo_db:
- hosts:
- default: mariadb
- discovery: mariadb-discovery
- host_fqdn_override:
- default: null
- path: /DB_NAME
- scheme: mysql+pymysql
- port:
- mysql:
- default: 3306
- wsrep:
- default: 4567
- key_manager:
- name: barbican
- hosts:
- default: barbican-api
- public: barbican
- host_fqdn_override:
- default: null
- path:
- default: /v1
- scheme:
- default: http
- port:
- api:
- default: 9311
- public: 80
- oslo_messaging:
- namespace: null
- hosts:
- default: rabbitmq
- host_fqdn_override:
- default: null
- path: /openstack
- scheme: rabbit
- port:
- amqp:
- default: 5672
- oslo_cache:
- hosts:
- default: memcached
- host_fqdn_override:
- default: null
- port:
- memcache:
- default: 11211
- physicalprovisioner:
- name: drydock
- hosts:
- default: drydock-api
- port:
- api:
- default: 9000
- nodeport: 31900
- path:
- default: /api/v1.0
- scheme:
- default: http
- host_fqdn_override:
- default: null
- maas_region_ui:
- name: maas-region-ui
- hosts:
- default: maas-region-ui
- public: maas
- path:
- default: /MAAS
- scheme:
- default: "http"
- port:
- region_ui:
- default: 80
- public: 80
- host_fqdn_override:
- default: null
- kubernetesprovisioner:
- name: promenade
- hosts:
- default: promenade-api
- port:
- api:
- default: 80
- path:
- default: /api/v1.0
- scheme:
- default: http
- host_fqdn_override:
- default: null
- shipyard:
- name: shipyard
- hosts:
- default: shipyard-int
- public: shipyard-api
- port:
- api:
- default: 9000
- public: 80
- path:
- default: /api/v1.0
- scheme:
- default: http
- # public: https
- host_fqdn_override:
- default: null
- # public:
- # host: shipyard.DOMAIN
- airflow_web:
- name: airflow-web
- hosts:
- default: airflow-web-int
- public: airflow-web
- port:
- airflow_web:
- default: 8080
- path:
- default: /
- scheme:
- default: http
- host_fqdn_override:
- default: null
- airflow_flower:
- name: airflow-flower
- hosts:
- default: airflow-flower
- port:
- airflow_flower:
- default: 5555
- path:
- default: /
- scheme:
- default: http
- host_fqdn_override:
- default: null
- ceph:
- object_store:
- name: swift
- namespace: ceph
- hosts:
- default: ceph-rgw
- public: radosgw
- host_fqdn_override:
- default: null
- # public:
- # host: object-store.DOMAIN
- path:
- default: /swift/v1
- scheme:
- default: http
- # public: "https"
- port:
- api:
- default: 8088
- # public: 443
- ceph_object_store:
- name: radosgw
- namespace: ceph
- hosts:
- default: ceph-rgw
- public: radosgw
- host_fqdn_override:
- default: null
- # public:
- # host: object-store.DOMAIN
- path:
- default: /auth/v1.0
- scheme:
- default: "http"
- # public: "https"
- port:
- api:
- default: 8088
- # public: 443
- ceph_mon:
- namespace: ceph
- hosts:
- default: ceph-mon
- discovery: ceph-mon-discovery
- host_fqdn_override:
- default: null
- port:
- mon:
- default: 6789
- ceph_mgr:
- namespace: ceph
- hosts:
- default: ceph-mgr
- host_fqdn_override:
- default: null
- port:
- mgr:
- default: 7000
- scheme:
- default: http
-...
----
-schema: pegleg/EndpointCatalogue/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_endpoints
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
- # substitutions:
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .osh.object_store.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .osh.ceph_object_store.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .osh.object_store.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .osh.object_store.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .osh.object_store.host_fqdn_override.public.tls.key
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .osh.ceph_object_store.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .osh.ceph_object_store.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .osh.ceph_object_store.host_fqdn_override.public.tls.key
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .osh.image.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .osh.cloudformation.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .osh.orchestration.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .osh.compute.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .osh.compute_novnc_proxy.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .osh.placement.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .osh.network.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .osh.identity.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .osh.dashboard.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .osh.volume.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .osh.volumev2.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .osh.volumev3.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .osh.identity.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .osh.identity.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .osh.identity.host_fqdn_override.public.tls.key
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .osh.orchestration.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .osh.orchestration.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .osh.orchestration.host_fqdn_override.public.tls.key
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .osh.cloudformation.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .osh.cloudformation.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .osh.cloudformation.host_fqdn_override.public.tls.key
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .osh.dashboard.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .osh.dashboard.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .osh.dashboard.host_fqdn_override.public.tls.key
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .osh.image.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .osh.image.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .osh.image.host_fqdn_override.public.tls.key
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .osh.volume.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .osh.volume.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .osh.volume.host_fqdn_override.public.tls.key
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .osh.volumev2.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .osh.volumev2.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .osh.volumev2.host_fqdn_override.public.tls.key
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .osh.volumev3.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .osh.volumev3.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .osh.volumev3.host_fqdn_override.public.tls.key
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .osh.compute.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .osh.compute.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .osh.compute.host_fqdn_override.public.tls.key
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .osh.compute_novnc_proxy.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .osh.compute_novnc_proxy.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .osh.compute_novnc_proxy.host_fqdn_override.public.tls.key
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .osh.placement.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .osh.placement.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .osh.placement.host_fqdn_override.public.tls.key
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .osh.network.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .osh.network.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .osh.network.host_fqdn_override.public.tls.key
-data:
- osh:
- object_store:
- name: swift
- namespace: ceph
- hosts:
- default: ceph-rgw
- public: radosgw
- host_fqdn_override:
- default: null
- # public:
- # host: object-store.DOMAIN
- path:
- default: /swift/v1/KEY_$(tenant_id)s
- scheme:
- default: http
- # public: "https"
- port:
- api:
- default: 8088
- # public: 443
- ceph_object_store:
- name: radosgw
- namespace: ceph
- hosts:
- default: ceph-rgw
- public: radosgw
- host_fqdn_override:
- default: null
- # public:
- # host: object-store.DOMAIN
- path:
- default: /auth/v1.0
- scheme:
- default: "http"
- # public: "https"
- port:
- api:
- default: 8088
- # public: 443
- oslo_db:
- hosts:
- default: mariadb
- discovery: mariadb-discovery
- host_fqdn_override:
- default: null
- path: /DB_NAME
- scheme: mysql+pymysql
- port:
- mysql:
- default: 3306
- wsrep:
- default: 4567
- keystone_oslo_messaging:
- namespace: openstack
- hosts:
- default: keystone-rabbitmq
- host_fqdn_override:
- default: null
- path: /keystone
- scheme: rabbit
- port:
- amqp:
- default: 5672
- http:
- default: 15672
- keystone_rabbitmq_exporter:
- namespace: openstack
- hosts:
- default: keystone-rabbitmq-exporter
- host_fqdn_override:
- default: null
- path:
- default: /metrics
- scheme:
- default: "http"
- port:
- metrics:
- default: 9095
- oslo_cache:
- namespace: openstack
- hosts:
- default: memcached
- host_fqdn_override:
- default: null
- port:
- memcache:
- default: 11211
- identity:
- namespace: openstack
- name: keystone
- hosts:
- default: keystone-api
- public: keystone
- host_fqdn_override:
- default: null
- # public:
- # host: identity.DOMAIN
- path:
- default: /v3
- scheme:
- default: "http"
- # public: "https"
- port:
- admin:
- default: 35357
- api:
- default: 80
- # public: 443
- glance_oslo_messaging:
- namespace: openstack
- hosts:
- default: glance-rabbitmq
- host_fqdn_override:
- default: null
- path: /glance
- scheme: rabbit
- port:
- amqp:
- default: 5672
- http:
- default: 15672
- glance_rabbitmq_exporter:
- namespace: openstack
- hosts:
- default: glance-rabbitmq-exporter
- host_fqdn_override:
- default: null
- path:
- default: /metrics
- scheme:
- default: "http"
- port:
- metrics:
- default: 9095
- image:
- name: glance
- hosts:
- default: glance-api
- public: glance
- host_fqdn_override:
- default: null
- # public:
- # host: image.DOMAIN
- path:
- default: null
- scheme:
- default: "http"
- # public: "https"
- port:
- api:
- default: 9292
- # public: 443
- image_registry:
- name: glance-registry
- hosts:
- default: glance-registry
- public: glance-reg
- host_fqdn_override:
- default: null
- path:
- default: null
- scheme:
- default: "http"
- port:
- api:
- default: 9191
- public: 80
- cinder_oslo_messaging:
- namespace: openstack
- hosts:
- default: cinder-rabbitmq
- host_fqdn_override:
- default: null
- path: /cinder
- scheme: rabbit
- port:
- amqp:
- default: 5672
- http:
- default: 15672
- cinder_rabbitmq_exporter:
- namespace: openstack
- hosts:
- default: cinder-rabbitmq-exporter
- host_fqdn_override:
- default: null
- path:
- default: /metrics
- scheme:
- default: "http"
- port:
- metrics:
- default: 9095
- volume:
- name: cinder
- hosts:
- default: cinder-api
- public: cinder
- host_fqdn_override:
- default: null
- # public:
- # host: volume.DOMAIN
- path:
- default: "/v1/%(tenant_id)s"
- scheme:
- default: "http"
- # public: "https"
- port:
- api:
- default: 8776
- # public: 443
- volumev2:
- name: cinderv2
- hosts:
- default: cinder-api
- public: cinder
- host_fqdn_override:
- default: null
- # public:
- # host: volume.DOMAIN
- path:
- default: "/v2/%(tenant_id)s"
- scheme:
- default: "http"
- # public: "https"
- port:
- api:
- default: 8776
- # public: 443
- volumev3:
- name: cinderv3
- hosts:
- default: cinder-api
- public: cinder
- host_fqdn_override:
- default: null
- # public:
- # host: volume.DOMAIN
- path:
- default: "/v3/%(tenant_id)s"
- scheme:
- default: "http"
- # public: "https"
- port:
- api:
- default: 8776
- # public: 443
- heat_oslo_messaging:
- namespace: openstack
- hosts:
- default: heat-rabbitmq
- host_fqdn_override:
- default: null
- path: /heat
- scheme: rabbit
- port:
- amqp:
- default: 5672
- http:
- default: 15672
- heat_rabbitmq_exporter:
- namespace: openstack
- hosts:
- default: heat-rabbitmq-exporter
- host_fqdn_override:
- default: null
- path:
- default: /metrics
- scheme:
- default: "http"
- port:
- metrics:
- default: 9095
- orchestration:
- name: heat
- hosts:
- default: heat-api
- public: heat
- host_fqdn_override:
- default: null
- # public:
- # host: orchestration.DOMAIN
- path:
- default: "/v1/%(project_id)s"
- scheme:
- default: "http"
- # public: "https"
- port:
- api:
- default: 8004
- # public: 443
- cloudformation:
- name: heat-cfn
- hosts:
- default: heat-cfn
- public: cloudformation
- host_fqdn_override:
- default: null
- # public:
- # host: cloudformation.DOMAIN
- path:
- default: /v1
- scheme:
- default: "http"
- # public: "https"
- port:
- api:
- default: 8000
- # public: 443
- cloudwatch:
- name: heat-cloudwatch
- hosts:
- default: heat-cloudwatch
- public: cloudwatch
- host_fqdn_override:
- default: null
- path:
- default: null
- type: null
- scheme:
- default: "http"
- port:
- api:
- default: 8003
- public: 80
- neutron_oslo_messaging:
- namespace: openstack
- hosts:
- default: neutron-rabbitmq
- host_fqdn_override:
- default: null
- path: /neutron
- scheme: rabbit
- port:
- amqp:
- default: 5672
- http:
- default: 15672
- neutron_rabbitmq_exporter:
- namespace: openstack
- hosts:
- default: neutron-rabbitmq-exporter
- host_fqdn_override:
- default: null
- path:
- default: /metrics
- scheme:
- default: "http"
- port:
- metrics:
- default: 9095
- network:
- name: neutron
- hosts:
- default: neutron-server
- public: neutron
- host_fqdn_override:
- default: null
- # public:
- # host: network.DOMAIN
- path:
- default: null
- scheme:
- default: "http"
- # public: "https"
- port:
- api:
- default: 9696
- # public: 443
- nova_oslo_messaging:
- namespace: openstack
- hosts:
- default: nova-rabbitmq
- host_fqdn_override:
- default: null
- path: /nova
- scheme: rabbit
- port:
- amqp:
- default: 5672
- http:
- default: 15672
- nova_rabbitmq_exporter:
- namespace: openstack
- hosts:
- default: nova-rabbitmq-exporter
- host_fqdn_override:
- default: null
- path:
- default: /metrics
- scheme:
- default: "http"
- port:
- metrics:
- default: 9095
- compute:
- name: nova
- hosts:
- default: nova-api
- public: nova
- host_fqdn_override:
- default: null
- # public:
- # host: compute.DOMAIN
- path:
- default: "/v2/%(tenant_id)s"
- scheme:
- default: "http"
- # public: "https"
- port:
- api:
- default: 8774
- # public: 443
- novncproxy:
- default: 443
- compute_metadata:
- name: nova
- hosts:
- default: nova-metadata
- public: metadata
- host_fqdn_override:
- default: null
- path:
- default: /
- scheme:
- default: "http"
- port:
- metadata:
- default: 8775
- public: 80
- compute_novnc_proxy:
- name: nova
- hosts:
- default: nova-novncproxy
- public: novncproxy
- host_fqdn_override:
- default: null
- # public:
- # host: nova-novncproxy.DOMAIN
- path:
- default: /vnc_auto.html
- scheme:
- default: "http"
- # public: "https"
- port:
- novnc_proxy:
- default: 6080
- # public: 443
- compute_spice_proxy:
- name: nova
- hosts:
- default: nova-spiceproxy
- host_fqdn_override:
- default: null
- path:
- default: /spice_auto.html
- scheme:
- default: "http"
- port:
- spice_proxy:
- default: 6082
- placement:
- name: placement
- hosts:
- default: placement-api
- public: placement
- host_fqdn_override:
- default: null
- # public:
- # host: placement.DOMAIN
- path:
- default: /
- scheme:
- default: "http"
- # public: "https"
- port:
- api:
- default: 8778
- # public: 443
- dashboard:
- name: horizon
- hosts:
- default: horizon-int
- public: horizon
- host_fqdn_override:
- default: null
- # public:
- # host: dashboard.DOMAIN
- path:
- default: null
- scheme:
- default: "http"
- # public: "https"
- port:
- web:
- default: 80
- # public: 443
-...
----
-schema: pegleg/EndpointCatalogue/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_infra_endpoints
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
- # substitutions:
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .osh_infra.kibana.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .osh_infra.grafana.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .osh_infra.nagios.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .osh_infra.kibana.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .osh_infra.kibana.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .osh_infra.kibana.host_fqdn_override.public.tls.key
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .osh_infra.grafana.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .osh_infra.grafana.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .osh_infra.grafana.host_fqdn_override.public.tls.key
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .osh_infra.nagios.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .osh_infra.nagios.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .osh_infra.nagios.host_fqdn_override.public.tls.key
- # path: .osh_infra.nagios.host_fqdn_override.public.tls.key
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .ldap.base_url
- # dest:
- # path: .osh_infra.ldap.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .ldap.auth_path
- # dest:
- # path: .osh_infra.ldap.path.default
- # pattern: AUTH_PATH
-data:
- osh_infra:
- elasticsearch:
- name: elasticsearch
- namespace: osh-infra
- hosts:
- data: elasticsearch-data
- default: elasticsearch-logging
- discovery: elasticsearch-discovery
- public: elasticsearch
- host_fqdn_override:
- default: null
- path:
- default: null
- scheme:
- default: "http"
- port:
- http:
- default: 80
- prometheus_elasticsearch_exporter:
- namespace: null
- hosts:
- default: elasticsearch-exporter
- host_fqdn_override:
- default: null
- path:
- default: /metrics
- scheme:
- default: "http"
- port:
- metrics:
- default: 9108
- fluentd:
- namespace: osh-infra
- name: fluentd
- hosts:
- default: fluentd-logging
- host_fqdn_override:
- default: null
- path:
- default: null
- scheme:
- default: "http"
- port:
- service:
- default: 24224
- metrics:
- default: 24220
- prometheus_fluentd_exporter:
- namespace: osh-infra
- hosts:
- default: fluentd-exporter
- host_fqdn_override:
- default: null
- path:
- default: /metrics
- scheme:
- default: "http"
- port:
- metrics:
- default: 9309
- oslo_db:
- namespace: osh-infra
- hosts:
- default: mariadb
- host_fqdn_override:
- default: null
- path: /DB_NAME
- scheme: mysql+pymysql
- port:
- mysql:
- default: 3306
- grafana:
- name: grafana
- namespace: osh-infra
- hosts:
- default: grafana-dashboard
- public: grafana
- host_fqdn_override:
- default: null
- # public:
- # host: grafana.DOMAIN
- path:
- default: null
- scheme:
- default: "http"
- # public: "https"
- port:
- grafana:
- default: 3000
- # public: 443
- monitoring:
- name: prometheus
- namespace: osh-infra
- hosts:
- default: prom-metrics
- public: prometheus
- host_fqdn_override:
- default: null
- path:
- default: null
- scheme:
- default: "http"
- port:
- api:
- default: 9090
- public: 80
- kibana:
- name: kibana
- namespace: osh-infra
- hosts:
- default: kibana-dash
- public: kibana
- host_fqdn_override:
- default: null
- # public:
- # host: kibana.DOMAIN
- path:
- default: null
- scheme:
- default: "http"
- # public: "https"
- port:
- kibana:
- default: 5601
- # public: 443
- alerts:
- name: alertmanager
- namespace: osh-infra
- hosts:
- default: alerts-engine
- public: alertmanager
- discovery: alertmanager-discovery
- host_fqdn_override:
- default: null
- path:
- default: null
- scheme:
- default: "http"
- port:
- api:
- default: 9093
- public: 80
- mesh:
- default: 6783
- kube_state_metrics:
- namespace: kube-system
- hosts:
- default: kube-state-metrics
- host_fqdn_override:
- default: null
- path:
- default: null
- scheme:
- default: "http"
- port:
- http:
- default: 8080
- kube_scheduler:
- scheme:
- default: "http"
- path:
- default: /metrics
- kube_controller_manager:
- scheme:
- default: "http"
- path:
- default: /metrics
- node_metrics:
- namespace: kube-system
- hosts:
- default: node-exporter
- host_fqdn_override:
- default: null
- path:
- default: null
- scheme:
- default: "http"
- port:
- metrics:
- default: 9100
- prometheus_port:
- default: 9100
- prometheus_openstack_exporter:
- namespace: openstack
- hosts:
- default: openstack-metrics
- host_fqdn_override:
- default: null
- path:
- default: null
- scheme:
- default: "http"
- port:
- exporter:
- default: 9103
- nagios:
- name: nagios
- namespace: osh-infra
- hosts:
- default: nagios-metrics
- public: nagios
- host_fqdn_override:
- default: null
- # public:
- # host: nagios.DOMAIN
- path:
- default: null
- scheme:
- default: http
- # public: https
- port:
- http:
- default: 80
- # public: 443
- ldap:
- hosts:
- default: ldap
- host_fqdn_override:
- default: null
- public:
- host: DOMAIN
- path:
- default: /AUTH_PATH
- scheme:
- default: "ldap"
- port:
- ldap:
- default: 389
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: pegleg/AccountCatalogue/v1
-metadata:
- schema: metadata/Document/v1
- name: ucp_service_accounts
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data:
- ucp:
- postgres:
- admin:
- username: postgres
- oslo_db:
- admin:
- username: root
- oslo_messaging:
- admin:
- username: rabbitmq
- keystone:
- admin:
- region_name: RegionOne
- username: admin
- project_name: admin
- user_domain_name: default
- project_domain_name: default
- oslo_messaging:
- admin:
- username: rabbitmq
- keystone:
- username: keystone
- oslo_db:
- username: keystone
- database: keystone
- promenade:
- keystone:
- region_name: RegionOne
- role: admin
- project_name: service
- project_domain_name: default
- user_domain_name: default
- username: promenade
- drydock:
- keystone:
- region_name: RegionOne
- role: admin
- project_name: service
- project_domain_name: default
- user_domain_name: default
- username: drydock
- postgres:
- username: drydock
- database: drydock
- shipyard:
- keystone:
- region_name: RegionOne
- role: admin
- project_name: service
- project_domain_name: default
- user_domain_name: default
- username: shipyard
- postgres:
- username: shipyard
- database: shipyard
- airflow:
- postgres:
- username: airflow
- database: airflow
- oslo_messaging:
- username: rabbitmq
- maas:
- admin:
- username: admin
- email: none@none
- postgres:
- username: maas
- database: maasdb
- barbican:
- keystone:
- region_name: RegionOne
- role: admin
- project_name: service
- project_domain_name: default
- user_domain_name: default
- username: barbican
- oslo_db:
- username: barbican
- database: barbican
- oslo_messaging:
- admin:
- username: rabbitmq
- keystone:
- username: keystone
- armada:
- keystone:
- project_domain_name: default
- user_domain_name: default
- project_name: service
- region_name: RegionOne
- role: admin
- user_domain_name: default
- username: armada
- deckhand:
- keystone:
- region_name: RegionOne
- role: admin
- project_name: service
- project_domain_name: default
- user_domain_name: default
- username: deckhand
- postgres:
- username: deckhand
- database: deckhand
- ceph:
- swift:
- keystone:
- role: admin
- region_name: RegionOne
- username: swift
- project_name: service
- user_domain_name: default
- project_domain_name: default
-...
----
-schema: pegleg/AccountCatalogue/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_service_accounts
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
- substitutions:
- - src:
- schema: pegleg/CommonSoftwareConfig/v1
- name: common-software-config
- path: .osh.region_name
- dest:
- path: .osh.keystone.admin.region_name
- - src:
- schema: pegleg/CommonSoftwareConfig/v1
- name: common-software-config
- path: .osh.region_name
- dest:
- path: .osh.cinder.cinder.region_name
- - src:
- schema: pegleg/CommonSoftwareConfig/v1
- name: common-software-config
- path: .osh.region_name
- dest:
- path: .osh.glance.glance.region_name
- - src:
- schema: pegleg/CommonSoftwareConfig/v1
- name: common-software-config
- path: .osh.region_name
- dest:
- path: .osh.heat.heat.region_name
- - src:
- schema: pegleg/CommonSoftwareConfig/v1
- name: common-software-config
- path: .osh.region_name
- dest:
- path: .osh.heat.heat_trustee.region_name
- - src:
- schema: pegleg/CommonSoftwareConfig/v1
- name: common-software-config
- path: .osh.region_name
- dest:
- path: .osh.heat.heat_stack_user.region_name
- - src:
- schema: pegleg/CommonSoftwareConfig/v1
- name: common-software-config
- path: .osh.region_name
- dest:
- path: .osh.swift.keystone.region_name
- - src:
- schema: pegleg/CommonSoftwareConfig/v1
- name: common-software-config
- path: .osh.region_name
- dest:
- path: .osh.neutron.neutron.region_name
- - src:
- schema: pegleg/CommonSoftwareConfig/v1
- name: common-software-config
- path: .osh.region_name
- dest:
- path: .osh.nova.nova.region_name
- - src:
- schema: pegleg/CommonSoftwareConfig/v1
- name: common-software-config
- path: .osh.region_name
- dest:
- path: .osh.nova.placement.region_name
- - src:
- schema: pegleg/CommonSoftwareConfig/v1
- name: common-software-config
- path: .osh.region_name
- dest:
- path: .osh.barbican.barbican.region_name
- - src:
- schema: pegleg/CommonSoftwareConfig/v1
- name: common-software-config
- path: .osh.region_name
- dest:
- path: .osh.barbican.barbican.region_name
-data:
- osh:
- keystone:
- admin:
- username: admin
- project_name: admin
- user_domain_name: default
- project_domain_name: default
- oslo_db:
- username: keystone
- database: keystone
- oslo_messaging:
- admin:
- username: keystone-rabbitmq-admin
- keystone:
- username: keystone-rabbitmq-user
- ldap:
- username: "user@example-ldap.com"
- cinder:
- cinder:
- role: admin
- username: cinder
- project_name: service
- user_domain_name: default
- project_domain_name: default
- oslo_db:
- username: cinder
- database: cinder
- oslo_messaging:
- admin:
- username: cinder-rabbitmq-admin
- cinder:
- username: cinder-rabbitmq-user
- glance:
- glance:
- role: admin
- username: glance
- project_name: service
- user_domain_name: default
- project_domain_name: default
- oslo_db:
- username: glance
- database: glance
- oslo_messaging:
- admin:
- username: glance-rabbitmq-admin
- glance:
- username: glance-rabbitmq-user
- ceph_object_store:
- username: glance
- heat:
- heat:
- role: admin
- username: heat
- project_name: service
- user_domain_name: default
- project_domain_name: default
- heat_trustee:
- role: admin
- username: heat-trust
- project_name: service
- user_domain_name: default
- project_domain_name: default
- heat_stack_user:
- role: admin
- username: heat-domain
- domain_name: heat
- oslo_db:
- username: heat
- database: heat
- oslo_messaging:
- admin:
- username: heat-rabbitmq-admin
- heat:
- username: heat-rabbitmq-user
- swift:
- keystone:
- role: admin
- username: swift
- project_name: service
- user_domain_name: default
- project_domain_name: default
- oslo_db:
- admin:
- username: root
- neutron:
- neutron:
- role: admin
- username: neutron
- project_name: service
- user_domain_name: default
- project_domain_name: default
- oslo_db:
- username: neutron
- database: neutron
- oslo_messaging:
- admin:
- username: neutron-rabbitmq-admin
- neutron:
- username: neutron-rabbitmq-user
- nova:
- nova:
- role: admin
- username: nova
- project_name: service
- user_domain_name: default
- project_domain_name: default
- placement:
- role: admin
- username: placement
- project_name: service
- user_domain_name: default
- project_domain_name: default
- oslo_db:
- username: nova
- database: nova
- oslo_db_api:
- username: nova
- database: nova_api
- oslo_db_cell0:
- username: nova
- database: "nova_cell0"
- oslo_messaging:
- admin:
- username: nova-rabbitmq-admin
- nova:
- username: nova-rabbitmq-user
- horizon:
- oslo_db:
- username: horizon
- database: horizon
- barbican:
- barbican:
- role: admin
- username: barbican
- project_name: service
- user_domain_name: default
- project_domain_name: default
- oslo_db:
- username: barbican
- database: barbican
- oslo_messaging:
- admin:
- username: barbican-rabbitmq-admin
- barbican:
- username: barbican-rabbitmq-user
-...
----
-schema: pegleg/AccountCatalogue/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_infra_service_accounts
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data:
- osh_infra:
- grafana:
- admin:
- username: grafana
- oslo_db:
- username: grafana
- database: grafana
- oslo_db_session:
- username: grafana_session
- database: grafana_session
- elasticsearch:
- admin:
- username: elasticsearch
- kibana:
- admin:
- username: kibana
- oslo_db:
- admin:
- username: root
- prometheus_openstack_exporter:
- user:
- username: prometheus-openstack-exporter
- project_name: service
- user_domain_name: default
- nagios:
- admin:
- username: nagios
- ldap:
- admin:
- # NEWSITE-CHANGEME: Replace with the site's LDAP account used to
- # authenticate to the active directory backend to validate keystone
- # users.
- bind: "test@ldap.example.com"
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: armada/Manifest/v1
-metadata:
- schema: metadata/Document/v1
- name: full-site
- layeringDefinition:
- abstract: false
- layer: site
- parentSelector:
- name: full-site-global
- actions:
- - method: merge
- path: .
- storagePolicy: cleartext
-data:
- release_prefix: airship
- chart_groups:
- - kubernetes-proxy
- - kubernetes-container-networking
- - kubernetes-dns
- - kubernetes-etcd
- - kubernetes-haproxy
- - kubernetes-core
- - ingress-kube-system
- - ucp-ceph-update
- - ucp-ceph-config
- - ucp-core
- - ucp-keystone
- - ucp-divingbell
- - ucp-armada
- - ucp-deckhand
- - ucp-drydock
- - ucp-promenade
- - ucp-shipyard
- - osh-infra-ingress-controller
- - osh-infra-ceph-config
- - osh-infra-logging
- - osh-infra-monitoring
- - osh-infra-mariadb
- - osh-infra-dashboards
- - openstack-ingress-controller
- - openstack-ceph-config
- - openstack-mariadb
- - openstack-memcached
- - openstack-keystone
- - openstack-radosgw
- - openstack-glance
- - openstack-cinder
- - openstack-compute-kit
- - openstack-heat
- - osh-infra-prometheus-openstack-exporter
- - openstack-horizon
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: 'drydock/BootAction/v1'
-metadata:
- schema: 'metadata/Document/v1'
- name: i40evf_blacklist
- storagePolicy: 'cleartext'
- layeringDefinition:
- abstract: false
- layer: site
- labels:
- application: 'drydock'
-data:
- signaling: false
- node_filter:
- filter_set_type: 'union'
- filter_set:
- - filter_type: 'union'
- assets:
- - path: /etc/modprobe.d/sriov_blacklist.conf
- type: file
- permissions: '644'
- data_pipeline:
- - utf8_decode
- data: |
- blacklist i40evf
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: 'drydock/BootAction/v1'
-metadata:
- schema: 'metadata/Document/v1'
- name: calico-ip-rules
- storagePolicy: 'cleartext'
- layeringDefinition:
- abstract: false
- layer: site
- labels:
- application: 'drydock'
- substitutions:
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .kubernetes.pod_cidr
- dest:
- path: .assets[0].data
- pattern: DH_SUB_POD_CIDR
-data:
- signaling: false
- assets:
- - path: /etc/systemd/system/configure-ip-rules.service
- type: unit
- permissions: '444'
- data: |-
- [Unit]
- Description=IP Rules Initialization Service
- After=network-online.target local-fs.target
-
- [Service]
- Type=simple
- ExecStart=/opt/configure-ip-rules.sh -g 172.29.1.1 -c 10.99.0.0/16 -s 172.29.1.136/29
-
- [Install]
- WantedBy=multi-user.target
- data_pipeline:
- - utf8_decode
- - path: /opt/configure-ip-rules.sh
- type: file
- permissions: '700'
- data_pipeline:
- - utf8_decode
- data: |-
- #!/bin/bash
- set -ex
-
- function usage() {
- cat <<EOU
- Options are:
-
- -c POD_CIDR The pod CIDR for the Kubernetes cluster, e.g. 10.99.0.0/16
- -i INTERFACE The interface for internal pod traffic, e.g. bond1.2006
- -o OVERLAP_CIDR (optional) This CIDR will be routed via the VRRP IP on
- INTERFACE. It is used to provide a work around when
- complete Calico routes cannot be received via BGP.
- e.g. 10.96.0.0/15. NOTE: This must include the POD_CIDR.
- -s SERVICE_CIDR (optional) A routable CIDR to configure for ingress, maas,
- e.g. 135.21.99.192/29
- EOU
- }
-
- SERVICE_CIDR=
- OVERLAP_CIDR=
-
- while getopts ":c:hi:o:s:" o; do
- case "${o}" in
- c)
- POD_CIDR=${OPTARG}
- ;;
- h)
- usage
- exit 0
- ;;
- i)
- INTERFACE=${OPTARG}
- ;;
- o)
- OVERLAP_CIDR=${OPTARG}
- ;;
- s)
- SERVICE_CIDR=${OPTARG}
- ;;
- \?)
- echo "Unknown option: -${OPTARG}" >&2
- exit 1
- ;;
- :)
- echo "Missing argument for option: -${OPTARG}" >&2
- exit 1
- ;;
- *)
- echo "Unimplemented option: -${OPTARG}" >&2
- exit 1
- ;;
- esac
- done
- shift $((OPTIND-1))
-
- if [ "x$POD_CIDR" == "x" ]; then
- echo "Missing pod CIDR, e.g -c 10.99.0.0/16" >&2
- usage
- exit 1
- fi
-
- if [ "x$INTERFACE" == "x" ]; then
- echo "Missing interface, e.g. -i bond1.2006" >&2
- usage
- exit 1
- fi
-
- while ! ip route list dev "${INTERFACE}" > /dev/null; do
- echo Waiting for device "${INTERFACE}" to be ready. >&2
- sleep 5
- done
-
- intra_vrrp_ip=$(ip route list dev "${INTERFACE}" | awk '($2~/via/){print $3}' | head -n 1)
-
- TABLE="1500"
-
- # Setup a routing table for traffic from service IPs
- ip route flush table "${TABLE}"
- ip route add default via "${intra_vrrp_ip}" table "${TABLE}"
-
- if [ "x$OVERLAP_CIDR" != "x" ]; then
- # NOTE(mb874d): This is a work-around for nodes not receiving complete
- # routes via BGP. It may also be required for brownfield large sites.
- ip route add "${OVERLAP_CIDR}" via "${intra_vrrp_ip}"
- fi
-
- if [ "x$SERVICE_CIDR" != "x" ]; then
- # Traffic from the service IPs to pods should use the pod network.
- ip rule add \
- from "${SERVICE_CIDR}" \
- to "${POD_CIDR}" \
- lookup main \
- pref 10000
- # Other traffic from service IPs should only use the VRRP IP
- ip rule add \
- from "${SERVICE_CIDR}" \
- lookup "${TABLE}" \
- pref 10100
- fi
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: 'drydock/BootAction/v1'
-metadata:
- schema: 'metadata/Document/v1'
- name: promjoin
- storagePolicy: 'cleartext'
- layeringDefinition:
- abstract: false
- layer: site
- labels:
- application: 'drydock'
-data:
- signaling: false
- node_filter:
- filter_set_type: 'union'
- filter_set:
- - filter_type: 'union'
- node_names:
- - 'aknode31'
- - 'aknode32'
- # TODO(alanmeadows) move what is global about this document - everything except nodenames to global
- assets:
- - path: /opt/promjoin.sh
- type: file
- permissions: '555'
- # TODO(alanmeadows) You must replace the ip= parameter below with the appropriate MaaS network name of the network
- # you should use to contact kubernetes in the case below, this is cab24_mgmt
- location: promenade+http://promenade-api.ucp.svc.cluster.local/api/v1.0/join-scripts?design_ref={{ action.design_ref | urlencode }}&hostname={{ node.hostname }}&ip={{ node.network.calico.ip }}{% for k, v in node.labels.items() %}&labels.dynamic={{ k }}={{ v }}{% endfor %}
- location_pipeline:
- - template
- data_pipeline:
- - utf8_decode
- - path: /lib/systemd/system/promjoin.service
- type: unit
- permissions: '600'
- data: |-
- W1VuaXRdCkRlc2NyaXB0aW9uPVByb21lbmFkZSBJbml0aWFsaXphdGlvbiBTZXJ2aWNlCkFmdGVy
- PW5ldHdvcmstb25saW5lLnRhcmdldCBsb2NhbC1mcy50YXJnZXQKQ29uZGl0aW9uUGF0aEV4aXN0
- cz0hL3Zhci9saWIvcHJvbS5kb25lCgpbU2VydmljZV0KVHlwZT1zaW1wbGUKRXhlY1N0YXJ0PS9v
- cHQvcHJvbWpvaW4uc2gKCltJbnN0YWxsXQpXYW50ZWRCeT1tdWx0aS11c2VyLnRhcmdldAo=
- data_pipeline:
- - base64_decode
- - utf8_decode
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: 'drydock/BaremetalNode/v1'
-metadata:
- schema: 'metadata/Document/v1'
- name: aknode31
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data:
- host_profile: ControlPlane
- # the hostname for a server, could be used in multiple DNS domains to
- # represent different interfaces
- addressing:
- # Which network the address applies to. If a network appears in addressing
- # that isn't assigned to an interface, design validation will fail
- - network: oob
- address: 192.168.41.131
- - network: pxe
- # The address assigned. Either a explicit IPv4 or IPv6 address
- # or dhcp or slaac
- address: 172.30.1.31
- - network: oam
- address: 192.168.2.31
- - network: storage
- address: 172.31.1.31
- - network: overlay
- address: 10.0.101.31
- - network: calico
- address: 172.29.1.31
- metadata:
- rack: RACK01
- tags:
- - 'masters'
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: 'drydock/BaremetalNode/v1'
-metadata:
- schema: 'metadata/Document/v1'
- name: aknode32
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data:
- host_profile: ControlPlane
- # the hostname for a server, could be used in multiple DNS domains to
- # represent different interfaces
- addressing:
- # Which network the address applies to. If a network appears in addressing
- # that isn't assigned to an interface, design validation will fail
- - network: oob
- address: 192.168.41.132
- - network: pxe
- # The address assigned. Either a explicit IPv4 or IPv6 address
- # or dhcp or slaac
- address: 172.30.1.32
- - network: oam
- address: 192.168.2.32
- - network: storage
- address: 172.31.1.32
- - network: overlay
- address: 10.0.101.32
- - network: calico
- address: 172.29.1.32
- metadata:
- rack: RACK01
- tags:
- - 'masters'
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: shipyard/DeploymentConfiguration/v1
-metadata:
- schema: metadata/Document/v1
- name: deployment-configuration
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data:
- armada:
- manifest: 'full-site'
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: pegleg/CommonAddresses/v1
-metadata:
- schema: metadata/Document/v1
- name: common-addresses
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data:
- calico:
- ip_autodetection_method: interface=bond0.44
- etcd:
- service_ip: 10.96.232.136
-
- dns:
- cluster_domain: cluster.local
- service_ip: 10.96.0.10
- upstream_servers:
- - 192.168.2.85
- - 8.8.8.8
- - 8.8.8.8
- upstream_servers_joined: '192.168.2.85,8.8.8.8'
- ingress_domain: hpgen10.akraino.org
- genesis:
- hostname: aknode30
- ip: 172.29.1.30
-
- bootstrap:
- ip: 172.30.1.30
-
- kubernetes:
- api_service_ip: 10.96.0.1
- etcd_service_ip: 10.96.0.2
- pod_cidr: 10.99.0.0/16
- service_cidr: 10.96.0.0/14
- apiserver_port: 6443
- haproxy_port: 6553
- service_node_port_range: 30000-32767
-
- etcd:
- container_port: 2379
- haproxy_port: 2378
-
- masters:
- - hostname: aknode31
- - hostname: aknode32
-
- proxy:
- http: ""
- https: ""
- no_proxy: []
-
- node_ports:
- drydock_api: 30000
- maas_api: 30001
- maas_proxy: 31800 # hardcoded in MAAS
- shipyard_api: 30003
- airflow_web: 30004
-
- ntp:
- servers_joined: '0.ubuntu.pool.ntp.org,1.ubuntu.pool.ntp.org,2.ubuntu.pool.ntp.org'
-
- # Used for FQDN setup/definition
- domain:
- url: hpgen10.lab.akraino.org
-
- ldap:
- base_url: 'its-a-ldap.example.com'
- url: 'ldap://its-a-ldap.example.com'
- auth_path: DC=test,DC=test,DC=com?sAMAccountName?sub?memberof=CN=test,OU=Application,OU=Groups,DC=test,DC=test,DC=com
- common_name: AP-NC_Test_Users
- subdomain: testitservices
- domain: example
-
- storage:
- ceph:
- public_cidr: '172.31.1.0/24'
- cluster_cidr: '172.31.1.0/24'
-
- neutron:
- tunnel_device: 'bond0.45'
- external_iface: 'bond0'
-
- openvswitch:
- external_iface: 'bond0'
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: 'drydock/NetworkLink/v1'
-metadata:
- schema: 'metadata/Document/v1'
- name: oob
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data:
- labels:
- noconfig: enabled
- bonding:
- mode: disabled
- mtu: 9000
- linkspeed: auto
- trunking:
- mode: disabled
- default_network: oob
- allowed_networks:
- - oob
-...
----
-schema: 'drydock/Network/v1'
-metadata:
- schema: 'metadata/Document/v1'
- name: oob
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data:
- cidr: 192.168.41.0/24
- routes:
- - subnet: '0.0.0.0/0'
- gateway: 192.168.41.1
- ranges:
- - type: static
- start: 192.168.41.5
- end: 192.168.41.254
-...
----
-schema: 'drydock/NetworkLink/v1'
-metadata:
- schema: 'metadata/Document/v1'
- name: pxe
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data:
- bonding:
- mode: disabled
- mtu: 9000
- linkspeed: auto
- trunking:
- mode: disabled
- default_network: pxe
- allowed_networks:
- - pxe
-...
----
-schema: 'drydock/Network/v1'
-metadata:
- schema: 'metadata/Document/v1'
- name: pxe
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data:
- cidr: 172.30.1.0/24
- routes:
- - subnet: '0.0.0.0/0'
- gateway: 172.30.1.30
- ranges:
- - type: reserved
- start: 172.30.1.1
- end: 172.30.1.10
- - type: static
- start: 172.30.1.11
- end: 172.30.1.200
- - type: dhcp
- start: 172.30.1.201
- end: 172.30.1.254
- dns:
- domain: lab.akraino.org
- servers: '192.168.2.85 8.8.8.8 8.8.4.4'
-...
----
-schema: 'drydock/NetworkLink/v1'
-metadata:
- schema: 'metadata/Document/v1'
- name: bond0
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data:
- bonding:
- mode: 802.3ad
- hash: layer3+4
- peer_rate: fast
- mon_rate: 100
- up_delay: 1000
- down_delay: 3000
- mtu: 9000
- linkspeed: auto
- trunking:
- mode: 802.1q
- allowed_networks:
- - oam
- - storage
- - overlay
- - calico
-...
----
-schema: 'drydock/Network/v1'
-metadata:
- schema: 'metadata/Document/v1'
- name: oam
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data:
- vlan: '41'
- mtu: 9000
- cidr: 192.168.2.0/24
- routes:
- - subnet: '0.0.0.0/0'
- gateway: 192.168.2.200
- ranges:
- - type: reserved
- start: 192.168.2.84
- end: 192.168.2.86
- - type: static
- start: 192.168.2.1
- end: 192.168.2.83
- dns:
- domain: lab.akraino.org
- servers: '192.168.2.85 8.8.8.8 8.8.4.4'
-...
----
-schema: 'drydock/Network/v1'
-metadata:
- schema: 'metadata/Document/v1'
- name: storage
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data:
- vlan: '42'
- mtu: 9000
- cidr: 172.31.1.0/24
- ranges:
- - type: static
- start: 172.31.1.2
- end: 172.31.1.254
-...
----
-schema: 'drydock/Network/v1'
-metadata:
- schema: 'metadata/Document/v1'
- name: overlay
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data:
- vlan: '45'
- mtu: 9000
- cidr: 10.0.101.0/24
- ranges:
- - type: static
- start: 10.0.101.2
- end: 10.0.101.254
-...
----
-schema: 'drydock/Network/v1'
-metadata:
- schema: 'metadata/Document/v1'
- name: calico
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data:
- vlan: '44'
- mtu: 9000
- cidr: 172.29.1.0/24
- ranges:
- - type: static
- start: 172.29.1.5
- end: 172.29.1.254
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: promenade/PKICatalog/v1
-metadata:
- schema: metadata/Document/v1
- name: cluster-certificates
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data:
- certificate_authorities:
- kubernetes:
- description: CA for Kubernetes components
- certificates:
- - document_name: apiserver
- description: Service certificate for Kubernetes apiserver
- common_name: apiserver
- hosts:
- - localhost
- - 127.0.0.1
- - 10.96.0.1
- kubernetes_service_names:
- - kubernetes.default.svc.cluster.local
- - document_name: kubelet-genesis
- common_name: system:node:aknode30
- hosts:
- - aknode30
- - 192.168.2.30
- - 172.29.1.30
- - 172.30.1.30
- groups:
- - system:nodes
- - document_name: kubelet-aknode30
- common_name: system:node:aknode30
- hosts:
- - aknode30
- - 192.168.2.30
- - 172.29.1.30
- - 172.30.1.30
- groups:
- - system:nodes
- - document_name: kubelet-aknode31
- common_name: system:node:aknode31
- hosts:
- - aknode31
- - 192.168.2.31
- - 172.29.1.31
- - 172.30.1.31
- groups:
- - system:nodes
- - document_name: kubelet-aknode32
- common_name: system:node:aknode32
- hosts:
- - aknode32
- - 192.168.2.32
- - 172.29.1.32
- - 172.30.1.32
- groups:
- - system:nodes
- - document_name: scheduler
- description: Service certificate for Kubernetes scheduler
- common_name: system:kube-scheduler
- - document_name: controller-manager
- description: certificate for controller-manager
- common_name: system:kube-controller-manager
- - document_name: admin
- common_name: admin
- groups:
- - system:masters
- - document_name: armada
- common_name: armada
- groups:
- - system:masters
- kubernetes-etcd:
- description: Certificates for Kubernetes's etcd servers
- certificates:
- - document_name: apiserver-etcd
- description: etcd client certificate for use by Kubernetes apiserver
- common_name: apiserver
- # NOTE(mark-burnett): hosts not required for client certificates
- - document_name: kubernetes-etcd-anchor
- description: anchor
- common_name: anchor
- - document_name: kubernetes-etcd-genesis
- common_name: kubernetes-etcd-genesis
- hosts:
- - aknode30
- - 192.168.2.30
- - 172.29.1.30
- - 172.30.1.30
- - 127.0.0.1
- - localhost
- - kubernetes-etcd.kube-system.svc.cluster.local
- - 10.96.0.2
- - document_name: kubernetes-etcd-aknode30
- common_name: kubernetes-etcd-aknode30
- hosts:
- - aknode30
- - 192.168.2.30
- - 172.29.1.30
- - 172.30.1.30
- - 127.0.0.1
- - localhost
- - kubernetes-etcd.kube-system.svc.cluster.local
- - 10.96.0.2
- - document_name: kubernetes-etcd-aknode31
- common_name: kubernetes-etcd-aknode31
- hosts:
- - aknode31
- - 192.168.2.31
- - 172.29.1.31
- - 172.30.1.31
- - 127.0.0.1
- - localhost
- - kubernetes-etcd.kube-system.svc.cluster.local
- - 10.96.0.2
- - document_name: kubernetes-etcd-aknode32
- common_name: kubernetes-etcd-aknode32
- hosts:
- - aknode32
- - 192.168.2.32
- - 172.29.1.32
- - 172.30.1.32
- - 127.0.0.1
- - localhost
- - kubernetes-etcd.kube-system.svc.cluster.local
- - 10.96.0.2
- kubernetes-etcd-peer:
- certificates:
- - document_name: kubernetes-etcd-genesis-peer
- common_name: kubernetes-etcd-genesis-peer
- hosts:
- - aknode30
- - 192.168.2.30
- - 172.29.1.30
- - 172.30.1.30
- - 127.0.0.1
- - localhost
- - kubernetes-etcd.kube-system.svc.cluster.local
- - 10.96.0.2
- - document_name: kubernetes-etcd-aknode30-peer
- common_name: kubernetes-etcd-aknode30-peer
- hosts:
- - aknode30
- - 192.168.2.30
- - 172.29.1.30
- - 172.30.1.30
- - 127.0.0.1
- - localhost
- - kubernetes-etcd.kube-system.svc.cluster.local
- - 10.96.0.2
- - document_name: kubernetes-etcd-aknode31-peer
- common_name: kubernetes-etcd-aknode31-peer
- hosts:
- - aknode31
- - 192.168.2.31
- - 172.29.1.31
- - 172.30.1.31
- - 127.0.0.1
- - localhost
- - kubernetes-etcd.kube-system.svc.cluster.local
- - 10.96.0.2
- - document_name: kubernetes-etcd-aknode32-peer
- common_name: kubernetes-etcd-aknode32-peer
- hosts:
- - aknode32
- - 192.168.2.32
- - 172.29.1.32
- - 172.30.1.32
- - 127.0.0.1
- - localhost
- - kubernetes-etcd.kube-system.svc.cluster.local
- - 10.96.0.2
- calico-etcd:
- description: Certificates for Calico etcd client traffic
- certificates:
- - document_name: calico-etcd-anchor
- description: anchor
- common_name: anchor
- - document_name: calico-etcd-aknode30
- common_name: calico-etcd-aknode30
- hosts:
- - aknode30
- - 192.168.2.30
- - 172.29.1.30
- - 172.30.1.30
- - 127.0.0.1
- - localhost
- - 10.96.232.136
- - document_name: calico-etcd-aknode31
- common_name: calico-etcd-aknode31
- hosts:
- - aknode31
- - 192.168.2.31
- - 172.29.1.31
- - 172.30.1.31
- - 127.0.0.1
- - localhost
- - 10.96.232.136
- - document_name: calico-etcd-aknode32
- common_name: calico-etcd-aknode32
- hosts:
- - aknode32
- - 192.168.2.32
- - 172.29.1.32
- - 172.30.1.32
- - 127.0.0.1
- - localhost
- - 10.96.232.136
- - document_name: calico-node
- common_name: calcico-node
- calico-etcd-peer:
- description: Certificates for Calico etcd clients
- certificates:
- - document_name: calico-etcd-aknode30-peer
- common_name: calico-etcd-aknode30-peer
- hosts:
- - aknode30
- - 192.168.2.30
- - 172.29.1.30
- - 172.30.1.30
- - 127.0.0.1
- - localhost
- - 10.96.232.136
- - document_name: calico-etcd-aknode31-peer
- common_name: calico-etcd-aknode31-peer
- hosts:
- - aknode31
- - 192.168.2.31
- - 172.29.1.31
- - 172.30.1.31
- - 127.0.0.1
- - localhost
- - 10.96.232.136
- - document_name: calico-etcd-aknode32-peer
- common_name: calico-etcd-aknode32-peer
- hosts:
- - aknode32
- - 192.168.2.32
- - 172.29.1.32
- - 172.30.1.32
- - 127.0.0.1
- - localhost
- - 10.96.232.136
- - document_name: calico-node-peer
- common_name: calcico-node-peer
- keypairs:
- - name: service-account
- description: Service account signing key for use by Kubernetes controller-manager.
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: promenade/Genesis/v1
-metadata:
- schema: metadata/Document/v1
- name: genesis-site
- layeringDefinition:
- abstract: false
- layer: site
- parentSelector:
- name: genesis-global
- actions:
- - method: replace
- path: .labels.dynamic
- - method: merge
- path: .
- storagePolicy: cleartext
-data:
- labels:
- dynamic:
- - beta.kubernetes.io/fluentd-ds-ready=true
- - calico-etcd=enabled
- - ceph-mds=enabled
- - ceph-mon=enabled
- - ceph-osd=enabled
- - ceph-rgw=enabled
- - ceph-mgr=enabled
- - kube-dns=enabled
- - kube-ingress=enabled
- - kubernetes-apiserver=enabled
- - kubernetes-controller-manager=enabled
- - kubernetes-etcd=enabled
- - kubernetes-scheduler=enabled
- - promenade-genesis=enabled
- - ucp-control-plane=enabled
- - maas-control-plane=enabled
- - ceph-osd-bootstrap=enabled
- - openstack-libvirt=kernel
- - openvswitch=enabled
- - openstack-control-plane=enabled
- - openstack-nova-compute=enabled
- - sriov=enabled
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: 'drydock/HardwareProfile/v1'
-metadata:
- schema: 'metadata/Document/v1'
- name: DELL_HP_Generic
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data:
- vendor: HP
- generation: '10'
- hw_version: '3'
- bios_version: '2.8'
- boot_mode: bios
- bootstrap_protocol: pxe
- pxe_interface: 0
- device_aliases: {}
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: drydock/HostProfile/v1
-metadata:
- schema: metadata/Document/v1
- name: ComputePlane
- storagePolicy: cleartext
- labels:
- hosttype: ComputePlane
- layeringDefinition:
- abstract: false
- layer: site
- substitutions:
- - dest:
- path: .oob.credential
- src:
- schema: deckhand/Passphrase/v1
- name: ipmi_admin_password
- path: .
-data:
- hardware_profile: DELL_HP_Generic
- oob:
- type: 'ipmi'
- network: 'oob'
- account: 'Administrator'
- primary_network: 'oam'
- hardware_profile: DELL_HP_Generic
- interfaces:
- pxe:
- device_link: pxe
- slaves:
- - 'eno1'
- networks:
- - 'pxe'
- bond0:
- device_link: bond0
- slaves:
- - 'ens3f0'
- - 'ens3f1'
- networks:
- - 'oam'
- - 'storage'
- - 'overlay'
- - 'calico'
- p1p1:
- slaves:
- - 'sriov_nic01'
- sriov:
- vf_count: 32 # Currently ignored
- trustedmode: false
- p3p2:
- slaves:
- - 'sriov_nic02'
- sriov:
- vf_count: 32 # Currently ignored
- trustedmode: false
- storage:
- physical_devices:
- sdj:
- labels:
- bootdrive: 'true'
- partitions:
- - name: 'root'
- size: '20g'
- filesystem:
- mountpoint: '/'
- fstype: 'ext4'
- mount_options: 'defaults'
- - name: 'boot'
- size: '1g'
- filesystem:
- mountpoint: '/boot'
- fstype: 'ext4'
- mount_options: 'defaults'
- - name: 'var'
- size: '>300g'
- filesystem:
- mountpoint: '/var'
- fstype: 'ext4'
- mount_options: 'defaults'
- sdk:
- partitions:
- - name: 'nova'
- size: '99%'
- filesystem:
- mountpoint: '/var/lib/nova'
- fstype: 'ext4'
- mount_options: 'defaults'
- platform:
- image: 'xenial'
- kernel: 'hwe-16.04'
- kernel_params:
- console: 'ttyS1,115200n8'
- intel_iommu: 'on'
- iommu: 'pt'
- amd_iommu: 'on'
- transparent_hugepage: 'never'
- hugepagesz: 'hardwareprofile:hugepages.dpdk.size'
- hugepages: 'hardwareprofile:hugepages.dpdk.count'
- default_hugepagesz: 'hardwareprofile:hugepages.dpdk.size'
- isolcpus: 'hardwareprofile:cpuset.kvm'
- metadata:
- owner_data:
- openstack-nova-compute: enabled
- openvswitch: enabled
- openstack-libvirt: kernel
- sriov: enabled
- beta.kubernetes.io/fluentd-ds-ready: 'true'
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: drydock/HostProfile/v1
-metadata:
- schema: metadata/Document/v1
- name: ControlPlane
- storagePolicy: cleartext
- labels:
- hosttype: ControlPlane
- layeringDefinition:
- abstract: false
- layer: site
- substitutions:
- - dest:
- path: .oob.credential
- src:
- schema: deckhand/Passphrase/v1
- name: ipmi_admin_password
- path: .
-data:
- oob:
- type: 'ipmi'
- network: 'oob'
- account: 'Administrator'
- primary_network: 'oam'
- hardware_profile: DELL_HP_Generic
- interfaces:
- pxe:
- device_link: pxe
- slaves:
- - 'eno1'
- networks:
- - 'pxe'
- bond0:
- device_link: bond0
- slaves:
- - 'ens3f0'
- - 'ens3f1'
- networks:
- - 'oam'
- - 'storage'
- - 'overlay'
- - 'calico'
- p1p1:
- slaves:
- - 'sriov_nic01'
- sriov:
- vf_count: 32 # Currently ignored
- trustedmode: false
- p3p2:
- slaves:
- - 'sriov_nic02'
- sriov:
- vf_count: 32 # Currently ignored
- trustedmode: false
- storage:
- physical_devices:
- sdj:
- labels:
- bootdrive: 'true'
- partitions:
- - name: 'root'
- size: '20g'
- filesystem:
- mountpoint: '/'
- fstype: 'ext4'
- mount_options: 'defaults'
- - name: 'boot'
- size: '1g'
- filesystem:
- mountpoint: '/boot'
- fstype: 'ext4'
- mount_options: 'defaults'
- - name: 'var'
- size: '>300g'
- filesystem:
- mountpoint: '/var'
- fstype: 'ext4'
- mount_options: 'defaults'
- sdk:
- partitions:
- - name: 'cephj'
- size: '300g'
- filesystem:
- mountpoint: '/var/lib/ceph/journal'
- fstype: 'ext4'
- mount_options: 'defaults'
- platform:
- image: 'xenial'
- kernel: 'hwe-16.04'
- kernel_params:
- console: 'ttyS1,115200n8'
- intel_iommu: 'on'
- iommu: 'pt'
- amd_iommu: 'on'
- transparent_hugepage: 'never'
- hugepagesz: 'hardwareprofile:hugepages.dpdk.size'
- hugepages: 'hardwareprofile:hugepages.dpdk.count'
- default_hugepagesz: 'hardwareprofile:hugepages.dpdk.size'
- isolcpus: 'hardwareprofile:cpuset.kvm'
- metadata:
- owner_data:
- control-plane: enabled
- ucp-control-plane: enabled
- openstack-control-plane: enabled
- openstack-heat: enabled
- openstack-keystone: enabled
- openstack-rabbitmq: enabled
- openstack-dns-helper: enabled
- openstack-mariadb: enabled
- openstack-nova-control: enabled
- openstack-etcd: enabled
- openstack-mistral: enabled
- openstack-memcached: enabled
- openstack-glance: enabled
- openstack-horizon: enabled
- openstack-cinder-control: enabled
- openstack-cinder-volume: control
- openstack-neutron: enabled
- openstack-libvirt: kernel
- openvswitch: enabled
- openstack-nova-compute: enabled
- ucp-barbican: enabled
- ceph-bootstrap: enabled
- ceph-mon: enabled
- ceph-mgr: enabled
- ceph-osd: enabled
- ceph-mds: enabled
- ceph-rgw: enabled
- ucp-maas: enabled
- kube-dns: enabled
- kubernetes-apiserver: enabled
- kubernetes-controller-manager: enabled
- kubernetes-etcd: enabled
- kubernetes-scheduler: enabled
- tiller-helm: enabled
- kube-etcd: enabled
- calico-policy: enabled
- calico-node: enabled
- calico-etcd: enabled
- ucp-armada: enabled
- ucp-drydock: enabled
- ucp-deckhand: enabled
- ucp-shipyard: enabled
- IAM: enabled
- ucp-promenade: enabled
- prometheus-server: enabled
- prometheus-client: enabled
- fluentd: enabled
- influxdb: enabled
- kibana: enabled
- elasticsearch-client: enabled
- elasticsearch-master: enabled
- elasticsearch-data: enabled
- postgresql: enabled
- kube-ingress: enabled
- sriov: enabled
- beta.kubernetes.io/fluentd-ds-ready: 'true'
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: 'drydock/Region/v1'
-metadata:
- schema: 'metadata/Document/v1'
- name: hpgen10
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
- substitutions:
- - dest:
- path: .authorized_keys[0]
- src:
- schema: deckhand/PublicKey/v1
- name: localadmin_ssh_public_key
- path: .
-data:
- tag_definitions: []
- authorized_keys: []
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-# self-signed certifacte generated based on
-# https://libvirt.org/remote.html#Remote_certificates
-metadata:
- layeringDefinition:
- abstract: false
- layer: site
- name: ingress-crt
- schema: metadata/Document/v1
- storagePolicy: cleartext
-schema: deckhand/Certificate/v1
-data: |
- -----BEGIN CERTIFICATE-----
- MIIFKzCCA5OgAwIBAgIMW2h6FCcFdKeaw3vnMA0GCSqGSIb3DQEBCwUAMBIxEDAO
- BgNVBAMTB0FpcnNoaXAwHhcNMTgwODA2MTY0MDUyWhcNMTkwODA2MTY0MDUyWjBJ
- MTUwMwYDVQQDEyxpbmdyZXNzLmFpcnNoaXAtc2Vhd29ydGh5LmF0bGFudGFmb3Vu
- ZHJ5LmNvbTEQMA4GA1UEChMHQWlyc2hpcDCCAaIwDQYJKoZIhvcNAQEBBQADggGP
- ADCCAYoCggGBALvNHm/G/ylh6aPcvrhOcb4qz1BjcNtnxH8bzZng/rMeX3W2AzjC
- r2JloJcDvOLBp/TkLOZPImnFW2/GCwktxPgXZuBTPzFV50g77KsPFw0fn3Si7+bs
- F22tLhdOGk6MQj/WW4pKGHqdw1/VbPwOHBT+I4/scR1L2SZxYtSFIKGenHJH+PMV
- bCdwnNOR80F8KRzK5iZs/r6S/QqVheieARSWWnk2+TtkM1BloGOhLSd+ZkWh9VO1
- eOnZowkaDAJwD/G6zoSr5n+beaXzDnEcoVXFSwd4FLoV+om77o92XmZ4rVw0vTMO
- k6jVwmkdT+dM2K2hLUG/TXWoV2/Qms70gzDOs85RtAkTPe4Ohtdpr51Q0hd35TKG
- YLKzX/OPblD68iYJYSBvMPpAVTbFYVPW1AQx8wWfannYbMoeL8XTEOKfkqm90YP9
- EhIdtmw4D7GZxlzG5FXXutmT9sqLfqlRu/RynAhBP8NQvw74WumhOe8r7GhCwgzC
- gaPLGjeekoS6LQIDAQABo4IBSDCCAUQwDAYDVR0TAQH/BAIwADCBzQYDVR0RBIHF
- MIHCgixpbmdyZXNzLmFpcnNoaXAtc2Vhd29ydGh5LmF0bGFudGFmb3VuZHJ5LmNv
- bYIta2V5c3RvbmUuYWlyc2hpcC1zZWF3b3J0aHkuYXRsYW50YWZvdW5kcnkuY29t
- gilub3ZhLmFpcnNoaXAtc2Vhd29ydGh5LmF0bGFudGFmb3VuZHJ5LmNvbYIsaG9y
- aXpvbi5haXJzaGlwLXNlYXdvcnRoeS5hdGxhbnRhZm91bmRyeS5jb22HBAoXFQuH
- BAoXFgswEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0PAQH/BAUDAwegADAdBgNV
- HQ4EFgQUfTAjNgn/1U1Uh1MJDYT2m4dzhsYwHwYDVR0jBBgwFoAUJFuXPZo6RzfE
- BlJjnnk5jhcP4wIwDQYJKoZIhvcNAQELBQADggGBAE2ISWmrxqrledJI3aLaS9Yw
- WsZc8O8CnIyLoxrE85vUubFjuI9ixC/6dJxl2iB1n0H8JgmFREox32Q4+kDJI8V/
- X9x0PFpRzL7QEPrLZhW94Yis3sOphLW0rf0t06ZepdHHeodYJu1pVMDmLq6bKXdX
- vo+/WwKnZBXC1qPbXJByv/CN9MtViXOnBGORFRTJPb6U8379LNWclJ/LW12yTwNk
- JGIbZU61Vxu+2nLIabmmRoODH2jomgMOMMzLgjT3Hvw3whe8GrUoxDiPYQVTDGNm
- ly6m+5B1Nx06fkZazonozeaOhSQ7RblUSbo+w8TJmLRzD9ft7p4vpjBGxRADMcuF
- DOjATgdZeisBUHTGEO0P6wJOBQuCFMX9AVl+u8ZpcuRaRaN+pBE6/BqcHBB6qV/N
- w2DdNtP8BrJ3kJVNEDIo5oTbH5SToxgA4hWBV42M1rB+5vIMDKN3rwVDdNKWYhYc
- VZpU3V9V6JzSW1O2w4Wu9PdbWJD9oSvC0qJgnjOXzg==
- -----END CERTIFICATE-----
-...
----
-metadata:
- layeringDefinition:
- abstract: false
- layer: site
- name: ingress-ca
- schema: metadata/Document/v1
- storagePolicy: cleartext
-schema: deckhand/CertificateAuthority/v1
-data: |
- -----BEGIN CERTIFICATE-----
- MIID7TCCAlWgAwIBAgIMW2h3tgSwie0Ypx8eMA0GCSqGSIb3DQEBCwUAMBIxEDAO
- BgNVBAMTB0FpcnNoaXAwHhcNMTgwODA2MTYzMDQ2WhcNMTkwODA2MTYzMDQ2WjAS
- MRAwDgYDVQQDEwdBaXJzaGlwMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKC
- AYEAny0Nqu9U2tXdCCTNzD2T62htMmBLg3CmzWajfbfFl7ALqzo3HgbbY3PxTHDE
- OJ/lwdm0HkEaGfEDXhJd06WZsa8+fKGqhKXvZXwXx5mJ8LCGxz6xiaxwo9lnKe6V
- o3YX7bJ5YIVxQ2jhvZo+dY8Z/buloi2Tp2HbqTejKULH9+qdiQTDXAnyR0NLqzJ0
- YQ4v4yU3zix3nBi8z29lQekGO9quNEka3nw2n0Gxmq5z1bNALGCF5F759mVkB0uT
- fPGF+zm9eqlqAgduYg7R+JYUumVHvIoRY454GtAdZHTJHJZP0gQSGJsLff8ROFpI
- GVYsOZhJXU9Ihc5VBC5PMErbmCn0YkuxAWNOYBstZ8l+uY6YiPoFV5Ulc/8M0If+
- T6jbqzWoFC+4ysgY95RKOw53S4o/T6AFwiIKIw0xp3UfHCf6kr5Y0+XdDn5CXpJB
- d1KK3PoUWzPSsxcUMXvgKWT4x1vsCId21dn1SmVSOEBhM08VZfjd5bvL9Xjt/E0j
- mUqDAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcEADAd
- BgNVHQ4EFgQUJFuXPZo6RzfEBlJjnnk5jhcP4wIwDQYJKoZIhvcNAQELBQADggGB
- AJaoEtnDoWUUs4nSSqIGcoCfpIO0oqVp8DvkBOcxz5Rz8vMVJSC24/UnuCD2Wknx
- 2V/E3edXIeRo7duhPtNCT7c8OKY/pJsZQTgOczn4rphoD1pmAIPZmpG6ssPadPiM
- EP8xWJHZt8NXG7D5kJX2COvBvgNeWXL6MF7Tv8+t5xzt59Vitdb/7lm9Z6jjpvN+
- zoG0pKx3XYESsnLAVAf00F+kWwds/3x3gQywUAQUDER0jliYUE5id+sojp357Cl9
- XtY+8zSnTduuP8CfMhwv5p6j9xbqacfT7AzpQ6cy4xcQ7MA6JBQcxbaq4NtvIf6+
- d/5N9d8LGnfXdCd9iwNy9Qk23Ea0SNhnk9F/NqGBPakU4TbHh4iTYMC/+hDGInpO
- TIRelTidNBFNaIBg3Z0vsh0lDwbt/xhpXip+ZVBqKMTtktEceiVGru9cYUQA2tKI
- XNoc5s0uQGMpdFzgED4lXZf+n7yGVMKohvi7Yn96HqujGIrVH6qThsI6m7pUSz40
- +g==
- -----END CERTIFICATE-----
-...
----
-metadata:
- layeringDefinition:
- abstract: false
- layer: site
- name: ingress-key
- schema: metadata/Document/v1
- storagePolicy: cleartext
-schema: deckhand/CertificateKey/v1
-data: |
- -----BEGIN RSA PRIVATE KEY-----
- MIIG4wIBAAKCAYEAu80eb8b/KWHpo9y+uE5xvirPUGNw22fEfxvNmeD+sx5fdbYD
- OMKvYmWglwO84sGn9OQs5k8iacVbb8YLCS3E+Bdm4FM/MVXnSDvsqw8XDR+fdKLv
- 5uwXba0uF04aToxCP9ZbikoYep3DX9Vs/A4cFP4jj+xxHUvZJnFi1IUgoZ6cckf4
- 8xVsJ3Cc05HzQXwpHMrmJmz+vpL9CpWF6J4BFJZaeTb5O2QzUGWgY6EtJ35mRaH1
- U7V46dmjCRoMAnAP8brOhKvmf5t5pfMOcRyhVcVLB3gUuhX6ibvuj3ZeZnitXDS9
- Mw6TqNXCaR1P50zYraEtQb9NdahXb9CazvSDMM6zzlG0CRM97g6G12mvnVDSF3fl
- MoZgsrNf849uUPryJglhIG8w+kBVNsVhU9bUBDHzBZ9qedhsyh4vxdMQ4p+Sqb3R
- g/0SEh22bDgPsZnGXMbkVde62ZP2yot+qVG79HKcCEE/w1C/Dvha6aE57yvsaELC
- DMKBo8saN56ShLotAgMBAAECggGAYzZDhA1+sx/0zApL/xYB5NK83t0Ju/8fwX6w
- qUBBjeLXz1mubgf7m2HQ6ragzLI9xpPcXHcl2PbYDT50ig7R5baHNK8FzUxyeKif
- qOa56Mbx+C4zyqyi2+AHX2x1XVWfkhXuGip2sCA0HKalgqr5juWLZ/ci8rUlLLft
- 3BPQX1FpmL4I+HIyxsspLmQGPGwZVAqkd1xRX+BLKZJAQdlm/LdJaIvwMr4Glcx6
- ZOe68QhHgzXCYsyV6gR9qstF2OvVuLa2mUc7EzYInFIFhXUdAAwmDqkuuLRdRQhf
- Ur8nqQW33T0cG0GBUzgBI5YmSPJvTSzcPmeSyNVx2/Yb0pkuXtCw67oDcAsN4nW8
- uls49E2RaiLJYsy5vPsX5aJNcAxw/CWLdadQ3ukviD/MDJbpTl4F52GOVYL6K4XH
- g5TJjj7xzjmK3ldR/Kscg7HpCitQLGUYdgIsAFdspXf4aSIa68IjDrc5NsJZuMzc
- PbVHrw7QYNfHY7VNdUlOVqH5lS3BAoHBANRqKrQXtnJmM006TCEJXdcN/5M685jz
- +L4Ox0Rhrq8ROgcN5q/hjKb6kP/MccQ9voGQOl9TKEyinGNdTtyc/fuH7RNlQwpS
- HT+vEzVEcrSe8UFs8c6oJnHFO72ylFcibFf56LvbI3L8BZXp7gPSPQkp5f1NWEZk
- X5bUL4UNiOm0diltba/ofxywF0M9WGD00eqi0Q29JRlvun+355j06CENxRoonNZC
- wk1evIxhhckP9zLjI2Ykb1hV6yzwPWtmyQKBwQDiVgru/B396KhzDhLl5AL+pBWA
- GsfiCbmPLh6W6V5VzldB4+GlMRrJ4zSjZQ3/nvX5KepqjMn1N6LQpZQUI/YShCKE
- mW0XMiAfbp2d23MRMjLD8L/bIoBHQOPkCaMjbmyDOlCagWakEvHJO/TieVgTmYk6
- mtEYVjJFWI9OCNMAHdl8ovWr3p+8YbVZ8LLv5ZO/V1cIjczoNQ6p8LG/pPMTDLXM
- ScN9a8z3f8LQLBHBlu0155xvt95PQLAon/x21kUCgcAvPVk36hoiQQZhw3hQ1JNx
- E2TmanLobkHAiurYE11VA+DC1t2Z+fBc5la+/MnEWfL3P4srzgOlX3imRIcYWzXE
- 7crUyG1ray2kDxyXeRyFfN+srDzut8is/q81lfSVmEs+GY8f0DGHDfN0Dq1nXidC
- 1XWXqs7aANKdaZ0T2xm61+57ciG1wGAckjDqPEdecLQKmaEijBEnIgj5BH5WLwk8
- 6KIQGj4fDIPHzyzhj4LAX3ObdpZVzf6RR7JgsSEHtLkCgcBROW2dDC87MqZY++D+
- TVBhz8LDgVjgHntQDc3+fGtVQcKAq+YLYU7qyrXWOWrHpGVDcK5mZHYJoVi1peY5
- QBqL1I2KpoDGxT9P6GN6BgoKTsh3FsvTOVNtvrTJ3keEbJlWkrPgbrXGBeJtRC4C
- pGdeSUg9FtgY8r4BsuFisLoAHbYyC008y5zpfusVBtNAUlQuY4qhUDoLzxafF/jB
- /NEasgH/+SzFss0QuPHRwS7yGVaxdJfoY8TNDjrpqVhx0T0CgcEAvKG4UoWvT8gJ
- pIeeAxxnv9yrMxgpntu4RXPDHgfX5tva6EaM3r3nLXjd9FVtlQ4cNBMhp9HNhS3a
- dK+oEDcBysVxxfltlS2Bx0+gQf3WxgBCJwayKe3i/XCDza92EENgxTPmqB1LHiq5
- 2b5aOl2Y5fP0eX6UryxRc443c/ejMHw4lGwnno0qpRk9M9Ucqv5J96QCfAlBSQQS
- gOG9cypL0kBWzCejn9W4av8HkM8Noqd7Tqul1onv/46OBaX51kt3
- -----END RSA PRIVATE KEY-----
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: ceph_fsid
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 3e2a3755-863a-423b-bf19-e8b5bf7f3d95
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: ceph_swift_keystone_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 610becbb8563c2d7abb2
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: maas-region-key
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 3858f62230ac3c915f300c664312c63f
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_barbican_oslo_db_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: d992b45a48a3bf2698bc
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_barbican_oslo_messaging_admin_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: c01c594967dfd4024121
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_barbican_oslo_messaging_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 7451bf1643ee73782da9
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_barbican_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: ec1a97a83907f193a717
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_barbican_rabbitmq_erlang_cookie
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 634c104df082faf67332
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_cinder_oslo_db_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 4be86cd9e1e9fc3f7dc5
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_cinder_oslo_messaging_admin_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 8d143e5fb4b4dac3768c
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_cinder_oslo_messaging_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: ac0217906c77ee117000
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_cinder_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 4dca0954fba72f359566
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_cinder_rabbitmq_erlang_cookie
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: f3bda8af291469d2240d
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_glance_oslo_db_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 153a394cfd01623987a7
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_glance_oslo_messaging_admin_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 2c3fcccd6597903cb67c
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_glance_oslo_messaging_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 597a366bd4f86f2d7070
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_glance_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: bf7662ee82349d8ce8a2
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_glance_rabbitmq_erlang_cookie
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 245f4c5f7ca0d06e8416
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_heat_oslo_db_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 6d5cbe4e78499e7ea1be
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_heat_oslo_messaging_admin_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 0fb3767e5bd60737c3ce
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_heat_oslo_messaging_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 2f986c8b860f5e2e6e67
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_heat_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 444f3082037eb9921782
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_heat_rabbitmq_erlang_cookie
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 7a525e66176fd10c317a
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_heat_stack_user_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 3cfcdb863f68ec896735
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_heat_trustee_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 6b1727c22c773c902647
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_horizon_oslo_db_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 97456d11a2389e0a68b9
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_infra_addons_jenkins_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 0ca991324505e13f7a77
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_infra_elasticsearch_admin_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: b12f1e35c6951455d62d
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_infra_grafana_admin_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 573a60b9ca0e5639f86b
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_infra_grafana_oslo_db_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 6e9a3a90bdac0988b850
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_infra_grafana_oslo_db_session_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: e59fde1e4e2ca04a0e6d
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_infra_kibana_admin_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: c3d955527901302d2c10
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_infra_nagios_admin_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: cc78bc60e26c2f5a28fa
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_infra_openstack_exporter_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: d5f5133765b1ab430e85
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_infra_oslo_db_admin_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: f6a5b5fe9e6eb437c207
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_keystone_admin_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: a3df1a9771d9f0480bb2
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_keystone_ldap_mechid_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 5aacc198d8a1edeff4a8
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_keystone_ldap_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 5aacc198d8a1edeff4a8
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_keystone_oslo_db_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 57cfda14a8ec656b9ccf
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_keystone_oslo_messaging_admin_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: c7e2ef5bfab729b9cdf1
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_keystone_oslo_messaging_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: a00052e05aa7e1b704bc
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_keystone_rabbitmq_erlang_cookie
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 7388108f67be16a4f252
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_neutron_oslo_db_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 5496c4a52d6223a1bc6c
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_neutron_oslo_messaging_admin_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 4eaff3effbc9a1b5ddc3
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_neutron_oslo_messaging_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 10a9e6ad21ef9f43173c
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_neutron_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 9bb23c5d7181eabc52f7
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_neutron_rabbitmq_erlang_cookie
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: afa9d3d0af33dcc3ca57
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_nova_oslo_db_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: a1b32d78a4e4deee451a
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_nova_oslo_messaging_admin_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: c450b0c73cafa654e144
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_nova_oslo_messaging_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 173ec39e9f950f86ae24
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_nova_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: a48fdaacf7bd05f7c3ff
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_nova_rabbitmq_erlang_cookie
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 410fe4f619b2cc8c417b
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_oslo_cache_secret_key
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 083d87906595da201c0b
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_oslo_db_admin_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 3affb82b52f975a256a8
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_placement_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: c8d291a1a4dfa9fd41e0
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: ucp_airflow_postgres_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 2b2e4c8018c2b4ae511f
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: ucp_armada_keystone_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 1263859ed8265dac6feb
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: ucp_barbican_keystone_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 138611c0102dc397da43
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: ucp_barbican_oslo_db_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 9915552068ae3e3dc2e2
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: ucp_deckhand_keystone_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 05f4bbbb3be35cc9b1ac
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: ucp_deckhand_postgres_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 3f4f1368325e1d492ee0
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: ucp_drydock_keystone_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 40cdf9c49bd6c7e66bc8
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: ucp_drydock_postgres_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 4c771ed9d38d38f4d939
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: ucp_keystone_admin_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: e170ddbdf99b022ae1fd
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: ucp_keystone_oslo_db_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 276a90de2bf3be8d1df8
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: ucp_maas_admin_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 825958a1a47ccba33b2a
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: ucp_maas_postgres_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: f3401297fd1b8e4b6df4
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: ucp_oslo_db_admin_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 045d835905deff7c4ed9
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: ucp_oslo_messaging_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 8744bd7b9d14fa037451
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: ucp_postgres_admin_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: a7330557eea3ce512402
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: ucp_promenade_keystone_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 4533ad6a479120ef4710
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: ucp_rabbitmq_erlang_cookie
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 541fe3ba1c65bd553e9a
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: ucp_shipyard_keystone_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: 86db58e20de93ef55477
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: ucp_shipyard_postgres_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: d1fcd313bdc5fe69464b
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: deckhand/PublicKey/v1
-metadata:
- schema: metadata/Document/v1
- name: localadmin_ssh_public_key
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC/n4mNLAj3XKG2fcm+8eVe0NUlNH0g8DA8KJ53rSLKccm8gm4UgLmGOJyBfUloQZMuOpU6a+hexN4ECCliqI7+KUmgJgsvLkJ3OUMNTEVu9tDX5mdXeffsufaqFkAdmbJ/9PMPiPQ3/UqbbtyEcqoZAwUWf4ggAWSp00SGE1Okg+skPSbDzPVHb4810eXZT1yoIg29HAenJNNrsVxvnMT2kw2OYmLfxgEUh1Ev4c5LnUog4GXBDHQtHAwaIoTu9s/q8VIvGav62RJVFn3U1D0jkiwDLSIFn8ezORQ4YkSidwdSrtqsqa2TJ0E5w/n5h5IVGO9neY8YlXrgynLd4Y+7 root@pocnjrsv132
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: pegleg/SiteDefinition/v1
-metadata:
- schema: metadata/Document/v1
- layeringDefinition:
- abstract: false
- layer: site
- name: hpgen10
- storagePolicy: cleartext
-data:
- revision: v4.0
- site_type: foundry
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: armada/Chart/v1
-metadata:
- schema: metadata/Document/v1
- replacement: true
- name: kubernetes-calico
- layeringDefinition:
- abstract: false
- layer: site
- parentSelector:
- name: kubernetes-calico-global
- actions:
- - method: merge
- path: .
- storagePolicy: cleartext
-data:
- values:
- networking:
- settings:
- mesh: "off"
- ippool:
- ipip:
- enabled: "false"
- mode: "cross-subnet"
- bgp:
- asnumber: 65531
- ipv4:
- additional_cidrs:
- - 172.29.1.136/29
- peers:
- - apiVersion: v1
- kind: bgpPeer
- metadata:
- peerIP: 172.29.1.1
- scope: global
- spec:
- asnumber: 65001
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: armada/Chart/v1
-metadata:
- schema: metadata/Document/v1
- name: kubernetes-calico-etcd
- layeringDefinition:
- abstract: false
- layer: site
- parentSelector:
- name: kubernetes-calico-etcd-global
- actions:
- - method: merge
- path: .
- storagePolicy: cleartext
- substitutions:
-
- # Chart source
- - src:
- schema: pegleg/SoftwareVersions/v1
- name: software-versions
- path: .charts.kubernetes.calico.etcd
- dest:
- path: .source
-
- # Image versions
- - src:
- schema: pegleg/SoftwareVersions/v1
- name: software-versions
- path: .images.calico.etcd
- dest:
- path: .values.images.tags
-
- # IP addresses
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .calico.etcd.service_ip
- dest:
- path: .values.service.ip
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .calico.etcd.service_ip
- dest:
- path: .values.anchor.etcdctl_endpoint
-
- # CAs
- - src:
- schema: deckhand/CertificateAuthority/v1
- name: calico-etcd
- path: .
- dest:
- path: .values.secrets.tls.client.ca
- - src:
- schema: deckhand/CertificateAuthority/v1
- name: calico-etcd-peer
- path: .
- dest:
- path: .values.secrets.tls.peer.ca
-
- # Anchor client cert
- - src:
- schema: deckhand/Certificate/v1
- name: calico-etcd-anchor
- path: .
- dest:
- path: .values.secrets.anchor.tls.cert
- - src:
- schema: deckhand/CertificateKey/v1
- name: calico-etcd-anchor
- path: .
- dest:
- path: .values.secrets.anchor.tls.key
-
- # Node names
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .masters[0].hostname
- dest:
- path: .values.nodes[0].name
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .masters[1].hostname
- dest:
- path: .values.nodes[1].name
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .genesis.hostname
- dest:
- path: .values.nodes[2].name
-
- # Server certs
- - src:
- schema: deckhand/Certificate/v1
- name: calico-etcd-aknode31
- path: .
- dest:
- path: .values.nodes[0].tls.client.cert
- - src:
- schema: deckhand/CertificateKey/v1
- name: calico-etcd-aknode31
- path: .
- dest:
- path: .values.nodes[0].tls.client.key
- - src:
- schema: deckhand/Certificate/v1
- name: calico-etcd-aknode31-peer
- path: .
- dest:
- path: .values.nodes[0].tls.peer.cert
- - src:
- schema: deckhand/CertificateKey/v1
- name: calico-etcd-aknode31-peer
- path: .
- dest:
- path: .values.nodes[0].tls.peer.key
- - src:
- schema: deckhand/Certificate/v1
- name: calico-etcd-aknode32
- path: .
- dest:
- path: .values.nodes[1].tls.client.cert
- - src:
- schema: deckhand/CertificateKey/v1
- name: calico-etcd-aknode32
- path: .
- dest:
- path: .values.nodes[1].tls.client.key
- - src:
- schema: deckhand/Certificate/v1
- name: calico-etcd-aknode32-peer
- path: .
- dest:
- path: .values.nodes[1].tls.peer.cert
- - src:
- schema: deckhand/CertificateKey/v1
- name: calico-etcd-aknode32-peer
- path: .
- dest:
- path: .values.nodes[1].tls.peer.key
-
- # NOTE(mb874d): Be sure we generate these certs for genesis.
- - src:
- schema: deckhand/Certificate/v1
- name: calico-etcd-aknode30
- path: .
- dest:
- path: .values.nodes[2].tls.client.cert
- - src:
- schema: deckhand/CertificateKey/v1
- name: calico-etcd-aknode30
- path: .
- dest:
- path: .values.nodes[2].tls.client.key
- - src:
- schema: deckhand/Certificate/v1
- name: calico-etcd-aknode30-peer
- path: .
- dest:
- path: .values.nodes[2].tls.peer.cert
- - src:
- schema: deckhand/CertificateKey/v1
- name: calico-etcd-aknode30-peer
- path: .
- dest:
- path: .values.nodes[2].tls.peer.key
-
-data:
- values:
- manifests:
- test_etcd_health: false
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: armada/Chart/v1
-metadata:
- schema: metadata/Document/v1
- name: coredns
- replacement: true
- layeringDefinition:
- abstract: false
- layer: site
- parentSelector:
- name: coredns-global
- actions:
- - method: replace
- path: .values.conf.coredns.corefile
- - method: merge
- path: .
- storagePolicy: cleartext
- substitutions:
- # Zones
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .dns.cluster_domain
- dest:
- path: .values.conf.coredns.corefile
- pattern: '(CLUSTER_DOMAIN)'
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .kubernetes.service_cidr
- dest:
- path: .values.conf.coredns.corefile
- pattern: '(SERVICE_CIDR)'
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .kubernetes.pod_cidr
- dest:
- path: .values.conf.coredns.corefile
- pattern: '(POD_CIDR)'
-
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .dns.upstream_servers[0]
- dest:
- path: .values.conf.coredns.corefile
- pattern: '(UPSTREAM1)'
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .dns.upstream_servers[1]
- dest:
- path: .values.conf.coredns.corefile
- pattern: '(UPSTREAM2)'
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .dns.upstream_servers[2]
- dest:
- path: .values.conf.coredns.corefile
- pattern: '(UPSTREAM3)'
-data:
- values:
- conf:
- coredns:
- # TODO(alanmeadows) this needs to be adjusted to use substition
- corefile: |
- .:53 {
- errors
- health
- autopath @kubernetes
- kubernetes CLUSTER_DOMAIN SERVICE_CIDR POD_CIDR {
- pods insecure
- fallthrough in-addr.arpa ip6.arpa
- upstream UPSTREAM1
- upstream UPSTREAM2
- upstream UPSTREAM3
- }
- prometheus :9153
- proxy . UPSTREAM1
- proxy . UPSTREAM2
- proxy . UPSTREAM3
- cache 30
- }
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: armada/Chart/v1
-metadata:
- schema: metadata/Document/v1
- name: kubernetes-etcd
- layeringDefinition:
- abstract: false
- layer: site
- parentSelector:
- name: kubernetes-etcd-global
- actions:
- - method: merge
- path: .
- storagePolicy: cleartext
- substitutions:
-
- # Chart source
- - src:
- schema: pegleg/SoftwareVersions/v1
- name: software-versions
- path: .charts.kubernetes.etcd
- dest:
- path: .source
-
- # Images
- - src:
- schema: pegleg/SoftwareVersions/v1
- name: software-versions
- path: .images.kubernetes.etcd
- dest:
- path: .values.images.tags
-
- # IP addresses
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .kubernetes.etcd_service_ip
- dest:
- path: .values.service.ip
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .kubernetes.etcd_service_ip
- dest:
- path: .values.anchor.etcdctl_endpoint
-
- # CAs
- - src:
- schema: deckhand/CertificateAuthority/v1
- name: kubernetes-etcd
- path: .
- dest:
- path: .values.secrets.tls.client.ca
- - src:
- schema: deckhand/CertificateAuthority/v1
- name: kubernetes-etcd-peer
- path: .
- dest:
- path: .values.secrets.tls.peer.ca
-
- - src:
- schema: deckhand/Certificate/v1
- name: kubernetes-etcd-anchor
- path: .
- dest:
- path: .values.secrets.anchor.tls.cert
- - src:
- schema: deckhand/CertificateKey/v1
- name: kubernetes-etcd-anchor
- path: .
- dest:
- path: .values.secrets.anchor.tls.key
-
- # Node names
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .masters[0].hostname
- dest:
- path: .values.nodes[0].name
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .masters[1].hostname
- dest:
- path: .values.nodes[1].name
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .genesis.hostname
- dest:
- path: .values.nodes[2].name
-
- # Server certs
- - src:
- schema: deckhand/Certificate/v1
- name: kubernetes-etcd-aknode31
- path: .
- dest:
- path: .values.nodes[0].tls.client.cert
- - src:
- schema: deckhand/CertificateKey/v1
- name: kubernetes-etcd-aknode31
- path: .
- dest:
- path: .values.nodes[0].tls.client.key
- - src:
- schema: deckhand/Certificate/v1
- name: kubernetes-etcd-aknode31-peer
- path: .
- dest:
- path: .values.nodes[0].tls.peer.cert
- - src:
- schema: deckhand/CertificateKey/v1
- name: kubernetes-etcd-aknode31-peer
- path: .
- dest:
- path: .values.nodes[0].tls.peer.key
- - src:
- schema: deckhand/Certificate/v1
- name: kubernetes-etcd-aknode32
- path: .
- dest:
- path: .values.nodes[1].tls.client.cert
- - src:
- schema: deckhand/CertificateKey/v1
- name: kubernetes-etcd-aknode32
- path: .
- dest:
- path: .values.nodes[1].tls.client.key
- - src:
- schema: deckhand/Certificate/v1
- name: kubernetes-etcd-aknode32-peer
- path: .
- dest:
- path: .values.nodes[1].tls.peer.cert
- - src:
- schema: deckhand/CertificateKey/v1
- name: kubernetes-etcd-aknode32-peer
- path: .
- dest:
- path: .values.nodes[1].tls.peer.key
-
- # Genesis node
- - src:
- schema: deckhand/Certificate/v1
- name: kubernetes-etcd-genesis
- path: .
- dest:
- path: .values.nodes[2].tls.client.cert
- - src:
- schema: deckhand/CertificateKey/v1
- name: kubernetes-etcd-genesis
- path: .
- dest:
- path: .values.nodes[2].tls.client.key
- - src:
- schema: deckhand/Certificate/v1
- name: kubernetes-etcd-genesis-peer
- path: .
- dest:
- path: .values.nodes[2].tls.peer.cert
- - src:
- schema: deckhand/CertificateKey/v1
- name: kubernetes-etcd-genesis-peer
- path: $
- dest:
- path: .values.nodes[2].tls.peer.key
-
-data: {}
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: armada/Chart/v1
-metadata:
- schema: metadata/Document/v1
- name: ingress-kube-system
- layeringDefinition:
- abstract: false
- layer: site
- parentSelector:
- ingress: kube-system
- actions:
- - method: merge
- path: .
- storagePolicy: cleartext
-data: {}
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: armada/Chart/v1
-metadata:
- schema: metadata/Document/v1
- name: elasticsearch
- layeringDefinition:
- abstract: false
- layer: site
- parentSelector:
- hosttype: elasticsearch-global
- actions:
- - method: merge
- path: .
- storagePolicy: cleartext
-data: {}
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: armada/Chart/v1
-metadata:
- schema: metadata/Document/v1
- name: fluent-logging
- layeringDefinition:
- abstract: false
- layer: site
- parentSelector:
- hosttype: fluent-logging-global
- actions:
- - method: merge
- path: .
- storagePolicy: cleartext
-data: {}
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: armada/Chart/v1
-metadata:
- schema: metadata/Document/v1
- name: neutron
- replacement: true
- labels:
- component: neutron
- layeringDefinition:
- abstract: false
- layer: site
- parentSelector:
- name: neutron-global
- actions:
- - method: merge
- path: .
- storagePolicy: cleartext
-data:
- values:
- labels:
- agent:
- sriov:
- node_selector_key: sriov
- node_selector_value: enabled
- network:
- backend:
- - openvswitch
- - sriov
- interface:
- sriov:
- - device: ens6f0
- num_vfs: 32
- promisc: false
- - device: ens6f1
- num_vfs: 32
- promisc: false
- conf:
- plugins:
- openvswitch_agent:
- ovs:
- bridge_mappings: bond0:br-bond0
- sriov_agent:
- securitygroup:
- firewall_driver: neutron.agent.firewall.NoopFirewallDriver
- sriov_nic:
- exclude_devices: null
- physical_device_mappings: 'sriovnet1:ens6f0,sriovnet2:ens6f1'
- ml2_conf:
- ml2:
- mechanism_drivers: l2population,openvswitch,sriovnicswitch
- ml2_type_vlan:
- network_vlan_ranges: bond0:46:300,sriovnet1:2001:3000,sriovnet2:2001:3000
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: armada/Chart/v1
-metadata:
- schema: metadata/Document/v1
- name: nova
- labels:
- component: nova
- layeringDefinition:
- abstract: false
- layer: site
- parentSelector:
- name: nova-global
- actions:
- - method: merge
- path: .
- storagePolicy: cleartext
-data:
- values:
- network:
- backend:
- - openvswitch
- - sriov
- conf:
- nova:
- filter_scheduler:
- enabled_filters: "RetryFilter, AvailabilityZoneFilter, RamFilter, ComputeFilter, ComputeCapabilitiesFilter, ImagePropertiesFilter, ServerGroupAntiAffinityFilter, ServerGroupAffinityFilter, PciPassthroughFilter, NUMATopologyFilter, DifferentHostFilter, SameHostFilter"
- libvirt:
- virt_type: kvm
- DEFAULT:
- vcpu_pin_set: "4-21,26-43,48-65,72-87"
- vif_plugging_is_fatal: False
- vif_plugging_timeout: 30
- pci:
- alias: '{ "vendor_id":"10de", "product_id":"1db4", "name":"V100", "device_type":"type-PCI" }'
- passthrough_whitelist: '{"vendor_id": "10de", "product_id": "1db4"}'
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: armada/Chart/v1
-metadata:
- schema: metadata/Document/v1
- name: ucp-ceph-client-update
- layeringDefinition:
- abstract: false
- layer: site
- parentSelector:
- name: ucp-ceph-client-update-global
- actions:
- - method: merge
- path: .
- storagePolicy: cleartext
-data:
- values:
- conf:
- pool:
- target:
- osd: 24
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: armada/Chart/v1
-metadata:
- schema: metadata/Document/v1
- name: ucp-ceph-client
- layeringDefinition:
- abstract: false
- layer: site
- parentSelector:
- name: ucp-ceph-client-global
- actions:
- - method: merge
- path: .
- storagePolicy: cleartext
-data:
- values:
- conf:
- pool:
- target:
- osd: 8
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: armada/Chart/v1
-metadata:
- schema: metadata/Document/v1
- name: ucp-ceph-osd
- layeringDefinition:
- abstract: false
- layer: site
- parentSelector:
- name: ucp-ceph-osd-global
- actions:
- - method: replace
- path: .values.conf.storage.osd
- - method: merge
- path: .
- storagePolicy: cleartext
-data:
- values:
- conf:
- storage:
- osd:
- - data:
- type: block-logical
- location: /dev/sdb
- journal:
- type: directory
- location: /var/lib/ceph/journal/journal-sdb
- - data:
- type: block-logical
- location: /dev/sdc
- journal:
- type: directory
- location: /var/lib/ceph/journal/journal-sdc
- - data:
- type: block-logical
- location: /dev/sdd
- journal:
- type: directory
- location: /var/lib/ceph/journal/journal-sdd
- - data:
- type: block-logical
- location: /dev/sde
- journal:
- type: directory
- location: /var/lib/ceph/journal/journal-sde
- - data:
- type: block-logical
- location: /dev/sdf
- journal:
- type: directory
- location: /var/lib/ceph/journal/journal-sdf
- - data:
- type: block-logical
- location: /dev/sdg
- journal:
- type: directory
- location: /var/lib/ceph/journal/journal-sdg
- - data:
- type: block-logical
- location: /dev/sdh
- journal:
- type: directory
- location: /var/lib/ceph/journal/journal-sdh
- - data:
- type: block-logical
- location: /dev/sdi
- journal:
- type: directory
- location: /var/lib/ceph/journal/journal-sdi
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: armada/Chart/v1
-metadata:
- schema: metadata/Document/v1
- name: ucp-divingbell
- layeringDefinition:
- abstract: false
- layer: site
- parentSelector:
- name: ucp-divingbell-global
- actions:
- - method: merge
- path: .
- storagePolicy: cleartext
- substitutions:
- - dest:
- path: .values.conf.uamlite.users[0].user_sshkeys[0]
- src:
- schema: deckhand/PublicKey/v1
- name: localadmin_ssh_public_key
- path: .
-
-data:
- values:
- conf:
- uamlite:
- users:
- - user_name: localadmin
- user_sudo: true
- user_sshkeys: []
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: armada/Chart/v1
-metadata:
- schema: metadata/Document/v1
- name: ucp-maas
- layeringDefinition:
- abstract: false
- layer: site
- parentSelector:
- name: ucp-maas-global
- actions:
- - method: replace
- path: .values.conf.maas.proxy
- - method: merge
- path: .
- storagePolicy: cleartext
-data:
- values:
- conf:
- maas:
- ntp:
- disable_ntpd_region: true
- disable_ntpd_rack: true
- images:
- default_os: 'ubuntu'
- default_image: 'xenial'
- default_kernel: 'hwe-16.04'
- proxy:
- proxy_enabled: 'false'
- peer_proxy_enabled: false
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: armada/Chart/v1
-metadata:
- schema: metadata/Document/v1
- name: ucp-promenade
- layeringDefinition:
- abstract: false
- layer: site
- parentSelector:
- name: ucp-promenade-global
- actions:
- - method: merge
- path: .
- storagePolicy: cleartext
-data:
- values:
- pod:
- env:
- promenade_api:
- - name: no_proxy
- value: localhost,127.0.0.1,192.168.0.0/16,172.0.0.0/8,10.0.0.0/8
- - name: NO_PROXY
- value: localhost,127.0.0.1,192.168.0.0/16,172.0.0.0/8,10.0.0.0/8
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: pegleg/CommonSoftwareConfig/v1
-metadata:
- schema: metadata/Document/v1
- name: common-software-config
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data:
- osh:
- region_name: RegionOne
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-schema: pegleg/EndpointCatalogue/v1
-metadata:
- schema: metadata/Document/v1
- name: ucp_endpoints
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
- # substitutions:
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .ucp.identity.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .ucp.shipyard.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .ceph.object_store.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .ceph.ceph_object_store.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .ceph.object_store.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .ceph.object_store.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .ceph.object_store.host_fqdn_override.public.tls.key
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .ceph.ceph_object_store.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .ceph.ceph_object_store.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .ceph.ceph_object_store.host_fqdn_override.public.tls.key
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .ucp.identity.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .ucp.identity.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .ucp.identity.host_fqdn_override.public.tls.key
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .ucp.shipyard.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .ucp.shipyard.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .ucp.shipyard.host_fqdn_override.public.tls.key
-data:
- ucp:
- identity:
- namespace: ucp
- name: keystone
- hosts:
- default: keystone-api
- public: keystone
- host_fqdn_override:
- default: null
- # public:
- # host: iam.DOMAIN
- path:
- default: /v3
- scheme:
- default: http
- # public: https
- port:
- admin:
- default: 35357
- api:
- default: 80
- public: 80
- armada:
- name: armada
- hosts:
- default: armada-api
- public: armada
- port:
- api:
- default: 8000
- path:
- default: /api/v1.0
- scheme:
- default: http
- host_fqdn_override:
- default: null
- deckhand:
- name: deckhand
- hosts:
- default: deckhand-int
- public: deckhand-api
- port:
- api:
- default: 9000
- path:
- default: /api/v1.0
- scheme:
- default: http
- host_fqdn_override:
- default: null
- postgresql:
- name: postgresql
- hosts:
- default: postgresql
- path: /DB_NAME
- scheme: postgresql+psycopg2
- port:
- postgresql:
- default: 5432
- host_fqdn_override:
- default: null
- postgresql_airflow_celery:
- name: postgresql_airflow_celery_db
- hosts:
- default: postgresql
- path: /DB_NAME
- scheme: db+postgresql
- port:
- postgresql:
- default: 5432
- host_fqdn_override:
- default: null
- oslo_db:
- hosts:
- default: mariadb
- discovery: mariadb-discovery
- host_fqdn_override:
- default: null
- path: /DB_NAME
- scheme: mysql+pymysql
- port:
- mysql:
- default: 3306
- wsrep:
- default: 4567
- key_manager:
- name: barbican
- hosts:
- default: barbican-api
- public: barbican
- host_fqdn_override:
- default: null
- path:
- default: /v1
- scheme:
- default: http
- port:
- api:
- default: 9311
- public: 80
- oslo_messaging:
- namespace: null
- hosts:
- default: rabbitmq
- host_fqdn_override:
- default: null
- path: /openstack
- scheme: rabbit
- port:
- amqp:
- default: 5672
- oslo_cache:
- hosts:
- default: memcached
- host_fqdn_override:
- default: null
- port:
- memcache:
- default: 11211
- physicalprovisioner:
- name: drydock
- hosts:
- default: drydock-api
- port:
- api:
- default: 9000
- nodeport: 31900
- path:
- default: /api/v1.0
- scheme:
- default: http
- host_fqdn_override:
- default: null
- maas_region_ui:
- name: maas-region-ui
- hosts:
- default: maas-region-ui
- public: maas
- path:
- default: /MAAS
- scheme:
- default: "http"
- port:
- region_ui:
- default: 80
- public: 80
- host_fqdn_override:
- default: null
- kubernetesprovisioner:
- name: promenade
- hosts:
- default: promenade-api
- port:
- api:
- default: 80
- path:
- default: /api/v1.0
- scheme:
- default: http
- host_fqdn_override:
- default: null
- shipyard:
- name: shipyard
- hosts:
- default: shipyard-int
- public: shipyard-api
- port:
- api:
- default: 9000
- public: 80
- path:
- default: /api/v1.0
- scheme:
- default: http
- # public: https
- host_fqdn_override:
- default: null
- # public:
- # host: shipyard.DOMAIN
- airflow_web:
- name: airflow-web
- hosts:
- default: airflow-web-int
- public: airflow-web
- port:
- airflow_web:
- default: 8080
- path:
- default: /
- scheme:
- default: http
- host_fqdn_override:
- default: null
- airflow_flower:
- name: airflow-flower
- hosts:
- default: airflow-flower
- port:
- airflow_flower:
- default: 5555
- path:
- default: /
- scheme:
- default: http
- host_fqdn_override:
- default: null
- ceph:
- object_store:
- name: swift
- namespace: ceph
- hosts:
- default: ceph-rgw
- public: radosgw
- host_fqdn_override:
- default: null
- # public:
- # host: object-store.DOMAIN
- path:
- default: /swift/v1
- scheme:
- default: http
- # public: "https"
- port:
- api:
- default: 8088
- # public: 443
- ceph_object_store:
- name: radosgw
- namespace: ceph
- hosts:
- default: ceph-rgw
- public: radosgw
- host_fqdn_override:
- default: null
- # public:
- # host: object-store.DOMAIN
- path:
- default: /auth/v1.0
- scheme:
- default: "http"
- # public: "https"
- port:
- api:
- default: 8088
- # public: 443
- ceph_mon:
- namespace: ceph
- hosts:
- default: ceph-mon
- discovery: ceph-mon-discovery
- host_fqdn_override:
- default: null
- port:
- mon:
- default: 6789
- ceph_mgr:
- namespace: ceph
- hosts:
- default: ceph-mgr
- host_fqdn_override:
- default: null
- port:
- mgr:
- default: 7000
- scheme:
- default: http
-...
----
-schema: pegleg/EndpointCatalogue/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_endpoints
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
- # substitutions:
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .osh.object_store.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .osh.ceph_object_store.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .osh.object_store.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .osh.object_store.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .osh.object_store.host_fqdn_override.public.tls.key
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .osh.ceph_object_store.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .osh.ceph_object_store.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .osh.ceph_object_store.host_fqdn_override.public.tls.key
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .osh.image.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .osh.cloudformation.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .osh.orchestration.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .osh.compute.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .osh.compute_novnc_proxy.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .osh.placement.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .osh.network.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .osh.identity.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .osh.dashboard.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .osh.volume.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .osh.volumev2.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .osh.volumev3.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .osh.identity.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .osh.identity.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .osh.identity.host_fqdn_override.public.tls.key
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .osh.orchestration.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .osh.orchestration.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .osh.orchestration.host_fqdn_override.public.tls.key
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .osh.cloudformation.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .osh.cloudformation.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .osh.cloudformation.host_fqdn_override.public.tls.key
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .osh.dashboard.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .osh.dashboard.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .osh.dashboard.host_fqdn_override.public.tls.key
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .osh.image.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .osh.image.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .osh.image.host_fqdn_override.public.tls.key
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .osh.volume.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .osh.volume.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .osh.volume.host_fqdn_override.public.tls.key
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .osh.volumev2.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .osh.volumev2.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .osh.volumev2.host_fqdn_override.public.tls.key
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .osh.volumev3.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .osh.volumev3.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .osh.volumev3.host_fqdn_override.public.tls.key
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .osh.compute.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .osh.compute.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .osh.compute.host_fqdn_override.public.tls.key
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .osh.compute_novnc_proxy.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .osh.compute_novnc_proxy.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .osh.compute_novnc_proxy.host_fqdn_override.public.tls.key
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .osh.placement.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .osh.placement.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .osh.placement.host_fqdn_override.public.tls.key
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .osh.network.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .osh.network.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .osh.network.host_fqdn_override.public.tls.key
-data:
- osh:
- object_store:
- name: swift
- namespace: ceph
- hosts:
- default: ceph-rgw
- public: radosgw
- host_fqdn_override:
- default: null
- # public:
- # host: object-store.DOMAIN
- path:
- default: /swift/v1/KEY_$(tenant_id)s
- scheme:
- default: http
- # public: "https"
- port:
- api:
- default: 8088
- # public: 443
- ceph_object_store:
- name: radosgw
- namespace: ceph
- hosts:
- default: ceph-rgw
- public: radosgw
- host_fqdn_override:
- default: null
- # public:
- # host: object-store.DOMAIN
- path:
- default: /auth/v1.0
- scheme:
- default: "http"
- # public: "https"
- port:
- api:
- default: 8088
- # public: 443
- oslo_db:
- hosts:
- default: mariadb
- discovery: mariadb-discovery
- host_fqdn_override:
- default: null
- path: /DB_NAME
- scheme: mysql+pymysql
- port:
- mysql:
- default: 3306
- wsrep:
- default: 4567
- keystone_oslo_messaging:
- namespace: openstack
- hosts:
- default: keystone-rabbitmq
- host_fqdn_override:
- default: null
- path: /keystone
- scheme: rabbit
- port:
- amqp:
- default: 5672
- http:
- default: 15672
- keystone_rabbitmq_exporter:
- namespace: openstack
- hosts:
- default: keystone-rabbitmq-exporter
- host_fqdn_override:
- default: null
- path:
- default: /metrics
- scheme:
- default: "http"
- port:
- metrics:
- default: 9095
- oslo_cache:
- namespace: openstack
- hosts:
- default: memcached
- host_fqdn_override:
- default: null
- port:
- memcache:
- default: 11211
- identity:
- namespace: openstack
- name: keystone
- hosts:
- default: keystone-api
- public: keystone
- host_fqdn_override:
- default: null
- # public:
- # host: identity.DOMAIN
- path:
- default: /v3
- scheme:
- default: "http"
- # public: "https"
- port:
- admin:
- default: 35357
- api:
- default: 80
- # public: 443
- glance_oslo_messaging:
- namespace: openstack
- hosts:
- default: glance-rabbitmq
- host_fqdn_override:
- default: null
- path: /glance
- scheme: rabbit
- port:
- amqp:
- default: 5672
- http:
- default: 15672
- glance_rabbitmq_exporter:
- namespace: openstack
- hosts:
- default: glance-rabbitmq-exporter
- host_fqdn_override:
- default: null
- path:
- default: /metrics
- scheme:
- default: "http"
- port:
- metrics:
- default: 9095
- image:
- name: glance
- hosts:
- default: glance-api
- public: glance
- host_fqdn_override:
- default: null
- # public:
- # host: image.DOMAIN
- path:
- default: null
- scheme:
- default: "http"
- # public: "https"
- port:
- api:
- default: 9292
- # public: 443
- image_registry:
- name: glance-registry
- hosts:
- default: glance-registry
- public: glance-reg
- host_fqdn_override:
- default: null
- path:
- default: null
- scheme:
- default: "http"
- port:
- api:
- default: 9191
- public: 80
- cinder_oslo_messaging:
- namespace: openstack
- hosts:
- default: cinder-rabbitmq
- host_fqdn_override:
- default: null
- path: /cinder
- scheme: rabbit
- port:
- amqp:
- default: 5672
- http:
- default: 15672
- cinder_rabbitmq_exporter:
- namespace: openstack
- hosts:
- default: cinder-rabbitmq-exporter
- host_fqdn_override:
- default: null
- path:
- default: /metrics
- scheme:
- default: "http"
- port:
- metrics:
- default: 9095
- volume:
- name: cinder
- hosts:
- default: cinder-api
- public: cinder
- host_fqdn_override:
- default: null
- # public:
- # host: volume.DOMAIN
- path:
- default: "/v1/%(tenant_id)s"
- scheme:
- default: "http"
- # public: "https"
- port:
- api:
- default: 8776
- # public: 443
- volumev2:
- name: cinderv2
- hosts:
- default: cinder-api
- public: cinder
- host_fqdn_override:
- default: null
- # public:
- # host: volume.DOMAIN
- path:
- default: "/v2/%(tenant_id)s"
- scheme:
- default: "http"
- # public: "https"
- port:
- api:
- default: 8776
- # public: 443
- volumev3:
- name: cinderv3
- hosts:
- default: cinder-api
- public: cinder
- host_fqdn_override:
- default: null
- # public:
- # host: volume.DOMAIN
- path:
- default: "/v3/%(tenant_id)s"
- scheme:
- default: "http"
- # public: "https"
- port:
- api:
- default: 8776
- # public: 443
- heat_oslo_messaging:
- namespace: openstack
- hosts:
- default: heat-rabbitmq
- host_fqdn_override:
- default: null
- path: /heat
- scheme: rabbit
- port:
- amqp:
- default: 5672
- http:
- default: 15672
- heat_rabbitmq_exporter:
- namespace: openstack
- hosts:
- default: heat-rabbitmq-exporter
- host_fqdn_override:
- default: null
- path:
- default: /metrics
- scheme:
- default: "http"
- port:
- metrics:
- default: 9095
- orchestration:
- name: heat
- hosts:
- default: heat-api
- public: heat
- host_fqdn_override:
- default: null
- # public:
- # host: orchestration.DOMAIN
- path:
- default: "/v1/%(project_id)s"
- scheme:
- default: "http"
- # public: "https"
- port:
- api:
- default: 8004
- # public: 443
- cloudformation:
- name: heat-cfn
- hosts:
- default: heat-cfn
- public: cloudformation
- host_fqdn_override:
- default: null
- # public:
- # host: cloudformation.DOMAIN
- path:
- default: /v1
- scheme:
- default: "http"
- # public: "https"
- port:
- api:
- default: 8000
- # public: 443
- cloudwatch:
- name: heat-cloudwatch
- hosts:
- default: heat-cloudwatch
- public: cloudwatch
- host_fqdn_override:
- default: null
- path:
- default: null
- type: null
- scheme:
- default: "http"
- port:
- api:
- default: 8003
- public: 80
- neutron_oslo_messaging:
- namespace: openstack
- hosts:
- default: neutron-rabbitmq
- host_fqdn_override:
- default: null
- path: /neutron
- scheme: rabbit
- port:
- amqp:
- default: 5672
- http:
- default: 15672
- neutron_rabbitmq_exporter:
- namespace: openstack
- hosts:
- default: neutron-rabbitmq-exporter
- host_fqdn_override:
- default: null
- path:
- default: /metrics
- scheme:
- default: "http"
- port:
- metrics:
- default: 9095
- network:
- name: neutron
- hosts:
- default: neutron-server
- public: neutron
- host_fqdn_override:
- default: null
- # public:
- # host: network.DOMAIN
- path:
- default: null
- scheme:
- default: "http"
- # public: "https"
- port:
- api:
- default: 9696
- # public: 443
- nova_oslo_messaging:
- namespace: openstack
- hosts:
- default: nova-rabbitmq
- host_fqdn_override:
- default: null
- path: /nova
- scheme: rabbit
- port:
- amqp:
- default: 5672
- http:
- default: 15672
- nova_rabbitmq_exporter:
- namespace: openstack
- hosts:
- default: nova-rabbitmq-exporter
- host_fqdn_override:
- default: null
- path:
- default: /metrics
- scheme:
- default: "http"
- port:
- metrics:
- default: 9095
- compute:
- name: nova
- hosts:
- default: nova-api
- public: nova
- host_fqdn_override:
- default: null
- # public:
- # host: compute.DOMAIN
- path:
- default: "/v2/%(tenant_id)s"
- scheme:
- default: "http"
- # public: "https"
- port:
- api:
- default: 8774
- # public: 443
- novncproxy:
- default: 443
- compute_metadata:
- name: nova
- hosts:
- default: nova-metadata
- public: metadata
- host_fqdn_override:
- default: null
- path:
- default: /
- scheme:
- default: "http"
- port:
- metadata:
- default: 8775
- public: 80
- compute_novnc_proxy:
- name: nova
- hosts:
- default: nova-novncproxy
- public: novncproxy
- host_fqdn_override:
- default: null
- # public:
- # host: nova-novncproxy.DOMAIN
- path:
- default: /vnc_auto.html
- scheme:
- default: "http"
- # public: "https"
- port:
- novnc_proxy:
- default: 6080
- # public: 443
- compute_spice_proxy:
- name: nova
- hosts:
- default: nova-spiceproxy
- host_fqdn_override:
- default: null
- path:
- default: /spice_auto.html
- scheme:
- default: "http"
- port:
- spice_proxy:
- default: 6082
- placement:
- name: placement
- hosts:
- default: placement-api
- public: placement
- host_fqdn_override:
- default: null
- # public:
- # host: placement.DOMAIN
- path:
- default: /
- scheme:
- default: "http"
- # public: "https"
- port:
- api:
- default: 8778
- # public: 443
- dashboard:
- name: horizon
- hosts:
- default: horizon-int
- public: horizon
- host_fqdn_override:
- default: null
- # public:
- # host: dashboard.DOMAIN
- path:
- default: null
- scheme:
- default: "http"
- # public: "https"
- port:
- web:
- default: 80
- # public: 443
-...
----
-schema: pegleg/EndpointCatalogue/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_infra_endpoints
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
- # substitutions:
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .osh_infra.kibana.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .osh_infra.grafana.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .dns.ingress_domain
- # dest:
- # path: .osh_infra.nagios.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .osh_infra.kibana.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .osh_infra.kibana.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .osh_infra.kibana.host_fqdn_override.public.tls.key
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .osh_infra.grafana.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .osh_infra.grafana.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .osh_infra.grafana.host_fqdn_override.public.tls.key
- # - src:
- # schema: deckhand/Certificate/v1
- # name: ingress-crt
- # path: .
- # dest:
- # path: .osh_infra.nagios.host_fqdn_override.public.tls.crt
- # - src:
- # schema: deckhand/CertificateAuthority/v1
- # name: ingress-ca
- # path: .
- # dest:
- # path: .osh_infra.nagios.host_fqdn_override.public.tls.ca
- # - src:
- # schema: deckhand/CertificateKey/v1
- # name: ingress-key
- # path: .
- # dest:
- # path: .osh_infra.nagios.host_fqdn_override.public.tls.key
- # path: .osh_infra.nagios.host_fqdn_override.public.tls.key
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .ldap.base_url
- # dest:
- # path: .osh_infra.ldap.host_fqdn_override.public.host
- # pattern: DOMAIN
- # - src:
- # schema: pegleg/CommonAddresses/v1
- # name: common-addresses
- # path: .ldap.auth_path
- # dest:
- # path: .osh_infra.ldap.path.default
- # pattern: AUTH_PATH
-data:
- osh_infra:
- elasticsearch:
- name: elasticsearch
- namespace: osh-infra
- hosts:
- data: elasticsearch-data
- default: elasticsearch-logging
- discovery: elasticsearch-discovery
- public: elasticsearch
- host_fqdn_override:
- default: null
- path:
- default: null
- scheme:
- default: "http"
- port:
- http:
- default: 80
- prometheus_elasticsearch_exporter:
- namespace: null
- hosts:
- default: elasticsearch-exporter
- host_fqdn_override:
- default: null
- path:
- default: /metrics
- scheme:
- default: "http"
- port:
- metrics:
- default: 9108
- fluentd:
- namespace: osh-infra
- name: fluentd
- hosts:
- default: fluentd-logging
- host_fqdn_override:
- default: null
- path:
- default: null
- scheme:
- default: "http"
- port:
- service:
- default: 24224
- metrics:
- default: 24220
- prometheus_fluentd_exporter:
- namespace: osh-infra
- hosts:
- default: fluentd-exporter
- host_fqdn_override:
- default: null
- path:
- default: /metrics
- scheme:
- default: "http"
- port:
- metrics:
- default: 9309
- oslo_db:
- namespace: osh-infra
- hosts:
- default: mariadb
- host_fqdn_override:
- default: null
- path: /DB_NAME
- scheme: mysql+pymysql
- port:
- mysql:
- default: 3306
- grafana:
- name: grafana
- namespace: osh-infra
- hosts:
- default: grafana-dashboard
- public: grafana
- host_fqdn_override:
- default: null
- # public:
- # host: grafana.DOMAIN
- path:
- default: null
- scheme:
- default: "http"
- # public: "https"
- port:
- grafana:
- default: 3000
- # public: 443
- monitoring:
- name: prometheus
- namespace: osh-infra
- hosts:
- default: prom-metrics
- public: prometheus
- host_fqdn_override:
- default: null
- path:
- default: null
- scheme:
- default: "http"
- port:
- api:
- default: 9090
- public: 80
- kibana:
- name: kibana
- namespace: osh-infra
- hosts:
- default: kibana-dash
- public: kibana
- host_fqdn_override:
- default: null
- # public:
- # host: kibana.DOMAIN
- path:
- default: null
- scheme:
- default: "http"
- # public: "https"
- port:
- kibana:
- default: 5601
- # public: 443
- alerts:
- name: alertmanager
- namespace: osh-infra
- hosts:
- default: alerts-engine
- public: alertmanager
- discovery: alertmanager-discovery
- host_fqdn_override:
- default: null
- path:
- default: null
- scheme:
- default: "http"
- port:
- api:
- default: 9093
- public: 80
- mesh:
- default: 6783
- kube_state_metrics:
- namespace: kube-system
- hosts:
- default: kube-state-metrics
- host_fqdn_override:
- default: null
- path:
- default: null
- scheme:
- default: "http"
- port:
- http:
- default: 8080
- kube_scheduler:
- scheme:
- default: "http"
- path:
- default: /metrics
- kube_controller_manager:
- scheme:
- default: "http"
- path:
- default: /metrics
- node_metrics:
- namespace: kube-system
- hosts:
- default: node-exporter
- host_fqdn_override:
- default: null
- path:
- default: null
- scheme:
- default: "http"
- port:
- metrics:
- default: 9100
- prometheus_port:
- default: 9100
- prometheus_openstack_exporter:
- namespace: openstack
- hosts:
- default: openstack-metrics
- host_fqdn_override:
- default: null
- path:
- default: null
- scheme:
- default: "http"
- port:
- exporter:
- default: 9103
- nagios:
- name: nagios
- namespace: osh-infra
- hosts:
- default: nagios-metrics
- public: nagios
- host_fqdn_override:
- default: null
- # public:
- # host: nagios.DOMAIN
- path:
- default: null
- scheme:
- default: http
- # public: https
- port:
- http:
- default: 80
- # public: 443
- ldap:
- hosts:
- default: ldap
- host_fqdn_override:
- default: null
- public:
- host: DOMAIN
- path:
- default: /AUTH_PATH
- scheme:
- default: "ldap"
- port:
- ldap:
- default: 389
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: pegleg/AccountCatalogue/v1
-metadata:
- schema: metadata/Document/v1
- name: ucp_service_accounts
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data:
- ucp:
- postgres:
- admin:
- username: postgres
- oslo_db:
- admin:
- username: root
- oslo_messaging:
- admin:
- username: rabbitmq
- keystone:
- admin:
- region_name: RegionOne
- username: admin
- project_name: admin
- user_domain_name: default
- project_domain_name: default
- oslo_messaging:
- admin:
- username: rabbitmq
- keystone:
- username: keystone
- oslo_db:
- username: keystone
- database: keystone
- promenade:
- keystone:
- region_name: RegionOne
- role: admin
- project_name: service
- project_domain_name: default
- user_domain_name: default
- username: promenade
- drydock:
- keystone:
- region_name: RegionOne
- role: admin
- project_name: service
- project_domain_name: default
- user_domain_name: default
- username: drydock
- postgres:
- username: drydock
- database: drydock
- shipyard:
- keystone:
- region_name: RegionOne
- role: admin
- project_name: service
- project_domain_name: default
- user_domain_name: default
- username: shipyard
- postgres:
- username: shipyard
- database: shipyard
- airflow:
- postgres:
- username: airflow
- database: airflow
- oslo_messaging:
- username: rabbitmq
- maas:
- admin:
- username: admin
- email: none@none
- postgres:
- username: maas
- database: maasdb
- barbican:
- keystone:
- region_name: RegionOne
- role: admin
- project_name: service
- project_domain_name: default
- user_domain_name: default
- username: barbican
- oslo_db:
- username: barbican
- database: barbican
- oslo_messaging:
- admin:
- username: rabbitmq
- keystone:
- username: keystone
- armada:
- keystone:
- project_domain_name: default
- user_domain_name: default
- project_name: service
- region_name: RegionOne
- role: admin
- user_domain_name: default
- username: armada
- deckhand:
- keystone:
- region_name: RegionOne
- role: admin
- project_name: service
- project_domain_name: default
- user_domain_name: default
- username: deckhand
- postgres:
- username: deckhand
- database: deckhand
- ceph:
- swift:
- keystone:
- role: admin
- region_name: RegionOne
- username: swift
- project_name: service
- user_domain_name: default
- project_domain_name: default
-...
----
-schema: pegleg/AccountCatalogue/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_service_accounts
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
- substitutions:
- - src:
- schema: pegleg/CommonSoftwareConfig/v1
- name: common-software-config
- path: .osh.region_name
- dest:
- path: .osh.keystone.admin.region_name
- - src:
- schema: pegleg/CommonSoftwareConfig/v1
- name: common-software-config
- path: .osh.region_name
- dest:
- path: .osh.cinder.cinder.region_name
- - src:
- schema: pegleg/CommonSoftwareConfig/v1
- name: common-software-config
- path: .osh.region_name
- dest:
- path: .osh.glance.glance.region_name
- - src:
- schema: pegleg/CommonSoftwareConfig/v1
- name: common-software-config
- path: .osh.region_name
- dest:
- path: .osh.heat.heat.region_name
- - src:
- schema: pegleg/CommonSoftwareConfig/v1
- name: common-software-config
- path: .osh.region_name
- dest:
- path: .osh.heat.heat_trustee.region_name
- - src:
- schema: pegleg/CommonSoftwareConfig/v1
- name: common-software-config
- path: .osh.region_name
- dest:
- path: .osh.heat.heat_stack_user.region_name
- - src:
- schema: pegleg/CommonSoftwareConfig/v1
- name: common-software-config
- path: .osh.region_name
- dest:
- path: .osh.swift.keystone.region_name
- - src:
- schema: pegleg/CommonSoftwareConfig/v1
- name: common-software-config
- path: .osh.region_name
- dest:
- path: .osh.neutron.neutron.region_name
- - src:
- schema: pegleg/CommonSoftwareConfig/v1
- name: common-software-config
- path: .osh.region_name
- dest:
- path: .osh.nova.nova.region_name
- - src:
- schema: pegleg/CommonSoftwareConfig/v1
- name: common-software-config
- path: .osh.region_name
- dest:
- path: .osh.nova.placement.region_name
- - src:
- schema: pegleg/CommonSoftwareConfig/v1
- name: common-software-config
- path: .osh.region_name
- dest:
- path: .osh.barbican.barbican.region_name
- - src:
- schema: pegleg/CommonSoftwareConfig/v1
- name: common-software-config
- path: .osh.region_name
- dest:
- path: .osh.barbican.barbican.region_name
-data:
- osh:
- keystone:
- admin:
- username: admin
- project_name: admin
- user_domain_name: default
- project_domain_name: default
- oslo_db:
- username: keystone
- database: keystone
- oslo_messaging:
- admin:
- username: keystone-rabbitmq-admin
- keystone:
- username: keystone-rabbitmq-user
- ldap:
- username: "user@example-ldap.com"
- cinder:
- cinder:
- role: admin
- username: cinder
- project_name: service
- user_domain_name: default
- project_domain_name: default
- oslo_db:
- username: cinder
- database: cinder
- oslo_messaging:
- admin:
- username: cinder-rabbitmq-admin
- cinder:
- username: cinder-rabbitmq-user
- glance:
- glance:
- role: admin
- username: glance
- project_name: service
- user_domain_name: default
- project_domain_name: default
- oslo_db:
- username: glance
- database: glance
- oslo_messaging:
- admin:
- username: glance-rabbitmq-admin
- glance:
- username: glance-rabbitmq-user
- ceph_object_store:
- username: glance
- heat:
- heat:
- role: admin
- username: heat
- project_name: service
- user_domain_name: default
- project_domain_name: default
- heat_trustee:
- role: admin
- username: heat-trust
- project_name: service
- user_domain_name: default
- project_domain_name: default
- heat_stack_user:
- role: admin
- username: heat-domain
- domain_name: heat
- oslo_db:
- username: heat
- database: heat
- oslo_messaging:
- admin:
- username: heat-rabbitmq-admin
- heat:
- username: heat-rabbitmq-user
- swift:
- keystone:
- role: admin
- username: swift
- project_name: service
- user_domain_name: default
- project_domain_name: default
- oslo_db:
- admin:
- username: root
- neutron:
- neutron:
- role: admin
- username: neutron
- project_name: service
- user_domain_name: default
- project_domain_name: default
- oslo_db:
- username: neutron
- database: neutron
- oslo_messaging:
- admin:
- username: neutron-rabbitmq-admin
- neutron:
- username: neutron-rabbitmq-user
- nova:
- nova:
- role: admin
- username: nova
- project_name: service
- user_domain_name: default
- project_domain_name: default
- placement:
- role: admin
- username: placement
- project_name: service
- user_domain_name: default
- project_domain_name: default
- oslo_db:
- username: nova
- database: nova
- oslo_db_api:
- username: nova
- database: nova_api
- oslo_db_cell0:
- username: nova
- database: "nova_cell0"
- oslo_messaging:
- admin:
- username: nova-rabbitmq-admin
- nova:
- username: nova-rabbitmq-user
- horizon:
- oslo_db:
- username: horizon
- database: horizon
- barbican:
- barbican:
- role: admin
- username: barbican
- project_name: service
- user_domain_name: default
- project_domain_name: default
- oslo_db:
- username: barbican
- database: barbican
- oslo_messaging:
- admin:
- username: barbican-rabbitmq-admin
- barbican:
- username: barbican-rabbitmq-user
-...
----
-schema: pegleg/AccountCatalogue/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_infra_service_accounts
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data:
- osh_infra:
- grafana:
- admin:
- username: grafana
- oslo_db:
- username: grafana
- database: grafana
- oslo_db_session:
- username: grafana_session
- database: grafana_session
- elasticsearch:
- admin:
- username: elasticsearch
- kibana:
- admin:
- username: kibana
- oslo_db:
- admin:
- username: root
- prometheus_openstack_exporter:
- user:
- username: prometheus-openstack-exporter
- project_name: service
- user_domain_name: default
- nagios:
- admin:
- username: nagios
- ldap:
- admin:
- # NEWSITE-CHANGEME: Replace with the site's LDAP account used to
- # authenticate to the active directory backend to validate keystone
- # users.
- bind: "test@ldap.example.com"
-...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: armada/Manifest/v1
-metadata:
- schema: metadata/Document/v1
- name: full-site
- layeringDefinition:
- abstract: false
- layer: site
- parentSelector:
- name: full-site-global
- actions:
- - method: merge
- path: .
- storagePolicy: cleartext
-data:
- release_prefix: airship
- chart_groups:
- - kubernetes-proxy
- - kubernetes-container-networking
- - kubernetes-dns
- - kubernetes-etcd
- - kubernetes-haproxy
- - kubernetes-core
- - ingress-kube-system
- - ucp-ceph-update
- - ucp-ceph-config
- - ucp-core
- - ucp-keystone
- - ucp-divingbell
- - ucp-armada
- - ucp-deckhand
- - ucp-drydock
- - ucp-promenade
- - ucp-shipyard
- - osh-infra-ingress-controller
- - osh-infra-ceph-config
- - osh-infra-logging
- - osh-infra-monitoring
- - osh-infra-mariadb
- - osh-infra-dashboards
- - openstack-ingress-controller
- - openstack-ceph-config
- - openstack-mariadb
- - openstack-memcached
- - openstack-keystone
- - openstack-radosgw
- - openstack-glance
- - openstack-cinder
- - openstack-compute-kit
- - openstack-heat
- - osh-infra-prometheus-openstack-exporter
- - openstack-horizon
-...