-# Acraino Edge Stack
+# Akraino Edge Stack
..............................................................................
-. Copyright © 2018 AT&T Intellectual Property. All rights reserved .
+. Copyright (c) 2018 AT&T Intellectual Property. All rights reserved .
. .
. Licensed under the Apache License, Version 2.0 (the "License"); you may .
. not use this file except in compliance with the License. .
* jinja2 PyYAML python packages should be available
* git clone yaml_build project to your favorite location ( say **/opt/**).
~~~
-$ git clone http://gerrit.att-akraino.org/yaml_builds.git
+$ git clone http://gerrit.akraino.org/yaml_builds.git
~~~
* export YAML_BUILDS=<<absolute path of yaml_builds>> created is previous step.
- * aic-clcp-manifests should be installed as explained here https://codecloud.web.att.com/projects/ST_CCP/repos/aic-clcp-manifests/browse/docs/source/deployment_blueprint.md
- * export AIC_CLCP_MANIFESTS
- * As per aic-clcp-manifests documents copy all required files to new <<site_name>>
-
- This will copy a bunch of .yaml files to $AIC_CLCP_MANIFESTS/sites/<<site_name>>
-
- * aic-clcp-security-manifests should be installed as explained here https://codecloud.web.att.com/projects/ST_CCP/repos/aic-clcp-manifests/browse/docs/source/deployment_blueprint.md
- * export AIC_CLCP_SECURITY_MANIFESTS
- As per aic-clcp-manifests documents copy all required files to new <<site_name>>
-
- This will copy a bunch of .yaml files to $AIC_CLCP_MANIFESTS/sites/<<site_name>>
+~~~
+cd /root/
+git clone https://git.openstack.org/openstack/airship-treasuremap
+~~~
* Manually verifying the generated .yaml files as explained in 1.1 Manually verifying the .YAMLs
* Using following commands ssh and scp should be happen from regional servers to genesis host without asking any username/passwords
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
# limitations under the License. #
##############################################################################
-site_name: dell_akraino
-ipmi_admin_password: calvin
+site_name: dellgen10
+ipmi_admin:
+ username: root
+ password: calvin
networks:
bonded: yes
primary: bond0
slaves:
- - name: enp135s0f0
- - name: enp135s0f1
+ - name: enp94s0f0
+ - name: enp94s0f1
oob:
vlan: 40
- interface:
+ interface:
cidr: 192.168.41.0/24
routes:
gateway: 192.168.41.1
ranges:
reserved:
start: 192.168.41.2
- end: 192.168.41.4
+ end: 192.168.41.12
static:
- start: 192.168.41.5
+ start: 192.168.41.13
end: 192.168.41.254
host:
- vlan: 41
+ vlan: 41
interface: bond0.41
cidr: 192.168.2.0/24
routes:
- gateway: 192.168.2.85
+ gateway: 192.168.2.200
ranges:
reserved:
start: 192.168.2.84
end: 192.168.2.86
static:
- start: 192.168.2.1
- end: 192.168.2.83
+ start: 192.168.2.40
+ end: 192.168.2.45
+ dns:
+ domain: lab.akraino.org
+ servers: '192.168.2.85 8.8.8.8 8.8.4.4'
storage:
vlan: 42
interface: bond0.42
interface: eno3
cidr: 172.30.2.0/24
gateway: 172.30.2.1
+ routes:
+ gateway: 172.30.2.40
ranges:
reserved:
start: 172.30.2.2
dhcp:
start: 172.30.2.201
end: 172.30.2.254
+ dns:
+ domain: lab.akraino.org
+ servers: '192.168.2.85 8.8.8.8 8.8.4.4'
ksn:
vlan: 44
interface: bond0.44
static:
start: 10.0.102.11
end: 10.0.102.254
+dns:
+ upstream_servers:
+ - 192.168.2.85
+ - 8.8.8.8
+ - 8.8.8.8
+ upstream_servers_joined: '192.168.2.85,8.8.8.8'
+ ingress_domain: dellgen10.akraino.org
sriovnets:
- physical: sriovnet1
- interface: enp135s0f
- vlan_start: 100
- vlan_end: 4000
+ interface: enp135s0f0
+ vlan_start: 2001
+ vlan_end: 3000
whitelists:
- "0000:87:02.0": "enp135s2"
- "0000:87:02.1": "enp135s2f1"
- "0000:87:03.2": "enp135s3f2"
- "0000:87:03.3": "enp135s3f3"
- "0000:87:03.4": "enp135s3f4"
- "0000:87:03.5": "enp135s3f5"
- "0000:87:03.6": "enp135s3f6"
- "0000:87:03.7": "enp135s3f7"
- "0000:87:04.0": "enp135s4"
- "0000:87:04.1": "enp135s4f1"
- "0000:87:04.2": "enp135s4f2"
- "0000:87:04.3": "enp135s4f3"
- "0000:87:02.2": "enp135s2f2"
- "0000:87:04.4": "enp135s4f4"
- "0000:87:04.5": "enp135s4f5"
- "0000:87:04.6": "enp135s4f6"
- "0000:87:04.7": "enp135s4f7"
- "0000:87:05.0": "enp135s5"
- "0000:87:05.1": "enp135s5f1"
- "0000:87:05.2": "enp135s5f2"
- "0000:87:05.3": "enp135s5f3"
- "0000:87:05.4": "enp135s5f4"
- "0000:87:05.5": "enp135s5f5"
- "0000:87:02.3": "enp135s2f3"
- "0000:87:05.6": "enp135s5f6"
- "0000:87:05.7": "enp135s5f7"
- "0000:87:02.4": "enp135s2f4"
- "0000:87:02.5": "enp135s2f5"
- "0000:87:02.6": "enp135s2f6"
- "0000:87:02.7": "enp135s2f7"
- "0000:87:03.0": "enp135s3"
- "0000:87:03.1": "enp135s3f1"
-
+ - "address": "0000:87:02.0"
+ - "address": "0000:87:02.1"
+ - "address": "0000:87:03.2"
+ - "address": "0000:87:03.3"
+ - "address": "0000:87:03.4"
+ - "address": "0000:87:03.5"
+ - "address": "0000:87:03.6"
+ - "address": "0000:87:03.7"
+ - "address": "0000:87:04.0"
+ - "address": "0000:87:04.1"
+ - "address": "0000:87:04.2"
+ - "address": "0000:87:04.3"
+ - "address": "0000:87:02.2"
+ - "address": "0000:87:04.4"
+ - "address": "0000:87:04.5"
+ - "address": "0000:87:04.6"
+ - "address": "0000:87:04.7"
+ - "address": "0000:87:05.0"
+ - "address": "0000:87:05.1"
+ - "address": "0000:87:05.2"
+ - "address": "0000:87:05.3"
+ - "address": "0000:87:05.4"
+ - "address": "0000:87:05.5"
+ - "address": "0000:87:02.3"
+ - "address": "0000:87:05.6"
+ - "address": "0000:87:05.7"
+ - "address": "0000:87:02.4"
+ - "address": "0000:87:02.5"
+ - "address": "0000:87:02.6"
+ - "address": "0000:87:02.7"
+ - "address": "0000:87:03.0"
+ - "address": "0000:87:03.1"
- physical: sriovnet2
interface: enp135s0f1
- vlan_start: 100
- vlan_end: 4000
+ vlan_start: 2001
+ vlan_end: 3000
whitelists:
- "0000:87:0a.0": "enp135s10i"
- "0000:87:0a.1": "enp135s10f1"
- "0000:87:0b.2": "enp135s11f2"
- "0000:87:0b.3": "enp135s11f3"
- "0000:87:0b.4": "enp135s11f4"
- "0000:87:0b.5": "enp135s11f5"
- "0000:87:0b.6": "enp135s11f6"
- "0000:87:0b.7": "enp135s11f7"
- "0000:87:0c.0": "enp135s12"
- "0000:87:0c.1": "enp135s12f1"
- "0000:87:0c.2": "enp135s12f2"
- "0000:87:0c.3": "enp135s12f3"
- "0000:87:0a.2": "enp135s10f2"
- "0000:87:0c.4": "enp135s12f4"
- "0000:87:0c.5": "enp135s12f5"
- "0000:87:0c.6": "enp135s12f6"
- "0000:87:0c.7": "enp135s12f7"
- "0000:87:0d.0": "enp135s13"
- "0000:87:0d.1": "enp135s13f1"
- "0000:87:0d.2": "enp135s13f2"
- "0000:87:0d.3": "enp135s13f3"
- "0000:87:0d.4": "enp135s13f4"
- "0000:87:0d.5": "enp135s13f5"
- "0000:87:0a.3": "enp135s10f3"
- "0000:87:0d.6": "enp135s13f6"
- "0000:87:0d.7": "enp135s13f7"
- "0000:87:0a.4": "enp135s10f4"
- "0000:87:0a.5": "enp135s10f5"
- "0000:87:0a.6": "enp135s10f6"
- "0000:87:0a.7": "enp135s10f7"
- "0000:87:0b.0": "enp135s11"
- "0000:87:0b.1": "enp135s11f1"
+ - "address": "0000:87:0a.0"
+ - "address": "0000:87:0a.1"
+ - "address": "0000:87:0b.2"
+ - "address": "0000:87:0b.3"
+ - "address": "0000:87:0b.4"
+ - "address": "0000:87:0b.5"
+ - "address": "0000:87:0b.6"
+ - "address": "0000:87:0b.7"
+ - "address": "0000:87:0c.0"
+ - "address": "0000:87:0c.1"
+ - "address": "0000:87:0c.2"
+ - "address": "0000:87:0c.3"
+ - "address": "0000:87:0a.2"
+ - "address": "0000:87:0c.4"
+ - "address": "0000:87:0c.5"
+ - "address": "0000:87:0c.6"
+ - "address": "0000:87:0c.7"
+ - "address": "0000:87:0d.0"
+ - "address": "0000:87:0d.1"
+ - "address": "0000:87:0d.2"
+ - "address": "0000:87:0d.3"
+ - "address": "0000:87:0d.4"
+ - "address": "0000:87:0d.5"
+ - "address": "0000:87:0a.3"
+ - "address": "0000:87:0d.6"
+ - "address": "0000:87:0d.7"
+ - "address": "0000:87:0a.4"
+ - "address": "0000:87:0a.5"
+ - "address": "0000:87:0a.6"
+ - "address": "0000:87:0a.7"
+ - "address": "0000:87:0b.0"
+ - "address": "0000:87:0b.1"
storage:
osds:
+ - data: /dev/sda
+ journal: /var/lib/ceph/journal/journal-sda
- data: /dev/sdb
- journal: /var/lib/openstack-helm/ceph/journal0/osd/journal-sdb
+ journal: /var/lib/ceph/journal/journal-sdb
- data: /dev/sdc
- journal: /var/lib/openstack-helm/ceph/journal1/osd/journal-sdc
+ journal: /var/lib/ceph/journal/journal-sdc
- data: /dev/sdd
- journal: /var/lib/openstack-helm/ceph/journal0/osd/journal-sdd
+ journal: /var/lib/ceph/journal/journal-sdd
- data: /dev/sde
- journal: /var/lib/openstack-helm/ceph/journal1/osd/journal-sde
+ journal: /var/lib/ceph/journal/journal-sde
- data: /dev/sdf
- journal: /var/lib/openstack-helm/ceph/journal0/osd/journal-sdf
- - data: /dev/sdg
- journal: /var/lib/openstack-helm/ceph/journal1/osd/journal-sdg
- - data: /dev/sdg
- journal: /var/lib/openstack-helm/ceph/journal0/osd/journal-sdh
- - data: /dev/sdi
- journal: /var/lib/openstack-helm/ceph/journal1/osd/journal-sdi
- - data: /dev/sdk
- journal: /var/lib/openstack-helm/ceph/journal0/osd/journal-sdk
- osd_count: 9
+ journal: /var/lib/ceph/journal/journal-sdf
+ osd_count: 6
+ total_osd_count: 18
genesis:
- name: csonjrsv40
+ name: aknode40
oob: 192.168.41.40
host: 192.168.2.40
storage: 172.31.2.40
ksn: 172.29.1.40
neutron: 10.0.102.40
masters:
- - name : csonjrsv41
- - name : csonjrsv42
-workers:
- - name : csonjrsv43
- - name : csonjrsv44
-servers:
- - name : csonjrsv41
+ - name : aknode41
oob: 192.168.41.41
host: 192.168.2.41
storage: 172.31.2.41
pxe: 172.30.2.41
ksn: 172.29.1.41
neutron: 10.0.102.41
- - name : csonjrsv42
+ - name : aknode42
oob: 192.168.41.42
host: 192.168.2.42
storage: 172.31.2.42
pxe: 172.30.2.42
ksn: 172.29.1.42
neutron: 10.0.102.42
- - name : csonjrsv43
- oob: 192.168.41.43
- host: 192.168.2.43
- storage: 172.31.2.43
- pxe: 172.30.2.43
- ksn: 172.29.1.43
- neutron: 10.0.102.43
- - name : csonjrsv44
- oob: 192.168.41.44
- host: 192.168.2.44
- storage: 172.31.2.44
- pxe: 172.30.2.44
- ksn: 172.29.1.44
- neutron: 10.0.102.44
+#workers:
+# - name : aknode43
+# oob: 192.168.41.43
+# host: 192.168.2.43
+# storage: 172.31.2.43
+# pxe: 172.30.2.43
+# ksn: 172.29.1.43
+# neutron: 10.0.102.43
+# - name : aknode44
+# oob: 192.168.41.44
+# host: 192.168.2.44
+# storage: 172.31.2.44
+# pxe: 172.30.2.44
+# ksn: 172.29.1.44
+# neutron: 10.0.102.44
hardware:
vendor: DELL
generation: '10'
hw_version: '3'
bios_version: '2.8'
disks:
- - name : sdj
+ - name : sdg
labels:
bootdrive: 'true'
partitions:
- name: var
size: 100g
mountpoint: /var
- - name : sdb
+ - name : sdh
partitions:
- - name: cephj0
- size: 100g
- mountpoint: /var/lib/openstack-helm/ceph/journal0
- - name : sdc
+ - name: ceph
+ size: 300g
+ mountpoint: /var/lib/ceph/journal
+disks_compute:
+ - name : sdg
+ labels:
+ bootdrive: 'true'
partitions:
- - name: cephj1
- size: 100g
- mountpoint: /var/lib/openstack-helm/ceph/journal1
+ - name: root
+ size: 20g
+ mountpoint: /
+ - name: boot
+ size: 1g
+ mountpoint: /boot
+ - name: var
+ size: '>300g'
+ mountpoint: /var
+ - name : sdh
+ partitions:
+ - name: nova
+ size: '99%'
+ mountpoint: /var/lib/nova
genesis_ssh_public_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC/n4mNLAj3XKG2fcm+8eVe0NUlNH0g8DA8KJ53rSLKccm8gm4UgLmGOJyBfUloQZMuOpU6a+hexN4ECCliqI7+KUmgJgsvLkJ3OUMNTEVu9tDX5mdXeffsufaqFkAdmbJ/9PMPiPQ3/UqbbtyEcqoZAwUWf4ggAWSp00SGE1Okg+skPSbDzPVHb4810eXZT1yoIg29HAenJNNrsVxvnMT2kw2OYmLfxgEUh1Ev4c5LnUog4GXBDHQtHAwaIoTu9s/q8VIvGav62RJVFn3U1D0jkiwDLSIFn8ezORQ4YkSidwdSrtqsqa2TJ0E5w/n5h5IVGO9neY8YlXrgynLd4Y+7 root@pocnjrsv132"
kubernetes:
api_service_ip: 10.96.0.1
#!/usr/bin/python
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: shipyard/DeploymentConfiguration/v1
+metadata:
+ schema: metadata/Document/v1
+ name: deployment-configuration
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ armada:
+ manifest: 'full-site'
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: promenade/Genesis/v1
+metadata:
+ schema: metadata/Document/v1
+ name: genesis-site
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: genesis-global
+ actions:
+ - method: replace
+ path: .labels.dynamic
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data:
+ labels:
+ dynamic:
+ - beta.kubernetes.io/fluentd-ds-ready=true
+ - calico-etcd=enabled
+ - ceph-mds=enabled
+ - ceph-mon=enabled
+ - ceph-osd=enabled
+ - ceph-rgw=enabled
+ - ceph-mgr=enabled
+ - kube-dns=enabled
+ - kube-ingress=enabled
+ - kubernetes-apiserver=enabled
+ - kubernetes-controller-manager=enabled
+ - kubernetes-etcd=enabled
+ - kubernetes-scheduler=enabled
+ - promenade-genesis=enabled
+ - ucp-control-plane=enabled
+ - maas-control-plane=enabled
+ - ceph-osd-bootstrap=enabled
+# - openstack-libvirt=kernel
+# - openvswitch=enabled
+# - openstack-control-plane=enabled
+# - openstack-nova-compute=enabled
+...
--- /dev/null
+---
+# self-signed certifacte generated based on
+# https://libvirt.org/remote.html#Remote_certificates
+metadata:
+ layeringDefinition:
+ abstract: false
+ layer: site
+ name: ingress-crt
+ schema: metadata/Document/v1
+ storagePolicy: cleartext
+schema: deckhand/Certificate/v1
+data: |
+ -----BEGIN CERTIFICATE-----
+ MIIFKzCCA5OgAwIBAgIMW2h6FCcFdKeaw3vnMA0GCSqGSIb3DQEBCwUAMBIxEDAO
+ BgNVBAMTB0FpcnNoaXAwHhcNMTgwODA2MTY0MDUyWhcNMTkwODA2MTY0MDUyWjBJ
+ MTUwMwYDVQQDEyxpbmdyZXNzLmFpcnNoaXAtc2Vhd29ydGh5LmF0bGFudGFmb3Vu
+ ZHJ5LmNvbTEQMA4GA1UEChMHQWlyc2hpcDCCAaIwDQYJKoZIhvcNAQEBBQADggGP
+ ADCCAYoCggGBALvNHm/G/ylh6aPcvrhOcb4qz1BjcNtnxH8bzZng/rMeX3W2AzjC
+ r2JloJcDvOLBp/TkLOZPImnFW2/GCwktxPgXZuBTPzFV50g77KsPFw0fn3Si7+bs
+ F22tLhdOGk6MQj/WW4pKGHqdw1/VbPwOHBT+I4/scR1L2SZxYtSFIKGenHJH+PMV
+ bCdwnNOR80F8KRzK5iZs/r6S/QqVheieARSWWnk2+TtkM1BloGOhLSd+ZkWh9VO1
+ eOnZowkaDAJwD/G6zoSr5n+beaXzDnEcoVXFSwd4FLoV+om77o92XmZ4rVw0vTMO
+ k6jVwmkdT+dM2K2hLUG/TXWoV2/Qms70gzDOs85RtAkTPe4Ohtdpr51Q0hd35TKG
+ YLKzX/OPblD68iYJYSBvMPpAVTbFYVPW1AQx8wWfannYbMoeL8XTEOKfkqm90YP9
+ EhIdtmw4D7GZxlzG5FXXutmT9sqLfqlRu/RynAhBP8NQvw74WumhOe8r7GhCwgzC
+ gaPLGjeekoS6LQIDAQABo4IBSDCCAUQwDAYDVR0TAQH/BAIwADCBzQYDVR0RBIHF
+ MIHCgixpbmdyZXNzLmFpcnNoaXAtc2Vhd29ydGh5LmF0bGFudGFmb3VuZHJ5LmNv
+ bYIta2V5c3RvbmUuYWlyc2hpcC1zZWF3b3J0aHkuYXRsYW50YWZvdW5kcnkuY29t
+ gilub3ZhLmFpcnNoaXAtc2Vhd29ydGh5LmF0bGFudGFmb3VuZHJ5LmNvbYIsaG9y
+ aXpvbi5haXJzaGlwLXNlYXdvcnRoeS5hdGxhbnRhZm91bmRyeS5jb22HBAoXFQuH
+ BAoXFgswEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0PAQH/BAUDAwegADAdBgNV
+ HQ4EFgQUfTAjNgn/1U1Uh1MJDYT2m4dzhsYwHwYDVR0jBBgwFoAUJFuXPZo6RzfE
+ BlJjnnk5jhcP4wIwDQYJKoZIhvcNAQELBQADggGBAE2ISWmrxqrledJI3aLaS9Yw
+ WsZc8O8CnIyLoxrE85vUubFjuI9ixC/6dJxl2iB1n0H8JgmFREox32Q4+kDJI8V/
+ X9x0PFpRzL7QEPrLZhW94Yis3sOphLW0rf0t06ZepdHHeodYJu1pVMDmLq6bKXdX
+ vo+/WwKnZBXC1qPbXJByv/CN9MtViXOnBGORFRTJPb6U8379LNWclJ/LW12yTwNk
+ JGIbZU61Vxu+2nLIabmmRoODH2jomgMOMMzLgjT3Hvw3whe8GrUoxDiPYQVTDGNm
+ ly6m+5B1Nx06fkZazonozeaOhSQ7RblUSbo+w8TJmLRzD9ft7p4vpjBGxRADMcuF
+ DOjATgdZeisBUHTGEO0P6wJOBQuCFMX9AVl+u8ZpcuRaRaN+pBE6/BqcHBB6qV/N
+ w2DdNtP8BrJ3kJVNEDIo5oTbH5SToxgA4hWBV42M1rB+5vIMDKN3rwVDdNKWYhYc
+ VZpU3V9V6JzSW1O2w4Wu9PdbWJD9oSvC0qJgnjOXzg==
+ -----END CERTIFICATE-----
+...
+---
+metadata:
+ layeringDefinition:
+ abstract: false
+ layer: site
+ name: ingress-ca
+ schema: metadata/Document/v1
+ storagePolicy: cleartext
+schema: deckhand/CertificateAuthority/v1
+data: |
+ -----BEGIN CERTIFICATE-----
+ MIID7TCCAlWgAwIBAgIMW2h3tgSwie0Ypx8eMA0GCSqGSIb3DQEBCwUAMBIxEDAO
+ BgNVBAMTB0FpcnNoaXAwHhcNMTgwODA2MTYzMDQ2WhcNMTkwODA2MTYzMDQ2WjAS
+ MRAwDgYDVQQDEwdBaXJzaGlwMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKC
+ AYEAny0Nqu9U2tXdCCTNzD2T62htMmBLg3CmzWajfbfFl7ALqzo3HgbbY3PxTHDE
+ OJ/lwdm0HkEaGfEDXhJd06WZsa8+fKGqhKXvZXwXx5mJ8LCGxz6xiaxwo9lnKe6V
+ o3YX7bJ5YIVxQ2jhvZo+dY8Z/buloi2Tp2HbqTejKULH9+qdiQTDXAnyR0NLqzJ0
+ YQ4v4yU3zix3nBi8z29lQekGO9quNEka3nw2n0Gxmq5z1bNALGCF5F759mVkB0uT
+ fPGF+zm9eqlqAgduYg7R+JYUumVHvIoRY454GtAdZHTJHJZP0gQSGJsLff8ROFpI
+ GVYsOZhJXU9Ihc5VBC5PMErbmCn0YkuxAWNOYBstZ8l+uY6YiPoFV5Ulc/8M0If+
+ T6jbqzWoFC+4ysgY95RKOw53S4o/T6AFwiIKIw0xp3UfHCf6kr5Y0+XdDn5CXpJB
+ d1KK3PoUWzPSsxcUMXvgKWT4x1vsCId21dn1SmVSOEBhM08VZfjd5bvL9Xjt/E0j
+ mUqDAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcEADAd
+ BgNVHQ4EFgQUJFuXPZo6RzfEBlJjnnk5jhcP4wIwDQYJKoZIhvcNAQELBQADggGB
+ AJaoEtnDoWUUs4nSSqIGcoCfpIO0oqVp8DvkBOcxz5Rz8vMVJSC24/UnuCD2Wknx
+ 2V/E3edXIeRo7duhPtNCT7c8OKY/pJsZQTgOczn4rphoD1pmAIPZmpG6ssPadPiM
+ EP8xWJHZt8NXG7D5kJX2COvBvgNeWXL6MF7Tv8+t5xzt59Vitdb/7lm9Z6jjpvN+
+ zoG0pKx3XYESsnLAVAf00F+kWwds/3x3gQywUAQUDER0jliYUE5id+sojp357Cl9
+ XtY+8zSnTduuP8CfMhwv5p6j9xbqacfT7AzpQ6cy4xcQ7MA6JBQcxbaq4NtvIf6+
+ d/5N9d8LGnfXdCd9iwNy9Qk23Ea0SNhnk9F/NqGBPakU4TbHh4iTYMC/+hDGInpO
+ TIRelTidNBFNaIBg3Z0vsh0lDwbt/xhpXip+ZVBqKMTtktEceiVGru9cYUQA2tKI
+ XNoc5s0uQGMpdFzgED4lXZf+n7yGVMKohvi7Yn96HqujGIrVH6qThsI6m7pUSz40
+ +g==
+ -----END CERTIFICATE-----
+...
+---
+metadata:
+ layeringDefinition:
+ abstract: false
+ layer: site
+ name: ingress-key
+ schema: metadata/Document/v1
+ storagePolicy: cleartext
+schema: deckhand/CertificateKey/v1
+data: |
+ -----BEGIN RSA PRIVATE KEY-----
+ MIIG4wIBAAKCAYEAu80eb8b/KWHpo9y+uE5xvirPUGNw22fEfxvNmeD+sx5fdbYD
+ OMKvYmWglwO84sGn9OQs5k8iacVbb8YLCS3E+Bdm4FM/MVXnSDvsqw8XDR+fdKLv
+ 5uwXba0uF04aToxCP9ZbikoYep3DX9Vs/A4cFP4jj+xxHUvZJnFi1IUgoZ6cckf4
+ 8xVsJ3Cc05HzQXwpHMrmJmz+vpL9CpWF6J4BFJZaeTb5O2QzUGWgY6EtJ35mRaH1
+ U7V46dmjCRoMAnAP8brOhKvmf5t5pfMOcRyhVcVLB3gUuhX6ibvuj3ZeZnitXDS9
+ Mw6TqNXCaR1P50zYraEtQb9NdahXb9CazvSDMM6zzlG0CRM97g6G12mvnVDSF3fl
+ MoZgsrNf849uUPryJglhIG8w+kBVNsVhU9bUBDHzBZ9qedhsyh4vxdMQ4p+Sqb3R
+ g/0SEh22bDgPsZnGXMbkVde62ZP2yot+qVG79HKcCEE/w1C/Dvha6aE57yvsaELC
+ DMKBo8saN56ShLotAgMBAAECggGAYzZDhA1+sx/0zApL/xYB5NK83t0Ju/8fwX6w
+ qUBBjeLXz1mubgf7m2HQ6ragzLI9xpPcXHcl2PbYDT50ig7R5baHNK8FzUxyeKif
+ qOa56Mbx+C4zyqyi2+AHX2x1XVWfkhXuGip2sCA0HKalgqr5juWLZ/ci8rUlLLft
+ 3BPQX1FpmL4I+HIyxsspLmQGPGwZVAqkd1xRX+BLKZJAQdlm/LdJaIvwMr4Glcx6
+ ZOe68QhHgzXCYsyV6gR9qstF2OvVuLa2mUc7EzYInFIFhXUdAAwmDqkuuLRdRQhf
+ Ur8nqQW33T0cG0GBUzgBI5YmSPJvTSzcPmeSyNVx2/Yb0pkuXtCw67oDcAsN4nW8
+ uls49E2RaiLJYsy5vPsX5aJNcAxw/CWLdadQ3ukviD/MDJbpTl4F52GOVYL6K4XH
+ g5TJjj7xzjmK3ldR/Kscg7HpCitQLGUYdgIsAFdspXf4aSIa68IjDrc5NsJZuMzc
+ PbVHrw7QYNfHY7VNdUlOVqH5lS3BAoHBANRqKrQXtnJmM006TCEJXdcN/5M685jz
+ +L4Ox0Rhrq8ROgcN5q/hjKb6kP/MccQ9voGQOl9TKEyinGNdTtyc/fuH7RNlQwpS
+ HT+vEzVEcrSe8UFs8c6oJnHFO72ylFcibFf56LvbI3L8BZXp7gPSPQkp5f1NWEZk
+ X5bUL4UNiOm0diltba/ofxywF0M9WGD00eqi0Q29JRlvun+355j06CENxRoonNZC
+ wk1evIxhhckP9zLjI2Ykb1hV6yzwPWtmyQKBwQDiVgru/B396KhzDhLl5AL+pBWA
+ GsfiCbmPLh6W6V5VzldB4+GlMRrJ4zSjZQ3/nvX5KepqjMn1N6LQpZQUI/YShCKE
+ mW0XMiAfbp2d23MRMjLD8L/bIoBHQOPkCaMjbmyDOlCagWakEvHJO/TieVgTmYk6
+ mtEYVjJFWI9OCNMAHdl8ovWr3p+8YbVZ8LLv5ZO/V1cIjczoNQ6p8LG/pPMTDLXM
+ ScN9a8z3f8LQLBHBlu0155xvt95PQLAon/x21kUCgcAvPVk36hoiQQZhw3hQ1JNx
+ E2TmanLobkHAiurYE11VA+DC1t2Z+fBc5la+/MnEWfL3P4srzgOlX3imRIcYWzXE
+ 7crUyG1ray2kDxyXeRyFfN+srDzut8is/q81lfSVmEs+GY8f0DGHDfN0Dq1nXidC
+ 1XWXqs7aANKdaZ0T2xm61+57ciG1wGAckjDqPEdecLQKmaEijBEnIgj5BH5WLwk8
+ 6KIQGj4fDIPHzyzhj4LAX3ObdpZVzf6RR7JgsSEHtLkCgcBROW2dDC87MqZY++D+
+ TVBhz8LDgVjgHntQDc3+fGtVQcKAq+YLYU7qyrXWOWrHpGVDcK5mZHYJoVi1peY5
+ QBqL1I2KpoDGxT9P6GN6BgoKTsh3FsvTOVNtvrTJ3keEbJlWkrPgbrXGBeJtRC4C
+ pGdeSUg9FtgY8r4BsuFisLoAHbYyC008y5zpfusVBtNAUlQuY4qhUDoLzxafF/jB
+ /NEasgH/+SzFss0QuPHRwS7yGVaxdJfoY8TNDjrpqVhx0T0CgcEAvKG4UoWvT8gJ
+ pIeeAxxnv9yrMxgpntu4RXPDHgfX5tva6EaM3r3nLXjd9FVtlQ4cNBMhp9HNhS3a
+ dK+oEDcBysVxxfltlS2Bx0+gQf3WxgBCJwayKe3i/XCDza92EENgxTPmqB1LHiq5
+ 2b5aOl2Y5fP0eX6UryxRc443c/ejMHw4lGwnno0qpRk9M9Ucqv5J96QCfAlBSQQS
+ gOG9cypL0kBWzCejn9W4av8HkM8Noqd7Tqul1onv/46OBaX51kt3
+ -----END RSA PRIVATE KEY-----
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ceph_fsid
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 3e2a3755-863a-423b-bf19-e8b5bf7f3d95
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ceph_swift_keystone_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 610becbb8563c2d7abb2
+...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
abstract: false
layer: site
storagePolicy: cleartext
-data: {{yaml.ipmi_admin_password}}
+data: calvin
...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: maas-region-key
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 3858f62230ac3c915f300c664312c63f
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_barbican_oslo_db_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: d992b45a48a3bf2698bc
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_barbican_oslo_messaging_admin_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: c01c594967dfd4024121
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_barbican_oslo_messaging_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 7451bf1643ee73782da9
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_barbican_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: ec1a97a83907f193a717
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_barbican_rabbitmq_erlang_cookie
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 634c104df082faf67332
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_cinder_oslo_db_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 4be86cd9e1e9fc3f7dc5
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_cinder_oslo_messaging_admin_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 8d143e5fb4b4dac3768c
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_cinder_oslo_messaging_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: ac0217906c77ee117000
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_cinder_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 4dca0954fba72f359566
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_cinder_rabbitmq_erlang_cookie
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: f3bda8af291469d2240d
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_glance_oslo_db_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 153a394cfd01623987a7
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_glance_oslo_messaging_admin_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 2c3fcccd6597903cb67c
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_glance_oslo_messaging_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 597a366bd4f86f2d7070
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_glance_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: bf7662ee82349d8ce8a2
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_glance_rabbitmq_erlang_cookie
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 245f4c5f7ca0d06e8416
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_heat_oslo_db_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 6d5cbe4e78499e7ea1be
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_heat_oslo_messaging_admin_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 0fb3767e5bd60737c3ce
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_heat_oslo_messaging_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 2f986c8b860f5e2e6e67
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_heat_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 444f3082037eb9921782
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_heat_rabbitmq_erlang_cookie
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 7a525e66176fd10c317a
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_heat_stack_user_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 3cfcdb863f68ec896735
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_heat_trustee_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 6b1727c22c773c902647
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_horizon_oslo_db_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 97456d11a2389e0a68b9
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_infra_addons_jenkins_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 0ca991324505e13f7a77
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_infra_elasticsearch_admin_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: b12f1e35c6951455d62d
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_infra_grafana_admin_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 573a60b9ca0e5639f86b
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_infra_grafana_oslo_db_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 6e9a3a90bdac0988b850
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_infra_grafana_oslo_db_session_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: e59fde1e4e2ca04a0e6d
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_infra_kibana_admin_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: c3d955527901302d2c10
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_infra_nagios_admin_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: cc78bc60e26c2f5a28fa
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_infra_openstack_exporter_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: d5f5133765b1ab430e85
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_infra_oslo_db_admin_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: f6a5b5fe9e6eb437c207
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_keystone_admin_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: a3df1a9771d9f0480bb2
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_keystone_ldap_mechid_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 5aacc198d8a1edeff4a8
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_keystone_ldap_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 5aacc198d8a1edeff4a8
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_keystone_oslo_db_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 57cfda14a8ec656b9ccf
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_keystone_oslo_messaging_admin_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: c7e2ef5bfab729b9cdf1
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_keystone_oslo_messaging_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: a00052e05aa7e1b704bc
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_keystone_rabbitmq_erlang_cookie
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 7388108f67be16a4f252
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_neutron_oslo_db_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 5496c4a52d6223a1bc6c
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_neutron_oslo_messaging_admin_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 4eaff3effbc9a1b5ddc3
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_neutron_oslo_messaging_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 10a9e6ad21ef9f43173c
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_neutron_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 9bb23c5d7181eabc52f7
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_neutron_rabbitmq_erlang_cookie
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: afa9d3d0af33dcc3ca57
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_nova_oslo_db_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: a1b32d78a4e4deee451a
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_nova_oslo_messaging_admin_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: c450b0c73cafa654e144
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_nova_oslo_messaging_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 173ec39e9f950f86ae24
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_nova_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: a48fdaacf7bd05f7c3ff
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_nova_rabbitmq_erlang_cookie
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 410fe4f619b2cc8c417b
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_oslo_cache_secret_key
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 083d87906595da201c0b
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_oslo_db_admin_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 3affb82b52f975a256a8
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_placement_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: c8d291a1a4dfa9fd41e0
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_airflow_postgres_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 2b2e4c8018c2b4ae511f
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_armada_keystone_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 1263859ed8265dac6feb
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_barbican_keystone_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 138611c0102dc397da43
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_barbican_oslo_db_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 9915552068ae3e3dc2e2
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_deckhand_keystone_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 05f4bbbb3be35cc9b1ac
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_deckhand_postgres_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 3f4f1368325e1d492ee0
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_drydock_keystone_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 40cdf9c49bd6c7e66bc8
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_drydock_postgres_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 4c771ed9d38d38f4d939
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_keystone_admin_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: e170ddbdf99b022ae1fd
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_keystone_oslo_db_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 276a90de2bf3be8d1df8
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_maas_admin_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 825958a1a47ccba33b2a
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_maas_postgres_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: f3401297fd1b8e4b6df4
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_oslo_db_admin_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 045d835905deff7c4ed9
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_oslo_messaging_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 8744bd7b9d14fa037451
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_postgres_admin_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: a7330557eea3ce512402
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_promenade_keystone_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 4533ad6a479120ef4710
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_rabbitmq_erlang_cookie
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 541fe3ba1c65bd553e9a
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_shipyard_keystone_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 86db58e20de93ef55477
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_shipyard_postgres_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: d1fcd313bdc5fe69464b
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: coredns
+ replacement: true
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: coredns-global
+ actions:
+ - method: replace
+ path: .values.conf.coredns.corefile
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+ substitutions:
+ # Zones
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .dns.cluster_domain
+ dest:
+ path: .values.conf.coredns.corefile
+ pattern: '(CLUSTER_DOMAIN)'
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .kubernetes.service_cidr
+ dest:
+ path: .values.conf.coredns.corefile
+ pattern: '(SERVICE_CIDR)'
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .kubernetes.pod_cidr
+ dest:
+ path: .values.conf.coredns.corefile
+ pattern: '(POD_CIDR)'
+
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .dns.upstream_servers[0]
+ dest:
+ path: .values.conf.coredns.corefile
+ pattern: '(UPSTREAM1)'
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .dns.upstream_servers[1]
+ dest:
+ path: .values.conf.coredns.corefile
+ pattern: '(UPSTREAM2)'
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .dns.upstream_servers[2]
+ dest:
+ path: .values.conf.coredns.corefile
+ pattern: '(UPSTREAM3)'
+data:
+ values:
+ conf:
+ coredns:
+ # TODO(alanmeadows) this needs to be adjusted to use substition
+ corefile: |
+ .:53 {
+ errors
+ health
+ autopath @kubernetes
+ kubernetes CLUSTER_DOMAIN SERVICE_CIDR POD_CIDR {
+ pods insecure
+ fallthrough in-addr.arpa ip6.arpa
+ upstream UPSTREAM1
+ upstream UPSTREAM2
+ upstream UPSTREAM3
+ }
+ prometheus :9153
+ proxy . UPSTREAM1
+ proxy . UPSTREAM2
+ proxy . UPSTREAM3
+ cache 30
+ }
+...
--- /dev/null
+---
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: elasticsearch
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ hosttype: elasticsearch-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data: {}
+...
--- /dev/null
+---
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: fluent-logging
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ hosttype: fluent-logging-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data: {}
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp-divingbell
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: ucp-divingbell-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+ substitutions:
+ - dest:
+ path: .values.conf.uamlite.users[0].user_sshkeys[0]
+ src:
+ schema: deckhand/PublicKey/v1
+ name: localadmin_ssh_public_key
+ path: .
+
+data:
+ values:
+ conf:
+ uamlite:
+ users:
+ - user_name: localadmin
+ user_sudo: true
+ user_sshkeys: []
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp-maas
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: ucp-maas-global
+ actions:
+ - method: replace
+ path: .values.conf.maas.proxy
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data:
+ values:
+ conf:
+ maas:
+ ntp:
+ disable_ntpd_region: true
+ disable_ntpd_rack: true
+ images:
+ default_os: 'ubuntu'
+ default_image: 'xenial'
+ default_kernel: 'hwe-16.04'
+ proxy:
+ proxy_enabled: 'false'
+ peer_proxy_enabled: false
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: pegleg/CommonSoftwareConfig/v1
+metadata:
+ schema: metadata/Document/v1
+ name: common-software-config
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ osh:
+ region_name: RegionOne
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: pegleg/EndpointCatalogue/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_endpoints
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+ # substitutions:
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .ucp.identity.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .ucp.shipyard.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .ceph.object_store.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .ceph.ceph_object_store.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .ceph.object_store.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .ceph.object_store.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .ceph.object_store.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .ceph.ceph_object_store.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .ceph.ceph_object_store.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .ceph.ceph_object_store.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .ucp.identity.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .ucp.identity.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .ucp.identity.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .ucp.shipyard.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .ucp.shipyard.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .ucp.shipyard.host_fqdn_override.public.tls.key
+data:
+ ucp:
+ identity:
+ namespace: ucp
+ name: keystone
+ hosts:
+ default: keystone-api
+ public: keystone
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: iam.DOMAIN
+ path:
+ default: /v3
+ scheme:
+ default: http
+ # public: https
+ port:
+ admin:
+ default: 35357
+ api:
+ default: 80
+ public: 80
+ armada:
+ name: armada
+ hosts:
+ default: armada-api
+ public: armada
+ port:
+ api:
+ default: 8000
+ path:
+ default: /api/v1.0
+ scheme:
+ default: http
+ host_fqdn_override:
+ default: null
+ deckhand:
+ name: deckhand
+ hosts:
+ default: deckhand-int
+ public: deckhand-api
+ port:
+ api:
+ default: 9000
+ path:
+ default: /api/v1.0
+ scheme:
+ default: http
+ host_fqdn_override:
+ default: null
+ postgresql:
+ name: postgresql
+ hosts:
+ default: postgresql
+ path: /DB_NAME
+ scheme: postgresql+psycopg2
+ port:
+ postgresql:
+ default: 5432
+ host_fqdn_override:
+ default: null
+ postgresql_airflow_celery:
+ name: postgresql_airflow_celery_db
+ hosts:
+ default: postgresql
+ path: /DB_NAME
+ scheme: db+postgresql
+ port:
+ postgresql:
+ default: 5432
+ host_fqdn_override:
+ default: null
+ oslo_db:
+ hosts:
+ default: mariadb
+ discovery: mariadb-discovery
+ host_fqdn_override:
+ default: null
+ path: /DB_NAME
+ scheme: mysql+pymysql
+ port:
+ mysql:
+ default: 3306
+ wsrep:
+ default: 4567
+ key_manager:
+ name: barbican
+ hosts:
+ default: barbican-api
+ public: barbican
+ host_fqdn_override:
+ default: null
+ path:
+ default: /v1
+ scheme:
+ default: http
+ port:
+ api:
+ default: 9311
+ public: 80
+ oslo_messaging:
+ namespace: null
+ hosts:
+ default: rabbitmq
+ host_fqdn_override:
+ default: null
+ path: /openstack
+ scheme: rabbit
+ port:
+ amqp:
+ default: 5672
+ oslo_cache:
+ hosts:
+ default: memcached
+ host_fqdn_override:
+ default: null
+ port:
+ memcache:
+ default: 11211
+ physicalprovisioner:
+ name: drydock
+ hosts:
+ default: drydock-api
+ port:
+ api:
+ default: 9000
+ nodeport: 31900
+ path:
+ default: /api/v1.0
+ scheme:
+ default: http
+ host_fqdn_override:
+ default: null
+ maas_region_ui:
+ name: maas-region-ui
+ hosts:
+ default: maas-region-ui
+ public: maas
+ path:
+ default: /MAAS
+ scheme:
+ default: "http"
+ port:
+ region_ui:
+ default: 80
+ public: 80
+ host_fqdn_override:
+ default: null
+ kubernetesprovisioner:
+ name: promenade
+ hosts:
+ default: promenade-api
+ port:
+ api:
+ default: 80
+ path:
+ default: /api/v1.0
+ scheme:
+ default: http
+ host_fqdn_override:
+ default: null
+ shipyard:
+ name: shipyard
+ hosts:
+ default: shipyard-int
+ public: shipyard-api
+ port:
+ api:
+ default: 9000
+ public: 80
+ path:
+ default: /api/v1.0
+ scheme:
+ default: http
+ # public: https
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: shipyard.DOMAIN
+ airflow_web:
+ name: airflow-web
+ hosts:
+ default: airflow-web-int
+ public: airflow-web
+ port:
+ airflow_web:
+ default: 8080
+ path:
+ default: /
+ scheme:
+ default: http
+ host_fqdn_override:
+ default: null
+ airflow_flower:
+ name: airflow-flower
+ hosts:
+ default: airflow-flower
+ port:
+ airflow_flower:
+ default: 5555
+ path:
+ default: /
+ scheme:
+ default: http
+ host_fqdn_override:
+ default: null
+ ceph:
+ object_store:
+ name: swift
+ namespace: ceph
+ hosts:
+ default: ceph-rgw
+ public: radosgw
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: object-store.DOMAIN
+ path:
+ default: /swift/v1
+ scheme:
+ default: http
+ # public: "https"
+ port:
+ api:
+ default: 8088
+ # public: 443
+ ceph_object_store:
+ name: radosgw
+ namespace: ceph
+ hosts:
+ default: ceph-rgw
+ public: radosgw
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: object-store.DOMAIN
+ path:
+ default: /auth/v1.0
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8088
+ # public: 443
+ ceph_mon:
+ namespace: ceph
+ hosts:
+ default: ceph-mon
+ discovery: ceph-mon-discovery
+ host_fqdn_override:
+ default: null
+ port:
+ mon:
+ default: 6789
+ ceph_mgr:
+ namespace: ceph
+ hosts:
+ default: ceph-mgr
+ host_fqdn_override:
+ default: null
+ port:
+ mgr:
+ default: 7000
+ scheme:
+ default: http
+...
+---
+schema: pegleg/EndpointCatalogue/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_endpoints
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+ # substitutions:
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.object_store.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.ceph_object_store.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.object_store.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.object_store.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.object_store.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.ceph_object_store.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.ceph_object_store.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.ceph_object_store.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.image.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.cloudformation.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.orchestration.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.compute.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.compute_novnc_proxy.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.placement.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.network.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.identity.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.dashboard.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.volume.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.volumev2.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.volumev3.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.identity.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.identity.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.identity.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.orchestration.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.orchestration.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.orchestration.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.cloudformation.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.cloudformation.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.cloudformation.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.dashboard.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.dashboard.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.dashboard.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.image.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.image.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.image.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.volume.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.volume.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.volume.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.volumev2.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.volumev2.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.volumev2.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.volumev3.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.volumev3.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.volumev3.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.compute.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.compute.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.compute.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.compute_novnc_proxy.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.compute_novnc_proxy.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.compute_novnc_proxy.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.placement.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.placement.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.placement.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.network.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.network.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.network.host_fqdn_override.public.tls.key
+data:
+ osh:
+ object_store:
+ name: swift
+ namespace: ceph
+ hosts:
+ default: ceph-rgw
+ public: radosgw
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: object-store.DOMAIN
+ path:
+ default: /swift/v1/KEY_$(tenant_id)s
+ scheme:
+ default: http
+ # public: "https"
+ port:
+ api:
+ default: 8088
+ # public: 443
+ ceph_object_store:
+ name: radosgw
+ namespace: ceph
+ hosts:
+ default: ceph-rgw
+ public: radosgw
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: object-store.DOMAIN
+ path:
+ default: /auth/v1.0
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8088
+ # public: 443
+ oslo_db:
+ hosts:
+ default: mariadb
+ discovery: mariadb-discovery
+ host_fqdn_override:
+ default: null
+ path: /DB_NAME
+ scheme: mysql+pymysql
+ port:
+ mysql:
+ default: 3306
+ wsrep:
+ default: 4567
+ keystone_oslo_messaging:
+ namespace: openstack
+ hosts:
+ default: keystone-rabbitmq
+ host_fqdn_override:
+ default: null
+ path: /keystone
+ scheme: rabbit
+ port:
+ amqp:
+ default: 5672
+ http:
+ default: 15672
+ keystone_rabbitmq_exporter:
+ namespace: openstack
+ hosts:
+ default: keystone-rabbitmq-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: /metrics
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9095
+ oslo_cache:
+ namespace: openstack
+ hosts:
+ default: memcached
+ host_fqdn_override:
+ default: null
+ port:
+ memcache:
+ default: 11211
+ identity:
+ namespace: openstack
+ name: keystone
+ hosts:
+ default: keystone-api
+ public: keystone
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: identity.DOMAIN
+ path:
+ default: /v3
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ admin:
+ default: 35357
+ api:
+ default: 80
+ # public: 443
+ glance_oslo_messaging:
+ namespace: openstack
+ hosts:
+ default: glance-rabbitmq
+ host_fqdn_override:
+ default: null
+ path: /glance
+ scheme: rabbit
+ port:
+ amqp:
+ default: 5672
+ http:
+ default: 15672
+ glance_rabbitmq_exporter:
+ namespace: openstack
+ hosts:
+ default: glance-rabbitmq-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: /metrics
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9095
+ image:
+ name: glance
+ hosts:
+ default: glance-api
+ public: glance
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: image.DOMAIN
+ path:
+ default: null
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 9292
+ # public: 443
+ image_registry:
+ name: glance-registry
+ hosts:
+ default: glance-registry
+ public: glance-reg
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ scheme:
+ default: "http"
+ port:
+ api:
+ default: 9191
+ public: 80
+ cinder_oslo_messaging:
+ namespace: openstack
+ hosts:
+ default: cinder-rabbitmq
+ host_fqdn_override:
+ default: null
+ path: /cinder
+ scheme: rabbit
+ port:
+ amqp:
+ default: 5672
+ http:
+ default: 15672
+ cinder_rabbitmq_exporter:
+ namespace: openstack
+ hosts:
+ default: cinder-rabbitmq-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: /metrics
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9095
+ volume:
+ name: cinder
+ hosts:
+ default: cinder-api
+ public: cinder
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: volume.DOMAIN
+ path:
+ default: "/v1/%(tenant_id)s"
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8776
+ # public: 443
+ volumev2:
+ name: cinderv2
+ hosts:
+ default: cinder-api
+ public: cinder
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: volume.DOMAIN
+ path:
+ default: "/v2/%(tenant_id)s"
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8776
+ # public: 443
+ volumev3:
+ name: cinderv3
+ hosts:
+ default: cinder-api
+ public: cinder
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: volume.DOMAIN
+ path:
+ default: "/v3/%(tenant_id)s"
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8776
+ # public: 443
+ heat_oslo_messaging:
+ namespace: openstack
+ hosts:
+ default: heat-rabbitmq
+ host_fqdn_override:
+ default: null
+ path: /heat
+ scheme: rabbit
+ port:
+ amqp:
+ default: 5672
+ http:
+ default: 15672
+ heat_rabbitmq_exporter:
+ namespace: openstack
+ hosts:
+ default: heat-rabbitmq-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: /metrics
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9095
+ orchestration:
+ name: heat
+ hosts:
+ default: heat-api
+ public: heat
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: orchestration.DOMAIN
+ path:
+ default: "/v1/%(project_id)s"
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8004
+ # public: 443
+ cloudformation:
+ name: heat-cfn
+ hosts:
+ default: heat-cfn
+ public: cloudformation
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: cloudformation.DOMAIN
+ path:
+ default: /v1
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8000
+ # public: 443
+ cloudwatch:
+ name: heat-cloudwatch
+ hosts:
+ default: heat-cloudwatch
+ public: cloudwatch
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ type: null
+ scheme:
+ default: "http"
+ port:
+ api:
+ default: 8003
+ public: 80
+ neutron_oslo_messaging:
+ namespace: openstack
+ hosts:
+ default: neutron-rabbitmq
+ host_fqdn_override:
+ default: null
+ path: /neutron
+ scheme: rabbit
+ port:
+ amqp:
+ default: 5672
+ http:
+ default: 15672
+ neutron_rabbitmq_exporter:
+ namespace: openstack
+ hosts:
+ default: neutron-rabbitmq-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: /metrics
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9095
+ network:
+ name: neutron
+ hosts:
+ default: neutron-server
+ public: neutron
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: network.DOMAIN
+ path:
+ default: null
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 9696
+ # public: 443
+ nova_oslo_messaging:
+ namespace: openstack
+ hosts:
+ default: nova-rabbitmq
+ host_fqdn_override:
+ default: null
+ path: /nova
+ scheme: rabbit
+ port:
+ amqp:
+ default: 5672
+ http:
+ default: 15672
+ nova_rabbitmq_exporter:
+ namespace: openstack
+ hosts:
+ default: nova-rabbitmq-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: /metrics
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9095
+ compute:
+ name: nova
+ hosts:
+ default: nova-api
+ public: nova
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: compute.DOMAIN
+ path:
+ default: "/v2/%(tenant_id)s"
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8774
+ # public: 443
+ novncproxy:
+ default: 443
+ compute_metadata:
+ name: nova
+ hosts:
+ default: nova-metadata
+ public: metadata
+ host_fqdn_override:
+ default: null
+ path:
+ default: /
+ scheme:
+ default: "http"
+ port:
+ metadata:
+ default: 8775
+ public: 80
+ compute_novnc_proxy:
+ name: nova
+ hosts:
+ default: nova-novncproxy
+ public: novncproxy
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: nova-novncproxy.DOMAIN
+ path:
+ default: /vnc_auto.html
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ novnc_proxy:
+ default: 6080
+ # public: 443
+ compute_spice_proxy:
+ name: nova
+ hosts:
+ default: nova-spiceproxy
+ host_fqdn_override:
+ default: null
+ path:
+ default: /spice_auto.html
+ scheme:
+ default: "http"
+ port:
+ spice_proxy:
+ default: 6082
+ placement:
+ name: placement
+ hosts:
+ default: placement-api
+ public: placement
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: placement.DOMAIN
+ path:
+ default: /
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8778
+ # public: 443
+ dashboard:
+ name: horizon
+ hosts:
+ default: horizon-int
+ public: horizon
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: dashboard.DOMAIN
+ path:
+ default: null
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ web:
+ default: 80
+ # public: 443
+...
+---
+schema: pegleg/EndpointCatalogue/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_infra_endpoints
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+ # substitutions:
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh_infra.kibana.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh_infra.grafana.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh_infra.nagios.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh_infra.kibana.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh_infra.kibana.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh_infra.kibana.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh_infra.grafana.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh_infra.grafana.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh_infra.grafana.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh_infra.nagios.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh_infra.nagios.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh_infra.nagios.host_fqdn_override.public.tls.key
+ # path: .osh_infra.nagios.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .ldap.base_url
+ # dest:
+ # path: .osh_infra.ldap.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .ldap.auth_path
+ # dest:
+ # path: .osh_infra.ldap.path.default
+ # pattern: AUTH_PATH
+data:
+ osh_infra:
+ elasticsearch:
+ name: elasticsearch
+ namespace: osh-infra
+ hosts:
+ data: elasticsearch-data
+ default: elasticsearch-logging
+ discovery: elasticsearch-discovery
+ public: elasticsearch
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ scheme:
+ default: "http"
+ port:
+ http:
+ default: 80
+ prometheus_elasticsearch_exporter:
+ namespace: null
+ hosts:
+ default: elasticsearch-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: /metrics
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9108
+ fluentd:
+ namespace: osh-infra
+ name: fluentd
+ hosts:
+ default: fluentd-logging
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ scheme:
+ default: "http"
+ port:
+ service:
+ default: 24224
+ metrics:
+ default: 24220
+ prometheus_fluentd_exporter:
+ namespace: osh-infra
+ hosts:
+ default: fluentd-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: /metrics
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9309
+ oslo_db:
+ namespace: osh-infra
+ hosts:
+ default: mariadb
+ host_fqdn_override:
+ default: null
+ path: /DB_NAME
+ scheme: mysql+pymysql
+ port:
+ mysql:
+ default: 3306
+ grafana:
+ name: grafana
+ namespace: osh-infra
+ hosts:
+ default: grafana-dashboard
+ public: grafana
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: grafana.DOMAIN
+ path:
+ default: null
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ grafana:
+ default: 3000
+ # public: 443
+ monitoring:
+ name: prometheus
+ namespace: osh-infra
+ hosts:
+ default: prom-metrics
+ public: prometheus
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ scheme:
+ default: "http"
+ port:
+ api:
+ default: 9090
+ public: 80
+ kibana:
+ name: kibana
+ namespace: osh-infra
+ hosts:
+ default: kibana-dash
+ public: kibana
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: kibana.DOMAIN
+ path:
+ default: null
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ kibana:
+ default: 5601
+ # public: 443
+ alerts:
+ name: alertmanager
+ namespace: osh-infra
+ hosts:
+ default: alerts-engine
+ public: alertmanager
+ discovery: alertmanager-discovery
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ scheme:
+ default: "http"
+ port:
+ api:
+ default: 9093
+ public: 80
+ mesh:
+ default: 6783
+ kube_state_metrics:
+ namespace: kube-system
+ hosts:
+ default: kube-state-metrics
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ scheme:
+ default: "http"
+ port:
+ http:
+ default: 8080
+ kube_scheduler:
+ scheme:
+ default: "http"
+ path:
+ default: /metrics
+ kube_controller_manager:
+ scheme:
+ default: "http"
+ path:
+ default: /metrics
+ node_metrics:
+ namespace: kube-system
+ hosts:
+ default: node-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9100
+ prometheus_port:
+ default: 9100
+ prometheus_openstack_exporter:
+ namespace: openstack
+ hosts:
+ default: openstack-metrics
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ scheme:
+ default: "http"
+ port:
+ exporter:
+ default: 9103
+ nagios:
+ name: nagios
+ namespace: osh-infra
+ hosts:
+ default: nagios-metrics
+ public: nagios
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: nagios.DOMAIN
+ path:
+ default: null
+ scheme:
+ default: http
+ # public: https
+ port:
+ http:
+ default: 80
+ # public: 443
+ ldap:
+ hosts:
+ default: ldap
+ host_fqdn_override:
+ default: null
+ public:
+ host: DOMAIN
+ path:
+ default: /AUTH_PATH
+ scheme:
+ default: "ldap"
+ port:
+ ldap:
+ default: 389
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: pegleg/AccountCatalogue/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_service_accounts
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ ucp:
+ postgres:
+ admin:
+ username: postgres
+ oslo_db:
+ admin:
+ username: root
+ oslo_messaging:
+ admin:
+ username: rabbitmq
+ keystone:
+ admin:
+ region_name: RegionOne
+ username: admin
+ project_name: admin
+ user_domain_name: default
+ project_domain_name: default
+ oslo_messaging:
+ admin:
+ username: rabbitmq
+ keystone:
+ username: keystone
+ oslo_db:
+ username: keystone
+ database: keystone
+ promenade:
+ keystone:
+ region_name: RegionOne
+ role: admin
+ project_name: service
+ project_domain_name: default
+ user_domain_name: default
+ username: promenade
+ drydock:
+ keystone:
+ region_name: RegionOne
+ role: admin
+ project_name: service
+ project_domain_name: default
+ user_domain_name: default
+ username: drydock
+ postgres:
+ username: drydock
+ database: drydock
+ shipyard:
+ keystone:
+ region_name: RegionOne
+ role: admin
+ project_name: service
+ project_domain_name: default
+ user_domain_name: default
+ username: shipyard
+ postgres:
+ username: shipyard
+ database: shipyard
+ airflow:
+ postgres:
+ username: airflow
+ database: airflow
+ oslo_messaging:
+ username: rabbitmq
+ maas:
+ admin:
+ username: admin
+ email: none@none
+ postgres:
+ username: maas
+ database: maasdb
+ barbican:
+ keystone:
+ region_name: RegionOne
+ role: admin
+ project_name: service
+ project_domain_name: default
+ user_domain_name: default
+ username: barbican
+ oslo_db:
+ username: barbican
+ database: barbican
+ oslo_messaging:
+ admin:
+ username: rabbitmq
+ keystone:
+ username: keystone
+ armada:
+ keystone:
+ project_domain_name: default
+ user_domain_name: default
+ project_name: service
+ region_name: RegionOne
+ role: admin
+ user_domain_name: default
+ username: armada
+ deckhand:
+ keystone:
+ region_name: RegionOne
+ role: admin
+ project_name: service
+ project_domain_name: default
+ user_domain_name: default
+ username: deckhand
+ postgres:
+ username: deckhand
+ database: deckhand
+ ceph:
+ swift:
+ keystone:
+ role: admin
+ region_name: RegionOne
+ username: swift
+ project_name: service
+ user_domain_name: default
+ project_domain_name: default
+...
+---
+schema: pegleg/AccountCatalogue/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_service_accounts
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+ substitutions:
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.keystone.admin.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.cinder.cinder.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.glance.glance.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.heat.heat.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.heat.heat_trustee.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.heat.heat_stack_user.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.swift.keystone.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.neutron.neutron.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.nova.nova.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.nova.placement.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.barbican.barbican.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.barbican.barbican.region_name
+data:
+ osh:
+ keystone:
+ admin:
+ username: admin
+ project_name: admin
+ user_domain_name: default
+ project_domain_name: default
+ oslo_db:
+ username: keystone
+ database: keystone
+ oslo_messaging:
+ admin:
+ username: keystone-rabbitmq-admin
+ keystone:
+ username: keystone-rabbitmq-user
+ ldap:
+ username: "user@example-ldap.com"
+ cinder:
+ cinder:
+ role: admin
+ username: cinder
+ project_name: service
+ user_domain_name: default
+ project_domain_name: default
+ oslo_db:
+ username: cinder
+ database: cinder
+ oslo_messaging:
+ admin:
+ username: cinder-rabbitmq-admin
+ cinder:
+ username: cinder-rabbitmq-user
+ glance:
+ glance:
+ role: admin
+ username: glance
+ project_name: service
+ user_domain_name: default
+ project_domain_name: default
+ oslo_db:
+ username: glance
+ database: glance
+ oslo_messaging:
+ admin:
+ username: glance-rabbitmq-admin
+ glance:
+ username: glance-rabbitmq-user
+ ceph_object_store:
+ username: glance
+ heat:
+ heat:
+ role: admin
+ username: heat
+ project_name: service
+ user_domain_name: default
+ project_domain_name: default
+ heat_trustee:
+ role: admin
+ username: heat-trust
+ project_name: service
+ user_domain_name: default
+ project_domain_name: default
+ heat_stack_user:
+ role: admin
+ username: heat-domain
+ domain_name: heat
+ oslo_db:
+ username: heat
+ database: heat
+ oslo_messaging:
+ admin:
+ username: heat-rabbitmq-admin
+ heat:
+ username: heat-rabbitmq-user
+ swift:
+ keystone:
+ role: admin
+ username: swift
+ project_name: service
+ user_domain_name: default
+ project_domain_name: default
+ oslo_db:
+ admin:
+ username: root
+ neutron:
+ neutron:
+ role: admin
+ username: neutron
+ project_name: service
+ user_domain_name: default
+ project_domain_name: default
+ oslo_db:
+ username: neutron
+ database: neutron
+ oslo_messaging:
+ admin:
+ username: neutron-rabbitmq-admin
+ neutron:
+ username: neutron-rabbitmq-user
+ nova:
+ nova:
+ role: admin
+ username: nova
+ project_name: service
+ user_domain_name: default
+ project_domain_name: default
+ placement:
+ role: admin
+ username: placement
+ project_name: service
+ user_domain_name: default
+ project_domain_name: default
+ oslo_db:
+ username: nova
+ database: nova
+ oslo_db_api:
+ username: nova
+ database: nova_api
+ oslo_db_cell0:
+ username: nova
+ database: "nova_cell0"
+ oslo_messaging:
+ admin:
+ username: nova-rabbitmq-admin
+ nova:
+ username: nova-rabbitmq-user
+ horizon:
+ oslo_db:
+ username: horizon
+ database: horizon
+ barbican:
+ barbican:
+ role: admin
+ username: barbican
+ project_name: service
+ user_domain_name: default
+ project_domain_name: default
+ oslo_db:
+ username: barbican
+ database: barbican
+ oslo_messaging:
+ admin:
+ username: barbican-rabbitmq-admin
+ barbican:
+ username: barbican-rabbitmq-user
+...
+---
+schema: pegleg/AccountCatalogue/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_infra_service_accounts
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ osh_infra:
+ grafana:
+ admin:
+ username: grafana
+ oslo_db:
+ username: grafana
+ database: grafana
+ oslo_db_session:
+ username: grafana_session
+ database: grafana_session
+ elasticsearch:
+ admin:
+ username: elasticsearch
+ kibana:
+ admin:
+ username: kibana
+ oslo_db:
+ admin:
+ username: root
+ prometheus_openstack_exporter:
+ user:
+ username: prometheus-openstack-exporter
+ project_name: service
+ user_domain_name: default
+ nagios:
+ admin:
+ username: nagios
+ ldap:
+ admin:
+ # NEWSITE-CHANGEME: Replace with the site's LDAP account used to
+ # authenticate to the active directory backend to validate keystone
+ # users.
+ bind: "test@ldap.example.com"
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Manifest/v1
+metadata:
+ schema: metadata/Document/v1
+ name: full-site
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: full-site-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data:
+ release_prefix: airship
+ chart_groups:
+ - kubernetes-proxy
+ - kubernetes-container-networking
+ - kubernetes-dns
+ - kubernetes-etcd
+ - kubernetes-haproxy
+ - kubernetes-core
+ - ingress-kube-system
+ - ucp-ceph-update
+ - ucp-ceph-config
+ - ucp-core
+ - ucp-keystone
+ - ucp-divingbell
+ - ucp-armada
+ - ucp-deckhand
+ - ucp-drydock
+ - ucp-promenade
+ - ucp-shipyard
+ - osh-infra-ingress-controller
+ - osh-infra-ceph-config
+ - osh-infra-logging
+ - osh-infra-monitoring
+ - osh-infra-mariadb
+ - osh-infra-dashboards
+ - openstack-ingress-controller
+ - openstack-ceph-config
+ - openstack-mariadb
+ - openstack-memcached
+ - openstack-keystone
+ - openstack-radosgw
+ - openstack-glance
+ - openstack-cinder
+ - openstack-compute-kit
+ - openstack-heat
+ - osh-infra-prometheus-openstack-exporter
+ - openstack-horizon
+...
--- /dev/null
+---
+schema: 'drydock/BootAction/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: i40evf_blacklist
+ storagePolicy: 'cleartext'
+ layeringDefinition:
+ abstract: false
+ layer: site
+ labels:
+ application: 'drydock'
+data:
+ signaling: false
+ node_filter:
+ filter_set_type: 'union'
+ filter_set:
+ - filter_type: 'union'
+ assets:
+ - path: /etc/modprobe.d/sriov_blacklist.conf
+ type: file
+ permissions: '644'
+ data_pipeline:
+ - utf8_decode
+ data: |
+ blacklist i40evf
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: 'drydock/BootAction/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: calico-ip-rules
+ storagePolicy: 'cleartext'
+ layeringDefinition:
+ abstract: false
+ layer: site
+ labels:
+ application: 'drydock'
+ substitutions:
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .kubernetes.pod_cidr
+ dest:
+ path: .assets[0].data
+ pattern: DH_SUB_POD_CIDR
+data:
+ signaling: false
+ assets:
+ - path: /etc/systemd/system/configure-ip-rules.service
+ type: unit
+ permissions: '444'
+ data: |-
+ [Unit]
+ Description=IP Rules Initialization Service
+ After=network-online.target local-fs.target
+
+ [Service]
+ Type=simple
+ ExecStart=/opt/configure-ip-rules.sh -g 172.29.1.1 -c 10.98.0.0/16 -s 172.29.1.128/29
+
+ [Install]
+ WantedBy=multi-user.target
+ data_pipeline:
+ - utf8_decode
+ - path: /opt/configure-ip-rules.sh
+ type: file
+ permissions: '700'
+ data_pipeline:
+ - utf8_decode
+ data: |-
+ #!/bin/bash
+ set -ex
+
+ function usage() {
+ cat <<EOU
+ Options are:
+
+ -c POD_CIDR The pod CIDR for the Kubernetes cluster, e.g. 10.98.0.0/16
+ -i INTERFACE The interface for internal pod traffic, e.g. bond1.2006
+ -o OVERLAP_CIDR (optional) This CIDR will be routed via the VRRP IP on
+ INTERFACE. It is used to provide a work around when
+ complete Calico routes cannot be received via BGP.
+ e.g. 10.96.0.0/15. NOTE: This must include the POD_CIDR.
+ -s SERVICE_CIDR (optional) A routable CIDR to configure for ingress, maas,
+ e.g. 135.21.99.192/29
+ EOU
+ }
+
+ SERVICE_CIDR=
+ OVERLAP_CIDR=
+
+ while getopts ":c:hi:o:s:" o; do
+ case "${o}" in
+ c)
+ POD_CIDR=${OPTARG}
+ ;;
+ h)
+ usage
+ exit 0
+ ;;
+ i)
+ INTERFACE=${OPTARG}
+ ;;
+ o)
+ OVERLAP_CIDR=${OPTARG}
+ ;;
+ s)
+ SERVICE_CIDR=${OPTARG}
+ ;;
+ \?)
+ echo "Unknown option: -${OPTARG}" >&2
+ exit 1
+ ;;
+ :)
+ echo "Missing argument for option: -${OPTARG}" >&2
+ exit 1
+ ;;
+ *)
+ echo "Unimplemented option: -${OPTARG}" >&2
+ exit 1
+ ;;
+ esac
+ done
+ shift $((OPTIND-1))
+
+ if [ "x$POD_CIDR" == "x" ]; then
+ echo "Missing pod CIDR, e.g -c 10.98.0.0/16" >&2
+ usage
+ exit 1
+ fi
+
+ if [ "x$INTERFACE" == "x" ]; then
+ echo "Missing interface, e.g. -i bond1.2006" >&2
+ usage
+ exit 1
+ fi
+
+ while ! ip route list dev "${INTERFACE}" > /dev/null; do
+ echo Waiting for device "${INTERFACE}" to be ready. >&2
+ sleep 5
+ done
+
+ intra_vrrp_ip=$(ip route list dev "${INTERFACE}" | awk '($2~/via/){print $3}' | head -n 1)
+
+ TABLE="1500"
+
+ # Setup a routing table for traffic from service IPs
+ ip route flush table "${TABLE}"
+ ip route add default via "${intra_vrrp_ip}" table "${TABLE}"
+
+ if [ "x$OVERLAP_CIDR" != "x" ]; then
+ # NOTE(mb874d): This is a work-around for nodes not receiving complete
+ # routes via BGP. It may also be required for brownfield large sites.
+ ip route add "${OVERLAP_CIDR}" via "${intra_vrrp_ip}"
+ fi
+
+ if [ "x$SERVICE_CIDR" != "x" ]; then
+ # Traffic from the service IPs to pods should use the pod network.
+ ip rule add \
+ from "${SERVICE_CIDR}" \
+ to "${POD_CIDR}" \
+ lookup main \
+ pref 10000
+ # Other traffic from service IPs should only use the VRRP IP
+ ip rule add \
+ from "${SERVICE_CIDR}" \
+ lookup "${TABLE}" \
+ pref 10100
+ fi
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: 'drydock/BootAction/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: promjoin
+ storagePolicy: 'cleartext'
+ layeringDefinition:
+ abstract: false
+ layer: site
+ labels:
+ application: 'drydock'
+data:
+ signaling: false
+ node_filter:
+ filter_set_type: 'union'
+ filter_set:
+ - filter_type: 'union'
+ node_names:
+ - 'aknode41'
+ - 'aknode42'
+ # TODO(alanmeadows) move what is global about this document - everything except nodenames to global
+ assets:
+ - path: /opt/promjoin.sh
+ type: file
+ permissions: '555'
+ # TODO(alanmeadows) You must replace the ip= parameter below with the appropriate MaaS network name of the network
+ # you should use to contact kubernetes in the case below, this is cab24_mgmt
+ location: promenade+http://promenade-api.ucp.svc.cluster.local/api/v1.0/join-scripts?design_ref={{ action.design_ref | urlencode }}&hostname={{ node.hostname }}&ip={{ node.network.calico.ip }}{% for k, v in node.labels.items() %}&labels.dynamic={{ k }}={{ v }}{% endfor %}
+ location_pipeline:
+ - template
+ data_pipeline:
+ - utf8_decode
+ - path: /lib/systemd/system/promjoin.service
+ type: unit
+ permissions: '600'
+ data: |-
+ W1VuaXRdCkRlc2NyaXB0aW9uPVByb21lbmFkZSBJbml0aWFsaXphdGlvbiBTZXJ2aWNlCkFmdGVy
+ PW5ldHdvcmstb25saW5lLnRhcmdldCBsb2NhbC1mcy50YXJnZXQKQ29uZGl0aW9uUGF0aEV4aXN0
+ cz0hL3Zhci9saWIvcHJvbS5kb25lCgpbU2VydmljZV0KVHlwZT1zaW1wbGUKRXhlY1N0YXJ0PS9v
+ cHQvcHJvbWpvaW4uc2gKCltJbnN0YWxsXQpXYW50ZWRCeT1tdWx0aS11c2VyLnRhcmdldAo=
+ data_pipeline:
+ - base64_decode
+ - utf8_decode
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: 'drydock/BaremetalNode/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: aknode41
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ host_profile: ControlPlane
+ # the hostname for a server, could be used in multiple DNS domains to
+ # represent different interfaces
+ addressing:
+ # Which network the address applies to. If a network appears in addressing
+ # that isn't assigned to an interface, design validation will fail
+ - network: oob
+ address: 192.168.41.41
+ - network: pxe
+ # The address assigned. Either a explicit IPv4 or IPv6 address
+ # or dhcp or slaac
+ address: 172.30.2.41
+ - network: oam
+ address: 192.168.2.41
+ - network: storage
+ address: 172.31.2.41
+ - network: overlay
+ address: 10.0.102.41
+ - network: calico
+ address: 172.29.1.41
+ metadata:
+ rack: RACK01
+ tags:
+ - 'masters'
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: 'drydock/BaremetalNode/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: aknode42
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ host_profile: ControlPlane
+ # the hostname for a server, could be used in multiple DNS domains to
+ # represent different interfaces
+ addressing:
+ # Which network the address applies to. If a network appears in addressing
+ # that isn't assigned to an interface, design validation will fail
+ - network: oob
+ address: 192.168.41.42
+ - network: pxe
+ # The address assigned. Either a explicit IPv4 or IPv6 address
+ # or dhcp or slaac
+ address: 172.30.2.42
+ - network: oam
+ address: 192.168.2.42
+ - network: storage
+ address: 172.31.2.42
+ - network: overlay
+ address: 10.0.102.42
+ - network: calico
+ address: 172.29.1.42
+ metadata:
+ rack: RACK01
+ tags:
+ - 'masters'
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: shipyard/DeploymentConfiguration/v1
+metadata:
+ schema: metadata/Document/v1
+ name: deployment-configuration
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ armada:
+ manifest: 'full-site'
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: pegleg/CommonAddresses/v1
+metadata:
+ schema: metadata/Document/v1
+ name: common-addresses
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ calico:
+ ip_autodetection_method: interface=bond0.44
+ etcd:
+ service_ip: 10.96.232.136
+
+ dns:
+ cluster_domain: cluster.local
+ service_ip: 10.96.0.10
+ upstream_servers:
+ - 192.168.2.85
+ - 8.8.8.8
+ - 8.8.8.8
+ upstream_servers_joined: '192.168.2.85,8.8.8.8'
+ ingress_domain: dellgen10.akraino.org
+ genesis:
+ hostname: aknode40
+ ip: 172.29.1.40
+
+ bootstrap:
+ ip: 172.30.2.40
+
+ kubernetes:
+ api_service_ip: 10.96.0.1
+ etcd_service_ip: 10.96.0.2
+ pod_cidr: 10.98.0.0/16
+ service_cidr: 10.96.0.0/15
+ apiserver_port: 6443
+ haproxy_port: 6553
+ service_node_port_range: 30000-32767
+
+ etcd:
+ container_port: 2379
+ haproxy_port: 2378
+
+ masters:
+ - hostname: aknode41
+ - hostname: aknode42
+
+ node_ports:
+ drydock_api: 30000
+ maas_api: 30001
+ maas_proxy: 31800 # hardcoded in MAAS
+ shipyard_api: 30003
+ airflow_web: 30004
+
+ ntp:
+ servers_joined: '0.ubuntu.pool.ntp.org,1.ubuntu.pool.ntp.org,2.ubuntu.pool.ntp.org'
+
+ # Used for FQDN setup/definition
+ domain:
+ url: dellgen10.lab.akraino.org
+
+ ldap:
+ base_url: 'its-a-ldap.example.com'
+ url: 'ldap://its-a-ldap.example.com'
+ auth_path: DC=test,DC=test,DC=com?sAMAccountName?sub?memberof=CN=test,OU=Application,OU=Groups,DC=test,DC=test,DC=com
+ common_name: AP-NC_Test_Users
+ subdomain: testitservices
+ domain: example
+
+ storage:
+ ceph:
+ public_cidr: '172.31.2.0/24'
+ cluster_cidr: '172.31.2.0/24'
+
+ neutron:
+ tunnel_device: 'bond0.45'
+ external_iface: 'bond0'
+
+ openvswitch:
+ external_iface: 'bond0'
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: 'drydock/NetworkLink/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: oob
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ labels:
+ noconfig: enabled
+ bonding:
+ mode: disabled
+ mtu: 9000
+ linkspeed: auto
+ trunking:
+ mode: disabled
+ default_network: oob
+ allowed_networks:
+ - oob
+...
+---
+schema: 'drydock/Network/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: oob
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ cidr: 192.168.41.0/24
+ routes:
+ - subnet: '0.0.0.0/0'
+ gateway: 192.168.41.1
+ ranges:
+ - type: static
+ start: 192.168.41.13
+ end: 192.168.41.254
+...
+---
+schema: 'drydock/NetworkLink/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: pxe
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ bonding:
+ mode: disabled
+ mtu: 9000
+ linkspeed: auto
+ trunking:
+ mode: disabled
+ default_network: pxe
+ allowed_networks:
+ - pxe
+...
+---
+schema: 'drydock/Network/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: pxe
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ cidr: 172.30.2.0/24
+ routes:
+ - subnet: '0.0.0.0/0'
+ gateway: 172.30.2.40
+ ranges:
+ - type: reserved
+ start: 172.30.2.2
+ end: 172.30.2.10
+ - type: static
+ start: 172.30.2.11
+ end: 172.30.2.200
+ - type: dhcp
+ start: 172.30.2.201
+ end: 172.30.2.254
+ dns:
+ domain: lab.akraino.org
+ servers: '192.168.2.85 8.8.8.8 8.8.4.4'
+...
+---
+schema: 'drydock/NetworkLink/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: bond0
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ bonding:
+ mode: 802.3ad
+ hash: layer3+4
+ peer_rate: fast
+ mon_rate: 100
+ up_delay: 1000
+ down_delay: 3000
+ mtu: 9000
+ linkspeed: auto
+ trunking:
+ mode: 802.1q
+ allowed_networks:
+ - oam
+ - storage
+ - overlay
+ - calico
+...
+---
+schema: 'drydock/Network/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: oam
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ vlan: '41'
+ mtu: 9000
+ cidr: 192.168.2.0/24
+ routes:
+ - subnet: '0.0.0.0/0'
+ gateway: 192.168.2.200
+ ranges:
+ - type: reserved
+ start: 192.168.2.84
+ end: 192.168.2.86
+ - type: static
+ start: 192.168.2.40
+ end: 192.168.2.45
+ dns:
+ domain: lab.akraino.org
+ servers: '192.168.2.85 8.8.8.8 8.8.4.4'
+...
+---
+schema: 'drydock/Network/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: storage
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ vlan: '42'
+ mtu: 9000
+ cidr: 172.31.2.0/24
+ ranges:
+ - type: static
+ start: 172.31.2.11
+ end: 172.31.2.254
+...
+---
+schema: 'drydock/Network/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: overlay
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ vlan: '45'
+ mtu: 9000
+ cidr: 10.0.102.0/24
+ ranges:
+ - type: static
+ start: 10.0.102.11
+ end: 10.0.102.254
+...
+---
+schema: 'drydock/Network/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: calico
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ vlan: '44'
+ mtu: 9000
+ cidr: 172.29.1.0/24
+ ranges:
+ - type: static
+ start: 172.29.1.5
+ end: 172.29.1.254
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: promenade/PKICatalog/v1
+metadata:
+ schema: metadata/Document/v1
+ name: cluster-certificates
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ certificate_authorities:
+ kubernetes:
+ description: CA for Kubernetes components
+ certificates:
+ - document_name: apiserver
+ description: Service certificate for Kubernetes apiserver
+ common_name: apiserver
+ hosts:
+ - localhost
+ - 127.0.0.1
+ - 10.96.0.1
+ kubernetes_service_names:
+ - kubernetes.default.svc.cluster.local
+ - document_name: kubelet-genesis
+ common_name: system:node:aknode40
+ hosts:
+ - aknode40
+ - 192.168.2.40
+ - 172.29.1.40
+ - 172.30.2.40
+ groups:
+ - system:nodes
+ - document_name: kubelet-aknode40
+ common_name: system:node:aknode40
+ hosts:
+ - aknode40
+ - 192.168.2.40
+ - 172.29.1.40
+ - 172.30.2.40
+ groups:
+ - system:nodes
+ - document_name: kubelet-aknode41
+ common_name: system:node:aknode41
+ hosts:
+ - aknode41
+ - 192.168.2.41
+ - 172.29.1.41
+ - 172.30.2.41
+ groups:
+ - system:nodes
+ - document_name: kubelet-aknode42
+ common_name: system:node:aknode42
+ hosts:
+ - aknode42
+ - 192.168.2.42
+ - 172.29.1.42
+ - 172.30.2.42
+ groups:
+ - system:nodes
+ - document_name: scheduler
+ description: Service certificate for Kubernetes scheduler
+ common_name: system:kube-scheduler
+ - document_name: controller-manager
+ description: certificate for controller-manager
+ common_name: system:kube-controller-manager
+ - document_name: admin
+ common_name: admin
+ groups:
+ - system:masters
+ - document_name: armada
+ common_name: armada
+ groups:
+ - system:masters
+ kubernetes-etcd:
+ description: Certificates for Kubernetes's etcd servers
+ certificates:
+ - document_name: apiserver-etcd
+ description: etcd client certificate for use by Kubernetes apiserver
+ common_name: apiserver
+ # NOTE(mark-burnett): hosts not required for client certificates
+ - document_name: kubernetes-etcd-anchor
+ description: anchor
+ common_name: anchor
+ - document_name: kubernetes-etcd-genesis
+ common_name: kubernetes-etcd-genesis
+ hosts:
+ - aknode40
+ - 192.168.2.40
+ - 172.29.1.40
+ - 172.30.2.40
+ - 127.0.0.1
+ - localhost
+ - kubernetes-etcd.kube-system.svc.cluster.local
+ - 10.96.0.2
+ - document_name: kubernetes-etcd-aknode40
+ common_name: kubernetes-etcd-aknode40
+ hosts:
+ - aknode40
+ - 192.168.2.40
+ - 172.29.1.40
+ - 172.30.2.40
+ - 127.0.0.1
+ - localhost
+ - kubernetes-etcd.kube-system.svc.cluster.local
+ - 10.96.0.2
+ - document_name: kubernetes-etcd-aknode41
+ common_name: kubernetes-etcd-aknode41
+ hosts:
+ - aknode41
+ - 192.168.2.41
+ - 172.29.1.41
+ - 172.30.2.41
+ - 127.0.0.1
+ - localhost
+ - kubernetes-etcd.kube-system.svc.cluster.local
+ - 10.96.0.2
+ - document_name: kubernetes-etcd-aknode42
+ common_name: kubernetes-etcd-aknode42
+ hosts:
+ - aknode42
+ - 192.168.2.42
+ - 172.29.1.42
+ - 172.30.2.42
+ - 127.0.0.1
+ - localhost
+ - kubernetes-etcd.kube-system.svc.cluster.local
+ - 10.96.0.2
+ kubernetes-etcd-peer:
+ certificates:
+ - document_name: kubernetes-etcd-genesis-peer
+ common_name: kubernetes-etcd-genesis-peer
+ hosts:
+ - aknode40
+ - 192.168.2.40
+ - 172.29.1.40
+ - 172.30.2.40
+ - 127.0.0.1
+ - localhost
+ - kubernetes-etcd.kube-system.svc.cluster.local
+ - 10.96.0.2
+ - document_name: kubernetes-etcd-aknode40-peer
+ common_name: kubernetes-etcd-aknode40-peer
+ hosts:
+ - aknode40
+ - 192.168.2.40
+ - 172.29.1.40
+ - 172.30.2.40
+ - 127.0.0.1
+ - localhost
+ - kubernetes-etcd.kube-system.svc.cluster.local
+ - 10.96.0.2
+ - document_name: kubernetes-etcd-aknode41-peer
+ common_name: kubernetes-etcd-aknode41-peer
+ hosts:
+ - aknode41
+ - 192.168.2.41
+ - 172.29.1.41
+ - 172.30.2.41
+ - 127.0.0.1
+ - localhost
+ - kubernetes-etcd.kube-system.svc.cluster.local
+ - 10.96.0.2
+ - document_name: kubernetes-etcd-aknode42-peer
+ common_name: kubernetes-etcd-aknode42-peer
+ hosts:
+ - aknode42
+ - 192.168.2.42
+ - 172.29.1.42
+ - 172.30.2.42
+ - 127.0.0.1
+ - localhost
+ - kubernetes-etcd.kube-system.svc.cluster.local
+ - 10.96.0.2
+ calico-etcd:
+ description: Certificates for Calico etcd client traffic
+ certificates:
+ - document_name: calico-etcd-anchor
+ description: anchor
+ common_name: anchor
+ - document_name: calico-etcd-aknode40
+ common_name: calico-etcd-aknode40
+ hosts:
+ - aknode40
+ - 192.168.2.40
+ - 172.29.1.40
+ - 172.30.2.40
+ - 127.0.0.1
+ - localhost
+ - 10.96.232.136
+ - document_name: calico-etcd-aknode41
+ common_name: calico-etcd-aknode41
+ hosts:
+ - aknode41
+ - 192.168.2.41
+ - 172.29.1.41
+ - 172.30.2.41
+ - 127.0.0.1
+ - localhost
+ - 10.96.232.136
+ - document_name: calico-etcd-aknode42
+ common_name: calico-etcd-aknode42
+ hosts:
+ - aknode42
+ - 192.168.2.42
+ - 172.29.1.42
+ - 172.30.2.42
+ - 127.0.0.1
+ - localhost
+ - 10.96.232.136
+ - document_name: calico-node
+ common_name: calcico-node
+ calico-etcd-peer:
+ description: Certificates for Calico etcd clients
+ certificates:
+ - document_name: calico-etcd-aknode40-peer
+ common_name: calico-etcd-aknode40-peer
+ hosts:
+ - aknode40
+ - 192.168.2.40
+ - 172.29.1.40
+ - 172.30.2.40
+ - 127.0.0.1
+ - localhost
+ - 10.96.232.136
+ - document_name: calico-etcd-aknode41-peer
+ common_name: calico-etcd-aknode41-peer
+ hosts:
+ - aknode41
+ - 192.168.2.41
+ - 172.29.1.41
+ - 172.30.2.41
+ - 127.0.0.1
+ - localhost
+ - 10.96.232.136
+ - document_name: calico-etcd-aknode42-peer
+ common_name: calico-etcd-aknode42-peer
+ hosts:
+ - aknode42
+ - 192.168.2.42
+ - 172.29.1.42
+ - 172.30.2.42
+ - 127.0.0.1
+ - localhost
+ - 10.96.232.136
+ - document_name: calico-node-peer
+ common_name: calcico-node-peer
+ keypairs:
+ - name: service-account
+ description: Service account signing key for use by Kubernetes controller-manager.
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: promenade/Genesis/v1
+metadata:
+ schema: metadata/Document/v1
+ name: genesis-site
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: genesis-global
+ actions:
+ - method: replace
+ path: .labels.dynamic
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data:
+ labels:
+ dynamic:
+ - beta.kubernetes.io/fluentd-ds-ready=true
+ - calico-etcd=enabled
+ - ceph-mds=enabled
+ - ceph-mon=enabled
+ - ceph-osd=enabled
+ - ceph-rgw=enabled
+ - ceph-mgr=enabled
+ - kube-dns=enabled
+ - kube-ingress=enabled
+ - kubernetes-apiserver=enabled
+ - kubernetes-controller-manager=enabled
+ - kubernetes-etcd=enabled
+ - kubernetes-scheduler=enabled
+ - promenade-genesis=enabled
+ - ucp-control-plane=enabled
+ - maas-control-plane=enabled
+ - ceph-osd-bootstrap=enabled
+# - openstack-libvirt=kernel
+# - openvswitch=enabled
+# - openstack-control-plane=enabled
+# - openstack-nova-compute=enabled
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: 'drydock/HardwareProfile/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: DELL_HP_Generic
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ vendor: DELL
+ generation: '10'
+ hw_version: '3'
+ bios_version: '2.8'
+ boot_mode: bios
+ bootstrap_protocol: pxe
+ pxe_interface: 0
+ device_aliases: {}
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: drydock/HostProfile/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ComputePlane
+ storagePolicy: cleartext
+ labels:
+ hosttype: ComputePlane
+ layeringDefinition:
+ abstract: false
+ layer: site
+ substitutions:
+ - dest:
+ path: .oob.credential
+ src:
+ schema: deckhand/Passphrase/v1
+ name: ipmi_admin_password
+ path: .
+data:
+ hardware_profile: DELL_HP_Generic
+ oob:
+ type: 'ipmi'
+ network: 'oob'
+ account: 'root'
+ primary_network: 'oam'
+ hardware_profile: DELL_HP_Generic
+ interfaces:
+ pxe:
+ device_link: pxe
+ slaves:
+ - 'eno3'
+ networks:
+ - 'pxe'
+ bond0:
+ device_link: bond0
+ slaves:
+ - 'enp94s0f0'
+ - 'enp94s0f1'
+ networks:
+ - 'oam'
+ - 'storage'
+ - 'overlay'
+ - 'calico'
+ p1p1:
+ slaves:
+ - 'sriov_nic01'
+ sriov:
+ vf_count: 32 # Currently ignored
+ trustedmode: false
+ p3p2:
+ slaves:
+ - 'sriov_nic02'
+ sriov:
+ vf_count: 32 # Currently ignored
+ trustedmode: false
+ storage:
+ physical_devices:
+ sdg:
+ labels:
+ bootdrive: 'true'
+ partitions:
+ - name: 'root'
+ size: '20g'
+ filesystem:
+ mountpoint: '/'
+ fstype: 'ext4'
+ mount_options: 'defaults'
+ - name: 'boot'
+ size: '1g'
+ filesystem:
+ mountpoint: '/boot'
+ fstype: 'ext4'
+ mount_options: 'defaults'
+ - name: 'var'
+ size: '>300g'
+ filesystem:
+ mountpoint: '/var'
+ fstype: 'ext4'
+ mount_options: 'defaults'
+ sdh:
+ partitions:
+ - name: 'nova'
+ size: '99%'
+ filesystem:
+ mountpoint: '/var/lib/nova'
+ fstype: 'ext4'
+ mount_options: 'defaults'
+ platform:
+ image: 'xenial'
+ kernel: 'hwe-16.04'
+ kernel_params:
+ console: 'ttyS1,115200n8'
+ intel_iommu: 'on'
+ iommu: 'pt'
+ amd_iommu: 'on'
+ transparent_hugepage: 'never'
+ hugepagesz: 'hardwareprofile:hugepages.dpdk.size'
+ hugepages: 'hardwareprofile:hugepages.dpdk.count'
+ default_hugepagesz: 'hardwareprofile:hugepages.dpdk.size'
+ isolcpus: 'hardwareprofile:cpuset.kvm'
+ metadata:
+ owner_data:
+ openstack-nova-compute: enabled
+ openvswitch: enabled
+ openstack-libvirt: kernel
+ sriov: enabled
+ beta.kubernetes.io/fluentd-ds-ready: 'true'
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: drydock/HostProfile/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ControlPlane
+ storagePolicy: cleartext
+ labels:
+ hosttype: ControlPlane
+ layeringDefinition:
+ abstract: false
+ layer: site
+ substitutions:
+ - dest:
+ path: .oob.credential
+ src:
+ schema: deckhand/Passphrase/v1
+ name: ipmi_admin_password
+ path: .
+data:
+ oob:
+ type: 'ipmi'
+ network: 'oob'
+ account: 'root'
+ primary_network: 'oam'
+ hardware_profile: DELL_HP_Generic
+ interfaces:
+ pxe:
+ device_link: pxe
+ slaves:
+ - 'eno3'
+ networks:
+ - 'pxe'
+ bond0:
+ device_link: bond0
+ slaves:
+ - 'enp94s0f0'
+ - 'enp94s0f1'
+ networks:
+ - 'oam'
+ - 'storage'
+ - 'overlay'
+ - 'calico'
+ p1p1:
+ slaves:
+ - 'sriov_nic01'
+ sriov:
+ vf_count: 32 # Currently ignored
+ trustedmode: false
+ p3p2:
+ slaves:
+ - 'sriov_nic02'
+ sriov:
+ vf_count: 32 # Currently ignored
+ trustedmode: false
+ storage:
+ physical_devices:
+ sdg:
+ labels:
+ bootdrive: 'true'
+ partitions:
+ - name: 'root'
+ size: '20g'
+ filesystem:
+ mountpoint: '/'
+ fstype: 'ext4'
+ mount_options: 'defaults'
+ - name: 'boot'
+ size: '1g'
+ filesystem:
+ mountpoint: '/boot'
+ fstype: 'ext4'
+ mount_options: 'defaults'
+ - name: 'var'
+ size: '100g'
+ filesystem:
+ mountpoint: '/var'
+ fstype: 'ext4'
+ mount_options: 'defaults'
+ sdh:
+ partitions:
+ - name: 'ceph'
+ size: '300g'
+ filesystem:
+ mountpoint: '/var/lib/ceph/journal'
+ fstype: 'ext4'
+ mount_options: 'defaults'
+ platform:
+ image: 'xenial'
+ kernel: 'hwe-16.04'
+ kernel_params:
+ console: 'ttyS1,115200n8'
+ intel_iommu: 'on'
+ iommu: 'pt'
+ amd_iommu: 'on'
+ transparent_hugepage: 'never'
+ hugepagesz: 'hardwareprofile:hugepages.dpdk.size'
+ hugepages: 'hardwareprofile:hugepages.dpdk.count'
+ default_hugepagesz: 'hardwareprofile:hugepages.dpdk.size'
+ isolcpus: 'hardwareprofile:cpuset.kvm'
+ metadata:
+ owner_data:
+ control-plane: enabled
+ ucp-control-plane: enabled
+ openstack-control-plane: enabled
+ openstack-heat: enabled
+ openstack-keystone: enabled
+ openstack-rabbitmq: enabled
+ openstack-dns-helper: enabled
+ openstack-mariadb: enabled
+ openstack-nova-control: enabled
+ openstack-etcd: enabled
+ openstack-mistral: enabled
+ openstack-memcached: enabled
+ openstack-glance: enabled
+ openstack-horizon: enabled
+ openstack-cinder-control: enabled
+ openstack-cinder-volume: control
+ openstack-neutron: enabled
+ openstack-libvirt: kernel
+ openvswitch: enabled
+ openstack-nova-compute: enabled
+ sriov: enabled
+ ucp-barbican: enabled
+ ceph-bootstrap: enabled
+ ceph-mon: enabled
+ ceph-mgr: enabled
+ ceph-osd: enabled
+ ceph-mds: enabled
+ ceph-rgw: enabled
+ ucp-maas: enabled
+ kube-dns: enabled
+ kubernetes-apiserver: enabled
+ kubernetes-controller-manager: enabled
+ kubernetes-etcd: enabled
+ kubernetes-scheduler: enabled
+ tiller-helm: enabled
+ kube-etcd: enabled
+ calico-policy: enabled
+ calico-node: enabled
+ calico-etcd: enabled
+ ucp-armada: enabled
+ ucp-drydock: enabled
+ ucp-deckhand: enabled
+ ucp-shipyard: enabled
+ IAM: enabled
+ ucp-promenade: enabled
+ prometheus-server: enabled
+ prometheus-client: enabled
+ fluentd: enabled
+ influxdb: enabled
+ kibana: enabled
+ elasticsearch-client: enabled
+ elasticsearch-master: enabled
+ elasticsearch-data: enabled
+ postgresql: enabled
+ kube-ingress: enabled
+ sriov: enabled
+ beta.kubernetes.io/fluentd-ds-ready: 'true'
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: 'drydock/Region/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: dellgen10
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+ substitutions:
+ - dest:
+ path: .authorized_keys[0]
+ src:
+ schema: deckhand/PublicKey/v1
+ name: localadmin_ssh_public_key
+ path: .
+data:
+ tag_definitions: []
+ authorized_keys: []
+...
--- /dev/null
+---
+# self-signed certifacte generated based on
+# https://libvirt.org/remote.html#Remote_certificates
+metadata:
+ layeringDefinition:
+ abstract: false
+ layer: site
+ name: ingress-crt
+ schema: metadata/Document/v1
+ storagePolicy: cleartext
+schema: deckhand/Certificate/v1
+data: |
+ -----BEGIN CERTIFICATE-----
+ MIIFKzCCA5OgAwIBAgIMW2h6FCcFdKeaw3vnMA0GCSqGSIb3DQEBCwUAMBIxEDAO
+ BgNVBAMTB0FpcnNoaXAwHhcNMTgwODA2MTY0MDUyWhcNMTkwODA2MTY0MDUyWjBJ
+ MTUwMwYDVQQDEyxpbmdyZXNzLmFpcnNoaXAtc2Vhd29ydGh5LmF0bGFudGFmb3Vu
+ ZHJ5LmNvbTEQMA4GA1UEChMHQWlyc2hpcDCCAaIwDQYJKoZIhvcNAQEBBQADggGP
+ ADCCAYoCggGBALvNHm/G/ylh6aPcvrhOcb4qz1BjcNtnxH8bzZng/rMeX3W2AzjC
+ r2JloJcDvOLBp/TkLOZPImnFW2/GCwktxPgXZuBTPzFV50g77KsPFw0fn3Si7+bs
+ F22tLhdOGk6MQj/WW4pKGHqdw1/VbPwOHBT+I4/scR1L2SZxYtSFIKGenHJH+PMV
+ bCdwnNOR80F8KRzK5iZs/r6S/QqVheieARSWWnk2+TtkM1BloGOhLSd+ZkWh9VO1
+ eOnZowkaDAJwD/G6zoSr5n+beaXzDnEcoVXFSwd4FLoV+om77o92XmZ4rVw0vTMO
+ k6jVwmkdT+dM2K2hLUG/TXWoV2/Qms70gzDOs85RtAkTPe4Ohtdpr51Q0hd35TKG
+ YLKzX/OPblD68iYJYSBvMPpAVTbFYVPW1AQx8wWfannYbMoeL8XTEOKfkqm90YP9
+ EhIdtmw4D7GZxlzG5FXXutmT9sqLfqlRu/RynAhBP8NQvw74WumhOe8r7GhCwgzC
+ gaPLGjeekoS6LQIDAQABo4IBSDCCAUQwDAYDVR0TAQH/BAIwADCBzQYDVR0RBIHF
+ MIHCgixpbmdyZXNzLmFpcnNoaXAtc2Vhd29ydGh5LmF0bGFudGFmb3VuZHJ5LmNv
+ bYIta2V5c3RvbmUuYWlyc2hpcC1zZWF3b3J0aHkuYXRsYW50YWZvdW5kcnkuY29t
+ gilub3ZhLmFpcnNoaXAtc2Vhd29ydGh5LmF0bGFudGFmb3VuZHJ5LmNvbYIsaG9y
+ aXpvbi5haXJzaGlwLXNlYXdvcnRoeS5hdGxhbnRhZm91bmRyeS5jb22HBAoXFQuH
+ BAoXFgswEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0PAQH/BAUDAwegADAdBgNV
+ HQ4EFgQUfTAjNgn/1U1Uh1MJDYT2m4dzhsYwHwYDVR0jBBgwFoAUJFuXPZo6RzfE
+ BlJjnnk5jhcP4wIwDQYJKoZIhvcNAQELBQADggGBAE2ISWmrxqrledJI3aLaS9Yw
+ WsZc8O8CnIyLoxrE85vUubFjuI9ixC/6dJxl2iB1n0H8JgmFREox32Q4+kDJI8V/
+ X9x0PFpRzL7QEPrLZhW94Yis3sOphLW0rf0t06ZepdHHeodYJu1pVMDmLq6bKXdX
+ vo+/WwKnZBXC1qPbXJByv/CN9MtViXOnBGORFRTJPb6U8379LNWclJ/LW12yTwNk
+ JGIbZU61Vxu+2nLIabmmRoODH2jomgMOMMzLgjT3Hvw3whe8GrUoxDiPYQVTDGNm
+ ly6m+5B1Nx06fkZazonozeaOhSQ7RblUSbo+w8TJmLRzD9ft7p4vpjBGxRADMcuF
+ DOjATgdZeisBUHTGEO0P6wJOBQuCFMX9AVl+u8ZpcuRaRaN+pBE6/BqcHBB6qV/N
+ w2DdNtP8BrJ3kJVNEDIo5oTbH5SToxgA4hWBV42M1rB+5vIMDKN3rwVDdNKWYhYc
+ VZpU3V9V6JzSW1O2w4Wu9PdbWJD9oSvC0qJgnjOXzg==
+ -----END CERTIFICATE-----
+...
+---
+metadata:
+ layeringDefinition:
+ abstract: false
+ layer: site
+ name: ingress-ca
+ schema: metadata/Document/v1
+ storagePolicy: cleartext
+schema: deckhand/CertificateAuthority/v1
+data: |
+ -----BEGIN CERTIFICATE-----
+ MIID7TCCAlWgAwIBAgIMW2h3tgSwie0Ypx8eMA0GCSqGSIb3DQEBCwUAMBIxEDAO
+ BgNVBAMTB0FpcnNoaXAwHhcNMTgwODA2MTYzMDQ2WhcNMTkwODA2MTYzMDQ2WjAS
+ MRAwDgYDVQQDEwdBaXJzaGlwMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKC
+ AYEAny0Nqu9U2tXdCCTNzD2T62htMmBLg3CmzWajfbfFl7ALqzo3HgbbY3PxTHDE
+ OJ/lwdm0HkEaGfEDXhJd06WZsa8+fKGqhKXvZXwXx5mJ8LCGxz6xiaxwo9lnKe6V
+ o3YX7bJ5YIVxQ2jhvZo+dY8Z/buloi2Tp2HbqTejKULH9+qdiQTDXAnyR0NLqzJ0
+ YQ4v4yU3zix3nBi8z29lQekGO9quNEka3nw2n0Gxmq5z1bNALGCF5F759mVkB0uT
+ fPGF+zm9eqlqAgduYg7R+JYUumVHvIoRY454GtAdZHTJHJZP0gQSGJsLff8ROFpI
+ GVYsOZhJXU9Ihc5VBC5PMErbmCn0YkuxAWNOYBstZ8l+uY6YiPoFV5Ulc/8M0If+
+ T6jbqzWoFC+4ysgY95RKOw53S4o/T6AFwiIKIw0xp3UfHCf6kr5Y0+XdDn5CXpJB
+ d1KK3PoUWzPSsxcUMXvgKWT4x1vsCId21dn1SmVSOEBhM08VZfjd5bvL9Xjt/E0j
+ mUqDAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcEADAd
+ BgNVHQ4EFgQUJFuXPZo6RzfEBlJjnnk5jhcP4wIwDQYJKoZIhvcNAQELBQADggGB
+ AJaoEtnDoWUUs4nSSqIGcoCfpIO0oqVp8DvkBOcxz5Rz8vMVJSC24/UnuCD2Wknx
+ 2V/E3edXIeRo7duhPtNCT7c8OKY/pJsZQTgOczn4rphoD1pmAIPZmpG6ssPadPiM
+ EP8xWJHZt8NXG7D5kJX2COvBvgNeWXL6MF7Tv8+t5xzt59Vitdb/7lm9Z6jjpvN+
+ zoG0pKx3XYESsnLAVAf00F+kWwds/3x3gQywUAQUDER0jliYUE5id+sojp357Cl9
+ XtY+8zSnTduuP8CfMhwv5p6j9xbqacfT7AzpQ6cy4xcQ7MA6JBQcxbaq4NtvIf6+
+ d/5N9d8LGnfXdCd9iwNy9Qk23Ea0SNhnk9F/NqGBPakU4TbHh4iTYMC/+hDGInpO
+ TIRelTidNBFNaIBg3Z0vsh0lDwbt/xhpXip+ZVBqKMTtktEceiVGru9cYUQA2tKI
+ XNoc5s0uQGMpdFzgED4lXZf+n7yGVMKohvi7Yn96HqujGIrVH6qThsI6m7pUSz40
+ +g==
+ -----END CERTIFICATE-----
+...
+---
+metadata:
+ layeringDefinition:
+ abstract: false
+ layer: site
+ name: ingress-key
+ schema: metadata/Document/v1
+ storagePolicy: cleartext
+schema: deckhand/CertificateKey/v1
+data: |
+ -----BEGIN RSA PRIVATE KEY-----
+ MIIG4wIBAAKCAYEAu80eb8b/KWHpo9y+uE5xvirPUGNw22fEfxvNmeD+sx5fdbYD
+ OMKvYmWglwO84sGn9OQs5k8iacVbb8YLCS3E+Bdm4FM/MVXnSDvsqw8XDR+fdKLv
+ 5uwXba0uF04aToxCP9ZbikoYep3DX9Vs/A4cFP4jj+xxHUvZJnFi1IUgoZ6cckf4
+ 8xVsJ3Cc05HzQXwpHMrmJmz+vpL9CpWF6J4BFJZaeTb5O2QzUGWgY6EtJ35mRaH1
+ U7V46dmjCRoMAnAP8brOhKvmf5t5pfMOcRyhVcVLB3gUuhX6ibvuj3ZeZnitXDS9
+ Mw6TqNXCaR1P50zYraEtQb9NdahXb9CazvSDMM6zzlG0CRM97g6G12mvnVDSF3fl
+ MoZgsrNf849uUPryJglhIG8w+kBVNsVhU9bUBDHzBZ9qedhsyh4vxdMQ4p+Sqb3R
+ g/0SEh22bDgPsZnGXMbkVde62ZP2yot+qVG79HKcCEE/w1C/Dvha6aE57yvsaELC
+ DMKBo8saN56ShLotAgMBAAECggGAYzZDhA1+sx/0zApL/xYB5NK83t0Ju/8fwX6w
+ qUBBjeLXz1mubgf7m2HQ6ragzLI9xpPcXHcl2PbYDT50ig7R5baHNK8FzUxyeKif
+ qOa56Mbx+C4zyqyi2+AHX2x1XVWfkhXuGip2sCA0HKalgqr5juWLZ/ci8rUlLLft
+ 3BPQX1FpmL4I+HIyxsspLmQGPGwZVAqkd1xRX+BLKZJAQdlm/LdJaIvwMr4Glcx6
+ ZOe68QhHgzXCYsyV6gR9qstF2OvVuLa2mUc7EzYInFIFhXUdAAwmDqkuuLRdRQhf
+ Ur8nqQW33T0cG0GBUzgBI5YmSPJvTSzcPmeSyNVx2/Yb0pkuXtCw67oDcAsN4nW8
+ uls49E2RaiLJYsy5vPsX5aJNcAxw/CWLdadQ3ukviD/MDJbpTl4F52GOVYL6K4XH
+ g5TJjj7xzjmK3ldR/Kscg7HpCitQLGUYdgIsAFdspXf4aSIa68IjDrc5NsJZuMzc
+ PbVHrw7QYNfHY7VNdUlOVqH5lS3BAoHBANRqKrQXtnJmM006TCEJXdcN/5M685jz
+ +L4Ox0Rhrq8ROgcN5q/hjKb6kP/MccQ9voGQOl9TKEyinGNdTtyc/fuH7RNlQwpS
+ HT+vEzVEcrSe8UFs8c6oJnHFO72ylFcibFf56LvbI3L8BZXp7gPSPQkp5f1NWEZk
+ X5bUL4UNiOm0diltba/ofxywF0M9WGD00eqi0Q29JRlvun+355j06CENxRoonNZC
+ wk1evIxhhckP9zLjI2Ykb1hV6yzwPWtmyQKBwQDiVgru/B396KhzDhLl5AL+pBWA
+ GsfiCbmPLh6W6V5VzldB4+GlMRrJ4zSjZQ3/nvX5KepqjMn1N6LQpZQUI/YShCKE
+ mW0XMiAfbp2d23MRMjLD8L/bIoBHQOPkCaMjbmyDOlCagWakEvHJO/TieVgTmYk6
+ mtEYVjJFWI9OCNMAHdl8ovWr3p+8YbVZ8LLv5ZO/V1cIjczoNQ6p8LG/pPMTDLXM
+ ScN9a8z3f8LQLBHBlu0155xvt95PQLAon/x21kUCgcAvPVk36hoiQQZhw3hQ1JNx
+ E2TmanLobkHAiurYE11VA+DC1t2Z+fBc5la+/MnEWfL3P4srzgOlX3imRIcYWzXE
+ 7crUyG1ray2kDxyXeRyFfN+srDzut8is/q81lfSVmEs+GY8f0DGHDfN0Dq1nXidC
+ 1XWXqs7aANKdaZ0T2xm61+57ciG1wGAckjDqPEdecLQKmaEijBEnIgj5BH5WLwk8
+ 6KIQGj4fDIPHzyzhj4LAX3ObdpZVzf6RR7JgsSEHtLkCgcBROW2dDC87MqZY++D+
+ TVBhz8LDgVjgHntQDc3+fGtVQcKAq+YLYU7qyrXWOWrHpGVDcK5mZHYJoVi1peY5
+ QBqL1I2KpoDGxT9P6GN6BgoKTsh3FsvTOVNtvrTJ3keEbJlWkrPgbrXGBeJtRC4C
+ pGdeSUg9FtgY8r4BsuFisLoAHbYyC008y5zpfusVBtNAUlQuY4qhUDoLzxafF/jB
+ /NEasgH/+SzFss0QuPHRwS7yGVaxdJfoY8TNDjrpqVhx0T0CgcEAvKG4UoWvT8gJ
+ pIeeAxxnv9yrMxgpntu4RXPDHgfX5tva6EaM3r3nLXjd9FVtlQ4cNBMhp9HNhS3a
+ dK+oEDcBysVxxfltlS2Bx0+gQf3WxgBCJwayKe3i/XCDza92EENgxTPmqB1LHiq5
+ 2b5aOl2Y5fP0eX6UryxRc443c/ejMHw4lGwnno0qpRk9M9Ucqv5J96QCfAlBSQQS
+ gOG9cypL0kBWzCejn9W4av8HkM8Noqd7Tqul1onv/46OBaX51kt3
+ -----END RSA PRIVATE KEY-----
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ceph_fsid
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 3e2a3755-863a-423b-bf19-e8b5bf7f3d95
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_infra_addons_jenkins_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 0ca991324505e13f7a77
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_keystone_ldap_mechid_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 5aacc198d8a1edeff4a8
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_oslo_cache_secret_key
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 083d87906595da201c0b
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: deckhand/PublicKey/v1
+metadata:
+ schema: metadata/Document/v1
+ name: localadmin_ssh_public_key
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC/n4mNLAj3XKG2fcm+8eVe0NUlNH0g8DA8KJ53rSLKccm8gm4UgLmGOJyBfUloQZMuOpU6a+hexN4ECCliqI7+KUmgJgsvLkJ3OUMNTEVu9tDX5mdXeffsufaqFkAdmbJ/9PMPiPQ3/UqbbtyEcqoZAwUWf4ggAWSp00SGE1Okg+skPSbDzPVHb4810eXZT1yoIg29HAenJNNrsVxvnMT2kw2OYmLfxgEUh1Ev4c5LnUog4GXBDHQtHAwaIoTu9s/q8VIvGav62RJVFn3U1D0jkiwDLSIFn8ezORQ4YkSidwdSrtqsqa2TJ0E5w/n5h5IVGO9neY8YlXrgynLd4Y+7 root@pocnjrsv132
+...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
# limitations under the License. #
##############################################################################
-data:
- revision: v4.0
- site_type: 5ec
+schema: pegleg/SiteDefinition/v1
metadata:
- layeringDefinition: {abstract: false, layer: site}
- name: {{yaml.site_name}}
schema: metadata/Document/v1
+ layeringDefinition:
+ abstract: false
+ layer: site
+ name: dellgen10
storagePolicy: cleartext
-schema: pegleg/SiteDefinition/v1
+data:
+ revision: v4.0
+ site_type: edge
...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ replacement: true
+ name: kubernetes-calico
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: kubernetes-calico-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data:
+ values:
+ networking:
+ settings:
+ mesh: "off"
+ ippool:
+ ipip:
+ enabled: "false"
+ mode: "cross-subnet"
+ bgp:
+ asnumber: 65531
+ ipv4:
+ additional_cidrs:
+ - 172.29.1.128/29
+ peers:
+ - apiVersion: v1
+ kind: bgpPeer
+ metadata:
+ peerIP: 172.29.1.1
+ scope: global
+ spec:
+ asnumber: 65001
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: kubernetes-calico-etcd
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: kubernetes-calico-etcd-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+ substitutions:
+
+ # Chart source
+ - src:
+ schema: pegleg/SoftwareVersions/v1
+ name: software-versions
+ path: .charts.kubernetes.calico.etcd
+ dest:
+ path: .source
+
+ # Image versions
+ - src:
+ schema: pegleg/SoftwareVersions/v1
+ name: software-versions
+ path: .images.calico.etcd
+ dest:
+ path: .values.images.tags
+
+ # IP addresses
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .calico.etcd.service_ip
+ dest:
+ path: .values.service.ip
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .calico.etcd.service_ip
+ dest:
+ path: .values.anchor.etcdctl_endpoint
+
+ # CAs
+ - src:
+ schema: deckhand/CertificateAuthority/v1
+ name: calico-etcd
+ path: .
+ dest:
+ path: .values.secrets.tls.client.ca
+ - src:
+ schema: deckhand/CertificateAuthority/v1
+ name: calico-etcd-peer
+ path: .
+ dest:
+ path: .values.secrets.tls.peer.ca
+
+ # Anchor client cert
+ - src:
+ schema: deckhand/Certificate/v1
+ name: calico-etcd-anchor
+ path: .
+ dest:
+ path: .values.secrets.anchor.tls.cert
+ - src:
+ schema: deckhand/CertificateKey/v1
+ name: calico-etcd-anchor
+ path: .
+ dest:
+ path: .values.secrets.anchor.tls.key
+
+ # Node names
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .masters[0].hostname
+ dest:
+ path: .values.nodes[0].name
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .masters[1].hostname
+ dest:
+ path: .values.nodes[1].name
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .genesis.hostname
+ dest:
+ path: .values.nodes[2].name
+
+ # Server certs
+ - src:
+ schema: deckhand/Certificate/v1
+ name: calico-etcd-aknode41
+ path: .
+ dest:
+ path: .values.nodes[0].tls.client.cert
+ - src:
+ schema: deckhand/CertificateKey/v1
+ name: calico-etcd-aknode41
+ path: .
+ dest:
+ path: .values.nodes[0].tls.client.key
+ - src:
+ schema: deckhand/Certificate/v1
+ name: calico-etcd-aknode41-peer
+ path: .
+ dest:
+ path: .values.nodes[0].tls.peer.cert
+ - src:
+ schema: deckhand/CertificateKey/v1
+ name: calico-etcd-aknode41-peer
+ path: .
+ dest:
+ path: .values.nodes[0].tls.peer.key
+ - src:
+ schema: deckhand/Certificate/v1
+ name: calico-etcd-aknode42
+ path: .
+ dest:
+ path: .values.nodes[1].tls.client.cert
+ - src:
+ schema: deckhand/CertificateKey/v1
+ name: calico-etcd-aknode42
+ path: .
+ dest:
+ path: .values.nodes[1].tls.client.key
+ - src:
+ schema: deckhand/Certificate/v1
+ name: calico-etcd-aknode42-peer
+ path: .
+ dest:
+ path: .values.nodes[1].tls.peer.cert
+ - src:
+ schema: deckhand/CertificateKey/v1
+ name: calico-etcd-aknode42-peer
+ path: .
+ dest:
+ path: .values.nodes[1].tls.peer.key
+
+ # NOTE(mb874d): Be sure we generate these certs for genesis.
+ - src:
+ schema: deckhand/Certificate/v1
+ name: calico-etcd-aknode40
+ path: .
+ dest:
+ path: .values.nodes[2].tls.client.cert
+ - src:
+ schema: deckhand/CertificateKey/v1
+ name: calico-etcd-aknode40
+ path: .
+ dest:
+ path: .values.nodes[2].tls.client.key
+ - src:
+ schema: deckhand/Certificate/v1
+ name: calico-etcd-aknode40-peer
+ path: .
+ dest:
+ path: .values.nodes[2].tls.peer.cert
+ - src:
+ schema: deckhand/CertificateKey/v1
+ name: calico-etcd-aknode40-peer
+ path: .
+ dest:
+ path: .values.nodes[2].tls.peer.key
+
+data: {}
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: coredns
+ replacement: true
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: coredns-global
+ actions:
+ - method: replace
+ path: .values.conf.coredns.corefile
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+ substitutions:
+ # Zones
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .dns.cluster_domain
+ dest:
+ path: .values.conf.coredns.corefile
+ pattern: '(CLUSTER_DOMAIN)'
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .kubernetes.service_cidr
+ dest:
+ path: .values.conf.coredns.corefile
+ pattern: '(SERVICE_CIDR)'
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .kubernetes.pod_cidr
+ dest:
+ path: .values.conf.coredns.corefile
+ pattern: '(POD_CIDR)'
+
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .dns.upstream_servers[0]
+ dest:
+ path: .values.conf.coredns.corefile
+ pattern: '(UPSTREAM1)'
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .dns.upstream_servers[1]
+ dest:
+ path: .values.conf.coredns.corefile
+ pattern: '(UPSTREAM2)'
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .dns.upstream_servers[2]
+ dest:
+ path: .values.conf.coredns.corefile
+ pattern: '(UPSTREAM3)'
+data:
+ values:
+ conf:
+ coredns:
+ # TODO(alanmeadows) this needs to be adjusted to use substition
+ corefile: |
+ .:53 {
+ errors
+ health
+ autopath @kubernetes
+ kubernetes CLUSTER_DOMAIN SERVICE_CIDR POD_CIDR {
+ pods insecure
+ fallthrough in-addr.arpa ip6.arpa
+ upstream UPSTREAM1
+ upstream UPSTREAM2
+ upstream UPSTREAM3
+ }
+ prometheus :9153
+ proxy . UPSTREAM1
+ proxy . UPSTREAM2
+ proxy . UPSTREAM3
+ cache 30
+ }
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: kubernetes-etcd
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: kubernetes-etcd-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+ substitutions:
+
+ # Chart source
+ - src:
+ schema: pegleg/SoftwareVersions/v1
+ name: software-versions
+ path: .charts.kubernetes.etcd
+ dest:
+ path: .source
+
+ # Images
+ - src:
+ schema: pegleg/SoftwareVersions/v1
+ name: software-versions
+ path: .images.kubernetes.etcd
+ dest:
+ path: .values.images.tags
+
+ # IP addresses
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .kubernetes.etcd_service_ip
+ dest:
+ path: .values.service.ip
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .kubernetes.etcd_service_ip
+ dest:
+ path: .values.anchor.etcdctl_endpoint
+
+ # CAs
+ - src:
+ schema: deckhand/CertificateAuthority/v1
+ name: kubernetes-etcd
+ path: .
+ dest:
+ path: .values.secrets.tls.client.ca
+ - src:
+ schema: deckhand/CertificateAuthority/v1
+ name: kubernetes-etcd-peer
+ path: .
+ dest:
+ path: .values.secrets.tls.peer.ca
+
+ - src:
+ schema: deckhand/Certificate/v1
+ name: kubernetes-etcd-anchor
+ path: .
+ dest:
+ path: .values.secrets.anchor.tls.cert
+ - src:
+ schema: deckhand/CertificateKey/v1
+ name: kubernetes-etcd-anchor
+ path: .
+ dest:
+ path: .values.secrets.anchor.tls.key
+
+ # Node names
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .masters[0].hostname
+ dest:
+ path: .values.nodes[0].name
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .masters[1].hostname
+ dest:
+ path: .values.nodes[1].name
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .genesis.hostname
+ dest:
+ path: .values.nodes[2].name
+
+ # Server certs
+ - src:
+ schema: deckhand/Certificate/v1
+ name: kubernetes-etcd-aknode41
+ path: .
+ dest:
+ path: .values.nodes[0].tls.client.cert
+ - src:
+ schema: deckhand/CertificateKey/v1
+ name: kubernetes-etcd-aknode41
+ path: .
+ dest:
+ path: .values.nodes[0].tls.client.key
+ - src:
+ schema: deckhand/Certificate/v1
+ name: kubernetes-etcd-aknode41-peer
+ path: .
+ dest:
+ path: .values.nodes[0].tls.peer.cert
+ - src:
+ schema: deckhand/CertificateKey/v1
+ name: kubernetes-etcd-aknode41-peer
+ path: .
+ dest:
+ path: .values.nodes[0].tls.peer.key
+ - src:
+ schema: deckhand/Certificate/v1
+ name: kubernetes-etcd-aknode42
+ path: .
+ dest:
+ path: .values.nodes[1].tls.client.cert
+ - src:
+ schema: deckhand/CertificateKey/v1
+ name: kubernetes-etcd-aknode42
+ path: .
+ dest:
+ path: .values.nodes[1].tls.client.key
+ - src:
+ schema: deckhand/Certificate/v1
+ name: kubernetes-etcd-aknode42-peer
+ path: .
+ dest:
+ path: .values.nodes[1].tls.peer.cert
+ - src:
+ schema: deckhand/CertificateKey/v1
+ name: kubernetes-etcd-aknode42-peer
+ path: .
+ dest:
+ path: .values.nodes[1].tls.peer.key
+
+ # Genesis node
+ - src:
+ schema: deckhand/Certificate/v1
+ name: kubernetes-etcd-genesis
+ path: .
+ dest:
+ path: .values.nodes[2].tls.client.cert
+ - src:
+ schema: deckhand/CertificateKey/v1
+ name: kubernetes-etcd-genesis
+ path: .
+ dest:
+ path: .values.nodes[2].tls.client.key
+ - src:
+ schema: deckhand/Certificate/v1
+ name: kubernetes-etcd-genesis-peer
+ path: .
+ dest:
+ path: .values.nodes[2].tls.peer.cert
+ - src:
+ schema: deckhand/CertificateKey/v1
+ name: kubernetes-etcd-genesis-peer
+ path: $
+ dest:
+ path: .values.nodes[2].tls.peer.key
+
+data: {}
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ingress-kube-system
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ ingress: kube-system
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data: {}
+...
--- /dev/null
+---
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: elasticsearch
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ hosttype: elasticsearch-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data: {}
+...
--- /dev/null
+---
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: fluent-logging
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ hosttype: fluent-logging-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data: {}
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: neutron
+ replacement: true
+ labels:
+ component: neutron
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: neutron-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data:
+ values:
+ labels:
+ agent:
+ sriov:
+ node_selector_key: sriov
+ node_selector_value: enabled
+ network:
+ backend:
+ - openvswitch
+ - sriov
+ interface:
+ sriov:
+ - device: enp135s0f0
+ num_vfs: 32
+ promisc: false
+ - device: enp135s0f1
+ num_vfs: 32
+ promisc: false
+ conf:
+ plugins:
+ openvswitch_agent:
+ ovs:
+ bridge_mappings: bond0:br-bond0
+ sriov_agent:
+ securitygroup:
+ firewall_driver: neutron.agent.firewall.NoopFirewallDriver
+ sriov_nic:
+ exclude_devices: null
+ physical_device_mappings: 'sriovnet1:enp135s0f0,sriovnet2:enp135s0f1'
+ ml2_conf:
+ ml2:
+ mechanism_drivers: l2population,openvswitch,sriovnicswitch
+ ml2_type_vlan:
+ network_vlan_ranges: bond0:46:300,sriovnet1:2001:3000,sriovnet2:2001:3000
+...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
- name: ucp-ceph-update
+ name: nova
+ labels:
+ component: nova
layeringDefinition:
abstract: false
layer: site
parentSelector:
- name: ucp-ceph-global
+ name: nova-global
actions:
- - method: replace
- path: .values.conf.storage.osd
- method: merge
path: .
storagePolicy: cleartext
data:
values:
+ network:
+ backend:
+ - openvswitch
+ - sriov
conf:
- storage:
- osd:
-{% for osd in yaml.storage.osds %}
- - data:
- type: block-logical
- location: {{osd.data}}
- journal:
- type: directory
- location: {{osd.journal}}
-{% endfor %}
- pool:
- target:
- osd: {{yaml.storage.osd_count}}
- default:
- crush_rule: replicated_rule
-...
----
-schema: armada/ChartGroup/v1
-metadata:
- schema: metadata/Document/v1
- name: ucp-ceph-update
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data:
- description: Ceph post intall update
- chart_group:
- - ucp-ceph-update
+ nova:
+ filter_scheduler:
+ enabled_filters: "RetryFilter, AvailabilityZoneFilter, RamFilter, ComputeFilter, ComputeCapabilitiesFilter, ImagePropertiesFilter, ServerGroupAntiAffinityFilter, ServerGroupAffinityFilter, PciPassthroughFilter, NUMATopologyFilter, DifferentHostFilter, SameHostFilter"
+ libvirt:
+ virt_type: kvm
+ DEFAULT:
+ vcpu_pin_set: "4-21,26-43,48-65,72-87"
+ vif_plugging_is_fatal: False
+ vif_plugging_timeout: 30
+ pci:
+ alias: '{ "vendor_id":"10de", "product_id":"1db4", "name":"V100", "device_type":"type-PCI" }'
+ passthrough_whitelist: '{"vendor_id": "10de", "product_id": "1db4"}'
...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp-ceph-client-update
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: ucp-ceph-client-update-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data:
+ values:
+ conf:
+ pool:
+ target:
+ osd: 18
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp-ceph-client
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: ucp-ceph-client-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data:
+ values:
+ conf:
+ pool:
+ target:
+ osd: 6
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp-ceph-osd
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: ucp-ceph-osd-global
+ actions:
+ - method: replace
+ path: .values.conf.storage.osd
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data:
+ values:
+ conf:
+ storage:
+ osd:
+ - data:
+ type: block-logical
+ location: /dev/sda
+ journal:
+ type: directory
+ location: /var/lib/ceph/journal/journal-sda
+ - data:
+ type: block-logical
+ location: /dev/sdb
+ journal:
+ type: directory
+ location: /var/lib/ceph/journal/journal-sdb
+ - data:
+ type: block-logical
+ location: /dev/sdc
+ journal:
+ type: directory
+ location: /var/lib/ceph/journal/journal-sdc
+ - data:
+ type: block-logical
+ location: /dev/sdd
+ journal:
+ type: directory
+ location: /var/lib/ceph/journal/journal-sdd
+ - data:
+ type: block-logical
+ location: /dev/sde
+ journal:
+ type: directory
+ location: /var/lib/ceph/journal/journal-sde
+ - data:
+ type: block-logical
+ location: /dev/sdf
+ journal:
+ type: directory
+ location: /var/lib/ceph/journal/journal-sdf
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp-divingbell
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: ucp-divingbell-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+ substitutions:
+ - dest:
+ path: .values.conf.uamlite.users[0].user_sshkeys[0]
+ src:
+ schema: deckhand/PublicKey/v1
+ name: localadmin_ssh_public_key
+ path: .
+
+data:
+ values:
+ conf:
+ uamlite:
+ users:
+ - user_name: localadmin
+ user_sudo: true
+ user_sshkeys: []
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp-maas
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: ucp-maas-global
+ actions:
+ - method: replace
+ path: .values.conf.maas.proxy
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data:
+ values:
+ conf:
+ maas:
+ ntp:
+ disable_ntpd_region: true
+ disable_ntpd_rack: true
+ images:
+ default_os: 'ubuntu'
+ default_image: 'xenial'
+ default_kernel: 'hwe-16.04'
+ proxy:
+ proxy_enabled: 'false'
+ peer_proxy_enabled: false
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp-promenade
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: ucp-promenade-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data:
+ values:
+ pod:
+ env:
+ promenade_api:
+ - name: no_proxy
+ value: localhost,127.0.0.1,192.168.0.0/16,172.0.0.0/8,10.0.0.0/8
+ - name: NO_PROXY
+ value: localhost,127.0.0.1,192.168.0.0/16,172.0.0.0/8,10.0.0.0/8
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: pegleg/CommonSoftwareConfig/v1
+metadata:
+ schema: metadata/Document/v1
+ name: common-software-config
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ osh:
+ region_name: RegionOne
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: pegleg/EndpointCatalogue/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_endpoints
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+ # substitutions:
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .ucp.identity.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .ucp.shipyard.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .ceph.object_store.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .ceph.ceph_object_store.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .ceph.object_store.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .ceph.object_store.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .ceph.object_store.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .ceph.ceph_object_store.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .ceph.ceph_object_store.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .ceph.ceph_object_store.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .ucp.identity.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .ucp.identity.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .ucp.identity.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .ucp.shipyard.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .ucp.shipyard.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .ucp.shipyard.host_fqdn_override.public.tls.key
+data:
+ ucp:
+ identity:
+ namespace: ucp
+ name: keystone
+ hosts:
+ default: keystone-api
+ public: keystone
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: iam.DOMAIN
+ path:
+ default: /v3
+ scheme:
+ default: http
+ # public: https
+ port:
+ admin:
+ default: 35357
+ api:
+ default: 80
+ public: 80
+ armada:
+ name: armada
+ hosts:
+ default: armada-api
+ public: armada
+ port:
+ api:
+ default: 8000
+ path:
+ default: /api/v1.0
+ scheme:
+ default: http
+ host_fqdn_override:
+ default: null
+ deckhand:
+ name: deckhand
+ hosts:
+ default: deckhand-int
+ public: deckhand-api
+ port:
+ api:
+ default: 9000
+ path:
+ default: /api/v1.0
+ scheme:
+ default: http
+ host_fqdn_override:
+ default: null
+ postgresql:
+ name: postgresql
+ hosts:
+ default: postgresql
+ path: /DB_NAME
+ scheme: postgresql+psycopg2
+ port:
+ postgresql:
+ default: 5432
+ host_fqdn_override:
+ default: null
+ postgresql_airflow_celery:
+ name: postgresql_airflow_celery_db
+ hosts:
+ default: postgresql
+ path: /DB_NAME
+ scheme: db+postgresql
+ port:
+ postgresql:
+ default: 5432
+ host_fqdn_override:
+ default: null
+ oslo_db:
+ hosts:
+ default: mariadb
+ discovery: mariadb-discovery
+ host_fqdn_override:
+ default: null
+ path: /DB_NAME
+ scheme: mysql+pymysql
+ port:
+ mysql:
+ default: 3306
+ wsrep:
+ default: 4567
+ key_manager:
+ name: barbican
+ hosts:
+ default: barbican-api
+ public: barbican
+ host_fqdn_override:
+ default: null
+ path:
+ default: /v1
+ scheme:
+ default: http
+ port:
+ api:
+ default: 9311
+ public: 80
+ oslo_messaging:
+ namespace: null
+ hosts:
+ default: rabbitmq
+ host_fqdn_override:
+ default: null
+ path: /openstack
+ scheme: rabbit
+ port:
+ amqp:
+ default: 5672
+ oslo_cache:
+ hosts:
+ default: memcached
+ host_fqdn_override:
+ default: null
+ port:
+ memcache:
+ default: 11211
+ physicalprovisioner:
+ name: drydock
+ hosts:
+ default: drydock-api
+ port:
+ api:
+ default: 9000
+ nodeport: 31900
+ path:
+ default: /api/v1.0
+ scheme:
+ default: http
+ host_fqdn_override:
+ default: null
+ maas_region_ui:
+ name: maas-region-ui
+ hosts:
+ default: maas-region-ui
+ public: maas
+ path:
+ default: /MAAS
+ scheme:
+ default: "http"
+ port:
+ region_ui:
+ default: 80
+ public: 80
+ host_fqdn_override:
+ default: null
+ kubernetesprovisioner:
+ name: promenade
+ hosts:
+ default: promenade-api
+ port:
+ api:
+ default: 80
+ path:
+ default: /api/v1.0
+ scheme:
+ default: http
+ host_fqdn_override:
+ default: null
+ shipyard:
+ name: shipyard
+ hosts:
+ default: shipyard-int
+ public: shipyard-api
+ port:
+ api:
+ default: 9000
+ public: 80
+ path:
+ default: /api/v1.0
+ scheme:
+ default: http
+ # public: https
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: shipyard.DOMAIN
+ airflow_web:
+ name: airflow-web
+ hosts:
+ default: airflow-web-int
+ public: airflow-web
+ port:
+ airflow_web:
+ default: 8080
+ path:
+ default: /
+ scheme:
+ default: http
+ host_fqdn_override:
+ default: null
+ airflow_flower:
+ name: airflow-flower
+ hosts:
+ default: airflow-flower
+ port:
+ airflow_flower:
+ default: 5555
+ path:
+ default: /
+ scheme:
+ default: http
+ host_fqdn_override:
+ default: null
+ ceph:
+ object_store:
+ name: swift
+ namespace: ceph
+ hosts:
+ default: ceph-rgw
+ public: radosgw
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: object-store.DOMAIN
+ path:
+ default: /swift/v1
+ scheme:
+ default: http
+ # public: "https"
+ port:
+ api:
+ default: 8088
+ # public: 443
+ ceph_object_store:
+ name: radosgw
+ namespace: ceph
+ hosts:
+ default: ceph-rgw
+ public: radosgw
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: object-store.DOMAIN
+ path:
+ default: /auth/v1.0
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8088
+ # public: 443
+ ceph_mon:
+ namespace: ceph
+ hosts:
+ default: ceph-mon
+ discovery: ceph-mon-discovery
+ host_fqdn_override:
+ default: null
+ port:
+ mon:
+ default: 6789
+ ceph_mgr:
+ namespace: ceph
+ hosts:
+ default: ceph-mgr
+ host_fqdn_override:
+ default: null
+ port:
+ mgr:
+ default: 7000
+ scheme:
+ default: http
+...
+---
+schema: pegleg/EndpointCatalogue/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_endpoints
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+ # substitutions:
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.object_store.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.ceph_object_store.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.object_store.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.object_store.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.object_store.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.ceph_object_store.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.ceph_object_store.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.ceph_object_store.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.image.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.cloudformation.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.orchestration.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.compute.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.compute_novnc_proxy.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.placement.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.network.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.identity.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.dashboard.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.volume.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.volumev2.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.volumev3.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.identity.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.identity.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.identity.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.orchestration.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.orchestration.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.orchestration.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.cloudformation.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.cloudformation.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.cloudformation.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.dashboard.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.dashboard.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.dashboard.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.image.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.image.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.image.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.volume.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.volume.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.volume.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.volumev2.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.volumev2.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.volumev2.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.volumev3.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.volumev3.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.volumev3.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.compute.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.compute.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.compute.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.compute_novnc_proxy.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.compute_novnc_proxy.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.compute_novnc_proxy.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.placement.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.placement.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.placement.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.network.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.network.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.network.host_fqdn_override.public.tls.key
+data:
+ osh:
+ object_store:
+ name: swift
+ namespace: ceph
+ hosts:
+ default: ceph-rgw
+ public: radosgw
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: object-store.DOMAIN
+ path:
+ default: /swift/v1/KEY_$(tenant_id)s
+ scheme:
+ default: http
+ # public: "https"
+ port:
+ api:
+ default: 8088
+ # public: 443
+ ceph_object_store:
+ name: radosgw
+ namespace: ceph
+ hosts:
+ default: ceph-rgw
+ public: radosgw
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: object-store.DOMAIN
+ path:
+ default: /auth/v1.0
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8088
+ # public: 443
+ oslo_db:
+ hosts:
+ default: mariadb
+ discovery: mariadb-discovery
+ host_fqdn_override:
+ default: null
+ path: /DB_NAME
+ scheme: mysql+pymysql
+ port:
+ mysql:
+ default: 3306
+ wsrep:
+ default: 4567
+ keystone_oslo_messaging:
+ namespace: openstack
+ hosts:
+ default: keystone-rabbitmq
+ host_fqdn_override:
+ default: null
+ path: /keystone
+ scheme: rabbit
+ port:
+ amqp:
+ default: 5672
+ http:
+ default: 15672
+ keystone_rabbitmq_exporter:
+ namespace: openstack
+ hosts:
+ default: keystone-rabbitmq-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: /metrics
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9095
+ oslo_cache:
+ namespace: openstack
+ hosts:
+ default: memcached
+ host_fqdn_override:
+ default: null
+ port:
+ memcache:
+ default: 11211
+ identity:
+ namespace: openstack
+ name: keystone
+ hosts:
+ default: keystone-api
+ public: keystone
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: identity.DOMAIN
+ path:
+ default: /v3
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ admin:
+ default: 35357
+ api:
+ default: 80
+ # public: 443
+ glance_oslo_messaging:
+ namespace: openstack
+ hosts:
+ default: glance-rabbitmq
+ host_fqdn_override:
+ default: null
+ path: /glance
+ scheme: rabbit
+ port:
+ amqp:
+ default: 5672
+ http:
+ default: 15672
+ glance_rabbitmq_exporter:
+ namespace: openstack
+ hosts:
+ default: glance-rabbitmq-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: /metrics
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9095
+ image:
+ name: glance
+ hosts:
+ default: glance-api
+ public: glance
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: image.DOMAIN
+ path:
+ default: null
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 9292
+ # public: 443
+ image_registry:
+ name: glance-registry
+ hosts:
+ default: glance-registry
+ public: glance-reg
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ scheme:
+ default: "http"
+ port:
+ api:
+ default: 9191
+ public: 80
+ cinder_oslo_messaging:
+ namespace: openstack
+ hosts:
+ default: cinder-rabbitmq
+ host_fqdn_override:
+ default: null
+ path: /cinder
+ scheme: rabbit
+ port:
+ amqp:
+ default: 5672
+ http:
+ default: 15672
+ cinder_rabbitmq_exporter:
+ namespace: openstack
+ hosts:
+ default: cinder-rabbitmq-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: /metrics
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9095
+ volume:
+ name: cinder
+ hosts:
+ default: cinder-api
+ public: cinder
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: volume.DOMAIN
+ path:
+ default: "/v1/%(tenant_id)s"
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8776
+ # public: 443
+ volumev2:
+ name: cinderv2
+ hosts:
+ default: cinder-api
+ public: cinder
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: volume.DOMAIN
+ path:
+ default: "/v2/%(tenant_id)s"
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8776
+ # public: 443
+ volumev3:
+ name: cinderv3
+ hosts:
+ default: cinder-api
+ public: cinder
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: volume.DOMAIN
+ path:
+ default: "/v3/%(tenant_id)s"
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8776
+ # public: 443
+ heat_oslo_messaging:
+ namespace: openstack
+ hosts:
+ default: heat-rabbitmq
+ host_fqdn_override:
+ default: null
+ path: /heat
+ scheme: rabbit
+ port:
+ amqp:
+ default: 5672
+ http:
+ default: 15672
+ heat_rabbitmq_exporter:
+ namespace: openstack
+ hosts:
+ default: heat-rabbitmq-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: /metrics
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9095
+ orchestration:
+ name: heat
+ hosts:
+ default: heat-api
+ public: heat
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: orchestration.DOMAIN
+ path:
+ default: "/v1/%(project_id)s"
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8004
+ # public: 443
+ cloudformation:
+ name: heat-cfn
+ hosts:
+ default: heat-cfn
+ public: cloudformation
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: cloudformation.DOMAIN
+ path:
+ default: /v1
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8000
+ # public: 443
+ cloudwatch:
+ name: heat-cloudwatch
+ hosts:
+ default: heat-cloudwatch
+ public: cloudwatch
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ type: null
+ scheme:
+ default: "http"
+ port:
+ api:
+ default: 8003
+ public: 80
+ neutron_oslo_messaging:
+ namespace: openstack
+ hosts:
+ default: neutron-rabbitmq
+ host_fqdn_override:
+ default: null
+ path: /neutron
+ scheme: rabbit
+ port:
+ amqp:
+ default: 5672
+ http:
+ default: 15672
+ neutron_rabbitmq_exporter:
+ namespace: openstack
+ hosts:
+ default: neutron-rabbitmq-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: /metrics
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9095
+ network:
+ name: neutron
+ hosts:
+ default: neutron-server
+ public: neutron
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: network.DOMAIN
+ path:
+ default: null
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 9696
+ # public: 443
+ nova_oslo_messaging:
+ namespace: openstack
+ hosts:
+ default: nova-rabbitmq
+ host_fqdn_override:
+ default: null
+ path: /nova
+ scheme: rabbit
+ port:
+ amqp:
+ default: 5672
+ http:
+ default: 15672
+ nova_rabbitmq_exporter:
+ namespace: openstack
+ hosts:
+ default: nova-rabbitmq-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: /metrics
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9095
+ compute:
+ name: nova
+ hosts:
+ default: nova-api
+ public: nova
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: compute.DOMAIN
+ path:
+ default: "/v2/%(tenant_id)s"
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8774
+ # public: 443
+ novncproxy:
+ default: 443
+ compute_metadata:
+ name: nova
+ hosts:
+ default: nova-metadata
+ public: metadata
+ host_fqdn_override:
+ default: null
+ path:
+ default: /
+ scheme:
+ default: "http"
+ port:
+ metadata:
+ default: 8775
+ public: 80
+ compute_novnc_proxy:
+ name: nova
+ hosts:
+ default: nova-novncproxy
+ public: novncproxy
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: nova-novncproxy.DOMAIN
+ path:
+ default: /vnc_auto.html
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ novnc_proxy:
+ default: 6080
+ # public: 443
+ compute_spice_proxy:
+ name: nova
+ hosts:
+ default: nova-spiceproxy
+ host_fqdn_override:
+ default: null
+ path:
+ default: /spice_auto.html
+ scheme:
+ default: "http"
+ port:
+ spice_proxy:
+ default: 6082
+ placement:
+ name: placement
+ hosts:
+ default: placement-api
+ public: placement
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: placement.DOMAIN
+ path:
+ default: /
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8778
+ # public: 443
+ dashboard:
+ name: horizon
+ hosts:
+ default: horizon-int
+ public: horizon
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: dashboard.DOMAIN
+ path:
+ default: null
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ web:
+ default: 80
+ # public: 443
+...
+---
+schema: pegleg/EndpointCatalogue/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_infra_endpoints
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+ # substitutions:
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh_infra.kibana.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh_infra.grafana.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh_infra.nagios.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh_infra.kibana.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh_infra.kibana.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh_infra.kibana.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh_infra.grafana.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh_infra.grafana.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh_infra.grafana.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh_infra.nagios.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh_infra.nagios.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh_infra.nagios.host_fqdn_override.public.tls.key
+ # path: .osh_infra.nagios.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .ldap.base_url
+ # dest:
+ # path: .osh_infra.ldap.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .ldap.auth_path
+ # dest:
+ # path: .osh_infra.ldap.path.default
+ # pattern: AUTH_PATH
+data:
+ osh_infra:
+ elasticsearch:
+ name: elasticsearch
+ namespace: osh-infra
+ hosts:
+ data: elasticsearch-data
+ default: elasticsearch-logging
+ discovery: elasticsearch-discovery
+ public: elasticsearch
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ scheme:
+ default: "http"
+ port:
+ http:
+ default: 80
+ prometheus_elasticsearch_exporter:
+ namespace: null
+ hosts:
+ default: elasticsearch-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: /metrics
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9108
+ fluentd:
+ namespace: osh-infra
+ name: fluentd
+ hosts:
+ default: fluentd-logging
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ scheme:
+ default: "http"
+ port:
+ service:
+ default: 24224
+ metrics:
+ default: 24220
+ prometheus_fluentd_exporter:
+ namespace: osh-infra
+ hosts:
+ default: fluentd-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: /metrics
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9309
+ oslo_db:
+ namespace: osh-infra
+ hosts:
+ default: mariadb
+ host_fqdn_override:
+ default: null
+ path: /DB_NAME
+ scheme: mysql+pymysql
+ port:
+ mysql:
+ default: 3306
+ grafana:
+ name: grafana
+ namespace: osh-infra
+ hosts:
+ default: grafana-dashboard
+ public: grafana
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: grafana.DOMAIN
+ path:
+ default: null
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ grafana:
+ default: 3000
+ # public: 443
+ monitoring:
+ name: prometheus
+ namespace: osh-infra
+ hosts:
+ default: prom-metrics
+ public: prometheus
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ scheme:
+ default: "http"
+ port:
+ api:
+ default: 9090
+ public: 80
+ kibana:
+ name: kibana
+ namespace: osh-infra
+ hosts:
+ default: kibana-dash
+ public: kibana
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: kibana.DOMAIN
+ path:
+ default: null
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ kibana:
+ default: 5601
+ # public: 443
+ alerts:
+ name: alertmanager
+ namespace: osh-infra
+ hosts:
+ default: alerts-engine
+ public: alertmanager
+ discovery: alertmanager-discovery
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ scheme:
+ default: "http"
+ port:
+ api:
+ default: 9093
+ public: 80
+ mesh:
+ default: 6783
+ kube_state_metrics:
+ namespace: kube-system
+ hosts:
+ default: kube-state-metrics
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ scheme:
+ default: "http"
+ port:
+ http:
+ default: 8080
+ kube_scheduler:
+ scheme:
+ default: "http"
+ path:
+ default: /metrics
+ kube_controller_manager:
+ scheme:
+ default: "http"
+ path:
+ default: /metrics
+ node_metrics:
+ namespace: kube-system
+ hosts:
+ default: node-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9100
+ prometheus_port:
+ default: 9100
+ prometheus_openstack_exporter:
+ namespace: openstack
+ hosts:
+ default: openstack-metrics
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ scheme:
+ default: "http"
+ port:
+ exporter:
+ default: 9103
+ nagios:
+ name: nagios
+ namespace: osh-infra
+ hosts:
+ default: nagios-metrics
+ public: nagios
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: nagios.DOMAIN
+ path:
+ default: null
+ scheme:
+ default: http
+ # public: https
+ port:
+ http:
+ default: 80
+ # public: 443
+ ldap:
+ hosts:
+ default: ldap
+ host_fqdn_override:
+ default: null
+ public:
+ host: DOMAIN
+ path:
+ default: /AUTH_PATH
+ scheme:
+ default: "ldap"
+ port:
+ ldap:
+ default: 389
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: pegleg/AccountCatalogue/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_service_accounts
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ ucp:
+ postgres:
+ admin:
+ username: postgres
+ oslo_db:
+ admin:
+ username: root
+ oslo_messaging:
+ admin:
+ username: rabbitmq
+ keystone:
+ admin:
+ region_name: RegionOne
+ username: admin
+ project_name: admin
+ user_domain_name: default
+ project_domain_name: default
+ oslo_messaging:
+ admin:
+ username: rabbitmq
+ keystone:
+ username: keystone
+ oslo_db:
+ username: keystone
+ database: keystone
+ promenade:
+ keystone:
+ region_name: RegionOne
+ role: admin
+ project_name: service
+ project_domain_name: default
+ user_domain_name: default
+ username: promenade
+ drydock:
+ keystone:
+ region_name: RegionOne
+ role: admin
+ project_name: service
+ project_domain_name: default
+ user_domain_name: default
+ username: drydock
+ postgres:
+ username: drydock
+ database: drydock
+ shipyard:
+ keystone:
+ region_name: RegionOne
+ role: admin
+ project_name: service
+ project_domain_name: default
+ user_domain_name: default
+ username: shipyard
+ postgres:
+ username: shipyard
+ database: shipyard
+ airflow:
+ postgres:
+ username: airflow
+ database: airflow
+ oslo_messaging:
+ username: rabbitmq
+ maas:
+ admin:
+ username: admin
+ email: none@none
+ postgres:
+ username: maas
+ database: maasdb
+ barbican:
+ keystone:
+ region_name: RegionOne
+ role: admin
+ project_name: service
+ project_domain_name: default
+ user_domain_name: default
+ username: barbican
+ oslo_db:
+ username: barbican
+ database: barbican
+ oslo_messaging:
+ admin:
+ username: rabbitmq
+ keystone:
+ username: keystone
+ armada:
+ keystone:
+ project_domain_name: default
+ user_domain_name: default
+ project_name: service
+ region_name: RegionOne
+ role: admin
+ user_domain_name: default
+ username: armada
+ deckhand:
+ keystone:
+ region_name: RegionOne
+ role: admin
+ project_name: service
+ project_domain_name: default
+ user_domain_name: default
+ username: deckhand
+ postgres:
+ username: deckhand
+ database: deckhand
+ ceph:
+ swift:
+ keystone:
+ role: admin
+ region_name: RegionOne
+ username: swift
+ project_name: service
+ user_domain_name: default
+ project_domain_name: default
+...
+---
+schema: pegleg/AccountCatalogue/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_service_accounts
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+ substitutions:
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.keystone.admin.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.cinder.cinder.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.glance.glance.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.heat.heat.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.heat.heat_trustee.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.heat.heat_stack_user.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.swift.keystone.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.neutron.neutron.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.nova.nova.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.nova.placement.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.barbican.barbican.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.barbican.barbican.region_name
+data:
+ osh:
+ keystone:
+ admin:
+ username: admin
+ project_name: admin
+ user_domain_name: default
+ project_domain_name: default
+ oslo_db:
+ username: keystone
+ database: keystone
+ oslo_messaging:
+ admin:
+ username: keystone-rabbitmq-admin
+ keystone:
+ username: keystone-rabbitmq-user
+ ldap:
+ username: "user@example-ldap.com"
+ cinder:
+ cinder:
+ role: admin
+ username: cinder
+ project_name: service
+ user_domain_name: default
+ project_domain_name: default
+ oslo_db:
+ username: cinder
+ database: cinder
+ oslo_messaging:
+ admin:
+ username: cinder-rabbitmq-admin
+ cinder:
+ username: cinder-rabbitmq-user
+ glance:
+ glance:
+ role: admin
+ username: glance
+ project_name: service
+ user_domain_name: default
+ project_domain_name: default
+ oslo_db:
+ username: glance
+ database: glance
+ oslo_messaging:
+ admin:
+ username: glance-rabbitmq-admin
+ glance:
+ username: glance-rabbitmq-user
+ ceph_object_store:
+ username: glance
+ heat:
+ heat:
+ role: admin
+ username: heat
+ project_name: service
+ user_domain_name: default
+ project_domain_name: default
+ heat_trustee:
+ role: admin
+ username: heat-trust
+ project_name: service
+ user_domain_name: default
+ project_domain_name: default
+ heat_stack_user:
+ role: admin
+ username: heat-domain
+ domain_name: heat
+ oslo_db:
+ username: heat
+ database: heat
+ oslo_messaging:
+ admin:
+ username: heat-rabbitmq-admin
+ heat:
+ username: heat-rabbitmq-user
+ swift:
+ keystone:
+ role: admin
+ username: swift
+ project_name: service
+ user_domain_name: default
+ project_domain_name: default
+ oslo_db:
+ admin:
+ username: root
+ neutron:
+ neutron:
+ role: admin
+ username: neutron
+ project_name: service
+ user_domain_name: default
+ project_domain_name: default
+ oslo_db:
+ username: neutron
+ database: neutron
+ oslo_messaging:
+ admin:
+ username: neutron-rabbitmq-admin
+ neutron:
+ username: neutron-rabbitmq-user
+ nova:
+ nova:
+ role: admin
+ username: nova
+ project_name: service
+ user_domain_name: default
+ project_domain_name: default
+ placement:
+ role: admin
+ username: placement
+ project_name: service
+ user_domain_name: default
+ project_domain_name: default
+ oslo_db:
+ username: nova
+ database: nova
+ oslo_db_api:
+ username: nova
+ database: nova_api
+ oslo_db_cell0:
+ username: nova
+ database: "nova_cell0"
+ oslo_messaging:
+ admin:
+ username: nova-rabbitmq-admin
+ nova:
+ username: nova-rabbitmq-user
+ horizon:
+ oslo_db:
+ username: horizon
+ database: horizon
+ barbican:
+ barbican:
+ role: admin
+ username: barbican
+ project_name: service
+ user_domain_name: default
+ project_domain_name: default
+ oslo_db:
+ username: barbican
+ database: barbican
+ oslo_messaging:
+ admin:
+ username: barbican-rabbitmq-admin
+ barbican:
+ username: barbican-rabbitmq-user
+...
+---
+schema: pegleg/AccountCatalogue/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_infra_service_accounts
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ osh_infra:
+ grafana:
+ admin:
+ username: grafana
+ oslo_db:
+ username: grafana
+ database: grafana
+ oslo_db_session:
+ username: grafana_session
+ database: grafana_session
+ elasticsearch:
+ admin:
+ username: elasticsearch
+ kibana:
+ admin:
+ username: kibana
+ oslo_db:
+ admin:
+ username: root
+ prometheus_openstack_exporter:
+ user:
+ username: prometheus-openstack-exporter
+ project_name: service
+ user_domain_name: default
+ nagios:
+ admin:
+ username: nagios
+ ldap:
+ admin:
+ # NEWSITE-CHANGEME: Replace with the site's LDAP account used to
+ # authenticate to the active directory backend to validate keystone
+ # users.
+ bind: "test@ldap.example.com"
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Manifest/v1
+metadata:
+ schema: metadata/Document/v1
+ name: full-site
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: full-site-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data:
+ release_prefix: airship
+ chart_groups:
+ - kubernetes-proxy
+ - kubernetes-container-networking
+ - kubernetes-dns
+ - kubernetes-etcd
+ - kubernetes-haproxy
+ - kubernetes-core
+ - ingress-kube-system
+ - ucp-ceph-update
+ - ucp-ceph-config
+ - ucp-core
+ - ucp-keystone
+ - ucp-divingbell
+ - ucp-armada
+ - ucp-deckhand
+ - ucp-drydock
+ - ucp-promenade
+ - ucp-shipyard
+ - osh-infra-ingress-controller
+ - osh-infra-ceph-config
+ - osh-infra-logging
+ - osh-infra-monitoring
+ - osh-infra-mariadb
+ - osh-infra-dashboards
+ - openstack-ingress-controller
+ - openstack-ceph-config
+ - openstack-mariadb
+ - openstack-memcached
+ - openstack-keystone
+ - openstack-radosgw
+ - openstack-glance
+ - openstack-cinder
+ - openstack-compute-kit
+ - openstack-heat
+ - osh-infra-prometheus-openstack-exporter
+ - openstack-horizon
+...
--- /dev/null
+---
+schema: 'drydock/BootAction/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: i40evf_blacklist
+ storagePolicy: 'cleartext'
+ layeringDefinition:
+ abstract: false
+ layer: site
+ labels:
+ application: 'drydock'
+data:
+ signaling: false
+ node_filter:
+ filter_set_type: 'union'
+ filter_set:
+ - filter_type: 'union'
+ node_names:
+ - 'aknode33'
+ - 'aknode34'
+ assets:
+ - path: /etc/modprobe.d/sriov_blacklist.conf
+ type: file
+ permissions: '644'
+ data_pipeline:
+ - utf8_decode
+ data: |
+ blacklist i40evf
+...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
storagePolicy: cleartext
data:
host_profile: MyControlPlane_HP
-#/new/notused/aic-clcp-manifests/site/clcp-seaworthy/profiles/host/cp_rack.yaml
addressing:
- network: oob
address: 192.168.41.131
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
data:
vlan: '41'
mtu: 9000
- cidr: 192.168.2.0/24
+ cidr: 192.168.2.0/24
routes:
- subnet: '0.0.0.0/0'
gateway: 192.168.2.200
ranges:
- type: reserved
- start: 192.168.2.84
- end: 192.168.2.86
+ start: 192.168.2.84
+ end: 192.168.2.86
- type: static
start: 192.168.2.1
end: 192.168.2.83
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
name: ipmi_admin_password
path: .
data:
+ hardware_profile: DELL_HP_Generic
oob:
type: 'ipmi'
network: 'oob'
- 'storage'
- 'overlay'
- 'calico'
+ p1p1:
+ slaves:
+ - 'sriov_nic01'
+ sriov:
+ vf_count: 32 # Currently ignored
+ trustedmode: false
+ p3p2:
+ slaves:
+ - 'sriov_nic02'
+ sriov:
+ vf_count: 32 # Currently ignored
+ trustedmode: false
storage:
physical_devices:
sdj:
kernel: 'hwe-16.04'
kernel_params:
console: 'ttyS1,115200n8'
+ intel_iommu: 'on'
+ iommu: 'pt'
+ amd_iommu: 'on'
+ transparent_hugepage: 'never'
+ hugepagesz: 'hardwareprofile:hugepages.dpdk.size'
+ hugepages: 'hardwareprofile:hugepages.dpdk.count'
+ default_hugepagesz: 'hardwareprofile:hugepages.dpdk.size'
+ isolcpus: 'hardwareprofile:cpuset.kvm'
metadata:
owner_data:
openstack-nova-compute: enabled
openvswitch: enabled
openstack-libvirt: kernel
+ sriov: enabled
beta.kubernetes.io/fluentd-ds-ready: 'true'
...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_keystone_ldap_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 5aacc198d8a1edeff4a8
+...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
schema: deckhand/PublicKey/v1
metadata:
schema: metadata/Document/v1
- name: localadmin_ssh_public_key
+ name: localadmin_ssh_public_key
layeringDefinition:
abstract: false
layer: site
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
storagePolicy: cleartext
data:
revision: v4.0
- site_type: large
+ site_type: edge
...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
asnumber: 65531
ipv4:
additional_cidrs:
- - 172.29.1.136/29
+ - 172.29.1.136/29
peers:
- apiVersion: v1
kind: bgpPeer
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
path: .values.images.tags
# IP addresses
- -
- src:
+ - src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .calico.etcd.service_ip
dest:
path: .values.service.ip
- -
- src:
+ - src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .calico.etcd.service_ip
path: .values.anchor.etcdctl_endpoint
# CAs
- -
- src:
+ - src:
schema: deckhand/CertificateAuthority/v1
name: calico-etcd
path: .
dest:
path: .values.secrets.tls.client.ca
- -
- src:
+ - src:
schema: deckhand/CertificateAuthority/v1
name: calico-etcd-peer
path: .
path: .values.secrets.tls.peer.ca
# Anchor client cert
- -
- src:
+ - src:
schema: deckhand/Certificate/v1
name: calico-etcd-anchor
path: .
dest:
path: .values.secrets.anchor.tls.cert
- -
- src:
+ - src:
schema: deckhand/CertificateKey/v1
name: calico-etcd-anchor
path: .
path: .values.secrets.anchor.tls.key
# Node names
- -
- src:
+ - src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .masters[0].hostname
dest:
path: .values.nodes[0].name
- -
- src:
+ - src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .masters[1].hostname
dest:
path: .values.nodes[1].name
- -
- src:
+ - src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .genesis.hostname
dest:
path: .values.nodes[2].name
- # Server certs
+ # Server certs
- src:
schema: deckhand/Certificate/v1
name: calico-etcd-aknode31
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
abstract: false
layer: site
parentSelector:
- name: kubernetes-etcd-global
+ name: kubernetes-etcd-global
actions:
- - method: merge
- path: .
+ - method: merge
+ path: .
storagePolicy: cleartext
substitutions:
path: .values.images.tags
# IP addresses
- -
- src:
+ - src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .kubernetes.etcd_service_ip
dest:
path: .values.service.ip
- -
- src:
+ - src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .kubernetes.etcd_service_ip
path: .values.anchor.etcdctl_endpoint
# CAs
- -
- src:
+ - src:
schema: deckhand/CertificateAuthority/v1
name: kubernetes-etcd
path: .
dest:
path: .values.secrets.tls.client.ca
- -
- src:
+ - src:
schema: deckhand/CertificateAuthority/v1
name: kubernetes-etcd-peer
path: .
dest:
path: .values.secrets.tls.peer.ca
- -
- src:
+ - src:
schema: deckhand/Certificate/v1
name: kubernetes-etcd-anchor
path: .
dest:
path: .values.secrets.anchor.tls.cert
- -
- src:
+ - src:
schema: deckhand/CertificateKey/v1
name: kubernetes-etcd-anchor
path: .
path: .values.secrets.anchor.tls.key
# Node names
- -
- src:
+ - src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .masters[0].hostname
dest:
path: .values.nodes[0].name
- -
- src:
+ - src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .masters[1].hostname
dest:
path: .values.nodes[1].name
- -
- src:
+ - src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .genesis.hostname
dest:
path: .values.nodes[2].name
- # Server certs
+ # Server certs
- src:
schema: deckhand/Certificate/v1
name: kubernetes-etcd-aknode31
path: .values.nodes[2].tls.peer.key
data: {}
-
...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
- name: neutron-site30
- #replacement: true
+ name: neutron
+ replacement: true
labels:
component: neutron
layeringDefinition:
storagePolicy: cleartext
data:
values:
+ labels:
+ agent:
+ sriov:
+ node_selector_key: sriov
+ node_selector_value: enabled
network:
-# auto_bridge_add:
-# br-bond0: bond0
+ backend:
+ - openvswitch
+ - sriov
interface:
sriov:
- device: ens6f0
plugins:
openvswitch_agent:
ovs:
- bridge_mappings: physnet:br-bond0
+ bridge_mappings: bond0:br-bond0
sriov_agent:
+ securitygroup:
+ firewall_driver: neutron.agent.firewall.NoopFirewallDriver
sriov_nic:
+ exclude_devices: null
physical_device_mappings: sriovnet1:ens6f0,sriovnet2:ens6f1
ml2_conf:
+ ml2:
+ mechanism_drivers: l2population,openvswitch,sriovnicswitch
ml2_type_vlan:
- network_vlan_ranges: physnet:46:300,sriovnet1:100:4000,sriovnet2:100:4000,sriovnet3:100:4000,sriovnet4:100:4000
+ network_vlan_ranges: bond0:46:300,sriovnet1:2001:3000,sriovnet2:2001:3000
...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
storagePolicy: cleartext
data:
values:
+ network:
+ backend:
+ - openvswitch
+ - sriov
conf:
nova:
+ filter_scheduler:
+ enabled_filters: "RetryFilter, AvailabilityZoneFilter, RamFilter, ComputeFilter, ComputeCapabilitiesFilter, ImagePropertiesFilter, ServerGroupAntiAffinityFilter, ServerGroupAffinityFilter, PciPassthroughFilter, NUMATopologyFilter, DifferentHostFilter, SameHostFilter"
libvirt:
virt_type: kvm
DEFAULT:
- vcpu_pin_set: "4-23,28-47"
+ debug: True
+ vcpu_pin_set: "4-21,26-43,48-65,72-87"
+ vif_plugging_is_fatal: False
+ vif_plugging_timeout: 30
pci:
alias: '{"name": "numa0", "capability_type": "pci", "product_id": "154c", "vendor_id": "8086", "device_type": "type-PCI", "numa_policy": "required"}'
passthrough_whitelist: |
- [{"address": "0000:08:10.0", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:10.2", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:12.4", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:12.6", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:13.0", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:13.2", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:13.4", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:13.6", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:14.0", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:14.2", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:14.4", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:14.6", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:10.4", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:15.0", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:15.2", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:15.4", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:15.6", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:16.0", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:16.2", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:16.4", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:16.6", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:17.0", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:17.2", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:10.6", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:17.4", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:17.6", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:11.0", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:11.2", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:11.4", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:11.6", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:12.0", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:12.2", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:10.1", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:10.3", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:12.5", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:12.7", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:13.1", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:13.3", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:13.5", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:13.7", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:14.1", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:14.3", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:14.5", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:14.7", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:10.5", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:15.1", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:15.3", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:15.5", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:15.7", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:16.1", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:16.3", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:16.5", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:16.7", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:17.1", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:17.3", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:10.7", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:17.5", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:17.7", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:11.1", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:11.3", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:11.5", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:11.7", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:12.1", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:12.3", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:81:10.0", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:10.2", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:12.4", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:12.6", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:13.0", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:13.2", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:13.4", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:13.6", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:14.0", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:14.2", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:14.4", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:14.6", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:10.4", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:15.0", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:15.2", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:15.4", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:15.6", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:16.0", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:16.2", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:16.4", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:16.6", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:17.0", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:17.2", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:10.6", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:17.4", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:17.6", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:11.0", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:11.2", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:11.4", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:11.6", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:12.0", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:12.2", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:10.1", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:10.3", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:12.5", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:12.7", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:13.1", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:13.3", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:13.5", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:13.7", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:14.1", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:14.3", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:14.5", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:14.7", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:10.5", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:15.1", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:15.3", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:15.5", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:15.7", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:16.1", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:16.3", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:16.5", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:16.7", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:17.1", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:17.3", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:10.7", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:17.5", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:17.7", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:11.1", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:11.3", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:11.5", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:11.7", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:12.1", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:12.3", "physical_network": "sriovnet4", "trusted": "true"}]
+ [{"address": "0000:af:02.0", "physical_network": "sriovnet1"},{"address": "0000:af:02.1", "physical_network": "sriovnet1"},{"address": "0000:af:02.2", "physical_network": "sriovnet1"},{"address": "0000:af:02.3", "physical_network": "sriovnet1"},{"address": "0000:af:02.4", "physical_network": "sriovnet1"},{"address": "0000:af:02.5", "physical_network": "sriovnet1"},{"address": "0000:af:02.6", "physical_network": "sriovnet1"},{"address": "0000:af:02.7", "physical_network": "sriovnet1"},{"address": "0000:af:03.0", "physical_network": "sriovnet1"},{"address": "0000:af:03.1", "physical_network": "sriovnet1"},{"address": "0000:af:03.2", "physical_network": "sriovnet1"},{"address": "0000:af:03.3", "physical_network": "sriovnet1"},{"address": "0000:af:03.4", "physical_network": "sriovnet1"},{"address": "0000:af:03.5", "physical_network": "sriovnet1"},{"address": "0000:af:03.6", "physical_network": "sriovnet1"},{"address": "0000:af:03.7", "physical_network": "sriovnet1"},{"address": "0000:af:04.0", "physical_network": "sriovnet1"},{"address": "0000:af:04.1", "physical_network": "sriovnet1"},{"address": "0000:af:04.2", "physical_network": "sriovnet1"},{"address": "0000:af:04.3", "physical_network": "sriovnet1"},{"address": "0000:af:04.4", "physical_network": "sriovnet1"},{"address": "0000:af:04.5", "physical_network": "sriovnet1"},{"address": "0000:af:04.6", "physical_network": "sriovnet1"},{"address": "0000:af:04.7", "physical_network": "sriovnet1"},{"address": "0000:af:05.0", "physical_network": "sriovnet1"},{"address": "0000:af:05.1", "physical_network": "sriovnet1"},{"address": "0000:af:05.2", "physical_network": "sriovnet1"},{"address": "0000:af:05.3", "physical_network": "sriovnet1"},{"address": "0000:af:05.4", "physical_network": "sriovnet1"},{"address": "0000:af:05.5", "physical_network": "sriovnet1"},{"address": "0000:af:05.6", "physical_network": "sriovnet1"},{"address": "0000:af:05.7", "physical_network": "sriovnet1"},{"address": "0000:af:0a.0", "physical_network": "sriovnet2"},{"address": "0000:af:0a.1", "physical_network": "sriovnet2"},{"address": "0000:af:0a.2", "physical_network": "sriovnet2"},{"address": "0000:af:0a.3", "physical_network": "sriovnet2"},{"address": "0000:af:0a.4", "physical_network": "sriovnet2"},{"address": "0000:af:0a.5", "physical_network": "sriovnet2"},{"address": "0000:af:0a.6", "physical_network": "sriovnet2"},{"address": "0000:af:0a.7", "physical_network": "sriovnet2"},{"address": "0000:af:0b.0", "physical_network": "sriovnet2"},{"address": "0000:af:0b.1", "physical_network": "sriovnet2"},{"address": "0000:af:0b.2", "physical_network": "sriovnet2"},{"address": "0000:af:0b.3", "physical_network": "sriovnet2"},{"address": "0000:af:0b.4", "physical_network": "sriovnet2"},{"address": "0000:af:0b.5", "physical_network": "sriovnet2"},{"address": "0000:af:0b.6", "physical_network": "sriovnet2"},{"address": "0000:af:0b.7", "physical_network": "sriovnet2"},{"address": "0000:af:0c.0", "physical_network": "sriovnet2"},{"address": "0000:af:0c.1", "physical_network": "sriovnet2"},{"address": "0000:af:0c.2", "physical_network": "sriovnet2"},{"address": "0000:af:0c.3", "physical_network": "sriovnet2"},{"address": "0000:af:0c.4", "physical_network": "sriovnet2"},{"address": "0000:af:0c.5", "physical_network": "sriovnet2"},{"address": "0000:af:0c.6", "physical_network": "sriovnet2"},{"address": "0000:af:0c.7", "physical_network": "sriovnet2"},{"address": "0000:af:0d.0", "physical_network": "sriovnet2"},{"address": "0000:af:0d.1", "physical_network": "sriovnet2"},{"address": "0000:af:0d.2", "physical_network": "sriovnet2"},{"address": "0000:af:0d.3", "physical_network": "sriovnet2"},{"address": "0000:af:0d.4", "physical_network": "sriovnet2"},{"address": "0000:af:0d.5", "physical_network": "sriovnet2"},{"address": "0000:af:0d.6", "physical_network": "sriovnet2"},{"address": "0000:af:0d.7", "physical_network": "sriovnet2"}]
...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
env:
promenade_api:
- name: no_proxy
- value: 172.30.1.30,10.96.0.1,.cluster.local,192.168.2.30,192.168.2.31,192.168.2.32,192.168.2.33,192.168.2.34,nexus3.att-akraino.org,hpgen10.lab.akraino.org,gcr.io,quay.io,lachlanevenson,docker.io,github.com,localhost,127.0.0.1
+ value: localhost,127.0.0.1,192.168.0.0/16,172.0.0.0/8,10.0.0.0/8
- name: NO_PROXY
- value: 172.30.1.30,10.96.0.1,.cluster.local,192.168.2.30,192.168.2.31,192.168.2.32,192.168.2.33,192.168.2.34,nexus3.att-akraino.org,hpgen10.lab.akraino.org,gcr.io,quay.io,lachlanevenson,docker.io,github.com,localhost,127.0.0.1
+ value: localhost,127.0.0.1,192.168.0.0/16,172.0.0.0/8,10.0.0.0/8
...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
pattern: DOMAIN
data:
osh:
+ object_store:
+ name: swift
+ namespace: ceph
+ hosts:
+ default: ceph-rgw
+ public: radosgw
+ host_fqdn_override:
+ default: null
+ public:
+ host: object-store.DOMAIN
+ path:
+ default: /swift/v1/KEY_$(tenant_id)s
+ scheme:
+ default: http
+ public: "https"
+ port:
+ api:
+ default: 8088
+ public: 443
oslo_db:
hosts:
default: mariadb
port:
exporter:
default: 9103
+ nagios:
+ name: nagios
+ namespace: osh-infra
+ hosts:
+ default: nagios-metrics
+ public: nagios
+ host_fqdn_override:
+ default: null
+ public:
+ host: nagios.DOMAIN
+ path:
+ default: null
+ scheme:
+ default: http
+ public: https
+ port:
+ http:
+ default: 80
+ public: 443
+ ldap:
+ hosts:
+ default: ldap
+ host_fqdn_override:
+ default: null
+ public:
+ host: DOMAIN
+ path:
+ default: /AUTH_PATH
+ scheme:
+ default: "ldap"
+ port:
+ ldap:
+ default: 389
...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
username: prometheus-openstack-exporter
project_name: service
user_domain_name: default
+ nagios:
+ admin:
+ username: nagios
+ ldap:
+ admin:
+ # NEWSITE-CHANGEME: Replace with the site's LDAP account used to
+ # authenticate to the active directory backend to validate keystone
+ # users.
+ bind: "test@ldap.example.com"
...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
# limitations under the License. #
##############################################################################
-site_name: hp_akraino
-ipmi_admin_password: Admin123
+site_name: hpgen10
+ipmi_admin:
+ username: Administrator
+ password: Admin123
networks:
bonded: yes
primary: bond0
start: 192.168.41.5
end: 192.168.41.254
host:
- vlan: 41
+ vlan: 41
interface: bond0.41
cidr: 192.168.2.0/24
routes:
- gateway: 192.168.2.85
+ gateway: 192.168.2.200
ranges:
reserved:
start: 192.168.2.84
interface: bond0.42
cidr: 172.31.1.0/24
ranges:
- reserved:
- start: 172.31.1.1
- end: 172.31.1.10
static:
- start: 172.31.1.11
+ start: 172.31.1.2
end: 172.31.1.254
pxe:
vlan:
interface: eno1
cidr: 172.30.1.0/24
gateway: 172.30.1.1
+ routes:
+ gateway: 172.30.1.30
ranges:
reserved:
- start: 172.30.1.2
+ start: 172.30.1.1
end: 172.30.1.10
static:
start: 172.30.1.11
interface: bond0.45
cidr: 10.0.101.0/24
ranges:
- reserved:
- start: 10.0.101.1
- end: 10.0.101.10
static:
- start: 10.0.101.11
+ start: 10.0.101.2
end: 10.0.101.254
sriovnets:
- physical: sriovnet1
interface: ens6f0
- vlan_start: 100
- vlan_end: 4000
+ vlan_start: 2001
+ vlan_end: 3000
whitelists:
- "0000:af:02.0": "enp175s2"
- "0000:af:02.1": "enp175s2f1"
- "0000:af:03.2": "enp175s3f2"
- "0000:af:03.3": "enp175s3f3"
- "0000:af:03.4": "enp175s3f4"
- "0000:af:03.5": "enp175s3f5"
- "0000:af:03.6": "enp175s3f6"
- "0000:af:03.7": "enp175s3f7"
- "0000:af:04.0": "enp175s4"
- "0000:af:04.1": "enp175s4f1"
- "0000:af:04.2": "enp175s4f2"
- "0000:af:04.3": "enp175s4f3"
- "0000:af:02.2": "enp175s2f2"
- "0000:af:04.4": "enp175s4f4"
- "0000:af:04.5": "enp175s4f5"
- "0000:af:04.6": "enp175s4f6"
- "0000:af:04.7": "enp175s4f7"
- "0000:af:05.0": "enp175s5"
- "0000:af:05.1": "enp175s5f1"
- "0000:af:05.2": "enp175s5f2"
- "0000:af:05.3": "enp175s5f3"
- "0000:af:05.4": "enp175s5f4"
- "0000:af:05.5": "enp175s5f5"
- "0000:af:02.3": "enp175s2f3"
- "0000:af:05.6": "enp175s5f6"
- "0000:af:05.7": "enp175s5f7"
- "0000:af:02.4": "enp175s2f4"
- "0000:af:02.5": "enp175s2f5"
- "0000:af:02.6": "enp175s2f6"
- "0000:af:02.7": "enp175s2f7"
- "0000:af:03.0": "enp175s3"
- "0000:af:03.1": "enp175s3f1"
+ - "address": "0000:af:02.0"
+ - "address": "0000:af:02.1"
+ - "address": "0000:af:02.2"
+ - "address": "0000:af:02.3"
+ - "address": "0000:af:02.4"
+ - "address": "0000:af:02.5"
+ - "address": "0000:af:02.6"
+ - "address": "0000:af:02.7"
+ - "address": "0000:af:03.0"
+ - "address": "0000:af:03.1"
+ - "address": "0000:af:03.2"
+ - "address": "0000:af:03.3"
+ - "address": "0000:af:03.4"
+ - "address": "0000:af:03.5"
+ - "address": "0000:af:03.6"
+ - "address": "0000:af:03.7"
+ - "address": "0000:af:04.0"
+ - "address": "0000:af:04.1"
+ - "address": "0000:af:04.2"
+ - "address": "0000:af:04.3"
+ - "address": "0000:af:04.4"
+ - "address": "0000:af:04.5"
+ - "address": "0000:af:04.6"
+ - "address": "0000:af:04.7"
+ - "address": "0000:af:05.0"
+ - "address": "0000:af:05.1"
+ - "address": "0000:af:05.2"
+ - "address": "0000:af:05.3"
+ - "address": "0000:af:05.4"
+ - "address": "0000:af:05.5"
+ - "address": "0000:af:05.6"
+ - "address": "0000:af:05.7"
- physical: sriovnet2
interface: ens6f1
- vlan_start: 100
- vlan_end: 4000
+ vlan_start: 2001
+ vlan_end: 3000
whitelists:
- "0000:af:0a.0": "enp175s10"
- "0000:af:0a.1": "enp175s10f1"
- "0000:af:0b.2": "enp175s11f2"
- "0000:af:0b.3": "enp175s11f3"
- "0000:af:0b.4": "enp175s11f4"
- "0000:af:0b.5": "enp175s11f5"
- "0000:af:0b.6": "enp175s11f6"
- "0000:af:0b.7": "enp175s11f7"
- "0000:af:0c.0": "enp175s12"
- "0000:af:0c.1": "enp175s12f1"
- "0000:af:0c.2": "enp175s12f2"
- "0000:af:0c.3": "enp175s12f3"
- "0000:af:0a.2": "enp175s10f2"
- "0000:af:0c.4": "enp175s12f4"
- "0000:af:0c.5": "enp175s12f5"
- "0000:af:0c.6": "enp175s12f6"
- "0000:af:0c.7": "enp175s12f7"
- "0000:af:0d.0": "enp175s13"
- "0000:af:0d.1": "enp175s13f1"
- "0000:af:0d.2": "enp175s13f2"
- "0000:af:0d.3": "enp175s13f3"
- "0000:af:0d.4": "enp175s13f4"
- "0000:af:0d.5": "enp175s13f5"
- "0000:af:0a.3": "enp175s10f3"
- "0000:af:0d.6": "enp175s13f6"
- "0000:af:0d.7": "enp175s13f7"
- "0000:af:0a.4": "enp175s10f4"
- "0000:af:0a.5": "enp175s10f5"
- "0000:af:0a.6": "enp175s10f6"
- "0000:af:0a.7": "enp175s10f7"
- "0000:af:0b.0": "enp175s11"
- "0000:af:0b.1": "enp175s11f1"
+ - "address": "0000:af:0a.0"
+ - "address": "0000:af:0a.1"
+ - "address": "0000:af:0a.2"
+ - "address": "0000:af:0a.3"
+ - "address": "0000:af:0a.4"
+ - "address": "0000:af:0a.5"
+ - "address": "0000:af:0a.6"
+ - "address": "0000:af:0a.7"
+ - "address": "0000:af:0b.0"
+ - "address": "0000:af:0b.1"
+ - "address": "0000:af:0b.2"
+ - "address": "0000:af:0b.3"
+ - "address": "0000:af:0b.4"
+ - "address": "0000:af:0b.5"
+ - "address": "0000:af:0b.6"
+ - "address": "0000:af:0b.7"
+ - "address": "0000:af:0c.0"
+ - "address": "0000:af:0c.1"
+ - "address": "0000:af:0c.2"
+ - "address": "0000:af:0c.3"
+ - "address": "0000:af:0c.4"
+ - "address": "0000:af:0c.5"
+ - "address": "0000:af:0c.6"
+ - "address": "0000:af:0c.7"
+ - "address": "0000:af:0d.0"
+ - "address": "0000:af:0d.1"
+ - "address": "0000:af:0d.2"
+ - "address": "0000:af:0d.3"
+ - "address": "0000:af:0d.4"
+ - "address": "0000:af:0d.5"
+ - "address": "0000:af:0d.6"
+ - "address": "0000:af:0d.7"
storage:
osds:
- data: /dev/sdb
- journal: /var/lib/openstack-helm/ceph/journal0/osd/journal-sdb
+ journal: /var/lib/ceph/journal/journal-sdb
- data: /dev/sdc
- journal: /var/lib/openstack-helm/ceph/journal1/osd/journal-sdc
+ journal: /var/lib/ceph/journal/journal-sdc
- data: /dev/sdd
- journal: /var/lib/openstack-helm/ceph/journal0/osd/journal-sdd
+ journal: /var/lib/ceph/journal/journal-sdd
- data: /dev/sde
- journal: /var/lib/openstack-helm/ceph/journal1/osd/journal-sde
+ journal: /var/lib/ceph/journal/journal-sde
- data: /dev/sdf
- journal: /var/lib/openstack-helm/ceph/journal0/osd/journal-sdf
- - data: /dev/sdg
- journal: /var/lib/openstack-helm/ceph/journal1/osd/journal-sdg
+ journal: /var/lib/ceph/journal/journal-sdf
- data: /dev/sdg
- journal: /var/lib/openstack-helm/ceph/journal0/osd/journal-sdh
+ journal: /var/lib/ceph/journal/journal-sdg
+ - data: /dev/sdh
+ journal: /var/lib/ceph/journal/journal-sdh
- data: /dev/sdi
- journal: /var/lib/openstack-helm/ceph/journal1/osd/journal-sdi
- - data: /dev/sdk
- journal: /var/lib/openstack-helm/ceph/journal0/osd/journal-sdk
- osd_count: 9
+ journal: /var/lib/ceph/journal/journal-sdi
+ osd_count: 8
+ total_osd_count: 24
genesis:
- name: csonjrsv30
+ name: aknode30
oob: 192.168.41.30
host: 192.168.2.30
storage: 172.31.1.30
ksn: 172.29.1.30
neutron: 10.0.101.30
masters:
- - name : csonjrsv31
- - name : csonjrsv32
-workers:
- - name : csonjrsv33
- - name : csonjrsv34
-servers:
- - name : csonjrsv31
- oob: 192.168.41.31
+ - name : aknode31
+ oob: 192.168.41.131
host: 192.168.2.31
storage: 172.31.1.31
pxe: 172.30.1.31
ksn: 172.29.1.31
neutron: 10.0.101.31
- - name : csonjrsv32
- oob: 192.168.41.32
+ - name : aknode32
+ oob: 192.168.41.132
host: 192.168.2.32
storage: 172.31.1.32
pxe: 172.30.1.32
ksn: 172.29.1.32
neutron: 10.0.101.32
- - name : csonjrsv33
- oob: 192.168.41.33
+workers:
+ - name : aknode33
+ oob: 192.168.41.133
host: 192.168.2.33
storage: 172.31.1.33
pxe: 172.30.1.33
ksn: 172.29.1.33
neutron: 10.0.101.33
- - name : csonjrsv34
- oob: 192.168.41.34
+ - name : aknode34
+ oob: 192.168.41.134
host: 192.168.2.34
storage: 172.31.1.34
pxe: 172.30.1.34
size: 1g
mountpoint: /boot
- name: var
- size: 100g
+ size: '>300g'
mountpoint: /var
- - name : sdb
- partitions:
- - name: cephj0
- size: 100g
- mountpoint: /var/lib/openstack-helm/ceph/journal0
- - name : sdc
+ - name : sdk
partitions:
- - name: cephj1
- size: 100g
- mountpoint: /var/lib/openstack-helm/ceph/journal1
+ - name: cephj
+ size: 300g
+ mountpoint: /var/lib/ceph/journal
genesis_ssh_public_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC/n4mNLAj3XKG2fcm+8eVe0NUlNH0g8DA8KJ53rSLKccm8gm4UgLmGOJyBfUloQZMuOpU6a+hexN4ECCliqI7+KUmgJgsvLkJ3OUMNTEVu9tDX5mdXeffsufaqFkAdmbJ/9PMPiPQ3/UqbbtyEcqoZAwUWf4ggAWSp00SGE1Okg+skPSbDzPVHb4810eXZT1yoIg29HAenJNNrsVxvnMT2kw2OYmLfxgEUh1Ev4c5LnUog4GXBDHQtHAwaIoTu9s/q8VIvGav62RJVFn3U1D0jkiwDLSIFn8ezORQ4YkSidwdSrtqsqa2TJ0E5w/n5h5IVGO9neY8YlXrgynLd4Y+7 root@pocnjrsv132"
kubernetes:
api_service_ip: 10.96.0.1
etcd_service_ip: 10.96.0.2
pod_cidr: 10.99.0.0/16
- service_cidr: 10.96.0.0/15
+ service_cidr: 10.96.0.0/14
regional_server:
ip: 135.16.101.85
...
+++ /dev/null
----
-##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: armada/Chart/v1
-metadata:
- schema: metadata/Document/v1
- name: kubernetes-calico
- layeringDefinition:
- abstract: false
- layer: site
- parentSelector:
- name: kubernetes-calico-global
- actions:
- - method: delete
- path: .values.calico
- - method: delete
- path: .values.etcd
- - method: merge
- path: .
- storagePolicy: cleartext
- substitutions:
- # IP addresses
- -
- src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .calico.etcd.service_ip
- dest:
- path: .values.endpoints.etcd.host_fqdn_override.default
- -
- src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .kubernetes.pod_cidr
- dest:
- path: .values.networking.podSubnet
- -
- src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .kubernetes.api_service_ip
- dest:
- path: .values.conf.policy_controller.K8S_API
- pattern: SUB_KUBERNETES_IP
-
- # Other site-specific configuration
- -
- src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .calico.ip_autodetection_method
- dest:
- path: .values.conf.node.IP_AUTODETECTION_METHOD
-
- # Certificates
- -
- src:
- schema: deckhand/CertificateAuthority/v1
- name: calico-etcd
- path: .
- dest:
- path: .values.endpoints.etcd.auth.client.tls.ca
- -
- src:
- schema: deckhand/Certificate/v1
- name: calico-node
- path: .
- dest:
- path: .values.endpoints.etcd.auth.client.tls.crt
- -
- src:
- schema: deckhand/CertificateKey/v1
- name: calico-node
- path: .
- dest:
- path: .values.endpoints.etcd.auth.client.tls.key
-data:
- chart_name: calico
- release: calico
- namespace: kube-system
- timeout: 600
- upgrade:
- no_hooks: true
- values:
- conf:
- cni_network_config:
- name: k8s-pod-network
- cniVersion: 0.1.0
- type: calico
- etcd_endpoints: __ETCD_ENDPOINTS__
- etcd_ca_cert_file: /etc/calico/pki/ca
- etcd_cert_file: /etc/calico/pki/crt
- etcd_key_file: /etc/calico/pki/key
- log_level: info
- mtu: 1500
- ipam:
- type: calico-ipam
- policy:
- type: k8s
- k8s_api_root: https://__KUBERNETES_SERVICE_HOST__:__KUBERNETES_SERVICE_PORT__
- k8s_auth_token: __SERVICEACCOUNT_TOKEN__
-
- policy_controller:
- K8S_API: "https://SUB_KUBERNETES_IP:443"
-
- node:
- CALICO_STARTUP_LOGLEVEL: INFO
- CLUSTER_TYPE:
- - k8s
- - bgp
- WAIT_FOR_STORAGE: "true"
-
- endpoints:
- etcd:
- hosts:
- default: calico-etcd
- scheme:
- default: https
-
- networking:
- mtu: 1500
- settings:
- mesh: "off"
- ippool:
- ipip:
- enabled: "false"
- mode: "cross-subnet"
- bgp:
- asnumber: {{yaml.networks.ksn.local_asnumber}}
- ipv4:
- additional_cidrs:
-{% for add_cidr in yaml.networks.ksn.additional_cidrs %}
- - {{add_cidr}}
-{% endfor %}
- peers:
-{% for peer in yaml.networks.ksn.peers %}
- - apiVersion: v1
- kind: bgpPeer
- metadata:
- peerIP: {{peer.ip}}
- scope: {{peer.scope}}
- spec:
- asnumber: {{peer.asnumber}}
-{% endfor %}
- manifests:
- daemonset_calico_etcd: false
- job_image_repo_sync: false
- service_calico_etcd: false
-...
--- /dev/null
+---
+schema: 'drydock/BootAction/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: i40evf_blacklist
+ storagePolicy: 'cleartext'
+ layeringDefinition:
+ abstract: false
+ layer: site
+ labels:
+ application: 'drydock'
+data:
+ signaling: false
+ node_filter:
+ filter_set_type: 'union'
+ filter_set:
+ - filter_type: 'union'
+ assets:
+ - path: /etc/modprobe.d/sriov_blacklist.conf
+ type: file
+ permissions: '644'
+ data_pipeline:
+ - utf8_decode
+ data: |
+ blacklist i40evf
+...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
# limitations under the License. #
##############################################################################
-schema: 'drydock/BootAction/v1'
-metadata:
- schema: 'metadata/Document/v1'
- name: promjoin
- storagePolicy: 'cleartext'
- layeringDefinition:
- abstract: false
- layer: site
- labels:
- application: 'drydock'
-data:
- node_filter:
- filter_set_type: 'union'
- filter_set:
- - filter_type: 'union'
- node_names:
-{% for server in yaml.servers %}
- - '{{server.name}}'
-{% endfor %}
-{% raw %} # TODO(alanmeadows) move what is global about this document - everything except nodenames to global
- assets:
- - path: /opt/promjoin.sh
- type: file
- permissions: '555'
- # TODO(alanmeadows) You must replace the ip= parameter below with the appropriate MaaS network name of the network
- # you should use to contact kubernetes in the case below, this is cab24_mgmt
- location: promenade+http://promenade-api.ucp.svc.cluster.local/api/v1.0/join-scripts?design_ref={{ action.design_ref | urlencode }}&hostname={{ node.hostname }}{% if 'ksn' in node.network %}&ip={{ node.network.ksn.ip }}{% endif %}{% for k, v in node.labels.items() %}&labels.dynamic={{ k }}={{ v }}{% endfor %}
- location_pipeline:
- - template
- data_pipeline:
- - utf8_decode
- - path: /lib/systemd/system/promjoin.service
- type: unit
- permissions: '600'
- data: |-
- W1VuaXRdCkRlc2NyaXB0aW9uPVByb21lbmFkZSBJbml0aWFsaXphdGlvbiBTZXJ2aWNlCkFmdGVy
- PW5ldHdvcmstb25saW5lLnRhcmdldCBsb2NhbC1mcy50YXJnZXQKQ29uZGl0aW9uUGF0aEV4aXN0
- cz0hL3Zhci9saWIvcHJvbS5kb25lCgpbU2VydmljZV0KVHlwZT1zaW1wbGUKRXhlY1N0YXJ0PS9v
- cHQvcHJvbWpvaW4uc2gKCltJbnN0YWxsXQpXYW50ZWRCeT1tdWx0aS11c2VyLnRhcmdldAo=
- data_pipeline:
- - base64_decode
- - utf8_decode
-{% endraw %}
----
schema: 'drydock/BootAction/v1'
metadata:
schema: 'metadata/Document/v1'
lookup "${TABLE}" \
pref 10100
fi
----
-schema: 'drydock/BootAction/v1'
-metadata:
- schema: 'metadata/Document/v1'
- name: i40evf_blacklist
- storagePolicy: 'cleartext'
- layeringDefinition:
- abstract: false
- layer: site
- labels:
- application: 'drydock'
-data:
- assets:
- - path: /etc/modprobe.d/sriov_blacklist.conf
- type: file
- permissions: '644'
- data_pipeline:
- - utf8_decode
- data: |
- blacklist i40evf
...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: 'drydock/BootAction/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: promjoin
+ storagePolicy: 'cleartext'
+ layeringDefinition:
+ abstract: false
+ layer: site
+ labels:
+ application: 'drydock'
+data:
+ signaling: false
+ node_filter:
+ filter_set_type: 'union'
+ filter_set:
+ - filter_type: 'union'
+ node_names:
+{% for server in yaml.masters %}
+ - '{{server.name}}'
+{% endfor %}
+{% for server in yaml.workers %}
+ - '{{server.name}}'
+{% endfor %}
+{% raw %} # TODO(alanmeadows) move what is global about this document - everything except nodenames to global
+ assets:
+ - path: /opt/promjoin.sh
+ type: file
+ permissions: '555'
+ # TODO(alanmeadows) You must replace the ip= parameter below with the appropriate MaaS network name of the network
+ # you should use to contact kubernetes in the case below, this is cab24_mgmt
+ location: promenade+http://promenade-api.ucp.svc.cluster.local/api/v1.0/join-scripts?design_ref={{ action.design_ref | urlencode }}&hostname={{ node.hostname }}&ip={{ node.network.calico.ip }}{% for k, v in node.labels.items() %}&labels.dynamic={{ k }}={{ v }}{% endfor %}
+ location_pipeline:
+ - template
+ data_pipeline:
+ - utf8_decode
+ - path: /lib/systemd/system/promjoin.service
+ type: unit
+ permissions: '600'
+ data: |-
+ W1VuaXRdCkRlc2NyaXB0aW9uPVByb21lbmFkZSBJbml0aWFsaXphdGlvbiBTZXJ2aWNlCkFmdGVy
+ PW5ldHdvcmstb25saW5lLnRhcmdldCBsb2NhbC1mcy50YXJnZXQKQ29uZGl0aW9uUGF0aEV4aXN0
+ cz0hL3Zhci9saWIvcHJvbS5kb25lCgpbU2VydmljZV0KVHlwZT1zaW1wbGUKRXhlY1N0YXJ0PS9v
+ cHQvcHJvbWpvaW4uc2gKCltJbnN0YWxsXQpXYW50ZWRCeT1tdWx0aS11c2VyLnRhcmdldAo=
+ data_pipeline:
+ - base64_decode
+ - utf8_decode
+{% endraw %}
+...
+{% for server in yaml.masters %}
+---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
# See the License for the specific language governing permissions and #
# limitations under the License. #
##############################################################################
-
-{% for server in yaml.servers %}
----
schema: 'drydock/BaremetalNode/v1'
metadata:
schema: 'metadata/Document/v1'
layer: site
storagePolicy: cleartext
data:
- host_profile: MyControlPlane_HP
+ host_profile: ControlPlane
# the hostname for a server, could be used in multiple DNS domains to
# represent different interfaces
addressing:
# Which network the address applies to. If a network appears in addressing
# that isn't assigned to an interface, design validation will fail
+ - network: oob
+ address: {{server.oob}}
- network: pxe
# The address assigned. Either a explicit IPv4 or IPv6 address
# or dhcp or slaac
address: {{server.pxe}}
- network: oam
address: {{server.host}}
- - network: ksn
- address: {{server.ksn}}
- network: storage
address: {{server.storage}}
- network: overlay
address: {{server.neutron}}
+ - network: calico
+ address: {{server.ksn}}
+ metadata:
+ rack: RACK01
+ tags:
+ - 'masters'
+{% endfor %}
+{% for server in yaml.workers %}
+---
+schema: 'drydock/BaremetalNode/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: {{server.name}}
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ host_profile: ComputePlane
+ # the hostname for a server, could be used in multiple DNS domains to
+ # represent different interfaces
+ addressing:
+ # Which network the address applies to. If a network appears in addressing
+ # that isn't assigned to an interface, design validation will fail
- network: oob
address: {{server.oob}}
+ - network: pxe
+ # The address assigned. Either a explicit IPv4 or IPv6 address
+ # or dhcp or slaac
+ address: {{server.pxe}}
+ - network: oam
+ address: {{server.host}}
+ - network: storage
+ address: {{server.storage}}
+ - network: overlay
+ address: {{server.neutron}}
+ - network: calico
+ address: {{server.ksn}}
metadata:
- rack: rack01
+ rack: RACK01
tags:
- - 'masters'
+ - 'workers'
{% endfor %}
...
-
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
cluster_domain: cluster.local
service_ip: 10.96.0.10
upstream_servers:
- - 135.37.9.16
- - 135.38.244.16
- - 135.188.34.84
- upstream_servers_joined: 135.37.9.16,135.38.244.16,135.53.34.84
-
+{% for server in yaml.dns.upstream_servers %}
+ - {{server}}
+{% endfor %}
+ upstream_servers_joined: '{{yaml.dns.upstream_servers_joined}}'
+ ingress_domain: {{yaml.dns.ingress_domain}}
genesis:
hostname: {{yaml.genesis.name}}
ip: {{yaml.genesis.ksn}}
service_cidr: {{yaml.kubernetes.service_cidr}}
apiserver_port: 6443
haproxy_port: 6553
- service_node_port_range: 30000-35357
+ service_node_port_range: 30000-32767
etcd:
container_port: 2379
- hostname: {{master.name}}
{% endfor %}
- workers:
-{% for worker in yaml.workers %}
- - hostname: {{worker.name}}
-{% endfor %}
-
- proxy:
- http: http://one.proxy.att.com:8080
- https: http://one.proxy.att.com:8080
- no_proxy: '{{yaml.kubernetes.api_service_ip}},*.cluster.local,{{yaml.genesis.host}}{%for server in yaml.servers%},{{server.host}}{% endfor %}'
-
node_ports:
drydock_api: 30000
maas_api: 30001
- maas_proxy: 31800 # hardcoded in maas
+ maas_proxy: 31800 # hardcoded in MAAS
shipyard_api: 30003
airflow_web: 30004
ntp:
- servers_joined: '135.25.154.100'
+ servers_joined: '0.ubuntu.pool.ntp.org,1.ubuntu.pool.ntp.org,2.ubuntu.pool.ntp.org'
+
+ # Used for FQDN setup/definition
+ domain:
+ url: {{yaml.site_name}}.lab.akraino.org
+
+ ldap:
+ base_url: 'its-a-ldap.example.com'
+ url: 'ldap://its-a-ldap.example.com'
+ auth_path: DC=test,DC=test,DC=com?sAMAccountName?sub?memberof=CN=test,OU=Application,OU=Groups,DC=test,DC=test,DC=com
+ common_name: AP-NC_Test_Users
+ subdomain: testitservices
+ domain: example
storage:
ceph:
neutron:
tunnel_device: '{{yaml.networks.neutron.interface}}'
- external_iface: '{{yaml.networks.neutron.interface}}'
+ external_iface: '{{yaml.networks.primary}}'
openvswitch:
- external_iface: '{{yaml.networks.neutron.interface}}'
+ external_iface: '{{yaml.networks.primary}}'
...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
noconfig: enabled
bonding:
mode: disabled
- mtu: 1500
+ mtu: 9000
linkspeed: auto
trunking:
mode: disabled
routes:
- subnet: '0.0.0.0/0'
gateway: {{yaml.networks.oob.routes.gateway}}
- metric: 100
ranges:
- type: static
start: {{yaml.networks.oob.ranges.static.start}}
layer: site
storagePolicy: cleartext
data:
- routedomain: provisioning
cidr: {{yaml.networks.pxe.cidr}}
+ routes:
+ - subnet: '0.0.0.0/0'
+ gateway: {{yaml.networks.pxe.routes.gateway}}
ranges:
- type: reserved
start: {{yaml.networks.pxe.ranges.reserved.start}}
- type: dhcp
start: {{yaml.networks.pxe.ranges.dhcp.start}}
end: {{yaml.networks.pxe.ranges.dhcp.end}}
+ dns:
+ domain: {{yaml.networks.pxe.dns.domain}}
+ servers: '{{yaml.networks.pxe.dns.servers}}'
...
---
schema: 'drydock/NetworkLink/v1'
- oam
- storage
- overlay
- - ksn
+ - calico
...
---
schema: 'drydock/Network/v1'
storagePolicy: cleartext
data:
vlan: '{{yaml.networks.host.vlan}}'
+ mtu: 9000
cidr: {{yaml.networks.host.cidr}}
routes:
- subnet: '0.0.0.0/0'
gateway: {{yaml.networks.host.routes.gateway}}
- metric: 100
ranges:
- type: reserved
start: {{yaml.networks.host.ranges.reserved.start}}
- type: static
start: {{yaml.networks.host.ranges.static.start}}
end: {{yaml.networks.host.ranges.static.end}}
+ dns:
+ domain: {{yaml.networks.host.dns.domain}}
+ servers: '{{yaml.networks.host.dns.servers}}'
...
---
schema: 'drydock/Network/v1'
mtu: 9000
cidr: {{yaml.networks.storage.cidr}}
ranges:
- - type: reserved
- start: {{yaml.networks.storage.ranges.reserved.start}}
- end: {{yaml.networks.storage.ranges.reserved.end}}
- type: static
start: {{yaml.networks.storage.ranges.static.start}}
end: {{yaml.networks.storage.ranges.static.end}}
schema: 'drydock/Network/v1'
metadata:
schema: 'metadata/Document/v1'
- name: ksn
+ name: overlay
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data:
- vlan: '44'
+ vlan: '{{yaml.networks.neutron.vlan}}'
mtu: 9000
- cidr: {{yaml.networks.ksn.cidr}}
+ cidr: {{yaml.networks.neutron.cidr}}
ranges:
- type: static
- start: {{yaml.networks.ksn.ranges.static.start}}
- end: {{yaml.networks.ksn.ranges.static.end}}
+ start: {{yaml.networks.neutron.ranges.static.start}}
+ end: {{yaml.networks.neutron.ranges.static.end}}
...
---
schema: 'drydock/Network/v1'
metadata:
schema: 'metadata/Document/v1'
- name: overlay
+ name: calico
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data:
- vlan: '{{yaml.networks.neutron.vlan}}'
+ vlan: '{{yaml.networks.ksn.vlan}}'
mtu: 9000
- cidr: {{yaml.networks.neutron.cidr}}
+ cidr: {{yaml.networks.ksn.cidr}}
ranges:
- - type: reserved
- start: {{yaml.networks.neutron.ranges.reserved.start}}
- end: {{yaml.networks.neutron.ranges.reserved.end}}
- type: static
- start: {{yaml.networks.neutron.ranges.static.start}}
- end: {{yaml.networks.neutron.ranges.static.end}}
+ start: {{yaml.networks.ksn.ranges.static.start}}
+ end: {{yaml.networks.ksn.ranges.static.end}}
...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
- {{yaml.genesis.name}}
- {{yaml.genesis.host}}
- {{yaml.genesis.ksn}}
- - {{yaml.genesis.storage}}
+ - {{yaml.genesis.pxe}}
groups:
- system:nodes
- document_name: kubelet-{{yaml.genesis.name}}
- {{yaml.genesis.name}}
- {{yaml.genesis.host}}
- {{yaml.genesis.ksn}}
- - {{yaml.genesis.storage}}
+ - {{yaml.genesis.pxe}}
groups:
- system:nodes
-{% for server in yaml.servers %}
+{% for server in yaml.masters %}
- document_name: kubelet-{{ server.name }}
common_name: system:node:{{ server.name }}
hosts:
- {{server.name}}
- {{server.host}}
- {{server.ksn}}
- - {{server.storage}}
+ - {{server.pxe}}
+ groups:
+ - system:nodes
+{% endfor %}
+{% for server in yaml.workers %}
+ - document_name: kubelet-{{ server.name }}
+ common_name: system:node:{{ server.name }}
+ hosts:
+ - {{server.name}}
+ - {{server.host}}
+ - {{server.ksn}}
+ - {{server.pxe}}
groups:
- system:nodes
{% endfor %}
- {{yaml.genesis.name}}
- {{yaml.genesis.host}}
- {{yaml.genesis.ksn}}
- - {{yaml.genesis.storage}}
+ - {{yaml.genesis.pxe}}
- 127.0.0.1
- localhost
- kubernetes-etcd.kube-system.svc.cluster.local
- {{yaml.genesis.name}}
- {{yaml.genesis.host}}
- {{yaml.genesis.ksn}}
- - {{yaml.genesis.storage}}
+ - {{yaml.genesis.pxe}}
- 127.0.0.1
- localhost
- kubernetes-etcd.kube-system.svc.cluster.local
- {{yaml.kubernetes.etcd_service_ip}}
-{% for server in yaml.servers %}
+{% for server in yaml.masters %}
- document_name: kubernetes-etcd-{{ server.name }}
common_name: kubernetes-etcd-{{ server.name }}
hosts:
- {{ server.name }}
- {{server.host}}
- {{server.ksn}}
- - {{server.storage}}
+ - {{server.pxe}}
- 127.0.0.1
- localhost
- kubernetes-etcd.kube-system.svc.cluster.local
- {{yaml.genesis.name}}
- {{yaml.genesis.host}}
- {{yaml.genesis.ksn}}
- - {{yaml.genesis.storage}}
+ - {{yaml.genesis.pxe}}
- 127.0.0.1
- localhost
- kubernetes-etcd.kube-system.svc.cluster.local
- {{yaml.genesis.name}}
- {{yaml.genesis.host}}
- {{yaml.genesis.ksn}}
- - {{yaml.genesis.storage}}
+ - {{yaml.genesis.pxe}}
- 127.0.0.1
- localhost
- kubernetes-etcd.kube-system.svc.cluster.local
- {{yaml.kubernetes.etcd_service_ip}}
-{% for server in yaml.servers %}
+{% for server in yaml.masters %}
- document_name: kubernetes-etcd-{{server.name}}-peer
common_name: kubernetes-etcd-{{server.name}}-peer
hosts:
- {{server.name}}
- {{server.host}}
- {{server.ksn}}
- - {{server.storage}}
+ - {{server.pxe}}
- 127.0.0.1
- localhost
- kubernetes-etcd.kube-system.svc.cluster.local
- {{yaml.genesis.name}}
- {{yaml.genesis.host}}
- {{yaml.genesis.ksn}}
- - {{yaml.genesis.storage}}
+ - {{yaml.genesis.pxe}}
- 127.0.0.1
- localhost
- 10.96.232.136
-{% for server in yaml.servers %}
+{% for server in yaml.masters %}
- document_name: calico-etcd-{{server.name}}
common_name: calico-etcd-{{server.name}}
hosts:
- {{server.name}}
- {{server.host}}
- {{server.ksn}}
- - {{server.storage}}
+ - {{server.pxe}}
- 127.0.0.1
- localhost
- 10.96.232.136
- {{yaml.genesis.name}}
- {{yaml.genesis.host}}
- {{yaml.genesis.ksn}}
- - {{yaml.genesis.storage}}
+ - {{yaml.genesis.pxe}}
- 127.0.0.1
- localhost
- 10.96.232.136
-{% for server in yaml.servers %}
+{% for server in yaml.masters %}
- document_name: calico-etcd-{{server.name}}-peer
common_name: calico-etcd-{{server.name}}-peer
hosts:
- {{server.name}}
- {{server.host}}
- {{server.ksn}}
- - {{server.storage}}
+ - {{server.pxe}}
- 127.0.0.1
- localhost
- 10.96.232.136
{% endfor %}
+ - document_name: calico-node-peer
+ common_name: calcico-node-peer
keypairs:
- name: service-account
description: Service account signing key for use by Kubernetes controller-manager.
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: drydock/HostProfile/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ComputePlane
+ storagePolicy: cleartext
+ labels:
+ hosttype: ComputePlane
+ layeringDefinition:
+ abstract: false
+ layer: site
+ substitutions:
+ - dest:
+ path: .oob.credential
+ src:
+ schema: deckhand/Passphrase/v1
+ name: ipmi_admin_password
+ path: .
+data:
+ hardware_profile: DELL_HP_Generic
+ oob:
+ type: 'ipmi'
+ network: 'oob'
+ account: '{{yaml.ipmi_admin.username}}'
+ primary_network: 'oam'
+ hardware_profile: DELL_HP_Generic
+ interfaces:
+ pxe:
+ device_link: pxe
+ slaves:
+ - '{{yaml.networks.pxe.interface}}'
+ networks:
+ - 'pxe'
+ bond0:
+ device_link: bond0
+ slaves:
+{% for slave in yaml.networks.slaves %}
+ - '{{ slave.name }}'
+{% endfor %}
+ networks:
+ - 'oam'
+ - 'storage'
+ - 'overlay'
+ - 'calico'
+ p1p1:
+ slaves:
+ - 'sriov_nic01'
+ sriov:
+ vf_count: 32 # Currently ignored
+ trustedmode: false
+ p3p2:
+ slaves:
+ - 'sriov_nic02'
+ sriov:
+ vf_count: 32 # Currently ignored
+ trustedmode: false
+ storage:
+ physical_devices:
+{% for disk in yaml.disks_compute %}
+ {{disk.name}}:
+ {% if disk.labels %}
+ labels:
+ {% for key, value in disk.labels.items() %}
+ {{key}}: '{{value}}'
+ {% endfor %}
+ {% endif %}
+ partitions:
+ {% for p in disk.partitions %}
+ - name: '{{p.name}}'
+ size: '{{p.size}}'
+ filesystem:
+ mountpoint: '{{p.mountpoint}}'
+ fstype: 'ext4'
+ mount_options: 'defaults'
+ {% endfor %}
+{% endfor %}
+ platform:
+ image: 'xenial'
+ kernel: 'hwe-16.04'
+ kernel_params:
+ console: 'ttyS1,115200n8'
+ intel_iommu: 'on'
+ iommu: 'pt'
+ amd_iommu: 'on'
+ transparent_hugepage: 'never'
+ hugepagesz: 'hardwareprofile:hugepages.dpdk.size'
+ hugepages: 'hardwareprofile:hugepages.dpdk.count'
+ default_hugepagesz: 'hardwareprofile:hugepages.dpdk.size'
+ isolcpus: 'hardwareprofile:cpuset.kvm'
+ metadata:
+ owner_data:
+ openstack-nova-compute: enabled
+ openvswitch: enabled
+ openstack-libvirt: kernel
+ sriov: enabled
+ beta.kubernetes.io/fluentd-ds-ready: 'true'
+...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
schema: drydock/HostProfile/v1
metadata:
schema: metadata/Document/v1
- name: MyControlPlane_HP
+ name: ControlPlane
storagePolicy: cleartext
labels:
- hosttype: MyControlPlane_HP
+ hosttype: ControlPlane
layeringDefinition:
abstract: false
layer: site
oob:
type: 'ipmi'
network: 'oob'
- account: 'administrator'
+ account: '{{yaml.ipmi_admin.username}}'
primary_network: 'oam'
hardware_profile: DELL_HP_Generic
interfaces:
pxe:
device_link: pxe
slaves:
- - 'eno1'
+ - '{{yaml.networks.pxe.interface}}'
networks:
- 'pxe'
bond0:
- 'oam'
- 'storage'
- 'overlay'
- - 'ksn'
+ - 'calico'
+ p1p1:
+ slaves:
+ - 'sriov_nic01'
+ sriov:
+ vf_count: 32 # Currently ignored
+ trustedmode: false
+ p3p2:
+ slaves:
+ - 'sriov_nic02'
+ sriov:
+ vf_count: 32 # Currently ignored
+ trustedmode: false
storage:
physical_devices:
{% for disk in yaml.disks %}
kernel: 'hwe-16.04'
kernel_params:
console: 'ttyS1,115200n8'
+ intel_iommu: 'on'
+ iommu: 'pt'
+ amd_iommu: 'on'
+ transparent_hugepage: 'never'
+ hugepagesz: 'hardwareprofile:hugepages.dpdk.size'
+ hugepages: 'hardwareprofile:hugepages.dpdk.count'
+ default_hugepagesz: 'hardwareprofile:hugepages.dpdk.size'
+ isolcpus: 'hardwareprofile:cpuset.kvm'
metadata:
owner_data:
control-plane: enabled
openstack-cinder-control: enabled
openstack-cinder-volume: control
openstack-neutron: enabled
+ openstack-libvirt: kernel
openvswitch: enabled
+ openstack-nova-compute: enabled
sriov: enabled
ucp-barbican: enabled
ceph-bootstrap: enabled
ceph-mon: enabled
+ ceph-mgr: enabled
ceph-osd: enabled
ceph-mds: enabled
ceph-rgw: enabled
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
tag_definitions: []
authorized_keys: []
...
-
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
abstract: false
layer: site
storagePolicy: cleartext
-data: {{yaml.ipmi_admin_password}}
+data: '{{yaml.ipmi_admin.password}}'
...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
# limitations under the License. #
##############################################################################
-data:
- revision: v4.0
- site_type: 5ec
+schema: pegleg/SiteDefinition/v1
metadata:
- layeringDefinition: {abstract: false, layer: site}
- name: {{yaml.site_name}}
schema: metadata/Document/v1
+ layeringDefinition:
+ abstract: false
+ layer: site
+ name: {{yaml.site_name}}
storagePolicy: cleartext
-schema: pegleg/SiteDefinition/v1
+data:
+ revision: v4.0
+ site_type: edge
...
-
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ replacement: true
+ name: kubernetes-calico
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: kubernetes-calico-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data:
+ values:
+ networking:
+ settings:
+ mesh: "off"
+ ippool:
+ ipip:
+ enabled: "false"
+ mode: "cross-subnet"
+ bgp:
+ asnumber: {{yaml.networks.ksn.local_asnumber}}
+ ipv4:
+ additional_cidrs:
+{% for add_cidr in yaml.networks.ksn.additional_cidrs %}
+ - {{add_cidr}}
+{% endfor %}
+ peers:
+{% for peer in yaml.networks.ksn.peers %}
+ - apiVersion: v1
+ kind: bgpPeer
+ metadata:
+ peerIP: {{peer.ip}}
+ scope: {{peer.scope}}
+ spec:
+ asnumber: {{peer.asnumber}}
+{% endfor %}
+...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
path: .
storagePolicy: cleartext
substitutions:
- # Node names
-{% set count = [0] %}
-{% for server in yaml.masters %}
- -
- src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .masters[{{count[0]}}].hostname
+
+ # Chart source
+ - src:
+ schema: pegleg/SoftwareVersions/v1
+ name: software-versions
+ path: .charts.kubernetes.calico.etcd
dest:
- path: .values.nodes[{{count[0]}}].name
- {% if count.append(count.pop() + 1) %}{% endif %}
-{% endfor %}
-{% for server in yaml.workers %}
- -
- src:
+ path: .source
+
+ # Image versions
+ - src:
+ schema: pegleg/SoftwareVersions/v1
+ name: software-versions
+ path: .images.calico.etcd
+ dest:
+ path: .values.images.tags
+
+ # IP addresses
+ - src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
- path: .masters[{{count[0]}}].hostname
+ path: .calico.etcd.service_ip
dest:
- path: .values.nodes[{{count[0]}}].name
- {% if count.append(count.pop() + 1) %}{% endif %}
-{% endfor %}
- -
- src:
+ path: .values.service.ip
+ - src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
- path: .genesis.hostname
+ path: .calico.etcd.service_ip
dest:
- path: .values.nodes[{{count[0]}}].name
-{% set count = [0] %}
-{% for server in yaml.masters %}
- # Server certs
- -
- src:
- schema: deckhand/Certificate/v1
- name: calico-etcd-{{server.name}}
+ path: .values.anchor.etcdctl_endpoint
+
+ # CAs
+ - src:
+ schema: deckhand/CertificateAuthority/v1
+ name: calico-etcd
path: .
dest:
- path: .values.nodes[{{count[0]}}].tls.client.cert
- -
- src:
- schema: deckhand/CertificateKey/v1
- name: calico-etcd-{{server.name}}
+ path: .values.secrets.tls.client.ca
+ - src:
+ schema: deckhand/CertificateAuthority/v1
+ name: calico-etcd-peer
path: .
dest:
- path: .values.nodes[{{count[0]}}].tls.client.key
- -
- src:
+ path: .values.secrets.tls.peer.ca
+
+ # Anchor client cert
+ - src:
schema: deckhand/Certificate/v1
- name: calico-etcd-{{server.name}}-peer
+ name: calico-etcd-anchor
path: .
dest:
- path: .values.nodes[{{count[0]}}].tls.peer.cert
- -
- src:
+ path: .values.secrets.anchor.tls.cert
+ - src:
schema: deckhand/CertificateKey/v1
- name: calico-etcd-{{server.name}}-peer
+ name: calico-etcd-anchor
path: .
dest:
- path: .values.nodes[{{count[0]}}].tls.peer.key
- {% if count.append(count.pop() + 1) %}{% endif %}
+ path: .values.secrets.anchor.tls.key
+
+ # Node names
+{% set count = [0] %}
+{% for server in yaml.masters %}
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .masters[{{count[0]}}].hostname
+ dest:
+ path: .values.nodes[{{count[0]}}].name
+ {% if count.append(count.pop() + 1) %}{% endif %}
{% endfor %}
-{% for server in yaml.workers %}
- # Server certs
- -
- src:
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .genesis.hostname
+ dest:
+ path: .values.nodes[{{count[0]}}].name
+
+ # Server certs
+{% set count = [0] %}
+{% for server in yaml.masters %}
+ - src:
schema: deckhand/Certificate/v1
name: calico-etcd-{{server.name}}
path: .
dest:
path: .values.nodes[{{count[0]}}].tls.client.cert
- -
- src:
+ - src:
schema: deckhand/CertificateKey/v1
name: calico-etcd-{{server.name}}
path: .
dest:
path: .values.nodes[{{count[0]}}].tls.client.key
- -
- src:
+ - src:
schema: deckhand/Certificate/v1
name: calico-etcd-{{server.name}}-peer
path: .
dest:
path: .values.nodes[{{count[0]}}].tls.peer.cert
- -
- src:
+ - src:
schema: deckhand/CertificateKey/v1
name: calico-etcd-{{server.name}}-peer
path: .
{% endfor %}
# NOTE(mb874d): Be sure we generate these certs for genesis.
- -
- src:
+ - src:
schema: deckhand/Certificate/v1
name: calico-etcd-{{yaml.genesis.name}}
path: .
dest:
path: .values.nodes[{{count[0]}}].tls.client.cert
- -
- src:
+ - src:
schema: deckhand/CertificateKey/v1
name: calico-etcd-{{yaml.genesis.name}}
path: .
dest:
path: .values.nodes[{{count[0]}}].tls.client.key
- -
- src:
+ - src:
schema: deckhand/Certificate/v1
name: calico-etcd-{{yaml.genesis.name}}-peer
path: .
dest:
path: .values.nodes[{{count[0]}}].tls.peer.cert
- -
- src:
+ - src:
schema: deckhand/CertificateKey/v1
name: calico-etcd-{{yaml.genesis.name}}-peer
path: .
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
path: .
storagePolicy: cleartext
substitutions:
- # Node names
-{% set count = [0] %}
-{% for server in yaml.masters %}
+
+ # Chart source
- src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .masters[{{count[0]}}].hostname
+ schema: pegleg/SoftwareVersions/v1
+ name: software-versions
+ path: .charts.kubernetes.etcd
dest:
- path: .values.nodes[{{count[0]}}].name
- {% if count.append(count.pop() + 1) %}{% endif %}
-{% endfor %}
-{% for server in yaml.workers %}
+ path: .source
+
+ # Images
+ - src:
+ schema: pegleg/SoftwareVersions/v1
+ name: software-versions
+ path: .images.kubernetes.etcd
+ dest:
+ path: .values.images.tags
+
+ # IP addresses
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
- path: .masters[{{count[0]}}].hostname
+ path: .kubernetes.etcd_service_ip
dest:
- path: .values.nodes[{{count[0]}}].name
- {% if count.append(count.pop() + 1) %}{% endif %}
-{% endfor %}
+ path: .values.service.ip
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
- path: .genesis.hostname
+ path: .kubernetes.etcd_service_ip
dest:
- path: .values.nodes[{{count[0]}}].name
+ path: .values.anchor.etcdctl_endpoint
- # Server certs
-{% set count = [0] %}
-{% for server in yaml.masters %}
+ # CAs
- src:
- schema: deckhand/Certificate/v1
- name: kubernetes-etcd-{{server.name}}
+ schema: deckhand/CertificateAuthority/v1
+ name: kubernetes-etcd
path: .
dest:
- path: .values.nodes[{{count[0]}}].tls.client.cert
+ path: .values.secrets.tls.client.ca
- src:
- schema: deckhand/CertificateKey/v1
- name: kubernetes-etcd-{{server.name}}
+ schema: deckhand/CertificateAuthority/v1
+ name: kubernetes-etcd-peer
path: .
dest:
- path: .values.nodes[{{count[0]}}].tls.client.key
+ path: .values.secrets.tls.peer.ca
+
- src:
schema: deckhand/Certificate/v1
- name: kubernetes-etcd-{{server.name}}-peer
+ name: kubernetes-etcd-anchor
path: .
dest:
- path: .values.nodes[{{count[0]}}].tls.peer.cert
+ path: .values.secrets.anchor.tls.cert
- src:
schema: deckhand/CertificateKey/v1
- name: kubernetes-etcd-{{server.name}}-peer
+ name: kubernetes-etcd-anchor
path: .
dest:
- path: .values.nodes[{{count[0]}}].tls.peer.key
+ path: .values.secrets.anchor.tls.key
+
+ # Node names
+{% set count = [0] %}
+{% for server in yaml.masters %}
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .masters[{{count[0]}}].hostname
+ dest:
+ path: .values.nodes[{{count[0]}}].name
{% if count.append(count.pop() + 1) %}{% endif %}
{% endfor %}
-{% for server in yaml.workers %}
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .genesis.hostname
+ dest:
+ path: .values.nodes[{{count[0]}}].name
+
+ # Server certs
+{% set count = [0] %}
+{% for server in yaml.masters %}
- src:
schema: deckhand/Certificate/v1
name: kubernetes-etcd-{{server.name}}
path: .values.nodes[{{count[0]}}].tls.peer.key
data: {}
-
...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
- method: merge
path: .
storagePolicy: cleartext
-data:
- values:
- network:
- vip:
- manage: true
- interface: ingress0
- addr: {{yaml.networks.ksn.ingress_cidr}}
+data: {}
...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
metadata:
schema: metadata/Document/v1
name: neutron
+ replacement: true
labels:
component: neutron
layeringDefinition:
abstract: false
layer: site
parentSelector:
- name: neutron-5ec
+ name: neutron-global
actions:
- method: merge
path: .
storagePolicy: cleartext
data:
values:
+ labels:
+ agent:
+ sriov:
+ node_selector_key: sriov
+ node_selector_value: enabled
network:
- auto_bridge_add:
- br-bond0: bond0
+ backend:
+ - openvswitch
+ - sriov
interface:
sriov:
{% for sriovnet in yaml.sriovnets %}
plugins:
openvswitch_agent:
ovs:
- bridge_mappings: oam:br-bond0
+ bridge_mappings: bond0:br-bond0
sriov_agent:
+ securitygroup:
+ firewall_driver: neutron.agent.firewall.NoopFirewallDriver
sriov_nic:
+ exclude_devices: null
physical_device_mappings: '
{%- for sriovnet in yaml.sriovnets -%}
{%- if loop.index > 1 -%}
{{sriovnet.physical}}:{{sriovnet.interface}}
{%- endfor %}'
ml2_conf:
+ ml2:
+ mechanism_drivers: l2population,openvswitch,sriovnicswitch
ml2_type_vlan:
- network_vlan_ranges: oam:100:4000
+ network_vlan_ranges: bond0:46:300
{%- for sriovnet in yaml.sriovnets -%}
,{{sriovnet.physical}}:{{sriovnet.vlan_start}}:{{sriovnet.vlan_end}}
{%- endfor %}
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
abstract: false
layer: site
parentSelector:
- name: nova-5ec
+ name: nova-global
actions:
- method: merge
path: .
storagePolicy: cleartext
data:
values:
+ network:
+ backend:
+ - openvswitch
+ - sriov
conf:
nova:
+ filter_scheduler:
+ enabled_filters: "RetryFilter, AvailabilityZoneFilter, RamFilter, ComputeFilter, ComputeCapabilitiesFilter, ImagePropertiesFilter, ServerGroupAntiAffinityFilter, ServerGroupAffinityFilter, PciPassthroughFilter, NUMATopologyFilter, DifferentHostFilter, SameHostFilter"
libvirt:
virt_type: kvm
DEFAULT:
- vcpu_pin_set: "4-23,28-47"
+ vcpu_pin_set: "4-21,26-43,48-65,72-87"
+ vif_plugging_is_fatal: False
+ vif_plugging_timeout: 30
pci:
- alias: '{"name": "numa0", "capability_type": "pci", "product_id": "154c", "vendor_id": "8086", "device_type": "type-PCI", "numa_policy": "required"}'
- passthrough_whitelist: |
- [
-{%- for sriov in yaml.sriovnets -%}
- {%set sriovloop = loop%}
- {%- for whitelist in sriov.whitelists -%}
- {%- if sriovloop.index > 1 or loop.index > 1 -%}
- ,
- {%- endif -%}
- {"address": "{{whitelist.address}}", "physical_network": "{{sriov.physical}}", "trusted": "true"}
- {%- endfor -%}
-{%- endfor -%}
-]
+ alias: '{ "vendor_id":"10de", "product_id":"1db4", "name":"V100", "device_type":"type-PCI" }'
+ passthrough_whitelist: '{"vendor_id": "10de", "product_id": "1db4"}'
...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp-ceph-client-update
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: ucp-ceph-client-update-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data:
+ values:
+ conf:
+ pool:
+ target:
+ osd: {{yaml.storage.total_osd_count}}
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp-ceph-client
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: ucp-ceph-client-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data:
+ values:
+ conf:
+ pool:
+ target:
+ osd: {{yaml.storage.osd_count}}
+...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
- name: ucp-ceph
+ name: ucp-ceph-osd
layeringDefinition:
abstract: false
layer: site
parentSelector:
- name: ucp-ceph-global
+ name: ucp-ceph-osd-global
actions:
- method: replace
path: .values.conf.storage.osd
type: directory
location: {{osd.journal}}
{% endfor %}
- pool:
- target:
- osd: {{yaml.storage.osd_count}}
...
-
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
pod:
env:
promenade_api:
- - name: http_proxy
- value: http://one.proxy.att.com:8888
- - name: https_proxy
- value: http://one.proxy.att.com:8888
- name: no_proxy
- value: {{yaml.genesis.pxe}},{{yaml.kubernetes.api_service_ip}},.cluster.local
- - name: HTTP_PROXY
- value: http://one.proxy.att.com:8888
- - name: HTTPS_PROXY
- value: http://one.proxy.att.com:8888
+ value: localhost,127.0.0.1,192.168.0.0/16,172.0.0.0/8,10.0.0.0/8
- name: NO_PROXY
- value: {{yaml.genesis.pxe}},{{yaml.kubernetes.api_service_ip}},.cluster.local
+ value: localhost,127.0.0.1,192.168.0.0/16,172.0.0.0/8,10.0.0.0/8
...
+++ /dev/null
-#!/usr/bin/env bash
-##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-
-read -p "Are you sure you wish to continue? (y/n)" REPLY
-if [ "$REPLY" != "y" ]; then
- echo "Good Bye"
- exit
-fi
-
-set -x
-
-# Check that we are root
-if [[ $(whoami) != "root" ]]
-then
- echo "Must be root to run $0"
- exit -1
-fi
-
-export KUBECONFIG=/etc/kubernetes/admin/kubeconfig.yaml
-
-kubectl drain --delete-local-data --force $(hostname)
-systemctl stop kubelet
-df -lh | awk '{ print $6 }' | grep -i kubelet | xargs -I {} umount -f -l {}
-df -lh | awk '{ print $6 }' | grep -i docker | grep -v "/var/lib" | xargs -I {} umount -f -l {}
-umount -f -l /run/user/0
-mount -a
-docker rm -fv $(docker ps -aq)
-
-#systemctl stop docker
-apt-get remove --autoremove --purge -y docker-engine=1.13.1-0~ubuntu-xenial socat=1.7.3.1-1
-#Docker
-rm -rf /dev/docker-data
-rm -rf /var/lib/docker/*
-rm -rf /etc/docker
-rm -rf /etc/systemd/system/docker.service.d
-rm -rf /var/lib/dockershim
-
-#Ceph
-rm -rf /var/lib/openstack-helm
-rm -rf /var/lib/ceph
-dd if=/dev/zero of=/dev/sdb bs=512 count=1 conv=notrunc
-dd if=/dev/zero of=/dev/sdc bs=512 count=1 conv=notrunc
-rm -rf /var/lib/openstack-helm/ceph/journal0/*
-rm -rf /var/lib/openstack-helm/ceph/journal1/*
-
-#Kubernetes
-rm -rf /etc/kubernetes
-rm -rf /usr/local/bin/kubectl
-rm -rf /usr/local/bin/kubelet
-rm -rf /var/lib/kubelet
-rm -rf /etc/systemd/system/kubelet
-rm -rf /etc/systemd/system/kubelet.service
-
-# apt-get install creates the following directory
-rm -rf /etc/systemd/system/kubelet.service.d/
-rm -rf /var/log/pods
-rm -rf /var/log/containers
-
-#etcd
-rm -rf /var/lib/auxiliary-etcd-0
-rm -rf /var/lib/auxiliary-etcd-1
-rm -rf /var/lib/auxiliary-calico-etcd-0
-rm -rf /var/lib/auxiliary-calico-etcd-1
-rm -rf /var/lib/calico-etcd
-rm -rf /var/lib/kube-etcd
-
-#nova
-rm -rf /var/lib/nova/*
-
-#ONAP
-rm -rf /dockerdata-nfs/onap/
-rm -rf /etc/dnsmasq.d
-rm -rf /opt/cni
-rm -rf /usr/local/bin/bootstrap
-rm -rf /usr/local/bin/helm
-rm -rf /var/lib/prom.done
-
-# Remove files generated by Promenade
-rm -rf /etc/cni
-rm -rf /etc/coredns
-rm -rf /etc/etcd
-rm -rf /etc/genesis
-rm -rf /var/lib/etcd
-rm -rf /var/lib/kubelet/pods
#!/bin/bash
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
source $(dirname $0)/setenv.sh
-PROMENADE_IMAGE=quay.io/airshipit/promenade:master
+PROMENADE_IMAGE=quay.io/airshipit/promenade:009f3de7ecf6afcdd2783ac7a12470394d7dfab3
-if [ -z "$AIC_CLCP_MANIFESTS" ]
+if [ -z "$AIRSHIP_TREASUREMAP" ]
then
- echo "Please follow https://codecloud.web.att.com/projects/ST_CCP/repos/aic-clcp-manifests/browse/docs/source/deployment_blueprint.md to clone aic-clcp-manifests. Also set AIC_CLCP_MANIFESTS to it."
+ echo "Please use https://git.openstack.org/openstack/airship-treasuremap to clone airship_treasuremap. Also set AIRSHIP_TREASUREMAP to it."
exit -1
-else
- WORKSPACE=$AIC_CLCP_MANIFESTS
- echo "WORKSPACE=$WORKSPACE"
fi
if [ -z "$1" ]
then
- echo "Plese pass site name as command line argument"
+ echo "Please pass site name as command line argument"
exit -2
else
SITE=${SITE:-$1}
echo "SITE=$SITE"
fi
-
source $(dirname $0)/env_$SITE.sh
+
# Check that we are root
if [[ $(whoami) != "root" ]]
then
echo "Must be root to run $0"
exit -1
fi
-cd $AIC_CLCP_MANIFESTS/tools/
+
+if [ -z "$YAML_BUILDS" ]
+then
+ echo "Please set YAML_BUILDS"
+ exit -3
+else
+ export WORKSPACE=$YAML_BUILDS
+ echo "WORKSPACE=$WORKSPACE"
+ cd $YAML_BUILDS
+fi
install_docker() {
# Configure proxy for Docker daemon
}
cleanup() {
- rm -rf ./configs/promenade
- rm -rf ./configs/promenade-bundle
- mkdir -p ./configs/promenade
- mkdir -p ./configs/promenade-bundle
+ rm -rf ./tars/$SITE/configs/promenade
+ rm -rf ./tars/$SITE/configs/promenade-bundle
+ mkdir -p ./tars/$SITE/configs/promenade
+ mkdir -p ./tars/$SITE/configs/promenade-bundle
}
get_site_config(){
- ./pegleg.sh site -p /workspace collect ${SITE} -s /workspace/tools/configs/promenade
+ $YAML_BUILDS/tools/pegleg.sh site -p /site -a /global collect ${SITE} -s /site/tars/$SITE/configs/promenade
}
gen_certs() {
- docker run --env http_proxy=$http_proxy --env https_proxy=$https_proxy --user 0 --rm -t -w /target -v $(pwd):/target ${PROMENADE_IMAGE} promenade generate-certs -o /target/configs/promenade /target/configs/promenade/*.yaml
+ docker run --env http_proxy=$http_proxy --env https_proxy=$https_proxy --user 0 --rm -t -w /target -v $(pwd):/target ${PROMENADE_IMAGE} promenade generate-certs -o /target/tars/$SITE/configs/promenade /target/tars/$SITE/configs/promenade/*.yaml
}
gen_bundle(){
- docker run --env http_proxy=$http_proxy --env https_proxy=$https_proxy --user 0 --rm -t -w /target -v $(pwd):/target ${PROMENADE_IMAGE} promenade build-all --validators -o /target/configs/promenade-bundle /target/configs/promenade/*.yaml
+ docker run --env http_proxy=$http_proxy --env https_proxy=$https_proxy --user 0 --rm -t -w /target -v $(pwd):/target ${PROMENADE_IMAGE} promenade build-all --validators -o /target/tars/$SITE/configs/promenade-bundle /target/tars/$SITE/configs/promenade/*.yaml
+}
+
+create_scripts() {
+ KEYSTONE_IMAGE=$(grep "keystone_db_sync: docker.io" $AIRSHIP_TREASUREMAP/global/v4.0/software/config/versions.yaml | uniq | awk '{print $2}')
+ SHIPYARD_IMAGE=$(grep "shipyard_db_sync" $AIRSHIP_TREASUREMAP/global/v4.0/software/config/versions.yaml | uniq | awk '{print $2}')
+
+ DRYDOCK_PASSWORD=$(grep "^data:" $YAML_BUILDS/site/$SITE/secrets/passphrases/ucp_drydock_keystone_password.yaml | awk '{print $2}')
+ SHIPYARD_PASSWORD=$(grep "^data:" $YAML_BUILDS/site/$SITE/secrets/passphrases/ucp_shipyard_keystone_password.yaml | awk '{print $2}')
+ REGION_NAME=$SITE
+
+ cp $YAML_BUILDS/tools/deploy_site.sh $YAML_BUILDS/tars/$SITE/
+ sed -i -e "s,KEYSTONE_IMAGE=,KEYSTONE_IMAGE=$KEYSTONE_IMAGE,g" $YAML_BUILDS/tars/$SITE/deploy_site.sh
+ sed -i -e "s,SHIPYARD_IMAGE=,SHIPYARD_IMAGE=$SHIPYARD_IMAGE,g" $YAML_BUILDS/tars/$SITE/deploy_site.sh
+ sed -i -e "s/DRYDOCK_PASSWORD=/DRYDOCK_PASSWORD=$DRYDOCK_PASSWORD/g" $YAML_BUILDS/tars/$SITE/deploy_site.sh
+ sed -i -e "s/SHIPYARD_PASSWORD=/SHIPYARD_PASSWORD=$SHIPYARD_PASSWORD/g" $YAML_BUILDS/tars/$SITE/deploy_site.sh
+ sed -i -e "s/REGION_NAME=/REGION_NAME=$REGION_NAME/g" $YAML_BUILDS/tars/$SITE/deploy_site.sh
+ sed -i -e "s/{{yaml.genesis.host}}/$GENESIS_HOST/g" $YAML_BUILDS/tars/$SITE/deploy_site.sh
+
+ cp $YAML_BUILDS/tools/update_iptables.sh $YAML_BUILDS/tars/$SITE/
+ sed -i -e "s,HOST_INTERFACE=,HOST_INTERFACE=$HOST_INTERFACE,g" $YAML_BUILDS/tars/$SITE/update_iptables.sh
+ sed -i -e "s,PXE_INTERFACE=,PXE_INTERFACE=$PXE_INTERFACE,g" $YAML_BUILDS/tars/$SITE/update_iptables.sh
+
+ cp $YAML_BUILDS/tools/cleanup.sh $YAML_BUILDS/tars/$SITE/
}
prepare_tar(){
- rm ./promenade-bundle.tar
- cp ./configs/promenade/*.yaml ./configs/promenade-bundle/
- tar cvf promenade-bundle.tar ./configs/promenade-bundle/
+ rm ./tars/promenade-bundle-$SITE.tar
+ tar cvf ./tars/promenade-bundle-$SITE.tar -C ./tars/$SITE .
}
#install_docker
get_site_config
gen_certs
gen_bundle
+create_scripts
prepare_tar
-
#!/bin/bash
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
if [ -z "$1" ]
then
- echo "Plese pass site name as command line argument"
+ echo "Please pass site name as command line argument"
exit -2
else
SITE=${SITE:-$1}
echo "SITE=$SITE"
fi
+if [ -z "$YAML_BUILDS" ]
+then
+ echo "Please set YAML_BUILDS"
+ exit -3
+fi
+
source $(dirname $0)/env_$SITE.sh
-scp $AIC_CLCP_MANIFESTS/tools/promenade-bundle.tar $GENESIS_HOST:/tmp/
+scp $YAML_BUILDS/tars/promenade-bundle-$SITE.tar $GENESIS_HOST:/tmp/
ssh $GENESIS_HOST << EOF
- mkdir -p /opt/sitename/aic-clcp-manifests/tools
- cp /tmp/promenade-bundle.tar /opt/sitename/aic-clcp-manifests/tools/
- cd /opt/sitename/aic-clcp-manifests/tools/
- tar -xmf promenade-bundle.tar
- mkdir configs/promenade
- cp configs/promenade-bundle/*.yaml configs/promenade/
- bash /opt/sitename/aic-clcp-manifests/tools/configs/promenade-bundle/genesis.sh
+ mkdir -p /root/akraino
+ cp /tmp/promenade-bundle-$SITE.tar /root/akraino/
+ cd /root/akraino/
+ tar -xmf promenade-bundle-$SITE.tar
EOF
-
#!/bin/bash
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
if [ -z "$1" ]
then
- echo "Plese pass site name as command line argument"
+ echo "Please pass site name as command line argument"
exit -2
else
SITE=${SITE:-$1}
source $(dirname $0)/env_$SITE.sh
-KEYSTONE_IMAGE=$(grep "keystone_db_sync" $AIC_CLCP_MANIFESTS/global/v4.0/software/config/versions.yaml | uniq | awk '{print $2}')
-SHIPYARD_IMAGE=$(grep "shipyard_db_sync" $AIC_CLCP_MANIFESTS/global/v4.0/software/config/versions.yaml | uniq | awk '{print $2}')
-
-DRYDOCK_PASSWORD=$(grep "^data:" $AIC_CLCP_MANIFESTS/site/$SITE/secrets/passphrases/ucp_drydock_keystone_password.yaml | awk '{print $2}')
-SHIPYARD_PASSWORD=$(grep "^data:" $AIC_CLCP_MANIFESTS/site/$SITE/secrets/passphrases/ucp_shipyard_keystone_password.yaml | awk '{print $2}')
-REGION_NAME=$SITE
-
-mkdir -p $YAML_BUILDS/tools/$SITE
-cp $YAML_BUILDS/tools/deploy_site.sh $YAML_BUILDS/tools/$SITE/
-sed -i -e "s,KEYSTONE_IMAGE=,KEYSTONE_IMAGE=$KEYSTONE_IMAGE,g" $YAML_BUILDS/tools/$SITE/deploy_site.sh
-sed -i -e "s,SHIPYARD_IMAGE=,SHIPYARD_IMAGE=$SHIPYARD_IMAGE,g" $YAML_BUILDS/tools/$SITE/deploy_site.sh
-sed -i -e "s/DRYDOCK_PASSWORD=/DRYDOCK_PASSWORD=$DRYDOCK_PASSWORD/g" $YAML_BUILDS/tools/$SITE/deploy_site.sh
-sed -i -e "s/SHIPYARD_PASSWORD=/SHIPYARD_PASSWORD=$SHIPYARD_PASSWORD/g" $YAML_BUILDS/tools/$SITE/deploy_site.sh
-sed -i -e "s/REGION_NAME=/REGION_NAME=$REGION_NAME/g" $YAML_BUILDS/tools/$SITE/deploy_site.sh
-sed -i -e "s/{{yaml.genesis.host}}/$GENESIS_HOST/g" $YAML_BUILDS/tools/$SITE/deploy_site.sh
-
-scp $YAML_BUILDS/tools/$SITE/deploy_site.sh $GENESIS_HOST:/opt/sitename/aic-clcp-manifests/tools/
-ssh $GENESIS_HOST 'bash /opt/sitename/aic-clcp-manifests/tools/deploy_site.sh'
+ssh $GENESIS_HOST << EOF
+ cd /root/akraino
+ bash configs/promenade-bundle/genesis.sh
+ # Shipyard takes time to really come up and start responding.
+ date
+ sleep 900
+ # Following is a workaround, tested on dell servers.
+ # TODO to be removed when not required.
+ bash update_iptables.sh
+ bash deploy_site.sh
+EOF
--- /dev/null
+#!/bin/bash
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+set -eux
+
+log () {
+printf "$(date)\t%s\n" "${1}"
+}
+
+
+TO_RM=(
+"/etc/apt/apt.conf.d/20-proxy.conf"
+"/etc/apt/sources.list.d/promenade-sources.list"
+"/etc/cni"
+"/etc/coredns"
+"/etc/docker/daemon.json"
+"/etc/etcd"
+"/etc/genesis"
+"/etc/kubernetes"
+"/etc/logrotate.d/json-logrotate"
+"/etc/systemd/system/kubelet.service"
+"/etc/systemd/system/docker.service.d/http-proxy.conf"
+"/home/ceph"
+"/usr/local/bin/armada"
+"/usr/local/bin/helm"
+"/usr/local/bin/kubectl"
+"/usr/local/bin/promenade-teardown"
+"/var/lib/anchor/calico-etcd-bootstrap"
+"/var/lib/etcd"
+"/var/lib/kubelet/pods"
+"/var/lib/openstack-helm"
+"/var/log/armada"
+"/var/log/containers"
+"/var/log/pods"
+)
+
+TO_LEAVE=(
+"/etc/hosts"
+"/etc/resolv.conf"
+)
+
+prune_docker() {
+log "Docker prune"
+docker volume prune -f
+docker system prune -a -f
+}
+
+remove_containers() {
+log "Remove all Docker containers"
+docker ps -aq 2> /dev/null | xargs --no-run-if-empty docker rm -fv
+}
+
+remove_files() {
+for item in "${TO_RM[@]}"; do
+log "Removing ${item}"
+rm -rf "${item}"
+done
+}
+
+leave_files() {
+for item in "${TO_LEAVE[@]}"; do
+log "WARNING: === ${item} === has been modified, but we didn't revert changes."
+done
+}
+
+reset_docker() {
+log "Remove all local Docker images"
+docker images -qa | xargs --no-run-if-empty docker rmi -f
+
+log "Remove remaining Docker files"
+systemctl stop docker
+if ! rm -rf /var/lib/docker/*; then
+log "Failed to cleanup some files in /var/lib/docker"
+find /var/lib/docker
+fi
+systemctl start docker
+}
+
+stop_kubelet() {
+log "Stop Kubelet and clean pods"
+systemctl stop kubelet || true
+
+# Issue with orhan PODS
+# https://github.com/kubernetes/kubernetes/issues/38498
+find var/lib/kubelet/pods 2> dev/null | while read orphan_pod; do
+if [[ ${orphan_pod} == io~secret ]] || [[ ${orphan_pod} == empty-dir ]]; then
+umount "${orphan_pod}" || true
+rm -rf "${orphan_pod}"
+fi
+done
+}
+
+
+FORCE=0
+RESET_DOCKER=0
+
+while getopts "fk" opt; do
+case "${opt}" in
+f)
+FORCE=1
+;;
+k)
+RESET_DOCKER=1
+;;
+*)
+echo "Unknown option"
+exit 1
+;;
+esac
+done
+
+if [[ $FORCE == "0" ]]; then
+echo Warning: This cleanup script is very aggressive. Run with -f to avoid this prompt.
+while true; do
+read -p "Are you sure you wish to proceed with aggressive cleanup?" yn
+case $yn in
+[Yy]*)
+RESET_DOCKER=1
+break
+;;
+*)
+echo Exiting.
+exit 1
+esac
+done
+fi
+
+stop_kubelet
+remove_containers
+remove_files
+prune_docker
+
+systemctl daemon-reload
+
+if [[ $RESET_DOCKER == "1" ]]; then
+reset_docker
+fi
+
+leave_files
#!/bin/bash
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
sleep 5
}
-#clean_configdocs
-#create_configdocs
-#commit_configdocs
+sleep 900
+clean_configdocs
+create_configdocs
+commit_configdocs
renderedconfigdocs
-#deploy_site
-getactions
+deploy_site
+#getactions
#update_site
##
#!/bin/bash
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
# limitations under the License. #
##############################################################################
+set -x
source $(dirname $0)/setenv.sh
-if [ -z "$AIC_CLCP_MANIFESTS" ]
+if [ -z "$AIRSHIP_TREASUREMAP" ]
then
- echo "Please follow https://codecloud.web.att.com/projects/ST_CCP/repos/aic-clcp-manifests/browse/docs/source/deployment_blueprint.md to clone aic-clcp-manifests. Also export AIC_CLCP_MANIFESTS to it."
- exit -1
-fi
-
-if [ -z "$AIC_CLCP_SECURITY_MANIFESTS" ]
-then
- echo "Please follow https://codecloud.web.att.com/projects/ST_CCP/repos/aic-clcp-manifests/browse/docs/source/deployment_blueprint.md to clone aic-clcp-security-manifests. Also export AIC_CLCP_SECURITY_MANIFESTS to it."
+ echo "Please use https://git.openstack.org/openstack/airship-treasuremap to clone airship_treasuremap. Also set AIRSHIP_TREASUREMAP to it."
exit -1
fi
if [ -z "$1" ]
then
- echo "Plese pass site name as command line argument"
+ echo "Please pass site name as command line argument"
exit -2
else
SITE=${SITE:-$1}
fi
cd $YAML_BUILDS
-python ./scripts/jcopy.py $SITE.yaml ./templates/aic-clcp-manifests $AIC_CLCP_MANIFESTS/site/$SITE
-python ./scripts/jcopy.py $SITE.yaml ./templates/aic-clcp-security-manifests $AIC_CLCP_SECURITY_MANIFESTS/site/$SITE
-python ./scripts/jcopy.py $SITE.yaml ./templates/yaml_builds/set_site_env.sh ./tools/
+cp -r site/common/* site/$SITE/
+python ./scripts/jcopy.py $SITE.yaml ./templates $YAML_BUILDS/site/$SITE
+python ./scripts/jcopy.py $SITE.yaml ./tools/j2/set_site_env.sh ./tools
mv ./tools/set_site_env.sh ./tools/env_$SITE.sh
#!/bin/bash
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
# limitations under the License. #
##############################################################################
-
export GENESIS_HOST={{yaml.genesis.host}}
echo GENESIS_HOST=$GENESIS_HOST
-export GENESIS_PXE={{yaml.genesis.pxe}}
-echo GENESIS_PXE=$GENESIS_PXE
-export REGIONAL_SERVER_IP={{yaml.regional_server.ip}}
-echo REGIONAL_SERVER_IP=$REGIONAL_SERVER_IP
+export PXE_INTERFACE={{yaml.networks.pxe.interface}}
+echo PXE_INTERFACE=$PXE_INTERFACE
+export HOST_INTERFACE={{yaml.networks.host.interface}}
+echo HOST_INTERFACE=$HOST_INTERFACE
--- /dev/null
+#!/usr/bin/env bash
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+set -x
+
+PEGLEG_IMAGE=${PEGLEG_IMAGE:-quay.io/airshipit/pegleg:master}
+
+echo
+echo "== NOTE: Workspace $WORKSPACE is available as /workspace in container context =="
+echo
+
+docker run --rm -t \
+ --net=none \
+ --workdir="/site" \
+ -v "${WORKSPACE}:/site" \
+ -v "${AIRSHIP_TREASUREMAP}:/global" \
+ "${PEGLEG_IMAGE}" \
+ pegleg "${@}"
#!/bin/bash
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
##############################################################################
-export YAML_BUILDS=/opt/yaml_builds
+export YAML_BUILDS=/opt/akraino/yaml_builds
echo YAML_BUILDS=$YAML_BUILDS
-export AIC_CLCP_MANIFESTS=/opt/yaml_builds/aic-clcp-manifests
-echo AIC_CLCP_MANIFESTS=$AIC_CLCP_MANIFESTS
-export AIC_CLCP_SECURITY_MANIFESTS=/opt/yaml_builds/aic-clcp-security-manifests
-echo AIC_CLCP_SECURITY_MANIFESTS=$AIC_CLCP_SECURITY_MANIFESTS
+export AIRSHIP_TREASUREMAP=/root/airship-treasuremap
+echo AIRSHIP_TREASUREMAP=$AIRSHIP_TREASUREMAP
#!/bin/bash
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
# limitations under the License. #
##############################################################################
+set -x
if [ -z "$1" ]
then
- echo "Plese pass site name as command line argument"
+ echo "Please pass site name as command line argument"
exit -2
else
export SITE=${SITE:-$1}
--- /dev/null
+#!/bin/bash
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+HOST_INTERFACE=
+PXE_INTERFACE=
+
+echo 1 > /proc/sys/net/ipv4/ip_forward
+iptables -t nat -A POSTROUTING -o $HOST_INTERFACE -j MASQUERADE
+iptables -A FORWARD -i $HOST_INTERFACE -o $PXE_INTERFACE -m state --state RELATED,ESTABLISHED -j ACCEPT
+iptables -A FORWARD -i $PXE_INTERFACE -o $HOST_INTERFACE -j ACCEPT
+
Code Review / yaml_builds.git / commitdiff