---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
# limitations under the License. #
##############################################################################
-site_name: dell_akraino
-ipmi_admin_password: calvin
+site_name: dellgen10
+ipmi_admin:
+ username: root
+ password: calvin
networks:
bonded: yes
primary: bond0
slaves:
- - name: enp135s0f0
- - name: enp135s0f1
+ - name: enp94s0f0
+ - name: enp94s0f1
oob:
vlan: 40
- interface:
+ interface:
cidr: 192.168.41.0/24
routes:
gateway: 192.168.41.1
ranges:
reserved:
start: 192.168.41.2
- end: 192.168.41.4
+ end: 192.168.41.12
static:
- start: 192.168.41.5
+ start: 192.168.41.13
end: 192.168.41.254
host:
- vlan: 41
+ vlan: 41
interface: bond0.41
cidr: 192.168.2.0/24
+ subnet: 192.168.2.0
+ netmask: 255.255.255.0
routes:
- gateway: 192.168.2.85
+ gateway: 192.168.2.200
ranges:
reserved:
start: 192.168.2.84
end: 192.168.2.86
static:
- start: 192.168.2.1
- end: 192.168.2.83
+ start: 192.168.2.40
+ end: 192.168.2.45
+ dns:
+ domain: lab.akraino.org
+ servers: '192.168.2.85 8.8.8.8 8.8.4.4'
storage:
vlan: 42
interface: bond0.42
interface: eno3
cidr: 172.30.2.0/24
gateway: 172.30.2.1
+ routes:
+ gateway: 172.30.2.40
ranges:
reserved:
start: 172.30.2.2
dhcp:
start: 172.30.2.201
end: 172.30.2.254
+ dns:
+ domain: lab.akraino.org
+ servers: '192.168.2.85 8.8.8.8 8.8.4.4'
+ inf: net4
ksn:
vlan: 44
interface: bond0.44
static:
start: 10.0.102.11
end: 10.0.102.254
+dns:
+ upstream_servers:
+ - 192.168.2.85
+ - 8.8.8.8
+ - 8.8.8.8
+ upstream_servers_joined: '192.168.2.85,8.8.8.8'
+ ingress_domain: dellgen10.akraino.org
sriovnets:
- physical: sriovnet1
- interface: enp135s0f
- vlan_start: 100
- vlan_end: 4000
+ interface: enp135s0f0
+ vlan_start: 2001
+ vlan_end: 3000
whitelists:
- "0000:87:02.0": "enp135s2"
- "0000:87:02.1": "enp135s2f1"
- "0000:87:03.2": "enp135s3f2"
- "0000:87:03.3": "enp135s3f3"
- "0000:87:03.4": "enp135s3f4"
- "0000:87:03.5": "enp135s3f5"
- "0000:87:03.6": "enp135s3f6"
- "0000:87:03.7": "enp135s3f7"
- "0000:87:04.0": "enp135s4"
- "0000:87:04.1": "enp135s4f1"
- "0000:87:04.2": "enp135s4f2"
- "0000:87:04.3": "enp135s4f3"
- "0000:87:02.2": "enp135s2f2"
- "0000:87:04.4": "enp135s4f4"
- "0000:87:04.5": "enp135s4f5"
- "0000:87:04.6": "enp135s4f6"
- "0000:87:04.7": "enp135s4f7"
- "0000:87:05.0": "enp135s5"
- "0000:87:05.1": "enp135s5f1"
- "0000:87:05.2": "enp135s5f2"
- "0000:87:05.3": "enp135s5f3"
- "0000:87:05.4": "enp135s5f4"
- "0000:87:05.5": "enp135s5f5"
- "0000:87:02.3": "enp135s2f3"
- "0000:87:05.6": "enp135s5f6"
- "0000:87:05.7": "enp135s5f7"
- "0000:87:02.4": "enp135s2f4"
- "0000:87:02.5": "enp135s2f5"
- "0000:87:02.6": "enp135s2f6"
- "0000:87:02.7": "enp135s2f7"
- "0000:87:03.0": "enp135s3"
- "0000:87:03.1": "enp135s3f1"
-
+ - "address": "0000:87:02.0"
+ - "address": "0000:87:02.1"
+ - "address": "0000:87:03.2"
+ - "address": "0000:87:03.3"
+ - "address": "0000:87:03.4"
+ - "address": "0000:87:03.5"
+ - "address": "0000:87:03.6"
+ - "address": "0000:87:03.7"
+ - "address": "0000:87:04.0"
+ - "address": "0000:87:04.1"
+ - "address": "0000:87:04.2"
+ - "address": "0000:87:04.3"
+ - "address": "0000:87:02.2"
+ - "address": "0000:87:04.4"
+ - "address": "0000:87:04.5"
+ - "address": "0000:87:04.6"
+ - "address": "0000:87:04.7"
+ - "address": "0000:87:05.0"
+ - "address": "0000:87:05.1"
+ - "address": "0000:87:05.2"
+ - "address": "0000:87:05.3"
+ - "address": "0000:87:05.4"
+ - "address": "0000:87:05.5"
+ - "address": "0000:87:02.3"
+ - "address": "0000:87:05.6"
+ - "address": "0000:87:05.7"
+ - "address": "0000:87:02.4"
+ - "address": "0000:87:02.5"
+ - "address": "0000:87:02.6"
+ - "address": "0000:87:02.7"
+ - "address": "0000:87:03.0"
+ - "address": "0000:87:03.1"
- physical: sriovnet2
interface: enp135s0f1
- vlan_start: 100
- vlan_end: 4000
+ vlan_start: 2001
+ vlan_end: 3000
whitelists:
- "0000:87:0a.0": "enp135s10i"
- "0000:87:0a.1": "enp135s10f1"
- "0000:87:0b.2": "enp135s11f2"
- "0000:87:0b.3": "enp135s11f3"
- "0000:87:0b.4": "enp135s11f4"
- "0000:87:0b.5": "enp135s11f5"
- "0000:87:0b.6": "enp135s11f6"
- "0000:87:0b.7": "enp135s11f7"
- "0000:87:0c.0": "enp135s12"
- "0000:87:0c.1": "enp135s12f1"
- "0000:87:0c.2": "enp135s12f2"
- "0000:87:0c.3": "enp135s12f3"
- "0000:87:0a.2": "enp135s10f2"
- "0000:87:0c.4": "enp135s12f4"
- "0000:87:0c.5": "enp135s12f5"
- "0000:87:0c.6": "enp135s12f6"
- "0000:87:0c.7": "enp135s12f7"
- "0000:87:0d.0": "enp135s13"
- "0000:87:0d.1": "enp135s13f1"
- "0000:87:0d.2": "enp135s13f2"
- "0000:87:0d.3": "enp135s13f3"
- "0000:87:0d.4": "enp135s13f4"
- "0000:87:0d.5": "enp135s13f5"
- "0000:87:0a.3": "enp135s10f3"
- "0000:87:0d.6": "enp135s13f6"
- "0000:87:0d.7": "enp135s13f7"
- "0000:87:0a.4": "enp135s10f4"
- "0000:87:0a.5": "enp135s10f5"
- "0000:87:0a.6": "enp135s10f6"
- "0000:87:0a.7": "enp135s10f7"
- "0000:87:0b.0": "enp135s11"
- "0000:87:0b.1": "enp135s11f1"
+ - "address": "0000:87:0a.0"
+ - "address": "0000:87:0a.1"
+ - "address": "0000:87:0b.2"
+ - "address": "0000:87:0b.3"
+ - "address": "0000:87:0b.4"
+ - "address": "0000:87:0b.5"
+ - "address": "0000:87:0b.6"
+ - "address": "0000:87:0b.7"
+ - "address": "0000:87:0c.0"
+ - "address": "0000:87:0c.1"
+ - "address": "0000:87:0c.2"
+ - "address": "0000:87:0c.3"
+ - "address": "0000:87:0a.2"
+ - "address": "0000:87:0c.4"
+ - "address": "0000:87:0c.5"
+ - "address": "0000:87:0c.6"
+ - "address": "0000:87:0c.7"
+ - "address": "0000:87:0d.0"
+ - "address": "0000:87:0d.1"
+ - "address": "0000:87:0d.2"
+ - "address": "0000:87:0d.3"
+ - "address": "0000:87:0d.4"
+ - "address": "0000:87:0d.5"
+ - "address": "0000:87:0a.3"
+ - "address": "0000:87:0d.6"
+ - "address": "0000:87:0d.7"
+ - "address": "0000:87:0a.4"
+ - "address": "0000:87:0a.5"
+ - "address": "0000:87:0a.6"
+ - "address": "0000:87:0a.7"
+ - "address": "0000:87:0b.0"
+ - "address": "0000:87:0b.1"
storage:
osds:
+ - data: /dev/sda
+ journal: /var/lib/ceph/journal/journal-sda
- data: /dev/sdb
- journal: /var/lib/openstack-helm/ceph/journal0/osd/journal-sdb
+ journal: /var/lib/ceph/journal/journal-sdb
- data: /dev/sdc
- journal: /var/lib/openstack-helm/ceph/journal1/osd/journal-sdc
+ journal: /var/lib/ceph/journal/journal-sdc
- data: /dev/sdd
- journal: /var/lib/openstack-helm/ceph/journal0/osd/journal-sdd
+ journal: /var/lib/ceph/journal/journal-sdd
- data: /dev/sde
- journal: /var/lib/openstack-helm/ceph/journal1/osd/journal-sde
+ journal: /var/lib/ceph/journal/journal-sde
- data: /dev/sdf
- journal: /var/lib/openstack-helm/ceph/journal0/osd/journal-sdf
- - data: /dev/sdg
- journal: /var/lib/openstack-helm/ceph/journal1/osd/journal-sdg
- - data: /dev/sdg
- journal: /var/lib/openstack-helm/ceph/journal0/osd/journal-sdh
- - data: /dev/sdi
- journal: /var/lib/openstack-helm/ceph/journal1/osd/journal-sdi
- - data: /dev/sdk
- journal: /var/lib/openstack-helm/ceph/journal0/osd/journal-sdk
- osd_count: 9
+ journal: /var/lib/ceph/journal/journal-sdf
+ osd_count: 6
+ total_osd_count: 18
genesis:
- name: csonjrsv40
+ name: aknode40
oob: 192.168.41.40
host: 192.168.2.40
storage: 172.31.2.40
pxe: 172.30.2.40
ksn: 172.29.1.40
neutron: 10.0.102.40
+ root_password: akraino,d
+ oem: Dell
+ bios_template: dell_r740_g14_uefi_base.xml.template
+ boot_template: dell_r740_g14_uefi_httpboot.xml.template
+ http_boot_device: NIC.Slot.2-1-1
masters:
- - name : csonjrsv41
- - name : csonjrsv42
-workers:
- - name : csonjrsv43
- - name : csonjrsv44
-servers:
- - name : csonjrsv41
+ - name : aknode41
oob: 192.168.41.41
host: 192.168.2.41
storage: 172.31.2.41
pxe: 172.30.2.41
ksn: 172.29.1.41
neutron: 10.0.102.41
- - name : csonjrsv42
+ oob_user: root
+ oob_password: calvin
+ - name : aknode42
oob: 192.168.41.42
host: 192.168.2.42
storage: 172.31.2.42
pxe: 172.30.2.42
ksn: 172.29.1.42
neutron: 10.0.102.42
- - name : csonjrsv43
- oob: 192.168.41.43
- host: 192.168.2.43
- storage: 172.31.2.43
- pxe: 172.30.2.43
- ksn: 172.29.1.43
- neutron: 10.0.102.43
- - name : csonjrsv44
- oob: 192.168.41.44
- host: 192.168.2.44
- storage: 172.31.2.44
- pxe: 172.30.2.44
- ksn: 172.29.1.44
- neutron: 10.0.102.44
+ oob_user: root
+ oob_password: calvin
+#workers:
+# - name : aknode43
+# oob: 192.168.41.43
+# host: 192.168.2.43
+# storage: 172.31.2.43
+# pxe: 172.30.2.43
+# ksn: 172.29.1.43
+# neutron: 10.0.102.43
+# - name : aknode44
+# oob: 192.168.41.44
+# host: 192.168.2.44
+# storage: 172.31.2.44
+# pxe: 172.30.2.44
+# ksn: 172.29.1.44
+# neutron: 10.0.102.44
hardware:
vendor: DELL
generation: '10'
hw_version: '3'
bios_version: '2.8'
disks:
- - name : sdj
+ - name : sdg
labels:
bootdrive: 'true'
partitions:
- name: var
size: 100g
mountpoint: /var
- - name : sdb
+ - name : sdh
partitions:
- - name: cephj0
- size: 100g
- mountpoint: /var/lib/openstack-helm/ceph/journal0
- - name : sdc
+ - name: ceph
+ size: 300g
+ mountpoint: /var/lib/ceph/journal
+disks_compute:
+ - name : sdg
+ labels:
+ bootdrive: 'true'
partitions:
- - name: cephj1
- size: 100g
- mountpoint: /var/lib/openstack-helm/ceph/journal1
+ - name: root
+ size: 20g
+ mountpoint: /
+ - name: boot
+ size: 1g
+ mountpoint: /boot
+ - name: var
+ size: '>300g'
+ mountpoint: /var
+ - name : sdh
+ partitions:
+ - name: nova
+ size: '99%'
+ mountpoint: /var/lib/nova
genesis_ssh_public_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC/n4mNLAj3XKG2fcm+8eVe0NUlNH0g8DA8KJ53rSLKccm8gm4UgLmGOJyBfUloQZMuOpU6a+hexN4ECCliqI7+KUmgJgsvLkJ3OUMNTEVu9tDX5mdXeffsufaqFkAdmbJ/9PMPiPQ3/UqbbtyEcqoZAwUWf4ggAWSp00SGE1Okg+skPSbDzPVHb4810eXZT1yoIg29HAenJNNrsVxvnMT2kw2OYmLfxgEUh1Ev4c5LnUog4GXBDHQtHAwaIoTu9s/q8VIvGav62RJVFn3U1D0jkiwDLSIFn8ezORQ4YkSidwdSrtqsqa2TJ0E5w/n5h5IVGO9neY8YlXrgynLd4Y+7 root@pocnjrsv132"
kubernetes:
api_service_ip: 10.96.0.1
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+site_name: hpgen10
+ipmi_admin:
+ username: Administrator
+ password: Admin123
+networks:
+ bonded: yes
+ primary: bond0
+ slaves:
+ - name: ens3f0
+ - name: ens3f1
+ oob:
+ vlan: 40
+ interface:
+ cidr: 192.168.41.0/24
+ routes:
+ gateway: 192.168.41.1
+ ranges:
+ reserved:
+ start: 192.168.41.2
+ end: 192.168.41.4
+ static:
+ start: 192.168.41.5
+ end: 192.168.41.254
+ host:
+ vlan: 41
+ interface: bond0.41
+ cidr: 192.168.2.0/24
+ subnet: 192.168.2.0
+ netmask: 255.255.255.0
+ routes:
+ gateway: 192.168.2.200
+ ranges:
+ reserved:
+ start: 192.168.2.84
+ end: 192.168.2.86
+ static:
+ start: 192.168.2.1
+ end: 192.168.2.83
+ dns:
+ domain: lab.akraino.org
+ servers: '192.168.2.85 8.8.8.8 8.8.4.4'
+ storage:
+ vlan: 42
+ interface: bond0.42
+ cidr: 172.31.1.0/24
+ ranges:
+ static:
+ start: 172.31.1.2
+ end: 172.31.1.254
+ pxe:
+ vlan:
+ interface: eno1
+ cidr: 172.30.1.0/24
+ gateway: 172.30.1.1
+ routes:
+ gateway: 172.30.1.30
+ ranges:
+ reserved:
+ start: 172.30.1.1
+ end: 172.30.1.10
+ static:
+ start: 172.30.1.11
+ end: 172.30.1.200
+ dhcp:
+ start: 172.30.1.201
+ end: 172.30.1.254
+ dns:
+ domain: lab.akraino.org
+ servers: '192.168.2.85 8.8.8.8 8.8.4.4'
+ inf: net4
+ ksn:
+ vlan: 44
+ interface: bond0.44
+ cidr: 172.29.1.0/24
+ local_asnumber: 65531
+ ranges:
+ static:
+ start: 172.29.1.5
+ end: 172.29.1.254
+ additional_cidrs:
+ - 172.29.1.136/29
+ ingress_cidr: 172.29.1.137/32
+ peers:
+ - ip: 172.29.1.1
+ scope: global
+ asnumber: 65001
+ vrrp_ip: 172.29.1.1 # keep peers ip address in case of only peer.
+ neutron:
+ vlan: 45
+ interface: bond0.45
+ cidr: 10.0.101.0/24
+ ranges:
+ static:
+ start: 10.0.101.2
+ end: 10.0.101.254
+dns:
+ upstream_servers:
+ - 192.168.2.85
+ - 8.8.8.8
+ - 8.8.8.8
+ upstream_servers_joined: '192.168.2.85,8.8.8.8'
+ ingress_domain: hpgen10.akraino.org
+sriovnets:
+- physical: sriovnet1
+ interface: ens6f0
+ vlan_start: 2001
+ vlan_end: 3000
+ whitelists:
+ - "address": "0000:af:02.0"
+ - "address": "0000:af:02.1"
+ - "address": "0000:af:02.2"
+ - "address": "0000:af:02.3"
+ - "address": "0000:af:02.4"
+ - "address": "0000:af:02.5"
+ - "address": "0000:af:02.6"
+ - "address": "0000:af:02.7"
+ - "address": "0000:af:03.0"
+ - "address": "0000:af:03.1"
+ - "address": "0000:af:03.2"
+ - "address": "0000:af:03.3"
+ - "address": "0000:af:03.4"
+ - "address": "0000:af:03.5"
+ - "address": "0000:af:03.6"
+ - "address": "0000:af:03.7"
+ - "address": "0000:af:04.0"
+ - "address": "0000:af:04.1"
+ - "address": "0000:af:04.2"
+ - "address": "0000:af:04.3"
+ - "address": "0000:af:04.4"
+ - "address": "0000:af:04.5"
+ - "address": "0000:af:04.6"
+ - "address": "0000:af:04.7"
+ - "address": "0000:af:05.0"
+ - "address": "0000:af:05.1"
+ - "address": "0000:af:05.2"
+ - "address": "0000:af:05.3"
+ - "address": "0000:af:05.4"
+ - "address": "0000:af:05.5"
+ - "address": "0000:af:05.6"
+ - "address": "0000:af:05.7"
+- physical: sriovnet2
+ interface: ens6f1
+ vlan_start: 2001
+ vlan_end: 3000
+ whitelists:
+ - "address": "0000:af:0a.0"
+ - "address": "0000:af:0a.1"
+ - "address": "0000:af:0a.2"
+ - "address": "0000:af:0a.3"
+ - "address": "0000:af:0a.4"
+ - "address": "0000:af:0a.5"
+ - "address": "0000:af:0a.6"
+ - "address": "0000:af:0a.7"
+ - "address": "0000:af:0b.0"
+ - "address": "0000:af:0b.1"
+ - "address": "0000:af:0b.2"
+ - "address": "0000:af:0b.3"
+ - "address": "0000:af:0b.4"
+ - "address": "0000:af:0b.5"
+ - "address": "0000:af:0b.6"
+ - "address": "0000:af:0b.7"
+ - "address": "0000:af:0c.0"
+ - "address": "0000:af:0c.1"
+ - "address": "0000:af:0c.2"
+ - "address": "0000:af:0c.3"
+ - "address": "0000:af:0c.4"
+ - "address": "0000:af:0c.5"
+ - "address": "0000:af:0c.6"
+ - "address": "0000:af:0c.7"
+ - "address": "0000:af:0d.0"
+ - "address": "0000:af:0d.1"
+ - "address": "0000:af:0d.2"
+ - "address": "0000:af:0d.3"
+ - "address": "0000:af:0d.4"
+ - "address": "0000:af:0d.5"
+ - "address": "0000:af:0d.6"
+ - "address": "0000:af:0d.7"
+storage:
+ osds:
+ - data: /dev/sdb
+ journal: /var/lib/ceph/journal/journal-sdb
+ - data: /dev/sdc
+ journal: /var/lib/ceph/journal/journal-sdc
+ - data: /dev/sdd
+ journal: /var/lib/ceph/journal/journal-sdd
+ - data: /dev/sde
+ journal: /var/lib/ceph/journal/journal-sde
+ - data: /dev/sdf
+ journal: /var/lib/ceph/journal/journal-sdf
+ - data: /dev/sdg
+ journal: /var/lib/ceph/journal/journal-sdg
+ - data: /dev/sdh
+ journal: /var/lib/ceph/journal/journal-sdh
+ - data: /dev/sdi
+ journal: /var/lib/ceph/journal/journal-sdi
+ osd_count: 8
+ total_osd_count: 24
+genesis:
+ name: aknode30
+ oob: 192.168.41.130
+ host: 192.168.2.30
+ storage: 172.31.1.30
+ pxe: 172.30.1.30
+ ksn: 172.29.1.30
+ neutron: 10.0.101.30
+ root_password: akraino,d
+ oem: HPE
+ mac_address: 3c:fd:fe:aa:90:b0
+ bios_template: hpe_dl380_g10_uefi_base.json.template
+ boot_template: hpe_dl380_g10_uefi_httpboot.json.template
+ http_boot_device: NIC.Slot.3-1-1
+masters:
+ - name : aknode31
+ oob: 192.168.41.131
+ host: 192.168.2.31
+ storage: 172.31.1.31
+ pxe: 172.30.1.31
+ ksn: 172.29.1.31
+ neutron: 10.0.101.31
+ oob_user: Administrator
+ oob_password: Admin123
+ - name : aknode32
+ oob: 192.168.41.132
+ host: 192.168.2.32
+ storage: 172.31.1.32
+ pxe: 172.30.1.32
+ ksn: 172.29.1.32
+ neutron: 10.0.101.32
+ oob_user: Administrator
+ oob_password: Admin123
+#workers:
+# - name : aknode33
+# oob: 192.168.41.133
+# host: 192.168.2.33
+# storage: 172.31.1.33
+# pxe: 172.30.1.33
+# ksn: 172.29.1.33
+# neutron: 10.0.101.33
+# oob_user: Administrator
+# oob_password: Admin123
+# - name : aknode34
+# oob: 192.168.41.134
+# host: 192.168.2.34
+# storage: 172.31.1.34
+# pxe: 172.30.1.34
+# ksn: 172.29.1.34
+# neutron: 10.0.101.34
+hardware:
+ vendor: HP
+ generation: '10'
+ hw_version: '3'
+ bios_version: '2.8'
+disks:
+ - name : sdj
+ labels:
+ bootdrive: 'true'
+ partitions:
+ - name: root
+ size: 20g
+ mountpoint: /
+ - name: boot
+ size: 1g
+ mountpoint: /boot
+ - name: var
+ size: '>300g'
+ mountpoint: /var
+ - name : sdk
+ partitions:
+ - name: cephj
+ size: 300g
+ mountpoint: /var/lib/ceph/journal
+disks_compute:
+ - name : sdj
+ labels:
+ bootdrive: 'true'
+ partitions:
+ - name: root
+ size: 20g
+ mountpoint: /
+ - name: boot
+ size: 1g
+ mountpoint: /boot
+ - name: var
+ size: '>300g'
+ mountpoint: /var
+ - name : sdk
+ partitions:
+ - name: nova
+ size: '99%'
+ mountpoint: /var/lib/nova
+genesis_ssh_public_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC/n4mNLAj3XKG2fcm+8eVe0NUlNH0g8DA8KJ53rSLKccm8gm4UgLmGOJyBfUloQZMuOpU6a+hexN4ECCliqI7+KUmgJgsvLkJ3OUMNTEVu9tDX5mdXeffsufaqFkAdmbJ/9PMPiPQ3/UqbbtyEcqoZAwUWf4ggAWSp00SGE1Okg+skPSbDzPVHb4810eXZT1yoIg29HAenJNNrsVxvnMT2kw2OYmLfxgEUh1Ev4c5LnUog4GXBDHQtHAwaIoTu9s/q8VIvGav62RJVFn3U1D0jkiwDLSIFn8ezORQ4YkSidwdSrtqsqa2TJ0E5w/n5h5IVGO9neY8YlXrgynLd4Y+7 root@pocnjrsv132"
+kubernetes:
+ api_service_ip: 10.96.0.1
+ etcd_service_ip: 10.96.0.2
+ pod_cidr: 10.99.0.0/16
+ service_cidr: 10.96.0.0/14
+regional_server:
+ ip: 135.16.101.85
+...
#!/usr/bin/python
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
print '{0} -> {1}'.format(source_path, target_path)
total += 1
-def expand_file(target_dir, file):
+def expand_file(target_file, file):
global total
- if not os.path.exists(target_dir):
- os.makedirs(target_dir)
+ if not os.path.exists(os.path.dirname(target_file)):
+ os.makedirs(os.path.dirname(target_file))
env = jinja2.Environment()
env.trim_blocks = True
env.lstrip_blocks = True
with open(file) as fd:
template = env.from_string(fd.read())
data = template.render(yaml=yaml)
- target_path = target_dir + '/' + os.path.basename(file)
- fd2 = open(target_path,'w')
+ fd2 = open(target_file,'w')
fd2.write(data)
fd2.write("\n")
fd2.close()
- print '{0} -> {1}'.format(file, target_path)
+ print '{0} -> {1}'.format(file, target_file)
total += 1
if len(sys.argv) != 4:
--- /dev/null
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+import os
+import sys
+import yaml
+import jinja2
+import subprocess
+
+with open(sys.argv[1]) as f:
+ yaml = yaml.safe_load(f)
+
+def create_rc_genesis(source, target_suffix):
+ env = jinja2.Environment()
+ env.trim_blocks = True
+ env.lstrip_blocks = True
+
+ with open(source) as fd:
+ template = env.from_string(fd.read())
+ data = template.render(yaml=yaml)
+ target_file = yaml['genesis']['name']+target_suffix
+ fd2 = open(target_file,'w')
+ fd2.write(data)
+ fd2.write("\n")
+ fd2.close()
+ print '{0} -> {1}'.format(source, target_file)
+
+def create_rc_masters(source, target_suffix):
+ env = jinja2.Environment()
+ env.trim_blocks = True
+ env.lstrip_blocks = True
+
+ for master in yaml['masters']:
+ with open(source) as fd:
+ template = env.from_string(fd.read())
+ data = template.render(yaml=master)
+ target_file = "server-config/"+master['name']+target_suffix
+ print target_file
+ if os.path.exists(target_file):
+ print 'rc file exists maynot be new node'
+ continue
+ if not os.path.exists(os.path.dirname(target_file)):
+ os.makedirs(os.path.dirname(target_file))
+ fd2 = open(target_file,'w')
+ fd2.write(data)
+ fd2.write("\n")
+ fd2.close()
+ print '{0} -> {1}'.format(source, target_file)
+ command = '/opt/akraino/tools/apply_dellxml.sh --rc {0} --template dell_r740_g14_uefi_base.xml.template --no-confirm'.format(target_file)
+ print 'command: {0}'.format(command)
+ os.system(command)
+
+def create_rc_workers(source, target_suffix):
+ env = jinja2.Environment()
+ env.trim_blocks = True
+ env.lstrip_blocks = True
+
+ if 'workers' in yaml:
+ for master in yaml['workers']:
+ with open(source) as fd:
+ template = env.from_string(fd.read())
+ data = template.render(yaml=master)
+ target_file = "server-config/"+master['name']+target_suffix
+ print target_file
+ if os.path.exists(target_file):
+ print 'rc file exists maynot be new node'
+ continue
+ if not os.path.exists(os.path.dirname(target_file)):
+ os.makedirs(os.path.dirname(target_file))
+ fd2 = open(target_file,'w')
+ fd2.write(data)
+ fd2.write("\n")
+ fd2.close()
+ print '{0} -> {1}'.format(source, target_file)
+ command = '/opt/akraino/tools/apply_dellxml.sh --rc {0} --template dell_r740_g14_uefi_base.xml.template --no-confirm'.format(target_file)
+ print 'command: {0}'.format(command)
+ os.system(command)
+
+if len(sys.argv) != 2:
+ print 'usage: update_bios_settings.py <yaml>'
+ sys.exit(1)
+
+#create_rc_genesis("tools/j2/serverrc.j2", "rc")
+create_rc_masters("tools/j2/serverrc_raid.j2", "rc.raid")
+create_rc_workers("tools/j2/serverrc_raid.j2", "rc.raid")
+
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
- ucp-control-plane=enabled
- maas-control-plane=enabled
- ceph-osd-bootstrap=enabled
-# - openstack-libvirt=kernel
-# - openvswitch=enabled
-# - openstack-control-plane=enabled
-# - openstack-nova-compute=enabled
+ - openstack-libvirt=kernel
+ - openvswitch=enabled
+ - openstack-control-plane=enabled
+ - openstack-nova-compute=enabled
+ - sriov=enabled
...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+# self-signed certifacte generated based on
+# https://libvirt.org/remote.html#Remote_certificates
+metadata:
+ layeringDefinition:
+ abstract: false
+ layer: site
+ name: ingress-crt
+ schema: metadata/Document/v1
+ storagePolicy: cleartext
+schema: deckhand/Certificate/v1
+data: |
+ -----BEGIN CERTIFICATE-----
+ MIIFKzCCA5OgAwIBAgIMW2h6FCcFdKeaw3vnMA0GCSqGSIb3DQEBCwUAMBIxEDAO
+ BgNVBAMTB0FpcnNoaXAwHhcNMTgwODA2MTY0MDUyWhcNMTkwODA2MTY0MDUyWjBJ
+ MTUwMwYDVQQDEyxpbmdyZXNzLmFpcnNoaXAtc2Vhd29ydGh5LmF0bGFudGFmb3Vu
+ ZHJ5LmNvbTEQMA4GA1UEChMHQWlyc2hpcDCCAaIwDQYJKoZIhvcNAQEBBQADggGP
+ ADCCAYoCggGBALvNHm/G/ylh6aPcvrhOcb4qz1BjcNtnxH8bzZng/rMeX3W2AzjC
+ r2JloJcDvOLBp/TkLOZPImnFW2/GCwktxPgXZuBTPzFV50g77KsPFw0fn3Si7+bs
+ F22tLhdOGk6MQj/WW4pKGHqdw1/VbPwOHBT+I4/scR1L2SZxYtSFIKGenHJH+PMV
+ bCdwnNOR80F8KRzK5iZs/r6S/QqVheieARSWWnk2+TtkM1BloGOhLSd+ZkWh9VO1
+ eOnZowkaDAJwD/G6zoSr5n+beaXzDnEcoVXFSwd4FLoV+om77o92XmZ4rVw0vTMO
+ k6jVwmkdT+dM2K2hLUG/TXWoV2/Qms70gzDOs85RtAkTPe4Ohtdpr51Q0hd35TKG
+ YLKzX/OPblD68iYJYSBvMPpAVTbFYVPW1AQx8wWfannYbMoeL8XTEOKfkqm90YP9
+ EhIdtmw4D7GZxlzG5FXXutmT9sqLfqlRu/RynAhBP8NQvw74WumhOe8r7GhCwgzC
+ gaPLGjeekoS6LQIDAQABo4IBSDCCAUQwDAYDVR0TAQH/BAIwADCBzQYDVR0RBIHF
+ MIHCgixpbmdyZXNzLmFpcnNoaXAtc2Vhd29ydGh5LmF0bGFudGFmb3VuZHJ5LmNv
+ bYIta2V5c3RvbmUuYWlyc2hpcC1zZWF3b3J0aHkuYXRsYW50YWZvdW5kcnkuY29t
+ gilub3ZhLmFpcnNoaXAtc2Vhd29ydGh5LmF0bGFudGFmb3VuZHJ5LmNvbYIsaG9y
+ aXpvbi5haXJzaGlwLXNlYXdvcnRoeS5hdGxhbnRhZm91bmRyeS5jb22HBAoXFQuH
+ BAoXFgswEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0PAQH/BAUDAwegADAdBgNV
+ HQ4EFgQUfTAjNgn/1U1Uh1MJDYT2m4dzhsYwHwYDVR0jBBgwFoAUJFuXPZo6RzfE
+ BlJjnnk5jhcP4wIwDQYJKoZIhvcNAQELBQADggGBAE2ISWmrxqrledJI3aLaS9Yw
+ WsZc8O8CnIyLoxrE85vUubFjuI9ixC/6dJxl2iB1n0H8JgmFREox32Q4+kDJI8V/
+ X9x0PFpRzL7QEPrLZhW94Yis3sOphLW0rf0t06ZepdHHeodYJu1pVMDmLq6bKXdX
+ vo+/WwKnZBXC1qPbXJByv/CN9MtViXOnBGORFRTJPb6U8379LNWclJ/LW12yTwNk
+ JGIbZU61Vxu+2nLIabmmRoODH2jomgMOMMzLgjT3Hvw3whe8GrUoxDiPYQVTDGNm
+ ly6m+5B1Nx06fkZazonozeaOhSQ7RblUSbo+w8TJmLRzD9ft7p4vpjBGxRADMcuF
+ DOjATgdZeisBUHTGEO0P6wJOBQuCFMX9AVl+u8ZpcuRaRaN+pBE6/BqcHBB6qV/N
+ w2DdNtP8BrJ3kJVNEDIo5oTbH5SToxgA4hWBV42M1rB+5vIMDKN3rwVDdNKWYhYc
+ VZpU3V9V6JzSW1O2w4Wu9PdbWJD9oSvC0qJgnjOXzg==
+ -----END CERTIFICATE-----
+...
+---
+metadata:
+ layeringDefinition:
+ abstract: false
+ layer: site
+ name: ingress-ca
+ schema: metadata/Document/v1
+ storagePolicy: cleartext
+schema: deckhand/CertificateAuthority/v1
+data: |
+ -----BEGIN CERTIFICATE-----
+ MIID7TCCAlWgAwIBAgIMW2h3tgSwie0Ypx8eMA0GCSqGSIb3DQEBCwUAMBIxEDAO
+ BgNVBAMTB0FpcnNoaXAwHhcNMTgwODA2MTYzMDQ2WhcNMTkwODA2MTYzMDQ2WjAS
+ MRAwDgYDVQQDEwdBaXJzaGlwMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKC
+ AYEAny0Nqu9U2tXdCCTNzD2T62htMmBLg3CmzWajfbfFl7ALqzo3HgbbY3PxTHDE
+ OJ/lwdm0HkEaGfEDXhJd06WZsa8+fKGqhKXvZXwXx5mJ8LCGxz6xiaxwo9lnKe6V
+ o3YX7bJ5YIVxQ2jhvZo+dY8Z/buloi2Tp2HbqTejKULH9+qdiQTDXAnyR0NLqzJ0
+ YQ4v4yU3zix3nBi8z29lQekGO9quNEka3nw2n0Gxmq5z1bNALGCF5F759mVkB0uT
+ fPGF+zm9eqlqAgduYg7R+JYUumVHvIoRY454GtAdZHTJHJZP0gQSGJsLff8ROFpI
+ GVYsOZhJXU9Ihc5VBC5PMErbmCn0YkuxAWNOYBstZ8l+uY6YiPoFV5Ulc/8M0If+
+ T6jbqzWoFC+4ysgY95RKOw53S4o/T6AFwiIKIw0xp3UfHCf6kr5Y0+XdDn5CXpJB
+ d1KK3PoUWzPSsxcUMXvgKWT4x1vsCId21dn1SmVSOEBhM08VZfjd5bvL9Xjt/E0j
+ mUqDAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcEADAd
+ BgNVHQ4EFgQUJFuXPZo6RzfEBlJjnnk5jhcP4wIwDQYJKoZIhvcNAQELBQADggGB
+ AJaoEtnDoWUUs4nSSqIGcoCfpIO0oqVp8DvkBOcxz5Rz8vMVJSC24/UnuCD2Wknx
+ 2V/E3edXIeRo7duhPtNCT7c8OKY/pJsZQTgOczn4rphoD1pmAIPZmpG6ssPadPiM
+ EP8xWJHZt8NXG7D5kJX2COvBvgNeWXL6MF7Tv8+t5xzt59Vitdb/7lm9Z6jjpvN+
+ zoG0pKx3XYESsnLAVAf00F+kWwds/3x3gQywUAQUDER0jliYUE5id+sojp357Cl9
+ XtY+8zSnTduuP8CfMhwv5p6j9xbqacfT7AzpQ6cy4xcQ7MA6JBQcxbaq4NtvIf6+
+ d/5N9d8LGnfXdCd9iwNy9Qk23Ea0SNhnk9F/NqGBPakU4TbHh4iTYMC/+hDGInpO
+ TIRelTidNBFNaIBg3Z0vsh0lDwbt/xhpXip+ZVBqKMTtktEceiVGru9cYUQA2tKI
+ XNoc5s0uQGMpdFzgED4lXZf+n7yGVMKohvi7Yn96HqujGIrVH6qThsI6m7pUSz40
+ +g==
+ -----END CERTIFICATE-----
+...
+---
+metadata:
+ layeringDefinition:
+ abstract: false
+ layer: site
+ name: ingress-key
+ schema: metadata/Document/v1
+ storagePolicy: cleartext
+schema: deckhand/CertificateKey/v1
+data: |
+ -----BEGIN RSA PRIVATE KEY-----
+ MIIG4wIBAAKCAYEAu80eb8b/KWHpo9y+uE5xvirPUGNw22fEfxvNmeD+sx5fdbYD
+ OMKvYmWglwO84sGn9OQs5k8iacVbb8YLCS3E+Bdm4FM/MVXnSDvsqw8XDR+fdKLv
+ 5uwXba0uF04aToxCP9ZbikoYep3DX9Vs/A4cFP4jj+xxHUvZJnFi1IUgoZ6cckf4
+ 8xVsJ3Cc05HzQXwpHMrmJmz+vpL9CpWF6J4BFJZaeTb5O2QzUGWgY6EtJ35mRaH1
+ U7V46dmjCRoMAnAP8brOhKvmf5t5pfMOcRyhVcVLB3gUuhX6ibvuj3ZeZnitXDS9
+ Mw6TqNXCaR1P50zYraEtQb9NdahXb9CazvSDMM6zzlG0CRM97g6G12mvnVDSF3fl
+ MoZgsrNf849uUPryJglhIG8w+kBVNsVhU9bUBDHzBZ9qedhsyh4vxdMQ4p+Sqb3R
+ g/0SEh22bDgPsZnGXMbkVde62ZP2yot+qVG79HKcCEE/w1C/Dvha6aE57yvsaELC
+ DMKBo8saN56ShLotAgMBAAECggGAYzZDhA1+sx/0zApL/xYB5NK83t0Ju/8fwX6w
+ qUBBjeLXz1mubgf7m2HQ6ragzLI9xpPcXHcl2PbYDT50ig7R5baHNK8FzUxyeKif
+ qOa56Mbx+C4zyqyi2+AHX2x1XVWfkhXuGip2sCA0HKalgqr5juWLZ/ci8rUlLLft
+ 3BPQX1FpmL4I+HIyxsspLmQGPGwZVAqkd1xRX+BLKZJAQdlm/LdJaIvwMr4Glcx6
+ ZOe68QhHgzXCYsyV6gR9qstF2OvVuLa2mUc7EzYInFIFhXUdAAwmDqkuuLRdRQhf
+ Ur8nqQW33T0cG0GBUzgBI5YmSPJvTSzcPmeSyNVx2/Yb0pkuXtCw67oDcAsN4nW8
+ uls49E2RaiLJYsy5vPsX5aJNcAxw/CWLdadQ3ukviD/MDJbpTl4F52GOVYL6K4XH
+ g5TJjj7xzjmK3ldR/Kscg7HpCitQLGUYdgIsAFdspXf4aSIa68IjDrc5NsJZuMzc
+ PbVHrw7QYNfHY7VNdUlOVqH5lS3BAoHBANRqKrQXtnJmM006TCEJXdcN/5M685jz
+ +L4Ox0Rhrq8ROgcN5q/hjKb6kP/MccQ9voGQOl9TKEyinGNdTtyc/fuH7RNlQwpS
+ HT+vEzVEcrSe8UFs8c6oJnHFO72ylFcibFf56LvbI3L8BZXp7gPSPQkp5f1NWEZk
+ X5bUL4UNiOm0diltba/ofxywF0M9WGD00eqi0Q29JRlvun+355j06CENxRoonNZC
+ wk1evIxhhckP9zLjI2Ykb1hV6yzwPWtmyQKBwQDiVgru/B396KhzDhLl5AL+pBWA
+ GsfiCbmPLh6W6V5VzldB4+GlMRrJ4zSjZQ3/nvX5KepqjMn1N6LQpZQUI/YShCKE
+ mW0XMiAfbp2d23MRMjLD8L/bIoBHQOPkCaMjbmyDOlCagWakEvHJO/TieVgTmYk6
+ mtEYVjJFWI9OCNMAHdl8ovWr3p+8YbVZ8LLv5ZO/V1cIjczoNQ6p8LG/pPMTDLXM
+ ScN9a8z3f8LQLBHBlu0155xvt95PQLAon/x21kUCgcAvPVk36hoiQQZhw3hQ1JNx
+ E2TmanLobkHAiurYE11VA+DC1t2Z+fBc5la+/MnEWfL3P4srzgOlX3imRIcYWzXE
+ 7crUyG1ray2kDxyXeRyFfN+srDzut8is/q81lfSVmEs+GY8f0DGHDfN0Dq1nXidC
+ 1XWXqs7aANKdaZ0T2xm61+57ciG1wGAckjDqPEdecLQKmaEijBEnIgj5BH5WLwk8
+ 6KIQGj4fDIPHzyzhj4LAX3ObdpZVzf6RR7JgsSEHtLkCgcBROW2dDC87MqZY++D+
+ TVBhz8LDgVjgHntQDc3+fGtVQcKAq+YLYU7qyrXWOWrHpGVDcK5mZHYJoVi1peY5
+ QBqL1I2KpoDGxT9P6GN6BgoKTsh3FsvTOVNtvrTJ3keEbJlWkrPgbrXGBeJtRC4C
+ pGdeSUg9FtgY8r4BsuFisLoAHbYyC008y5zpfusVBtNAUlQuY4qhUDoLzxafF/jB
+ /NEasgH/+SzFss0QuPHRwS7yGVaxdJfoY8TNDjrpqVhx0T0CgcEAvKG4UoWvT8gJ
+ pIeeAxxnv9yrMxgpntu4RXPDHgfX5tva6EaM3r3nLXjd9FVtlQ4cNBMhp9HNhS3a
+ dK+oEDcBysVxxfltlS2Bx0+gQf3WxgBCJwayKe3i/XCDza92EENgxTPmqB1LHiq5
+ 2b5aOl2Y5fP0eX6UryxRc443c/ejMHw4lGwnno0qpRk9M9Ucqv5J96QCfAlBSQQS
+ gOG9cypL0kBWzCejn9W4av8HkM8Noqd7Tqul1onv/46OBaX51kt3
+ -----END RSA PRIVATE KEY-----
+...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_keystone_ldap_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 5aacc198d8a1edeff4a8
+...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: elasticsearch
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ hosttype: elasticsearch-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data: {}
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: fluent-logging
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ hosttype: fluent-logging-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data: {}
+...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: pegleg/EndpointCatalogue/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_endpoints
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+ # substitutions:
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .ucp.identity.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .ucp.shipyard.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .ceph.object_store.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .ceph.ceph_object_store.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .ceph.object_store.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .ceph.object_store.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .ceph.object_store.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .ceph.ceph_object_store.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .ceph.ceph_object_store.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .ceph.ceph_object_store.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .ucp.identity.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .ucp.identity.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .ucp.identity.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .ucp.shipyard.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .ucp.shipyard.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .ucp.shipyard.host_fqdn_override.public.tls.key
+data:
+ ucp:
+ identity:
+ namespace: ucp
+ name: keystone
+ hosts:
+ default: keystone-api
+ public: keystone
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: iam.DOMAIN
+ path:
+ default: /v3
+ scheme:
+ default: http
+ # public: https
+ port:
+ admin:
+ default: 35357
+ api:
+ default: 80
+ public: 80
+ armada:
+ name: armada
+ hosts:
+ default: armada-api
+ public: armada
+ port:
+ api:
+ default: 8000
+ path:
+ default: /api/v1.0
+ scheme:
+ default: http
+ host_fqdn_override:
+ default: null
+ deckhand:
+ name: deckhand
+ hosts:
+ default: deckhand-int
+ public: deckhand-api
+ port:
+ api:
+ default: 9000
+ path:
+ default: /api/v1.0
+ scheme:
+ default: http
+ host_fqdn_override:
+ default: null
+ postgresql:
+ name: postgresql
+ hosts:
+ default: postgresql
+ path: /DB_NAME
+ scheme: postgresql+psycopg2
+ port:
+ postgresql:
+ default: 5432
+ host_fqdn_override:
+ default: null
+ postgresql_airflow_celery:
+ name: postgresql_airflow_celery_db
+ hosts:
+ default: postgresql
+ path: /DB_NAME
+ scheme: db+postgresql
+ port:
+ postgresql:
+ default: 5432
+ host_fqdn_override:
+ default: null
+ oslo_db:
+ hosts:
+ default: mariadb
+ discovery: mariadb-discovery
+ host_fqdn_override:
+ default: null
+ path: /DB_NAME
+ scheme: mysql+pymysql
+ port:
+ mysql:
+ default: 3306
+ wsrep:
+ default: 4567
+ key_manager:
+ name: barbican
+ hosts:
+ default: barbican-api
+ public: barbican
+ host_fqdn_override:
+ default: null
+ path:
+ default: /v1
+ scheme:
+ default: http
+ port:
+ api:
+ default: 9311
+ public: 80
+ oslo_messaging:
+ namespace: null
+ hosts:
+ default: rabbitmq
+ host_fqdn_override:
+ default: null
+ path: /openstack
+ scheme: rabbit
+ port:
+ amqp:
+ default: 5672
+ oslo_cache:
+ hosts:
+ default: memcached
+ host_fqdn_override:
+ default: null
+ port:
+ memcache:
+ default: 11211
+ physicalprovisioner:
+ name: drydock
+ hosts:
+ default: drydock-api
+ port:
+ api:
+ default: 9000
+ nodeport: 31900
+ path:
+ default: /api/v1.0
+ scheme:
+ default: http
+ host_fqdn_override:
+ default: null
+ maas_region_ui:
+ name: maas-region-ui
+ hosts:
+ default: maas-region-ui
+ public: maas
+ path:
+ default: /MAAS
+ scheme:
+ default: "http"
+ port:
+ region_ui:
+ default: 80
+ public: 80
+ host_fqdn_override:
+ default: null
+ kubernetesprovisioner:
+ name: promenade
+ hosts:
+ default: promenade-api
+ port:
+ api:
+ default: 80
+ path:
+ default: /api/v1.0
+ scheme:
+ default: http
+ host_fqdn_override:
+ default: null
+ shipyard:
+ name: shipyard
+ hosts:
+ default: shipyard-int
+ public: shipyard-api
+ port:
+ api:
+ default: 9000
+ public: 80
+ path:
+ default: /api/v1.0
+ scheme:
+ default: http
+ # public: https
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: shipyard.DOMAIN
+ airflow_web:
+ name: airflow-web
+ hosts:
+ default: airflow-web-int
+ public: airflow-web
+ port:
+ airflow_web:
+ default: 8080
+ path:
+ default: /
+ scheme:
+ default: http
+ host_fqdn_override:
+ default: null
+ airflow_flower:
+ name: airflow-flower
+ hosts:
+ default: airflow-flower
+ port:
+ airflow_flower:
+ default: 5555
+ path:
+ default: /
+ scheme:
+ default: http
+ host_fqdn_override:
+ default: null
+ ceph:
+ object_store:
+ name: swift
+ namespace: ceph
+ hosts:
+ default: ceph-rgw
+ public: radosgw
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: object-store.DOMAIN
+ path:
+ default: /swift/v1
+ scheme:
+ default: http
+ # public: "https"
+ port:
+ api:
+ default: 8088
+ # public: 443
+ ceph_object_store:
+ name: radosgw
+ namespace: ceph
+ hosts:
+ default: ceph-rgw
+ public: radosgw
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: object-store.DOMAIN
+ path:
+ default: /auth/v1.0
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8088
+ # public: 443
+ ceph_mon:
+ namespace: ceph
+ hosts:
+ default: ceph-mon
+ discovery: ceph-mon-discovery
+ host_fqdn_override:
+ default: null
+ port:
+ mon:
+ default: 6789
+ ceph_mgr:
+ namespace: ceph
+ hosts:
+ default: ceph-mgr
+ host_fqdn_override:
+ default: null
+ port:
+ mgr:
+ default: 7000
+ scheme:
+ default: http
+...
+---
+schema: pegleg/EndpointCatalogue/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_endpoints
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+ # substitutions:
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.object_store.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.ceph_object_store.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.object_store.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.object_store.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.object_store.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.ceph_object_store.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.ceph_object_store.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.ceph_object_store.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.image.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.cloudformation.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.orchestration.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.compute.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.compute_novnc_proxy.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.placement.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.network.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.identity.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.dashboard.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.volume.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.volumev2.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.volumev3.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.identity.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.identity.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.identity.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.orchestration.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.orchestration.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.orchestration.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.cloudformation.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.cloudformation.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.cloudformation.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.dashboard.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.dashboard.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.dashboard.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.image.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.image.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.image.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.volume.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.volume.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.volume.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.volumev2.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.volumev2.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.volumev2.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.volumev3.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.volumev3.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.volumev3.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.compute.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.compute.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.compute.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.compute_novnc_proxy.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.compute_novnc_proxy.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.compute_novnc_proxy.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.placement.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.placement.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.placement.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.network.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.network.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.network.host_fqdn_override.public.tls.key
+data:
+ osh:
+ object_store:
+ name: swift
+ namespace: ceph
+ hosts:
+ default: ceph-rgw
+ public: radosgw
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: object-store.DOMAIN
+ path:
+ default: /swift/v1/KEY_$(tenant_id)s
+ scheme:
+ default: http
+ # public: "https"
+ port:
+ api:
+ default: 8088
+ # public: 443
+ ceph_object_store:
+ name: radosgw
+ namespace: ceph
+ hosts:
+ default: ceph-rgw
+ public: radosgw
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: object-store.DOMAIN
+ path:
+ default: /auth/v1.0
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8088
+ # public: 443
+ oslo_db:
+ hosts:
+ default: mariadb
+ discovery: mariadb-discovery
+ host_fqdn_override:
+ default: null
+ path: /DB_NAME
+ scheme: mysql+pymysql
+ port:
+ mysql:
+ default: 3306
+ wsrep:
+ default: 4567
+ keystone_oslo_messaging:
+ namespace: openstack
+ hosts:
+ default: keystone-rabbitmq
+ host_fqdn_override:
+ default: null
+ path: /keystone
+ scheme: rabbit
+ port:
+ amqp:
+ default: 5672
+ http:
+ default: 15672
+ keystone_rabbitmq_exporter:
+ namespace: openstack
+ hosts:
+ default: keystone-rabbitmq-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: /metrics
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9095
+ oslo_cache:
+ namespace: openstack
+ hosts:
+ default: memcached
+ host_fqdn_override:
+ default: null
+ port:
+ memcache:
+ default: 11211
+ identity:
+ namespace: openstack
+ name: keystone
+ hosts:
+ default: keystone-api
+ public: keystone
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: identity.DOMAIN
+ path:
+ default: /v3
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ admin:
+ default: 35357
+ api:
+ default: 80
+ # public: 443
+ glance_oslo_messaging:
+ namespace: openstack
+ hosts:
+ default: glance-rabbitmq
+ host_fqdn_override:
+ default: null
+ path: /glance
+ scheme: rabbit
+ port:
+ amqp:
+ default: 5672
+ http:
+ default: 15672
+ glance_rabbitmq_exporter:
+ namespace: openstack
+ hosts:
+ default: glance-rabbitmq-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: /metrics
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9095
+ image:
+ name: glance
+ hosts:
+ default: glance-api
+ public: glance
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: image.DOMAIN
+ path:
+ default: null
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 9292
+ # public: 443
+ image_registry:
+ name: glance-registry
+ hosts:
+ default: glance-registry
+ public: glance-reg
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ scheme:
+ default: "http"
+ port:
+ api:
+ default: 9191
+ public: 80
+ cinder_oslo_messaging:
+ namespace: openstack
+ hosts:
+ default: cinder-rabbitmq
+ host_fqdn_override:
+ default: null
+ path: /cinder
+ scheme: rabbit
+ port:
+ amqp:
+ default: 5672
+ http:
+ default: 15672
+ cinder_rabbitmq_exporter:
+ namespace: openstack
+ hosts:
+ default: cinder-rabbitmq-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: /metrics
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9095
+ volume:
+ name: cinder
+ hosts:
+ default: cinder-api
+ public: cinder
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: volume.DOMAIN
+ path:
+ default: "/v1/%(tenant_id)s"
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8776
+ # public: 443
+ volumev2:
+ name: cinderv2
+ hosts:
+ default: cinder-api
+ public: cinder
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: volume.DOMAIN
+ path:
+ default: "/v2/%(tenant_id)s"
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8776
+ # public: 443
+ volumev3:
+ name: cinderv3
+ hosts:
+ default: cinder-api
+ public: cinder
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: volume.DOMAIN
+ path:
+ default: "/v3/%(tenant_id)s"
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8776
+ # public: 443
+ heat_oslo_messaging:
+ namespace: openstack
+ hosts:
+ default: heat-rabbitmq
+ host_fqdn_override:
+ default: null
+ path: /heat
+ scheme: rabbit
+ port:
+ amqp:
+ default: 5672
+ http:
+ default: 15672
+ heat_rabbitmq_exporter:
+ namespace: openstack
+ hosts:
+ default: heat-rabbitmq-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: /metrics
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9095
+ orchestration:
+ name: heat
+ hosts:
+ default: heat-api
+ public: heat
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: orchestration.DOMAIN
+ path:
+ default: "/v1/%(project_id)s"
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8004
+ # public: 443
+ cloudformation:
+ name: heat-cfn
+ hosts:
+ default: heat-cfn
+ public: cloudformation
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: cloudformation.DOMAIN
+ path:
+ default: /v1
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8000
+ # public: 443
+ cloudwatch:
+ name: heat-cloudwatch
+ hosts:
+ default: heat-cloudwatch
+ public: cloudwatch
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ type: null
+ scheme:
+ default: "http"
+ port:
+ api:
+ default: 8003
+ public: 80
+ neutron_oslo_messaging:
+ namespace: openstack
+ hosts:
+ default: neutron-rabbitmq
+ host_fqdn_override:
+ default: null
+ path: /neutron
+ scheme: rabbit
+ port:
+ amqp:
+ default: 5672
+ http:
+ default: 15672
+ neutron_rabbitmq_exporter:
+ namespace: openstack
+ hosts:
+ default: neutron-rabbitmq-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: /metrics
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9095
+ network:
+ name: neutron
+ hosts:
+ default: neutron-server
+ public: neutron
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: network.DOMAIN
+ path:
+ default: null
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 9696
+ # public: 443
+ nova_oslo_messaging:
+ namespace: openstack
+ hosts:
+ default: nova-rabbitmq
+ host_fqdn_override:
+ default: null
+ path: /nova
+ scheme: rabbit
+ port:
+ amqp:
+ default: 5672
+ http:
+ default: 15672
+ nova_rabbitmq_exporter:
+ namespace: openstack
+ hosts:
+ default: nova-rabbitmq-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: /metrics
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9095
+ compute:
+ name: nova
+ hosts:
+ default: nova-api
+ public: nova
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: compute.DOMAIN
+ path:
+ default: "/v2/%(tenant_id)s"
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8774
+ # public: 443
+ novncproxy:
+ default: 443
+ compute_metadata:
+ name: nova
+ hosts:
+ default: nova-metadata
+ public: metadata
+ host_fqdn_override:
+ default: null
+ path:
+ default: /
+ scheme:
+ default: "http"
+ port:
+ metadata:
+ default: 8775
+ public: 80
+ compute_novnc_proxy:
+ name: nova
+ hosts:
+ default: nova-novncproxy
+ public: novncproxy
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: nova-novncproxy.DOMAIN
+ path:
+ default: /vnc_auto.html
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ novnc_proxy:
+ default: 6080
+ # public: 443
+ compute_spice_proxy:
+ name: nova
+ hosts:
+ default: nova-spiceproxy
+ host_fqdn_override:
+ default: null
+ path:
+ default: /spice_auto.html
+ scheme:
+ default: "http"
+ port:
+ spice_proxy:
+ default: 6082
+ placement:
+ name: placement
+ hosts:
+ default: placement-api
+ public: placement
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: placement.DOMAIN
+ path:
+ default: /
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8778
+ # public: 443
+ dashboard:
+ name: horizon
+ hosts:
+ default: horizon-int
+ public: horizon
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: dashboard.DOMAIN
+ path:
+ default: null
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ web:
+ default: 80
+ # public: 443
+...
+---
+schema: pegleg/EndpointCatalogue/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_infra_endpoints
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+ # substitutions:
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh_infra.kibana.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh_infra.grafana.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh_infra.nagios.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh_infra.kibana.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh_infra.kibana.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh_infra.kibana.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh_infra.grafana.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh_infra.grafana.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh_infra.grafana.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh_infra.nagios.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh_infra.nagios.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh_infra.nagios.host_fqdn_override.public.tls.key
+ # path: .osh_infra.nagios.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .ldap.base_url
+ # dest:
+ # path: .osh_infra.ldap.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .ldap.auth_path
+ # dest:
+ # path: .osh_infra.ldap.path.default
+ # pattern: AUTH_PATH
+data:
+ osh_infra:
+ elasticsearch:
+ name: elasticsearch
+ namespace: osh-infra
+ hosts:
+ data: elasticsearch-data
+ default: elasticsearch-logging
+ discovery: elasticsearch-discovery
+ public: elasticsearch
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ scheme:
+ default: "http"
+ port:
+ http:
+ default: 80
+ prometheus_elasticsearch_exporter:
+ namespace: null
+ hosts:
+ default: elasticsearch-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: /metrics
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9108
+ fluentd:
+ namespace: osh-infra
+ name: fluentd
+ hosts:
+ default: fluentd-logging
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ scheme:
+ default: "http"
+ port:
+ service:
+ default: 24224
+ metrics:
+ default: 24220
+ prometheus_fluentd_exporter:
+ namespace: osh-infra
+ hosts:
+ default: fluentd-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: /metrics
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9309
+ oslo_db:
+ namespace: osh-infra
+ hosts:
+ default: mariadb
+ host_fqdn_override:
+ default: null
+ path: /DB_NAME
+ scheme: mysql+pymysql
+ port:
+ mysql:
+ default: 3306
+ grafana:
+ name: grafana
+ namespace: osh-infra
+ hosts:
+ default: grafana-dashboard
+ public: grafana
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: grafana.DOMAIN
+ path:
+ default: null
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ grafana:
+ default: 3000
+ # public: 443
+ monitoring:
+ name: prometheus
+ namespace: osh-infra
+ hosts:
+ default: prom-metrics
+ public: prometheus
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ scheme:
+ default: "http"
+ port:
+ api:
+ default: 9090
+ public: 80
+ kibana:
+ name: kibana
+ namespace: osh-infra
+ hosts:
+ default: kibana-dash
+ public: kibana
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: kibana.DOMAIN
+ path:
+ default: null
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ kibana:
+ default: 5601
+ # public: 443
+ alerts:
+ name: alertmanager
+ namespace: osh-infra
+ hosts:
+ default: alerts-engine
+ public: alertmanager
+ discovery: alertmanager-discovery
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ scheme:
+ default: "http"
+ port:
+ api:
+ default: 9093
+ public: 80
+ mesh:
+ default: 6783
+ kube_state_metrics:
+ namespace: kube-system
+ hosts:
+ default: kube-state-metrics
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ scheme:
+ default: "http"
+ port:
+ http:
+ default: 8080
+ kube_scheduler:
+ scheme:
+ default: "http"
+ path:
+ default: /metrics
+ kube_controller_manager:
+ scheme:
+ default: "http"
+ path:
+ default: /metrics
+ node_metrics:
+ namespace: kube-system
+ hosts:
+ default: node-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9100
+ prometheus_port:
+ default: 9100
+ prometheus_openstack_exporter:
+ namespace: openstack
+ hosts:
+ default: openstack-metrics
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ scheme:
+ default: "http"
+ port:
+ exporter:
+ default: 9103
+ nagios:
+ name: nagios
+ namespace: osh-infra
+ hosts:
+ default: nagios-metrics
+ public: nagios
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: nagios.DOMAIN
+ path:
+ default: null
+ scheme:
+ default: http
+ # public: https
+ port:
+ http:
+ default: 80
+ # public: 443
+ ldap:
+ hosts:
+ default: ldap
+ host_fqdn_override:
+ default: null
+ public:
+ host: DOMAIN
+ path:
+ default: /AUTH_PATH
+ scheme:
+ default: "ldap"
+ port:
+ ldap:
+ default: 389
+...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
username: prometheus-openstack-exporter
project_name: service
user_domain_name: default
+ nagios:
+ admin:
+ username: nagios
+ ldap:
+ admin:
+ # NEWSITE-CHANGEME: Replace with the site's LDAP account used to
+ # authenticate to the active directory backend to validate keystone
+ # users.
+ bind: "test@ldap.example.com"
...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
path: .
storagePolicy: cleartext
data:
- release_prefix: clcp
+ release_prefix: airship
chart_groups:
- kubernetes-proxy
- kubernetes-container-networking
- ucp-drydock
- ucp-promenade
- ucp-shipyard
-# - artifactory-ceph-config
-# - artifactory-mariadb
-# - artifactory-webapp
-# - jenkins
- osh-infra-ingress-controller
- osh-infra-ceph-config
- osh-infra-logging
- openstack-ceph-config
- openstack-mariadb
- openstack-memcached
- - openstack-compute-services
- openstack-keystone
- - openstack-glance
- openstack-radosgw
+ - openstack-glance
- openstack-cinder
- openstack-compute-kit
- openstack-heat
- osh-infra-prometheus-openstack-exporter
- openstack-horizon
- - openstack-barbican
-
...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: 'drydock/BootAction/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: i40evf_blacklist
+ storagePolicy: 'cleartext'
+ layeringDefinition:
+ abstract: false
+ layer: site
+ labels:
+ application: 'drydock'
+data:
+ signaling: false
+ node_filter:
+ filter_set_type: 'union'
+ filter_set:
+ - filter_type: 'union'
+ assets:
+ - path: /etc/modprobe.d/sriov_blacklist.conf
+ type: file
+ permissions: '644'
+ data_pipeline:
+ - utf8_decode
+ data: |
+ blacklist i40evf
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: 'drydock/BootAction/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: calico-ip-rules
+ storagePolicy: 'cleartext'
+ layeringDefinition:
+ abstract: false
+ layer: site
+ labels:
+ application: 'drydock'
+ substitutions:
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .kubernetes.pod_cidr
+ dest:
+ path: .assets[0].data
+ pattern: DH_SUB_POD_CIDR
+data:
+ signaling: false
+ assets:
+ - path: /etc/systemd/system/configure-ip-rules.service
+ type: unit
+ permissions: '444'
+ data: |-
+ [Unit]
+ Description=IP Rules Initialization Service
+ After=network-online.target local-fs.target
+
+ [Service]
+ Type=simple
+ ExecStart=/opt/configure-ip-rules.sh -g 172.29.1.1 -c 10.98.0.0/16 -s 172.29.1.128/29
+
+ [Install]
+ WantedBy=multi-user.target
+ data_pipeline:
+ - utf8_decode
+ - path: /opt/configure-ip-rules.sh
+ type: file
+ permissions: '700'
+ data_pipeline:
+ - utf8_decode
+ data: |-
+ #!/bin/bash
+ set -ex
+
+ function usage() {
+ cat <<EOU
+ Options are:
+
+ -c POD_CIDR The pod CIDR for the Kubernetes cluster, e.g. 10.98.0.0/16
+ -i INTERFACE The interface for internal pod traffic, e.g. bond1.2006
+ -o OVERLAP_CIDR (optional) This CIDR will be routed via the VRRP IP on
+ INTERFACE. It is used to provide a work around when
+ complete Calico routes cannot be received via BGP.
+ e.g. 10.96.0.0/15. NOTE: This must include the POD_CIDR.
+ -s SERVICE_CIDR (optional) A routable CIDR to configure for ingress, maas,
+ e.g. 135.21.99.192/29
+ EOU
+ }
+
+ SERVICE_CIDR=
+ OVERLAP_CIDR=
+
+ while getopts ":c:hi:o:s:" o; do
+ case "${o}" in
+ c)
+ POD_CIDR=${OPTARG}
+ ;;
+ h)
+ usage
+ exit 0
+ ;;
+ i)
+ INTERFACE=${OPTARG}
+ ;;
+ o)
+ OVERLAP_CIDR=${OPTARG}
+ ;;
+ s)
+ SERVICE_CIDR=${OPTARG}
+ ;;
+ \?)
+ echo "Unknown option: -${OPTARG}" >&2
+ exit 1
+ ;;
+ :)
+ echo "Missing argument for option: -${OPTARG}" >&2
+ exit 1
+ ;;
+ *)
+ echo "Unimplemented option: -${OPTARG}" >&2
+ exit 1
+ ;;
+ esac
+ done
+ shift $((OPTIND-1))
+
+ if [ "x$POD_CIDR" == "x" ]; then
+ echo "Missing pod CIDR, e.g -c 10.98.0.0/16" >&2
+ usage
+ exit 1
+ fi
+
+ if [ "x$INTERFACE" == "x" ]; then
+ echo "Missing interface, e.g. -i bond1.2006" >&2
+ usage
+ exit 1
+ fi
+
+ while ! ip route list dev "${INTERFACE}" > /dev/null; do
+ echo Waiting for device "${INTERFACE}" to be ready. >&2
+ sleep 5
+ done
+
+ intra_vrrp_ip=$(ip route list dev "${INTERFACE}" | awk '($2~/via/){print $3}' | head -n 1)
+
+ TABLE="1500"
+
+ # Setup a routing table for traffic from service IPs
+ ip route flush table "${TABLE}"
+ ip route add default via "${intra_vrrp_ip}" table "${TABLE}"
+
+ if [ "x$OVERLAP_CIDR" != "x" ]; then
+ # NOTE(mb874d): This is a work-around for nodes not receiving complete
+ # routes via BGP. It may also be required for brownfield large sites.
+ ip route add "${OVERLAP_CIDR}" via "${intra_vrrp_ip}"
+ fi
+
+ if [ "x$SERVICE_CIDR" != "x" ]; then
+ # Traffic from the service IPs to pods should use the pod network.
+ ip rule add \
+ from "${SERVICE_CIDR}" \
+ to "${POD_CIDR}" \
+ lookup main \
+ pref 10000
+ # Other traffic from service IPs should only use the VRRP IP
+ ip rule add \
+ from "${SERVICE_CIDR}" \
+ lookup "${TABLE}" \
+ pref 10100
+ fi
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: 'drydock/BootAction/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: promjoin
+ storagePolicy: 'cleartext'
+ layeringDefinition:
+ abstract: false
+ layer: site
+ labels:
+ application: 'drydock'
+data:
+ signaling: false
+ node_filter:
+ filter_set_type: 'union'
+ filter_set:
+ - filter_type: 'union'
+ node_names:
+ - 'aknode41'
+ - 'aknode42'
+ # TODO(alanmeadows) move what is global about this document - everything except nodenames to global
+ assets:
+ - path: /opt/promjoin.sh
+ type: file
+ permissions: '555'
+ # TODO(alanmeadows) You must replace the ip= parameter below with the appropriate MaaS network name of the network
+ # you should use to contact kubernetes in the case below, this is cab24_mgmt
+ location: promenade+http://promenade-api.ucp.svc.cluster.local/api/v1.0/join-scripts?design_ref={{ action.design_ref | urlencode }}&hostname={{ node.hostname }}&ip={{ node.network.calico.ip }}{% for k, v in node.labels.items() %}&labels.dynamic={{ k }}={{ v }}{% endfor %}
+ location_pipeline:
+ - template
+ data_pipeline:
+ - utf8_decode
+ - path: /lib/systemd/system/promjoin.service
+ type: unit
+ permissions: '600'
+ data: |-
+ W1VuaXRdCkRlc2NyaXB0aW9uPVByb21lbmFkZSBJbml0aWFsaXphdGlvbiBTZXJ2aWNlCkFmdGVy
+ PW5ldHdvcmstb25saW5lLnRhcmdldCBsb2NhbC1mcy50YXJnZXQKQ29uZGl0aW9uUGF0aEV4aXN0
+ cz0hL3Zhci9saWIvcHJvbS5kb25lCgpbU2VydmljZV0KVHlwZT1zaW1wbGUKRXhlY1N0YXJ0PS9v
+ cHQvcHJvbWpvaW4uc2gKCltJbnN0YWxsXQpXYW50ZWRCeT1tdWx0aS11c2VyLnRhcmdldAo=
+ data_pipeline:
+ - base64_decode
+ - utf8_decode
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: 'drydock/BaremetalNode/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: aknode41
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ host_profile: ControlPlane
+ # the hostname for a server, could be used in multiple DNS domains to
+ # represent different interfaces
+ addressing:
+ # Which network the address applies to. If a network appears in addressing
+ # that isn't assigned to an interface, design validation will fail
+ - network: oob
+ address: 192.168.41.41
+ - network: pxe
+ # The address assigned. Either a explicit IPv4 or IPv6 address
+ # or dhcp or slaac
+ address: 172.30.2.41
+ - network: oam
+ address: 192.168.2.41
+ - network: storage
+ address: 172.31.2.41
+ - network: overlay
+ address: 10.0.102.41
+ - network: calico
+ address: 172.29.1.41
+ metadata:
+ rack: RACK01
+ tags:
+ - 'masters'
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: 'drydock/BaremetalNode/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: aknode42
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ host_profile: ControlPlane
+ # the hostname for a server, could be used in multiple DNS domains to
+ # represent different interfaces
+ addressing:
+ # Which network the address applies to. If a network appears in addressing
+ # that isn't assigned to an interface, design validation will fail
+ - network: oob
+ address: 192.168.41.42
+ - network: pxe
+ # The address assigned. Either a explicit IPv4 or IPv6 address
+ # or dhcp or slaac
+ address: 172.30.2.42
+ - network: oam
+ address: 192.168.2.42
+ - network: storage
+ address: 172.31.2.42
+ - network: overlay
+ address: 10.0.102.42
+ - network: calico
+ address: 172.29.1.42
+ metadata:
+ rack: RACK01
+ tags:
+ - 'masters'
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: shipyard/DeploymentConfiguration/v1
+metadata:
+ schema: metadata/Document/v1
+ name: deployment-configuration
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ armada:
+ manifest: 'full-site'
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: pegleg/CommonAddresses/v1
+metadata:
+ schema: metadata/Document/v1
+ name: common-addresses
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ calico:
+ ip_autodetection_method: interface=bond0.44
+ etcd:
+ service_ip: 10.96.232.136
+
+ dns:
+ cluster_domain: cluster.local
+ service_ip: 10.96.0.10
+ upstream_servers:
+ - 192.168.2.85
+ - 8.8.8.8
+ - 8.8.8.8
+ upstream_servers_joined: '192.168.2.85,8.8.8.8'
+ ingress_domain: dellgen10.akraino.org
+ genesis:
+ hostname: aknode40
+ ip: 172.29.1.40
+
+ bootstrap:
+ ip: 172.30.2.40
+
+ kubernetes:
+ api_service_ip: 10.96.0.1
+ etcd_service_ip: 10.96.0.2
+ pod_cidr: 10.98.0.0/16
+ service_cidr: 10.96.0.0/15
+ apiserver_port: 6443
+ haproxy_port: 6553
+ service_node_port_range: 30000-32767
+
+ etcd:
+ container_port: 2379
+ haproxy_port: 2378
+
+ masters:
+ - hostname: aknode41
+ - hostname: aknode42
+
+ proxy:
+ http: ""
+ https: ""
+ no_proxy: []
+
+ node_ports:
+ drydock_api: 30000
+ maas_api: 30001
+ maas_proxy: 31800 # hardcoded in MAAS
+ shipyard_api: 30003
+ airflow_web: 30004
+
+ ntp:
+ servers_joined: '0.ubuntu.pool.ntp.org,1.ubuntu.pool.ntp.org,2.ubuntu.pool.ntp.org'
+
+ # Used for FQDN setup/definition
+ domain:
+ url: dellgen10.lab.akraino.org
+
+ ldap:
+ base_url: 'its-a-ldap.example.com'
+ url: 'ldap://its-a-ldap.example.com'
+ auth_path: DC=test,DC=test,DC=com?sAMAccountName?sub?memberof=CN=test,OU=Application,OU=Groups,DC=test,DC=test,DC=com
+ common_name: AP-NC_Test_Users
+ subdomain: testitservices
+ domain: example
+
+ storage:
+ ceph:
+ public_cidr: '172.31.2.0/24'
+ cluster_cidr: '172.31.2.0/24'
+
+ neutron:
+ tunnel_device: 'bond0.45'
+ external_iface: 'bond0'
+
+ openvswitch:
+ external_iface: 'bond0'
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: 'drydock/NetworkLink/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: oob
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ labels:
+ noconfig: enabled
+ bonding:
+ mode: disabled
+ mtu: 9000
+ linkspeed: auto
+ trunking:
+ mode: disabled
+ default_network: oob
+ allowed_networks:
+ - oob
+...
+---
+schema: 'drydock/Network/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: oob
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ cidr: 192.168.41.0/24
+ routes:
+ - subnet: '0.0.0.0/0'
+ gateway: 192.168.41.1
+ ranges:
+ - type: static
+ start: 192.168.41.13
+ end: 192.168.41.254
+...
+---
+schema: 'drydock/NetworkLink/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: pxe
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ bonding:
+ mode: disabled
+ mtu: 9000
+ linkspeed: auto
+ trunking:
+ mode: disabled
+ default_network: pxe
+ allowed_networks:
+ - pxe
+...
+---
+schema: 'drydock/Network/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: pxe
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ cidr: 172.30.2.0/24
+ routes:
+ - subnet: '0.0.0.0/0'
+ gateway: 172.30.2.40
+ ranges:
+ - type: reserved
+ start: 172.30.2.2
+ end: 172.30.2.10
+ - type: static
+ start: 172.30.2.11
+ end: 172.30.2.200
+ - type: dhcp
+ start: 172.30.2.201
+ end: 172.30.2.254
+ dns:
+ domain: lab.akraino.org
+ servers: '192.168.2.85 8.8.8.8 8.8.4.4'
+...
+---
+schema: 'drydock/NetworkLink/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: bond0
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ bonding:
+ mode: 802.3ad
+ hash: layer3+4
+ peer_rate: fast
+ mon_rate: 100
+ up_delay: 1000
+ down_delay: 3000
+ mtu: 9000
+ linkspeed: auto
+ trunking:
+ mode: 802.1q
+ allowed_networks:
+ - oam
+ - storage
+ - overlay
+ - calico
+...
+---
+schema: 'drydock/Network/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: oam
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ vlan: '41'
+ mtu: 9000
+ cidr: 192.168.2.0/24
+ routes:
+ - subnet: '0.0.0.0/0'
+ gateway: 192.168.2.200
+ ranges:
+ - type: reserved
+ start: 192.168.2.84
+ end: 192.168.2.86
+ - type: static
+ start: 192.168.2.40
+ end: 192.168.2.45
+ dns:
+ domain: lab.akraino.org
+ servers: '192.168.2.85 8.8.8.8 8.8.4.4'
+...
+---
+schema: 'drydock/Network/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: storage
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ vlan: '42'
+ mtu: 9000
+ cidr: 172.31.2.0/24
+ ranges:
+ - type: static
+ start: 172.31.2.11
+ end: 172.31.2.254
+...
+---
+schema: 'drydock/Network/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: overlay
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ vlan: '45'
+ mtu: 9000
+ cidr: 10.0.102.0/24
+ ranges:
+ - type: static
+ start: 10.0.102.11
+ end: 10.0.102.254
+...
+---
+schema: 'drydock/Network/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: calico
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ vlan: '44'
+ mtu: 9000
+ cidr: 172.29.1.0/24
+ ranges:
+ - type: static
+ start: 172.29.1.5
+ end: 172.29.1.254
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: promenade/PKICatalog/v1
+metadata:
+ schema: metadata/Document/v1
+ name: cluster-certificates
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ certificate_authorities:
+ kubernetes:
+ description: CA for Kubernetes components
+ certificates:
+ - document_name: apiserver
+ description: Service certificate for Kubernetes apiserver
+ common_name: apiserver
+ hosts:
+ - localhost
+ - 127.0.0.1
+ - 10.96.0.1
+ kubernetes_service_names:
+ - kubernetes.default.svc.cluster.local
+ - document_name: kubelet-genesis
+ common_name: system:node:aknode40
+ hosts:
+ - aknode40
+ - 192.168.2.40
+ - 172.29.1.40
+ - 172.30.2.40
+ groups:
+ - system:nodes
+ - document_name: kubelet-aknode40
+ common_name: system:node:aknode40
+ hosts:
+ - aknode40
+ - 192.168.2.40
+ - 172.29.1.40
+ - 172.30.2.40
+ groups:
+ - system:nodes
+ - document_name: kubelet-aknode41
+ common_name: system:node:aknode41
+ hosts:
+ - aknode41
+ - 192.168.2.41
+ - 172.29.1.41
+ - 172.30.2.41
+ groups:
+ - system:nodes
+ - document_name: kubelet-aknode42
+ common_name: system:node:aknode42
+ hosts:
+ - aknode42
+ - 192.168.2.42
+ - 172.29.1.42
+ - 172.30.2.42
+ groups:
+ - system:nodes
+ - document_name: scheduler
+ description: Service certificate for Kubernetes scheduler
+ common_name: system:kube-scheduler
+ - document_name: controller-manager
+ description: certificate for controller-manager
+ common_name: system:kube-controller-manager
+ - document_name: admin
+ common_name: admin
+ groups:
+ - system:masters
+ - document_name: armada
+ common_name: armada
+ groups:
+ - system:masters
+ kubernetes-etcd:
+ description: Certificates for Kubernetes's etcd servers
+ certificates:
+ - document_name: apiserver-etcd
+ description: etcd client certificate for use by Kubernetes apiserver
+ common_name: apiserver
+ # NOTE(mark-burnett): hosts not required for client certificates
+ - document_name: kubernetes-etcd-anchor
+ description: anchor
+ common_name: anchor
+ - document_name: kubernetes-etcd-genesis
+ common_name: kubernetes-etcd-genesis
+ hosts:
+ - aknode40
+ - 192.168.2.40
+ - 172.29.1.40
+ - 172.30.2.40
+ - 127.0.0.1
+ - localhost
+ - kubernetes-etcd.kube-system.svc.cluster.local
+ - 10.96.0.2
+ - document_name: kubernetes-etcd-aknode40
+ common_name: kubernetes-etcd-aknode40
+ hosts:
+ - aknode40
+ - 192.168.2.40
+ - 172.29.1.40
+ - 172.30.2.40
+ - 127.0.0.1
+ - localhost
+ - kubernetes-etcd.kube-system.svc.cluster.local
+ - 10.96.0.2
+ - document_name: kubernetes-etcd-aknode41
+ common_name: kubernetes-etcd-aknode41
+ hosts:
+ - aknode41
+ - 192.168.2.41
+ - 172.29.1.41
+ - 172.30.2.41
+ - 127.0.0.1
+ - localhost
+ - kubernetes-etcd.kube-system.svc.cluster.local
+ - 10.96.0.2
+ - document_name: kubernetes-etcd-aknode42
+ common_name: kubernetes-etcd-aknode42
+ hosts:
+ - aknode42
+ - 192.168.2.42
+ - 172.29.1.42
+ - 172.30.2.42
+ - 127.0.0.1
+ - localhost
+ - kubernetes-etcd.kube-system.svc.cluster.local
+ - 10.96.0.2
+ kubernetes-etcd-peer:
+ certificates:
+ - document_name: kubernetes-etcd-genesis-peer
+ common_name: kubernetes-etcd-genesis-peer
+ hosts:
+ - aknode40
+ - 192.168.2.40
+ - 172.29.1.40
+ - 172.30.2.40
+ - 127.0.0.1
+ - localhost
+ - kubernetes-etcd.kube-system.svc.cluster.local
+ - 10.96.0.2
+ - document_name: kubernetes-etcd-aknode40-peer
+ common_name: kubernetes-etcd-aknode40-peer
+ hosts:
+ - aknode40
+ - 192.168.2.40
+ - 172.29.1.40
+ - 172.30.2.40
+ - 127.0.0.1
+ - localhost
+ - kubernetes-etcd.kube-system.svc.cluster.local
+ - 10.96.0.2
+ - document_name: kubernetes-etcd-aknode41-peer
+ common_name: kubernetes-etcd-aknode41-peer
+ hosts:
+ - aknode41
+ - 192.168.2.41
+ - 172.29.1.41
+ - 172.30.2.41
+ - 127.0.0.1
+ - localhost
+ - kubernetes-etcd.kube-system.svc.cluster.local
+ - 10.96.0.2
+ - document_name: kubernetes-etcd-aknode42-peer
+ common_name: kubernetes-etcd-aknode42-peer
+ hosts:
+ - aknode42
+ - 192.168.2.42
+ - 172.29.1.42
+ - 172.30.2.42
+ - 127.0.0.1
+ - localhost
+ - kubernetes-etcd.kube-system.svc.cluster.local
+ - 10.96.0.2
+ calico-etcd:
+ description: Certificates for Calico etcd client traffic
+ certificates:
+ - document_name: calico-etcd-anchor
+ description: anchor
+ common_name: anchor
+ - document_name: calico-etcd-aknode40
+ common_name: calico-etcd-aknode40
+ hosts:
+ - aknode40
+ - 192.168.2.40
+ - 172.29.1.40
+ - 172.30.2.40
+ - 127.0.0.1
+ - localhost
+ - 10.96.232.136
+ - document_name: calico-etcd-aknode41
+ common_name: calico-etcd-aknode41
+ hosts:
+ - aknode41
+ - 192.168.2.41
+ - 172.29.1.41
+ - 172.30.2.41
+ - 127.0.0.1
+ - localhost
+ - 10.96.232.136
+ - document_name: calico-etcd-aknode42
+ common_name: calico-etcd-aknode42
+ hosts:
+ - aknode42
+ - 192.168.2.42
+ - 172.29.1.42
+ - 172.30.2.42
+ - 127.0.0.1
+ - localhost
+ - 10.96.232.136
+ - document_name: calico-node
+ common_name: calcico-node
+ calico-etcd-peer:
+ description: Certificates for Calico etcd clients
+ certificates:
+ - document_name: calico-etcd-aknode40-peer
+ common_name: calico-etcd-aknode40-peer
+ hosts:
+ - aknode40
+ - 192.168.2.40
+ - 172.29.1.40
+ - 172.30.2.40
+ - 127.0.0.1
+ - localhost
+ - 10.96.232.136
+ - document_name: calico-etcd-aknode41-peer
+ common_name: calico-etcd-aknode41-peer
+ hosts:
+ - aknode41
+ - 192.168.2.41
+ - 172.29.1.41
+ - 172.30.2.41
+ - 127.0.0.1
+ - localhost
+ - 10.96.232.136
+ - document_name: calico-etcd-aknode42-peer
+ common_name: calico-etcd-aknode42-peer
+ hosts:
+ - aknode42
+ - 192.168.2.42
+ - 172.29.1.42
+ - 172.30.2.42
+ - 127.0.0.1
+ - localhost
+ - 10.96.232.136
+ - document_name: calico-node-peer
+ common_name: calcico-node-peer
+ keypairs:
+ - name: service-account
+ description: Service account signing key for use by Kubernetes controller-manager.
+...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
# limitations under the License. #
##############################################################################
-schema: armada/Chart/v1
+schema: promenade/Genesis/v1
metadata:
schema: metadata/Document/v1
- name: ucp-ceph-update
+ name: genesis-site
layeringDefinition:
abstract: false
layer: site
parentSelector:
- name: ucp-ceph-global
+ name: genesis-global
actions:
- method: replace
- path: .values.conf.storage.osd
+ path: .labels.dynamic
- method: merge
path: .
storagePolicy: cleartext
data:
- values:
- conf:
- storage:
- osd:
-{% for osd in yaml.storage.osds %}
- - data:
- type: block-logical
- location: {{osd.data}}
- journal:
- type: directory
- location: {{osd.journal}}
-{% endfor %}
- pool:
- target:
- osd: {{yaml.storage.osd_count}}
- default:
- crush_rule: replicated_rule
-...
----
-schema: armada/ChartGroup/v1
-metadata:
- schema: metadata/Document/v1
- name: ucp-ceph-update
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data:
- description: Ceph post intall update
- chart_group:
- - ucp-ceph-update
+ labels:
+ dynamic:
+ - beta.kubernetes.io/fluentd-ds-ready=true
+ - calico-etcd=enabled
+ - ceph-mds=enabled
+ - ceph-mon=enabled
+ - ceph-osd=enabled
+ - ceph-rgw=enabled
+ - ceph-mgr=enabled
+ - kube-dns=enabled
+ - kube-ingress=enabled
+ - kubernetes-apiserver=enabled
+ - kubernetes-controller-manager=enabled
+ - kubernetes-etcd=enabled
+ - kubernetes-scheduler=enabled
+ - promenade-genesis=enabled
+ - ucp-control-plane=enabled
+ - maas-control-plane=enabled
+ - ceph-osd-bootstrap=enabled
+ - openstack-libvirt=kernel
+ - openvswitch=enabled
+ - openstack-control-plane=enabled
+ - openstack-nova-compute=enabled
+ - sriov=enabled
...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: 'drydock/HardwareProfile/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: DELL_HP_Generic
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ vendor: DELL
+ generation: '10'
+ hw_version: '3'
+ bios_version: '2.8'
+ boot_mode: bios
+ bootstrap_protocol: pxe
+ pxe_interface: 0
+ device_aliases: {}
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: drydock/HostProfile/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ComputePlane
+ storagePolicy: cleartext
+ labels:
+ hosttype: ComputePlane
+ layeringDefinition:
+ abstract: false
+ layer: site
+ substitutions:
+ - dest:
+ path: .oob.credential
+ src:
+ schema: deckhand/Passphrase/v1
+ name: ipmi_admin_password
+ path: .
+data:
+ hardware_profile: DELL_HP_Generic
+ oob:
+ type: 'ipmi'
+ network: 'oob'
+ account: 'root'
+ primary_network: 'oam'
+ hardware_profile: DELL_HP_Generic
+ interfaces:
+ pxe:
+ device_link: pxe
+ slaves:
+ - 'eno3'
+ networks:
+ - 'pxe'
+ bond0:
+ device_link: bond0
+ slaves:
+ - 'enp94s0f0'
+ - 'enp94s0f1'
+ networks:
+ - 'oam'
+ - 'storage'
+ - 'overlay'
+ - 'calico'
+ p1p1:
+ slaves:
+ - 'sriov_nic01'
+ sriov:
+ vf_count: 32 # Currently ignored
+ trustedmode: false
+ p3p2:
+ slaves:
+ - 'sriov_nic02'
+ sriov:
+ vf_count: 32 # Currently ignored
+ trustedmode: false
+ storage:
+ physical_devices:
+ sdg:
+ labels:
+ bootdrive: 'true'
+ partitions:
+ - name: 'root'
+ size: '20g'
+ filesystem:
+ mountpoint: '/'
+ fstype: 'ext4'
+ mount_options: 'defaults'
+ - name: 'boot'
+ size: '1g'
+ filesystem:
+ mountpoint: '/boot'
+ fstype: 'ext4'
+ mount_options: 'defaults'
+ - name: 'var'
+ size: '>300g'
+ filesystem:
+ mountpoint: '/var'
+ fstype: 'ext4'
+ mount_options: 'defaults'
+ sdh:
+ partitions:
+ - name: 'nova'
+ size: '99%'
+ filesystem:
+ mountpoint: '/var/lib/nova'
+ fstype: 'ext4'
+ mount_options: 'defaults'
+ platform:
+ image: 'xenial'
+ kernel: 'hwe-16.04'
+ kernel_params:
+ console: 'ttyS1,115200n8'
+ intel_iommu: 'on'
+ iommu: 'pt'
+ amd_iommu: 'on'
+ transparent_hugepage: 'never'
+ hugepagesz: 'hardwareprofile:hugepages.dpdk.size'
+ hugepages: 'hardwareprofile:hugepages.dpdk.count'
+ default_hugepagesz: 'hardwareprofile:hugepages.dpdk.size'
+ isolcpus: 'hardwareprofile:cpuset.kvm'
+ metadata:
+ owner_data:
+ openstack-nova-compute: enabled
+ openvswitch: enabled
+ openstack-libvirt: kernel
+ sriov: enabled
+ beta.kubernetes.io/fluentd-ds-ready: 'true'
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: drydock/HostProfile/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ControlPlane
+ storagePolicy: cleartext
+ labels:
+ hosttype: ControlPlane
+ layeringDefinition:
+ abstract: false
+ layer: site
+ substitutions:
+ - dest:
+ path: .oob.credential
+ src:
+ schema: deckhand/Passphrase/v1
+ name: ipmi_admin_password
+ path: .
+data:
+ oob:
+ type: 'ipmi'
+ network: 'oob'
+ account: 'root'
+ primary_network: 'oam'
+ hardware_profile: DELL_HP_Generic
+ interfaces:
+ pxe:
+ device_link: pxe
+ slaves:
+ - 'eno3'
+ networks:
+ - 'pxe'
+ bond0:
+ device_link: bond0
+ slaves:
+ - 'enp94s0f0'
+ - 'enp94s0f1'
+ networks:
+ - 'oam'
+ - 'storage'
+ - 'overlay'
+ - 'calico'
+ p1p1:
+ slaves:
+ - 'sriov_nic01'
+ sriov:
+ vf_count: 32 # Currently ignored
+ trustedmode: false
+ p3p2:
+ slaves:
+ - 'sriov_nic02'
+ sriov:
+ vf_count: 32 # Currently ignored
+ trustedmode: false
+ storage:
+ physical_devices:
+ sdg:
+ labels:
+ bootdrive: 'true'
+ partitions:
+ - name: 'root'
+ size: '20g'
+ filesystem:
+ mountpoint: '/'
+ fstype: 'ext4'
+ mount_options: 'defaults'
+ - name: 'boot'
+ size: '1g'
+ filesystem:
+ mountpoint: '/boot'
+ fstype: 'ext4'
+ mount_options: 'defaults'
+ - name: 'var'
+ size: '100g'
+ filesystem:
+ mountpoint: '/var'
+ fstype: 'ext4'
+ mount_options: 'defaults'
+ sdh:
+ partitions:
+ - name: 'ceph'
+ size: '300g'
+ filesystem:
+ mountpoint: '/var/lib/ceph/journal'
+ fstype: 'ext4'
+ mount_options: 'defaults'
+ platform:
+ image: 'xenial'
+ kernel: 'hwe-16.04'
+ kernel_params:
+ console: 'ttyS1,115200n8'
+ intel_iommu: 'on'
+ iommu: 'pt'
+ amd_iommu: 'on'
+ transparent_hugepage: 'never'
+ hugepagesz: 'hardwareprofile:hugepages.dpdk.size'
+ hugepages: 'hardwareprofile:hugepages.dpdk.count'
+ default_hugepagesz: 'hardwareprofile:hugepages.dpdk.size'
+ isolcpus: 'hardwareprofile:cpuset.kvm'
+ metadata:
+ owner_data:
+ control-plane: enabled
+ ucp-control-plane: enabled
+ openstack-control-plane: enabled
+ openstack-heat: enabled
+ openstack-keystone: enabled
+ openstack-rabbitmq: enabled
+ openstack-dns-helper: enabled
+ openstack-mariadb: enabled
+ openstack-nova-control: enabled
+ openstack-etcd: enabled
+ openstack-mistral: enabled
+ openstack-memcached: enabled
+ openstack-glance: enabled
+ openstack-horizon: enabled
+ openstack-cinder-control: enabled
+ openstack-cinder-volume: control
+ openstack-neutron: enabled
+ openstack-libvirt: kernel
+ openvswitch: enabled
+ openstack-nova-compute: enabled
+ ucp-barbican: enabled
+ ceph-bootstrap: enabled
+ ceph-mon: enabled
+ ceph-mgr: enabled
+ ceph-osd: enabled
+ ceph-mds: enabled
+ ceph-rgw: enabled
+ ucp-maas: enabled
+ kube-dns: enabled
+ kubernetes-apiserver: enabled
+ kubernetes-controller-manager: enabled
+ kubernetes-etcd: enabled
+ kubernetes-scheduler: enabled
+ tiller-helm: enabled
+ kube-etcd: enabled
+ calico-policy: enabled
+ calico-node: enabled
+ calico-etcd: enabled
+ ucp-armada: enabled
+ ucp-drydock: enabled
+ ucp-deckhand: enabled
+ ucp-shipyard: enabled
+ IAM: enabled
+ ucp-promenade: enabled
+ prometheus-server: enabled
+ prometheus-client: enabled
+ fluentd: enabled
+ influxdb: enabled
+ kibana: enabled
+ elasticsearch-client: enabled
+ elasticsearch-master: enabled
+ elasticsearch-data: enabled
+ postgresql: enabled
+ kube-ingress: enabled
+ sriov: enabled
+ beta.kubernetes.io/fluentd-ds-ready: 'true'
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: 'drydock/Region/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: dellgen10
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+ substitutions:
+ - dest:
+ path: .authorized_keys[0]
+ src:
+ schema: deckhand/PublicKey/v1
+ name: localadmin_ssh_public_key
+ path: .
+data:
+ tag_definitions: []
+ authorized_keys: []
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+# self-signed certifacte generated based on
+# https://libvirt.org/remote.html#Remote_certificates
+metadata:
+ layeringDefinition:
+ abstract: false
+ layer: site
+ name: ingress-crt
+ schema: metadata/Document/v1
+ storagePolicy: cleartext
+schema: deckhand/Certificate/v1
+data: |
+ -----BEGIN CERTIFICATE-----
+ MIIFKzCCA5OgAwIBAgIMW2h6FCcFdKeaw3vnMA0GCSqGSIb3DQEBCwUAMBIxEDAO
+ BgNVBAMTB0FpcnNoaXAwHhcNMTgwODA2MTY0MDUyWhcNMTkwODA2MTY0MDUyWjBJ
+ MTUwMwYDVQQDEyxpbmdyZXNzLmFpcnNoaXAtc2Vhd29ydGh5LmF0bGFudGFmb3Vu
+ ZHJ5LmNvbTEQMA4GA1UEChMHQWlyc2hpcDCCAaIwDQYJKoZIhvcNAQEBBQADggGP
+ ADCCAYoCggGBALvNHm/G/ylh6aPcvrhOcb4qz1BjcNtnxH8bzZng/rMeX3W2AzjC
+ r2JloJcDvOLBp/TkLOZPImnFW2/GCwktxPgXZuBTPzFV50g77KsPFw0fn3Si7+bs
+ F22tLhdOGk6MQj/WW4pKGHqdw1/VbPwOHBT+I4/scR1L2SZxYtSFIKGenHJH+PMV
+ bCdwnNOR80F8KRzK5iZs/r6S/QqVheieARSWWnk2+TtkM1BloGOhLSd+ZkWh9VO1
+ eOnZowkaDAJwD/G6zoSr5n+beaXzDnEcoVXFSwd4FLoV+om77o92XmZ4rVw0vTMO
+ k6jVwmkdT+dM2K2hLUG/TXWoV2/Qms70gzDOs85RtAkTPe4Ohtdpr51Q0hd35TKG
+ YLKzX/OPblD68iYJYSBvMPpAVTbFYVPW1AQx8wWfannYbMoeL8XTEOKfkqm90YP9
+ EhIdtmw4D7GZxlzG5FXXutmT9sqLfqlRu/RynAhBP8NQvw74WumhOe8r7GhCwgzC
+ gaPLGjeekoS6LQIDAQABo4IBSDCCAUQwDAYDVR0TAQH/BAIwADCBzQYDVR0RBIHF
+ MIHCgixpbmdyZXNzLmFpcnNoaXAtc2Vhd29ydGh5LmF0bGFudGFmb3VuZHJ5LmNv
+ bYIta2V5c3RvbmUuYWlyc2hpcC1zZWF3b3J0aHkuYXRsYW50YWZvdW5kcnkuY29t
+ gilub3ZhLmFpcnNoaXAtc2Vhd29ydGh5LmF0bGFudGFmb3VuZHJ5LmNvbYIsaG9y
+ aXpvbi5haXJzaGlwLXNlYXdvcnRoeS5hdGxhbnRhZm91bmRyeS5jb22HBAoXFQuH
+ BAoXFgswEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0PAQH/BAUDAwegADAdBgNV
+ HQ4EFgQUfTAjNgn/1U1Uh1MJDYT2m4dzhsYwHwYDVR0jBBgwFoAUJFuXPZo6RzfE
+ BlJjnnk5jhcP4wIwDQYJKoZIhvcNAQELBQADggGBAE2ISWmrxqrledJI3aLaS9Yw
+ WsZc8O8CnIyLoxrE85vUubFjuI9ixC/6dJxl2iB1n0H8JgmFREox32Q4+kDJI8V/
+ X9x0PFpRzL7QEPrLZhW94Yis3sOphLW0rf0t06ZepdHHeodYJu1pVMDmLq6bKXdX
+ vo+/WwKnZBXC1qPbXJByv/CN9MtViXOnBGORFRTJPb6U8379LNWclJ/LW12yTwNk
+ JGIbZU61Vxu+2nLIabmmRoODH2jomgMOMMzLgjT3Hvw3whe8GrUoxDiPYQVTDGNm
+ ly6m+5B1Nx06fkZazonozeaOhSQ7RblUSbo+w8TJmLRzD9ft7p4vpjBGxRADMcuF
+ DOjATgdZeisBUHTGEO0P6wJOBQuCFMX9AVl+u8ZpcuRaRaN+pBE6/BqcHBB6qV/N
+ w2DdNtP8BrJ3kJVNEDIo5oTbH5SToxgA4hWBV42M1rB+5vIMDKN3rwVDdNKWYhYc
+ VZpU3V9V6JzSW1O2w4Wu9PdbWJD9oSvC0qJgnjOXzg==
+ -----END CERTIFICATE-----
+...
+---
+metadata:
+ layeringDefinition:
+ abstract: false
+ layer: site
+ name: ingress-ca
+ schema: metadata/Document/v1
+ storagePolicy: cleartext
+schema: deckhand/CertificateAuthority/v1
+data: |
+ -----BEGIN CERTIFICATE-----
+ MIID7TCCAlWgAwIBAgIMW2h3tgSwie0Ypx8eMA0GCSqGSIb3DQEBCwUAMBIxEDAO
+ BgNVBAMTB0FpcnNoaXAwHhcNMTgwODA2MTYzMDQ2WhcNMTkwODA2MTYzMDQ2WjAS
+ MRAwDgYDVQQDEwdBaXJzaGlwMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKC
+ AYEAny0Nqu9U2tXdCCTNzD2T62htMmBLg3CmzWajfbfFl7ALqzo3HgbbY3PxTHDE
+ OJ/lwdm0HkEaGfEDXhJd06WZsa8+fKGqhKXvZXwXx5mJ8LCGxz6xiaxwo9lnKe6V
+ o3YX7bJ5YIVxQ2jhvZo+dY8Z/buloi2Tp2HbqTejKULH9+qdiQTDXAnyR0NLqzJ0
+ YQ4v4yU3zix3nBi8z29lQekGO9quNEka3nw2n0Gxmq5z1bNALGCF5F759mVkB0uT
+ fPGF+zm9eqlqAgduYg7R+JYUumVHvIoRY454GtAdZHTJHJZP0gQSGJsLff8ROFpI
+ GVYsOZhJXU9Ihc5VBC5PMErbmCn0YkuxAWNOYBstZ8l+uY6YiPoFV5Ulc/8M0If+
+ T6jbqzWoFC+4ysgY95RKOw53S4o/T6AFwiIKIw0xp3UfHCf6kr5Y0+XdDn5CXpJB
+ d1KK3PoUWzPSsxcUMXvgKWT4x1vsCId21dn1SmVSOEBhM08VZfjd5bvL9Xjt/E0j
+ mUqDAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcEADAd
+ BgNVHQ4EFgQUJFuXPZo6RzfEBlJjnnk5jhcP4wIwDQYJKoZIhvcNAQELBQADggGB
+ AJaoEtnDoWUUs4nSSqIGcoCfpIO0oqVp8DvkBOcxz5Rz8vMVJSC24/UnuCD2Wknx
+ 2V/E3edXIeRo7duhPtNCT7c8OKY/pJsZQTgOczn4rphoD1pmAIPZmpG6ssPadPiM
+ EP8xWJHZt8NXG7D5kJX2COvBvgNeWXL6MF7Tv8+t5xzt59Vitdb/7lm9Z6jjpvN+
+ zoG0pKx3XYESsnLAVAf00F+kWwds/3x3gQywUAQUDER0jliYUE5id+sojp357Cl9
+ XtY+8zSnTduuP8CfMhwv5p6j9xbqacfT7AzpQ6cy4xcQ7MA6JBQcxbaq4NtvIf6+
+ d/5N9d8LGnfXdCd9iwNy9Qk23Ea0SNhnk9F/NqGBPakU4TbHh4iTYMC/+hDGInpO
+ TIRelTidNBFNaIBg3Z0vsh0lDwbt/xhpXip+ZVBqKMTtktEceiVGru9cYUQA2tKI
+ XNoc5s0uQGMpdFzgED4lXZf+n7yGVMKohvi7Yn96HqujGIrVH6qThsI6m7pUSz40
+ +g==
+ -----END CERTIFICATE-----
+...
+---
+metadata:
+ layeringDefinition:
+ abstract: false
+ layer: site
+ name: ingress-key
+ schema: metadata/Document/v1
+ storagePolicy: cleartext
+schema: deckhand/CertificateKey/v1
+data: |
+ -----BEGIN RSA PRIVATE KEY-----
+ MIIG4wIBAAKCAYEAu80eb8b/KWHpo9y+uE5xvirPUGNw22fEfxvNmeD+sx5fdbYD
+ OMKvYmWglwO84sGn9OQs5k8iacVbb8YLCS3E+Bdm4FM/MVXnSDvsqw8XDR+fdKLv
+ 5uwXba0uF04aToxCP9ZbikoYep3DX9Vs/A4cFP4jj+xxHUvZJnFi1IUgoZ6cckf4
+ 8xVsJ3Cc05HzQXwpHMrmJmz+vpL9CpWF6J4BFJZaeTb5O2QzUGWgY6EtJ35mRaH1
+ U7V46dmjCRoMAnAP8brOhKvmf5t5pfMOcRyhVcVLB3gUuhX6ibvuj3ZeZnitXDS9
+ Mw6TqNXCaR1P50zYraEtQb9NdahXb9CazvSDMM6zzlG0CRM97g6G12mvnVDSF3fl
+ MoZgsrNf849uUPryJglhIG8w+kBVNsVhU9bUBDHzBZ9qedhsyh4vxdMQ4p+Sqb3R
+ g/0SEh22bDgPsZnGXMbkVde62ZP2yot+qVG79HKcCEE/w1C/Dvha6aE57yvsaELC
+ DMKBo8saN56ShLotAgMBAAECggGAYzZDhA1+sx/0zApL/xYB5NK83t0Ju/8fwX6w
+ qUBBjeLXz1mubgf7m2HQ6ragzLI9xpPcXHcl2PbYDT50ig7R5baHNK8FzUxyeKif
+ qOa56Mbx+C4zyqyi2+AHX2x1XVWfkhXuGip2sCA0HKalgqr5juWLZ/ci8rUlLLft
+ 3BPQX1FpmL4I+HIyxsspLmQGPGwZVAqkd1xRX+BLKZJAQdlm/LdJaIvwMr4Glcx6
+ ZOe68QhHgzXCYsyV6gR9qstF2OvVuLa2mUc7EzYInFIFhXUdAAwmDqkuuLRdRQhf
+ Ur8nqQW33T0cG0GBUzgBI5YmSPJvTSzcPmeSyNVx2/Yb0pkuXtCw67oDcAsN4nW8
+ uls49E2RaiLJYsy5vPsX5aJNcAxw/CWLdadQ3ukviD/MDJbpTl4F52GOVYL6K4XH
+ g5TJjj7xzjmK3ldR/Kscg7HpCitQLGUYdgIsAFdspXf4aSIa68IjDrc5NsJZuMzc
+ PbVHrw7QYNfHY7VNdUlOVqH5lS3BAoHBANRqKrQXtnJmM006TCEJXdcN/5M685jz
+ +L4Ox0Rhrq8ROgcN5q/hjKb6kP/MccQ9voGQOl9TKEyinGNdTtyc/fuH7RNlQwpS
+ HT+vEzVEcrSe8UFs8c6oJnHFO72ylFcibFf56LvbI3L8BZXp7gPSPQkp5f1NWEZk
+ X5bUL4UNiOm0diltba/ofxywF0M9WGD00eqi0Q29JRlvun+355j06CENxRoonNZC
+ wk1evIxhhckP9zLjI2Ykb1hV6yzwPWtmyQKBwQDiVgru/B396KhzDhLl5AL+pBWA
+ GsfiCbmPLh6W6V5VzldB4+GlMRrJ4zSjZQ3/nvX5KepqjMn1N6LQpZQUI/YShCKE
+ mW0XMiAfbp2d23MRMjLD8L/bIoBHQOPkCaMjbmyDOlCagWakEvHJO/TieVgTmYk6
+ mtEYVjJFWI9OCNMAHdl8ovWr3p+8YbVZ8LLv5ZO/V1cIjczoNQ6p8LG/pPMTDLXM
+ ScN9a8z3f8LQLBHBlu0155xvt95PQLAon/x21kUCgcAvPVk36hoiQQZhw3hQ1JNx
+ E2TmanLobkHAiurYE11VA+DC1t2Z+fBc5la+/MnEWfL3P4srzgOlX3imRIcYWzXE
+ 7crUyG1ray2kDxyXeRyFfN+srDzut8is/q81lfSVmEs+GY8f0DGHDfN0Dq1nXidC
+ 1XWXqs7aANKdaZ0T2xm61+57ciG1wGAckjDqPEdecLQKmaEijBEnIgj5BH5WLwk8
+ 6KIQGj4fDIPHzyzhj4LAX3ObdpZVzf6RR7JgsSEHtLkCgcBROW2dDC87MqZY++D+
+ TVBhz8LDgVjgHntQDc3+fGtVQcKAq+YLYU7qyrXWOWrHpGVDcK5mZHYJoVi1peY5
+ QBqL1I2KpoDGxT9P6GN6BgoKTsh3FsvTOVNtvrTJ3keEbJlWkrPgbrXGBeJtRC4C
+ pGdeSUg9FtgY8r4BsuFisLoAHbYyC008y5zpfusVBtNAUlQuY4qhUDoLzxafF/jB
+ /NEasgH/+SzFss0QuPHRwS7yGVaxdJfoY8TNDjrpqVhx0T0CgcEAvKG4UoWvT8gJ
+ pIeeAxxnv9yrMxgpntu4RXPDHgfX5tva6EaM3r3nLXjd9FVtlQ4cNBMhp9HNhS3a
+ dK+oEDcBysVxxfltlS2Bx0+gQf3WxgBCJwayKe3i/XCDza92EENgxTPmqB1LHiq5
+ 2b5aOl2Y5fP0eX6UryxRc443c/ejMHw4lGwnno0qpRk9M9Ucqv5J96QCfAlBSQQS
+ gOG9cypL0kBWzCejn9W4av8HkM8Noqd7Tqul1onv/46OBaX51kt3
+ -----END RSA PRIVATE KEY-----
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ceph_fsid
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 3e2a3755-863a-423b-bf19-e8b5bf7f3d95
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_infra_addons_jenkins_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 0ca991324505e13f7a77
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_keystone_ldap_mechid_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 5aacc198d8a1edeff4a8
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_oslo_cache_secret_key
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 083d87906595da201c0b
+...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
schema: deckhand/PublicKey/v1
metadata:
schema: metadata/Document/v1
- name: localadmin_ssh_public_key
+ name: localadmin_ssh_public_key
layeringDefinition:
abstract: false
layer: site
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: pegleg/SiteDefinition/v1
+metadata:
+ schema: metadata/Document/v1
+ layeringDefinition:
+ abstract: false
+ layer: site
+ name: dellgen10
+ storagePolicy: cleartext
+data:
+ revision: v4.0
+ site_type: foundry
+...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
asnumber: 65531
ipv4:
additional_cidrs:
- - 172.29.1.136/29
+ - 172.29.1.128/29
peers:
- apiVersion: v1
kind: bgpPeer
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: kubernetes-calico-etcd
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: kubernetes-calico-etcd-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+ substitutions:
+
+ # Chart source
+ - src:
+ schema: pegleg/SoftwareVersions/v1
+ name: software-versions
+ path: .charts.kubernetes.calico.etcd
+ dest:
+ path: .source
+
+ # Image versions
+ - src:
+ schema: pegleg/SoftwareVersions/v1
+ name: software-versions
+ path: .images.calico.etcd
+ dest:
+ path: .values.images.tags
+
+ # IP addresses
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .calico.etcd.service_ip
+ dest:
+ path: .values.service.ip
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .calico.etcd.service_ip
+ dest:
+ path: .values.anchor.etcdctl_endpoint
+
+ # CAs
+ - src:
+ schema: deckhand/CertificateAuthority/v1
+ name: calico-etcd
+ path: .
+ dest:
+ path: .values.secrets.tls.client.ca
+ - src:
+ schema: deckhand/CertificateAuthority/v1
+ name: calico-etcd-peer
+ path: .
+ dest:
+ path: .values.secrets.tls.peer.ca
+
+ # Anchor client cert
+ - src:
+ schema: deckhand/Certificate/v1
+ name: calico-etcd-anchor
+ path: .
+ dest:
+ path: .values.secrets.anchor.tls.cert
+ - src:
+ schema: deckhand/CertificateKey/v1
+ name: calico-etcd-anchor
+ path: .
+ dest:
+ path: .values.secrets.anchor.tls.key
+
+ # Node names
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .masters[0].hostname
+ dest:
+ path: .values.nodes[0].name
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .masters[1].hostname
+ dest:
+ path: .values.nodes[1].name
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .genesis.hostname
+ dest:
+ path: .values.nodes[2].name
+
+ # Server certs
+ - src:
+ schema: deckhand/Certificate/v1
+ name: calico-etcd-aknode41
+ path: .
+ dest:
+ path: .values.nodes[0].tls.client.cert
+ - src:
+ schema: deckhand/CertificateKey/v1
+ name: calico-etcd-aknode41
+ path: .
+ dest:
+ path: .values.nodes[0].tls.client.key
+ - src:
+ schema: deckhand/Certificate/v1
+ name: calico-etcd-aknode41-peer
+ path: .
+ dest:
+ path: .values.nodes[0].tls.peer.cert
+ - src:
+ schema: deckhand/CertificateKey/v1
+ name: calico-etcd-aknode41-peer
+ path: .
+ dest:
+ path: .values.nodes[0].tls.peer.key
+ - src:
+ schema: deckhand/Certificate/v1
+ name: calico-etcd-aknode42
+ path: .
+ dest:
+ path: .values.nodes[1].tls.client.cert
+ - src:
+ schema: deckhand/CertificateKey/v1
+ name: calico-etcd-aknode42
+ path: .
+ dest:
+ path: .values.nodes[1].tls.client.key
+ - src:
+ schema: deckhand/Certificate/v1
+ name: calico-etcd-aknode42-peer
+ path: .
+ dest:
+ path: .values.nodes[1].tls.peer.cert
+ - src:
+ schema: deckhand/CertificateKey/v1
+ name: calico-etcd-aknode42-peer
+ path: .
+ dest:
+ path: .values.nodes[1].tls.peer.key
+
+ # NOTE(mb874d): Be sure we generate these certs for genesis.
+ - src:
+ schema: deckhand/Certificate/v1
+ name: calico-etcd-aknode40
+ path: .
+ dest:
+ path: .values.nodes[2].tls.client.cert
+ - src:
+ schema: deckhand/CertificateKey/v1
+ name: calico-etcd-aknode40
+ path: .
+ dest:
+ path: .values.nodes[2].tls.client.key
+ - src:
+ schema: deckhand/Certificate/v1
+ name: calico-etcd-aknode40-peer
+ path: .
+ dest:
+ path: .values.nodes[2].tls.peer.cert
+ - src:
+ schema: deckhand/CertificateKey/v1
+ name: calico-etcd-aknode40-peer
+ path: .
+ dest:
+ path: .values.nodes[2].tls.peer.key
+
+data:
+ values:
+ manifests:
+ test_etcd_health: false
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: coredns
+ replacement: true
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: coredns-global
+ actions:
+ - method: replace
+ path: .values.conf.coredns.corefile
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+ substitutions:
+ # Zones
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .dns.cluster_domain
+ dest:
+ path: .values.conf.coredns.corefile
+ pattern: '(CLUSTER_DOMAIN)'
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .kubernetes.service_cidr
+ dest:
+ path: .values.conf.coredns.corefile
+ pattern: '(SERVICE_CIDR)'
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .kubernetes.pod_cidr
+ dest:
+ path: .values.conf.coredns.corefile
+ pattern: '(POD_CIDR)'
+
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .dns.upstream_servers[0]
+ dest:
+ path: .values.conf.coredns.corefile
+ pattern: '(UPSTREAM1)'
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .dns.upstream_servers[1]
+ dest:
+ path: .values.conf.coredns.corefile
+ pattern: '(UPSTREAM2)'
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .dns.upstream_servers[2]
+ dest:
+ path: .values.conf.coredns.corefile
+ pattern: '(UPSTREAM3)'
+data:
+ values:
+ conf:
+ coredns:
+ # TODO(alanmeadows) this needs to be adjusted to use substition
+ corefile: |
+ .:53 {
+ errors
+ health
+ autopath @kubernetes
+ kubernetes CLUSTER_DOMAIN SERVICE_CIDR POD_CIDR {
+ pods insecure
+ fallthrough in-addr.arpa ip6.arpa
+ upstream UPSTREAM1
+ upstream UPSTREAM2
+ upstream UPSTREAM3
+ }
+ prometheus :9153
+ proxy . UPSTREAM1
+ proxy . UPSTREAM2
+ proxy . UPSTREAM3
+ cache 30
+ }
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: kubernetes-etcd
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: kubernetes-etcd-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+ substitutions:
+
+ # Chart source
+ - src:
+ schema: pegleg/SoftwareVersions/v1
+ name: software-versions
+ path: .charts.kubernetes.etcd
+ dest:
+ path: .source
+
+ # Images
+ - src:
+ schema: pegleg/SoftwareVersions/v1
+ name: software-versions
+ path: .images.kubernetes.etcd
+ dest:
+ path: .values.images.tags
+
+ # IP addresses
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .kubernetes.etcd_service_ip
+ dest:
+ path: .values.service.ip
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .kubernetes.etcd_service_ip
+ dest:
+ path: .values.anchor.etcdctl_endpoint
+
+ # CAs
+ - src:
+ schema: deckhand/CertificateAuthority/v1
+ name: kubernetes-etcd
+ path: .
+ dest:
+ path: .values.secrets.tls.client.ca
+ - src:
+ schema: deckhand/CertificateAuthority/v1
+ name: kubernetes-etcd-peer
+ path: .
+ dest:
+ path: .values.secrets.tls.peer.ca
+
+ - src:
+ schema: deckhand/Certificate/v1
+ name: kubernetes-etcd-anchor
+ path: .
+ dest:
+ path: .values.secrets.anchor.tls.cert
+ - src:
+ schema: deckhand/CertificateKey/v1
+ name: kubernetes-etcd-anchor
+ path: .
+ dest:
+ path: .values.secrets.anchor.tls.key
+
+ # Node names
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .masters[0].hostname
+ dest:
+ path: .values.nodes[0].name
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .masters[1].hostname
+ dest:
+ path: .values.nodes[1].name
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .genesis.hostname
+ dest:
+ path: .values.nodes[2].name
+
+ # Server certs
+ - src:
+ schema: deckhand/Certificate/v1
+ name: kubernetes-etcd-aknode41
+ path: .
+ dest:
+ path: .values.nodes[0].tls.client.cert
+ - src:
+ schema: deckhand/CertificateKey/v1
+ name: kubernetes-etcd-aknode41
+ path: .
+ dest:
+ path: .values.nodes[0].tls.client.key
+ - src:
+ schema: deckhand/Certificate/v1
+ name: kubernetes-etcd-aknode41-peer
+ path: .
+ dest:
+ path: .values.nodes[0].tls.peer.cert
+ - src:
+ schema: deckhand/CertificateKey/v1
+ name: kubernetes-etcd-aknode41-peer
+ path: .
+ dest:
+ path: .values.nodes[0].tls.peer.key
+ - src:
+ schema: deckhand/Certificate/v1
+ name: kubernetes-etcd-aknode42
+ path: .
+ dest:
+ path: .values.nodes[1].tls.client.cert
+ - src:
+ schema: deckhand/CertificateKey/v1
+ name: kubernetes-etcd-aknode42
+ path: .
+ dest:
+ path: .values.nodes[1].tls.client.key
+ - src:
+ schema: deckhand/Certificate/v1
+ name: kubernetes-etcd-aknode42-peer
+ path: .
+ dest:
+ path: .values.nodes[1].tls.peer.cert
+ - src:
+ schema: deckhand/CertificateKey/v1
+ name: kubernetes-etcd-aknode42-peer
+ path: .
+ dest:
+ path: .values.nodes[1].tls.peer.key
+
+ # Genesis node
+ - src:
+ schema: deckhand/Certificate/v1
+ name: kubernetes-etcd-genesis
+ path: .
+ dest:
+ path: .values.nodes[2].tls.client.cert
+ - src:
+ schema: deckhand/CertificateKey/v1
+ name: kubernetes-etcd-genesis
+ path: .
+ dest:
+ path: .values.nodes[2].tls.client.key
+ - src:
+ schema: deckhand/Certificate/v1
+ name: kubernetes-etcd-genesis-peer
+ path: .
+ dest:
+ path: .values.nodes[2].tls.peer.cert
+ - src:
+ schema: deckhand/CertificateKey/v1
+ name: kubernetes-etcd-genesis-peer
+ path: $
+ dest:
+ path: .values.nodes[2].tls.peer.key
+
+data: {}
+...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: elasticsearch
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ hosttype: elasticsearch-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data: {}
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: fluent-logging
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ hosttype: fluent-logging-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data: {}
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: neutron
+ replacement: true
+ labels:
+ component: neutron
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: neutron-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data:
+ values:
+ labels:
+ agent:
+ sriov:
+ node_selector_key: sriov
+ node_selector_value: enabled
+ network:
+ backend:
+ - openvswitch
+ - sriov
+ interface:
+ sriov:
+ - device: enp135s0f0
+ num_vfs: 32
+ promisc: false
+ - device: enp135s0f1
+ num_vfs: 32
+ promisc: false
+ conf:
+ plugins:
+ openvswitch_agent:
+ ovs:
+ bridge_mappings: bond0:br-bond0
+ sriov_agent:
+ securitygroup:
+ firewall_driver: neutron.agent.firewall.NoopFirewallDriver
+ sriov_nic:
+ exclude_devices: null
+ physical_device_mappings: 'sriovnet1:enp135s0f0,sriovnet2:enp135s0f1'
+ ml2_conf:
+ ml2:
+ mechanism_drivers: l2population,openvswitch,sriovnicswitch
+ ml2_type_vlan:
+ network_vlan_ranges: bond0:46:300,sriovnet1:2001:3000,sriovnet2:2001:3000
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: nova
+ labels:
+ component: nova
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: nova-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data:
+ values:
+ network:
+ backend:
+ - openvswitch
+ - sriov
+ conf:
+ nova:
+ filter_scheduler:
+ enabled_filters: "RetryFilter, AvailabilityZoneFilter, RamFilter, ComputeFilter, ComputeCapabilitiesFilter, ImagePropertiesFilter, ServerGroupAntiAffinityFilter, ServerGroupAffinityFilter, PciPassthroughFilter, NUMATopologyFilter, DifferentHostFilter, SameHostFilter"
+ libvirt:
+ virt_type: kvm
+ DEFAULT:
+ vcpu_pin_set: "4-21,26-43,48-65,72-87"
+ vif_plugging_is_fatal: False
+ vif_plugging_timeout: 30
+ pci:
+ alias: '{ "vendor_id":"10de", "product_id":"1db4", "name":"V100", "device_type":"type-PCI" }'
+ passthrough_whitelist: '{"vendor_id": "10de", "product_id": "1db4"}'
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp-ceph-client-update
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: ucp-ceph-client-update-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data:
+ values:
+ conf:
+ pool:
+ target:
+ osd: 18
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp-ceph-client
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: ucp-ceph-client-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data:
+ values:
+ conf:
+ pool:
+ target:
+ osd: 6
+...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
- name: ucp-ceph-update
+ name: ucp-ceph-osd
layeringDefinition:
abstract: false
layer: site
parentSelector:
- name: ucp-ceph-global
+ name: ucp-ceph-osd-global
actions:
- method: replace
path: .values.conf.storage.osd
conf:
storage:
osd:
+ - data:
+ type: block-logical
+ location: /dev/sda
+ journal:
+ type: directory
+ location: /var/lib/ceph/journal/journal-sda
- data:
type: block-logical
location: /dev/sdb
journal:
type: directory
location: /var/lib/ceph/journal/journal-sdf
- - data:
- type: block-logical
- location: /dev/sdg
- journal:
- type: directory
- location: /var/lib/ceph/journal/journal-sdg
- - data:
- type: block-logical
- location: /dev/sdh
- journal:
- type: directory
- location: /var/lib/ceph/journal/journal-sdh
- - data:
- type: block-logical
- location: /dev/sdi
- journal:
- type: directory
- location: /var/lib/ceph/journal/journal-sdi
- pool:
- target:
- osd: 24
- default:
- crush_rule: replicated_rule
-...
----
-schema: armada/ChartGroup/v1
-metadata:
- schema: metadata/Document/v1
- name: ucp-ceph-update
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data:
- description: Ceph post intall update
- chart_group:
- - ucp-ceph-update
...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp-divingbell
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: ucp-divingbell-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+ substitutions:
+ - dest:
+ path: .values.conf.uamlite.users[0].user_sshkeys[0]
+ src:
+ schema: deckhand/PublicKey/v1
+ name: localadmin_ssh_public_key
+ path: .
+
+data:
+ values:
+ conf:
+ uamlite:
+ users:
+ - user_name: localadmin
+ user_sudo: true
+ user_sshkeys: []
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp-maas
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: ucp-maas-global
+ actions:
+ - method: replace
+ path: .values.conf.maas.proxy
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data:
+ values:
+ conf:
+ maas:
+ ntp:
+ disable_ntpd_region: true
+ disable_ntpd_rack: true
+ images:
+ default_os: 'ubuntu'
+ default_image: 'xenial'
+ default_kernel: 'hwe-16.04'
+ proxy:
+ proxy_enabled: 'false'
+ peer_proxy_enabled: false
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp-promenade
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: ucp-promenade-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data:
+ values:
+ pod:
+ env:
+ promenade_api:
+ - name: no_proxy
+ value: localhost,127.0.0.1,192.168.0.0/16,172.0.0.0/8,10.0.0.0/8
+ - name: NO_PROXY
+ value: localhost,127.0.0.1,192.168.0.0/16,172.0.0.0/8,10.0.0.0/8
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: pegleg/CommonSoftwareConfig/v1
+metadata:
+ schema: metadata/Document/v1
+ name: common-software-config
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ osh:
+ region_name: RegionOne
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: pegleg/EndpointCatalogue/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_endpoints
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+ # substitutions:
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .ucp.identity.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .ucp.shipyard.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .ceph.object_store.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .ceph.ceph_object_store.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .ceph.object_store.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .ceph.object_store.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .ceph.object_store.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .ceph.ceph_object_store.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .ceph.ceph_object_store.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .ceph.ceph_object_store.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .ucp.identity.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .ucp.identity.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .ucp.identity.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .ucp.shipyard.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .ucp.shipyard.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .ucp.shipyard.host_fqdn_override.public.tls.key
+data:
+ ucp:
+ identity:
+ namespace: ucp
+ name: keystone
+ hosts:
+ default: keystone-api
+ public: keystone
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: iam.DOMAIN
+ path:
+ default: /v3
+ scheme:
+ default: http
+ # public: https
+ port:
+ admin:
+ default: 35357
+ api:
+ default: 80
+ public: 80
+ armada:
+ name: armada
+ hosts:
+ default: armada-api
+ public: armada
+ port:
+ api:
+ default: 8000
+ path:
+ default: /api/v1.0
+ scheme:
+ default: http
+ host_fqdn_override:
+ default: null
+ deckhand:
+ name: deckhand
+ hosts:
+ default: deckhand-int
+ public: deckhand-api
+ port:
+ api:
+ default: 9000
+ path:
+ default: /api/v1.0
+ scheme:
+ default: http
+ host_fqdn_override:
+ default: null
+ postgresql:
+ name: postgresql
+ hosts:
+ default: postgresql
+ path: /DB_NAME
+ scheme: postgresql+psycopg2
+ port:
+ postgresql:
+ default: 5432
+ host_fqdn_override:
+ default: null
+ postgresql_airflow_celery:
+ name: postgresql_airflow_celery_db
+ hosts:
+ default: postgresql
+ path: /DB_NAME
+ scheme: db+postgresql
+ port:
+ postgresql:
+ default: 5432
+ host_fqdn_override:
+ default: null
+ oslo_db:
+ hosts:
+ default: mariadb
+ discovery: mariadb-discovery
+ host_fqdn_override:
+ default: null
+ path: /DB_NAME
+ scheme: mysql+pymysql
+ port:
+ mysql:
+ default: 3306
+ wsrep:
+ default: 4567
+ key_manager:
+ name: barbican
+ hosts:
+ default: barbican-api
+ public: barbican
+ host_fqdn_override:
+ default: null
+ path:
+ default: /v1
+ scheme:
+ default: http
+ port:
+ api:
+ default: 9311
+ public: 80
+ oslo_messaging:
+ namespace: null
+ hosts:
+ default: rabbitmq
+ host_fqdn_override:
+ default: null
+ path: /openstack
+ scheme: rabbit
+ port:
+ amqp:
+ default: 5672
+ oslo_cache:
+ hosts:
+ default: memcached
+ host_fqdn_override:
+ default: null
+ port:
+ memcache:
+ default: 11211
+ physicalprovisioner:
+ name: drydock
+ hosts:
+ default: drydock-api
+ port:
+ api:
+ default: 9000
+ nodeport: 31900
+ path:
+ default: /api/v1.0
+ scheme:
+ default: http
+ host_fqdn_override:
+ default: null
+ maas_region_ui:
+ name: maas-region-ui
+ hosts:
+ default: maas-region-ui
+ public: maas
+ path:
+ default: /MAAS
+ scheme:
+ default: "http"
+ port:
+ region_ui:
+ default: 80
+ public: 80
+ host_fqdn_override:
+ default: null
+ kubernetesprovisioner:
+ name: promenade
+ hosts:
+ default: promenade-api
+ port:
+ api:
+ default: 80
+ path:
+ default: /api/v1.0
+ scheme:
+ default: http
+ host_fqdn_override:
+ default: null
+ shipyard:
+ name: shipyard
+ hosts:
+ default: shipyard-int
+ public: shipyard-api
+ port:
+ api:
+ default: 9000
+ public: 80
+ path:
+ default: /api/v1.0
+ scheme:
+ default: http
+ # public: https
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: shipyard.DOMAIN
+ airflow_web:
+ name: airflow-web
+ hosts:
+ default: airflow-web-int
+ public: airflow-web
+ port:
+ airflow_web:
+ default: 8080
+ path:
+ default: /
+ scheme:
+ default: http
+ host_fqdn_override:
+ default: null
+ airflow_flower:
+ name: airflow-flower
+ hosts:
+ default: airflow-flower
+ port:
+ airflow_flower:
+ default: 5555
+ path:
+ default: /
+ scheme:
+ default: http
+ host_fqdn_override:
+ default: null
+ ceph:
+ object_store:
+ name: swift
+ namespace: ceph
+ hosts:
+ default: ceph-rgw
+ public: radosgw
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: object-store.DOMAIN
+ path:
+ default: /swift/v1
+ scheme:
+ default: http
+ # public: "https"
+ port:
+ api:
+ default: 8088
+ # public: 443
+ ceph_object_store:
+ name: radosgw
+ namespace: ceph
+ hosts:
+ default: ceph-rgw
+ public: radosgw
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: object-store.DOMAIN
+ path:
+ default: /auth/v1.0
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8088
+ # public: 443
+ ceph_mon:
+ namespace: ceph
+ hosts:
+ default: ceph-mon
+ discovery: ceph-mon-discovery
+ host_fqdn_override:
+ default: null
+ port:
+ mon:
+ default: 6789
+ ceph_mgr:
+ namespace: ceph
+ hosts:
+ default: ceph-mgr
+ host_fqdn_override:
+ default: null
+ port:
+ mgr:
+ default: 7000
+ scheme:
+ default: http
+...
+---
+schema: pegleg/EndpointCatalogue/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_endpoints
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+ # substitutions:
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.object_store.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.ceph_object_store.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.object_store.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.object_store.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.object_store.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.ceph_object_store.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.ceph_object_store.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.ceph_object_store.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.image.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.cloudformation.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.orchestration.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.compute.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.compute_novnc_proxy.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.placement.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.network.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.identity.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.dashboard.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.volume.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.volumev2.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.volumev3.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.identity.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.identity.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.identity.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.orchestration.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.orchestration.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.orchestration.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.cloudformation.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.cloudformation.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.cloudformation.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.dashboard.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.dashboard.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.dashboard.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.image.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.image.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.image.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.volume.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.volume.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.volume.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.volumev2.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.volumev2.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.volumev2.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.volumev3.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.volumev3.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.volumev3.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.compute.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.compute.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.compute.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.compute_novnc_proxy.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.compute_novnc_proxy.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.compute_novnc_proxy.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.placement.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.placement.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.placement.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.network.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.network.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.network.host_fqdn_override.public.tls.key
+data:
+ osh:
+ object_store:
+ name: swift
+ namespace: ceph
+ hosts:
+ default: ceph-rgw
+ public: radosgw
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: object-store.DOMAIN
+ path:
+ default: /swift/v1/KEY_$(tenant_id)s
+ scheme:
+ default: http
+ # public: "https"
+ port:
+ api:
+ default: 8088
+ # public: 443
+ ceph_object_store:
+ name: radosgw
+ namespace: ceph
+ hosts:
+ default: ceph-rgw
+ public: radosgw
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: object-store.DOMAIN
+ path:
+ default: /auth/v1.0
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8088
+ # public: 443
+ oslo_db:
+ hosts:
+ default: mariadb
+ discovery: mariadb-discovery
+ host_fqdn_override:
+ default: null
+ path: /DB_NAME
+ scheme: mysql+pymysql
+ port:
+ mysql:
+ default: 3306
+ wsrep:
+ default: 4567
+ keystone_oslo_messaging:
+ namespace: openstack
+ hosts:
+ default: keystone-rabbitmq
+ host_fqdn_override:
+ default: null
+ path: /keystone
+ scheme: rabbit
+ port:
+ amqp:
+ default: 5672
+ http:
+ default: 15672
+ keystone_rabbitmq_exporter:
+ namespace: openstack
+ hosts:
+ default: keystone-rabbitmq-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: /metrics
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9095
+ oslo_cache:
+ namespace: openstack
+ hosts:
+ default: memcached
+ host_fqdn_override:
+ default: null
+ port:
+ memcache:
+ default: 11211
+ identity:
+ namespace: openstack
+ name: keystone
+ hosts:
+ default: keystone-api
+ public: keystone
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: identity.DOMAIN
+ path:
+ default: /v3
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ admin:
+ default: 35357
+ api:
+ default: 80
+ # public: 443
+ glance_oslo_messaging:
+ namespace: openstack
+ hosts:
+ default: glance-rabbitmq
+ host_fqdn_override:
+ default: null
+ path: /glance
+ scheme: rabbit
+ port:
+ amqp:
+ default: 5672
+ http:
+ default: 15672
+ glance_rabbitmq_exporter:
+ namespace: openstack
+ hosts:
+ default: glance-rabbitmq-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: /metrics
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9095
+ image:
+ name: glance
+ hosts:
+ default: glance-api
+ public: glance
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: image.DOMAIN
+ path:
+ default: null
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 9292
+ # public: 443
+ image_registry:
+ name: glance-registry
+ hosts:
+ default: glance-registry
+ public: glance-reg
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ scheme:
+ default: "http"
+ port:
+ api:
+ default: 9191
+ public: 80
+ cinder_oslo_messaging:
+ namespace: openstack
+ hosts:
+ default: cinder-rabbitmq
+ host_fqdn_override:
+ default: null
+ path: /cinder
+ scheme: rabbit
+ port:
+ amqp:
+ default: 5672
+ http:
+ default: 15672
+ cinder_rabbitmq_exporter:
+ namespace: openstack
+ hosts:
+ default: cinder-rabbitmq-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: /metrics
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9095
+ volume:
+ name: cinder
+ hosts:
+ default: cinder-api
+ public: cinder
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: volume.DOMAIN
+ path:
+ default: "/v1/%(tenant_id)s"
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8776
+ # public: 443
+ volumev2:
+ name: cinderv2
+ hosts:
+ default: cinder-api
+ public: cinder
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: volume.DOMAIN
+ path:
+ default: "/v2/%(tenant_id)s"
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8776
+ # public: 443
+ volumev3:
+ name: cinderv3
+ hosts:
+ default: cinder-api
+ public: cinder
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: volume.DOMAIN
+ path:
+ default: "/v3/%(tenant_id)s"
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8776
+ # public: 443
+ heat_oslo_messaging:
+ namespace: openstack
+ hosts:
+ default: heat-rabbitmq
+ host_fqdn_override:
+ default: null
+ path: /heat
+ scheme: rabbit
+ port:
+ amqp:
+ default: 5672
+ http:
+ default: 15672
+ heat_rabbitmq_exporter:
+ namespace: openstack
+ hosts:
+ default: heat-rabbitmq-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: /metrics
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9095
+ orchestration:
+ name: heat
+ hosts:
+ default: heat-api
+ public: heat
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: orchestration.DOMAIN
+ path:
+ default: "/v1/%(project_id)s"
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8004
+ # public: 443
+ cloudformation:
+ name: heat-cfn
+ hosts:
+ default: heat-cfn
+ public: cloudformation
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: cloudformation.DOMAIN
+ path:
+ default: /v1
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8000
+ # public: 443
+ cloudwatch:
+ name: heat-cloudwatch
+ hosts:
+ default: heat-cloudwatch
+ public: cloudwatch
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ type: null
+ scheme:
+ default: "http"
+ port:
+ api:
+ default: 8003
+ public: 80
+ neutron_oslo_messaging:
+ namespace: openstack
+ hosts:
+ default: neutron-rabbitmq
+ host_fqdn_override:
+ default: null
+ path: /neutron
+ scheme: rabbit
+ port:
+ amqp:
+ default: 5672
+ http:
+ default: 15672
+ neutron_rabbitmq_exporter:
+ namespace: openstack
+ hosts:
+ default: neutron-rabbitmq-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: /metrics
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9095
+ network:
+ name: neutron
+ hosts:
+ default: neutron-server
+ public: neutron
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: network.DOMAIN
+ path:
+ default: null
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 9696
+ # public: 443
+ nova_oslo_messaging:
+ namespace: openstack
+ hosts:
+ default: nova-rabbitmq
+ host_fqdn_override:
+ default: null
+ path: /nova
+ scheme: rabbit
+ port:
+ amqp:
+ default: 5672
+ http:
+ default: 15672
+ nova_rabbitmq_exporter:
+ namespace: openstack
+ hosts:
+ default: nova-rabbitmq-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: /metrics
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9095
+ compute:
+ name: nova
+ hosts:
+ default: nova-api
+ public: nova
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: compute.DOMAIN
+ path:
+ default: "/v2/%(tenant_id)s"
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8774
+ # public: 443
+ novncproxy:
+ default: 443
+ compute_metadata:
+ name: nova
+ hosts:
+ default: nova-metadata
+ public: metadata
+ host_fqdn_override:
+ default: null
+ path:
+ default: /
+ scheme:
+ default: "http"
+ port:
+ metadata:
+ default: 8775
+ public: 80
+ compute_novnc_proxy:
+ name: nova
+ hosts:
+ default: nova-novncproxy
+ public: novncproxy
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: nova-novncproxy.DOMAIN
+ path:
+ default: /vnc_auto.html
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ novnc_proxy:
+ default: 6080
+ # public: 443
+ compute_spice_proxy:
+ name: nova
+ hosts:
+ default: nova-spiceproxy
+ host_fqdn_override:
+ default: null
+ path:
+ default: /spice_auto.html
+ scheme:
+ default: "http"
+ port:
+ spice_proxy:
+ default: 6082
+ placement:
+ name: placement
+ hosts:
+ default: placement-api
+ public: placement
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: placement.DOMAIN
+ path:
+ default: /
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8778
+ # public: 443
+ dashboard:
+ name: horizon
+ hosts:
+ default: horizon-int
+ public: horizon
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: dashboard.DOMAIN
+ path:
+ default: null
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ web:
+ default: 80
+ # public: 443
+...
+---
+schema: pegleg/EndpointCatalogue/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_infra_endpoints
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+ # substitutions:
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh_infra.kibana.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh_infra.grafana.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh_infra.nagios.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh_infra.kibana.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh_infra.kibana.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh_infra.kibana.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh_infra.grafana.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh_infra.grafana.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh_infra.grafana.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh_infra.nagios.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh_infra.nagios.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh_infra.nagios.host_fqdn_override.public.tls.key
+ # path: .osh_infra.nagios.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .ldap.base_url
+ # dest:
+ # path: .osh_infra.ldap.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .ldap.auth_path
+ # dest:
+ # path: .osh_infra.ldap.path.default
+ # pattern: AUTH_PATH
+data:
+ osh_infra:
+ elasticsearch:
+ name: elasticsearch
+ namespace: osh-infra
+ hosts:
+ data: elasticsearch-data
+ default: elasticsearch-logging
+ discovery: elasticsearch-discovery
+ public: elasticsearch
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ scheme:
+ default: "http"
+ port:
+ http:
+ default: 80
+ prometheus_elasticsearch_exporter:
+ namespace: null
+ hosts:
+ default: elasticsearch-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: /metrics
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9108
+ fluentd:
+ namespace: osh-infra
+ name: fluentd
+ hosts:
+ default: fluentd-logging
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ scheme:
+ default: "http"
+ port:
+ service:
+ default: 24224
+ metrics:
+ default: 24220
+ prometheus_fluentd_exporter:
+ namespace: osh-infra
+ hosts:
+ default: fluentd-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: /metrics
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9309
+ oslo_db:
+ namespace: osh-infra
+ hosts:
+ default: mariadb
+ host_fqdn_override:
+ default: null
+ path: /DB_NAME
+ scheme: mysql+pymysql
+ port:
+ mysql:
+ default: 3306
+ grafana:
+ name: grafana
+ namespace: osh-infra
+ hosts:
+ default: grafana-dashboard
+ public: grafana
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: grafana.DOMAIN
+ path:
+ default: null
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ grafana:
+ default: 3000
+ # public: 443
+ monitoring:
+ name: prometheus
+ namespace: osh-infra
+ hosts:
+ default: prom-metrics
+ public: prometheus
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ scheme:
+ default: "http"
+ port:
+ api:
+ default: 9090
+ public: 80
+ kibana:
+ name: kibana
+ namespace: osh-infra
+ hosts:
+ default: kibana-dash
+ public: kibana
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: kibana.DOMAIN
+ path:
+ default: null
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ kibana:
+ default: 5601
+ # public: 443
+ alerts:
+ name: alertmanager
+ namespace: osh-infra
+ hosts:
+ default: alerts-engine
+ public: alertmanager
+ discovery: alertmanager-discovery
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ scheme:
+ default: "http"
+ port:
+ api:
+ default: 9093
+ public: 80
+ mesh:
+ default: 6783
+ kube_state_metrics:
+ namespace: kube-system
+ hosts:
+ default: kube-state-metrics
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ scheme:
+ default: "http"
+ port:
+ http:
+ default: 8080
+ kube_scheduler:
+ scheme:
+ default: "http"
+ path:
+ default: /metrics
+ kube_controller_manager:
+ scheme:
+ default: "http"
+ path:
+ default: /metrics
+ node_metrics:
+ namespace: kube-system
+ hosts:
+ default: node-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9100
+ prometheus_port:
+ default: 9100
+ prometheus_openstack_exporter:
+ namespace: openstack
+ hosts:
+ default: openstack-metrics
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ scheme:
+ default: "http"
+ port:
+ exporter:
+ default: 9103
+ nagios:
+ name: nagios
+ namespace: osh-infra
+ hosts:
+ default: nagios-metrics
+ public: nagios
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: nagios.DOMAIN
+ path:
+ default: null
+ scheme:
+ default: http
+ # public: https
+ port:
+ http:
+ default: 80
+ # public: 443
+ ldap:
+ hosts:
+ default: ldap
+ host_fqdn_override:
+ default: null
+ public:
+ host: DOMAIN
+ path:
+ default: /AUTH_PATH
+ scheme:
+ default: "ldap"
+ port:
+ ldap:
+ default: 389
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: pegleg/AccountCatalogue/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_service_accounts
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ ucp:
+ postgres:
+ admin:
+ username: postgres
+ oslo_db:
+ admin:
+ username: root
+ oslo_messaging:
+ admin:
+ username: rabbitmq
+ keystone:
+ admin:
+ region_name: RegionOne
+ username: admin
+ project_name: admin
+ user_domain_name: default
+ project_domain_name: default
+ oslo_messaging:
+ admin:
+ username: rabbitmq
+ keystone:
+ username: keystone
+ oslo_db:
+ username: keystone
+ database: keystone
+ promenade:
+ keystone:
+ region_name: RegionOne
+ role: admin
+ project_name: service
+ project_domain_name: default
+ user_domain_name: default
+ username: promenade
+ drydock:
+ keystone:
+ region_name: RegionOne
+ role: admin
+ project_name: service
+ project_domain_name: default
+ user_domain_name: default
+ username: drydock
+ postgres:
+ username: drydock
+ database: drydock
+ shipyard:
+ keystone:
+ region_name: RegionOne
+ role: admin
+ project_name: service
+ project_domain_name: default
+ user_domain_name: default
+ username: shipyard
+ postgres:
+ username: shipyard
+ database: shipyard
+ airflow:
+ postgres:
+ username: airflow
+ database: airflow
+ oslo_messaging:
+ username: rabbitmq
+ maas:
+ admin:
+ username: admin
+ email: none@none
+ postgres:
+ username: maas
+ database: maasdb
+ barbican:
+ keystone:
+ region_name: RegionOne
+ role: admin
+ project_name: service
+ project_domain_name: default
+ user_domain_name: default
+ username: barbican
+ oslo_db:
+ username: barbican
+ database: barbican
+ oslo_messaging:
+ admin:
+ username: rabbitmq
+ keystone:
+ username: keystone
+ armada:
+ keystone:
+ project_domain_name: default
+ user_domain_name: default
+ project_name: service
+ region_name: RegionOne
+ role: admin
+ user_domain_name: default
+ username: armada
+ deckhand:
+ keystone:
+ region_name: RegionOne
+ role: admin
+ project_name: service
+ project_domain_name: default
+ user_domain_name: default
+ username: deckhand
+ postgres:
+ username: deckhand
+ database: deckhand
+ ceph:
+ swift:
+ keystone:
+ role: admin
+ region_name: RegionOne
+ username: swift
+ project_name: service
+ user_domain_name: default
+ project_domain_name: default
+...
+---
+schema: pegleg/AccountCatalogue/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_service_accounts
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+ substitutions:
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.keystone.admin.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.cinder.cinder.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.glance.glance.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.heat.heat.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.heat.heat_trustee.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.heat.heat_stack_user.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.swift.keystone.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.neutron.neutron.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.nova.nova.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.nova.placement.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.barbican.barbican.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.barbican.barbican.region_name
+data:
+ osh:
+ keystone:
+ admin:
+ username: admin
+ project_name: admin
+ user_domain_name: default
+ project_domain_name: default
+ oslo_db:
+ username: keystone
+ database: keystone
+ oslo_messaging:
+ admin:
+ username: keystone-rabbitmq-admin
+ keystone:
+ username: keystone-rabbitmq-user
+ ldap:
+ username: "user@example-ldap.com"
+ cinder:
+ cinder:
+ role: admin
+ username: cinder
+ project_name: service
+ user_domain_name: default
+ project_domain_name: default
+ oslo_db:
+ username: cinder
+ database: cinder
+ oslo_messaging:
+ admin:
+ username: cinder-rabbitmq-admin
+ cinder:
+ username: cinder-rabbitmq-user
+ glance:
+ glance:
+ role: admin
+ username: glance
+ project_name: service
+ user_domain_name: default
+ project_domain_name: default
+ oslo_db:
+ username: glance
+ database: glance
+ oslo_messaging:
+ admin:
+ username: glance-rabbitmq-admin
+ glance:
+ username: glance-rabbitmq-user
+ ceph_object_store:
+ username: glance
+ heat:
+ heat:
+ role: admin
+ username: heat
+ project_name: service
+ user_domain_name: default
+ project_domain_name: default
+ heat_trustee:
+ role: admin
+ username: heat-trust
+ project_name: service
+ user_domain_name: default
+ project_domain_name: default
+ heat_stack_user:
+ role: admin
+ username: heat-domain
+ domain_name: heat
+ oslo_db:
+ username: heat
+ database: heat
+ oslo_messaging:
+ admin:
+ username: heat-rabbitmq-admin
+ heat:
+ username: heat-rabbitmq-user
+ swift:
+ keystone:
+ role: admin
+ username: swift
+ project_name: service
+ user_domain_name: default
+ project_domain_name: default
+ oslo_db:
+ admin:
+ username: root
+ neutron:
+ neutron:
+ role: admin
+ username: neutron
+ project_name: service
+ user_domain_name: default
+ project_domain_name: default
+ oslo_db:
+ username: neutron
+ database: neutron
+ oslo_messaging:
+ admin:
+ username: neutron-rabbitmq-admin
+ neutron:
+ username: neutron-rabbitmq-user
+ nova:
+ nova:
+ role: admin
+ username: nova
+ project_name: service
+ user_domain_name: default
+ project_domain_name: default
+ placement:
+ role: admin
+ username: placement
+ project_name: service
+ user_domain_name: default
+ project_domain_name: default
+ oslo_db:
+ username: nova
+ database: nova
+ oslo_db_api:
+ username: nova
+ database: nova_api
+ oslo_db_cell0:
+ username: nova
+ database: "nova_cell0"
+ oslo_messaging:
+ admin:
+ username: nova-rabbitmq-admin
+ nova:
+ username: nova-rabbitmq-user
+ horizon:
+ oslo_db:
+ username: horizon
+ database: horizon
+ barbican:
+ barbican:
+ role: admin
+ username: barbican
+ project_name: service
+ user_domain_name: default
+ project_domain_name: default
+ oslo_db:
+ username: barbican
+ database: barbican
+ oslo_messaging:
+ admin:
+ username: barbican-rabbitmq-admin
+ barbican:
+ username: barbican-rabbitmq-user
+...
+---
+schema: pegleg/AccountCatalogue/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_infra_service_accounts
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ osh_infra:
+ grafana:
+ admin:
+ username: grafana
+ oslo_db:
+ username: grafana
+ database: grafana
+ oslo_db_session:
+ username: grafana_session
+ database: grafana_session
+ elasticsearch:
+ admin:
+ username: elasticsearch
+ kibana:
+ admin:
+ username: kibana
+ oslo_db:
+ admin:
+ username: root
+ prometheus_openstack_exporter:
+ user:
+ username: prometheus-openstack-exporter
+ project_name: service
+ user_domain_name: default
+ nagios:
+ admin:
+ username: nagios
+ ldap:
+ admin:
+ # NEWSITE-CHANGEME: Replace with the site's LDAP account used to
+ # authenticate to the active directory backend to validate keystone
+ # users.
+ bind: "test@ldap.example.com"
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Manifest/v1
+metadata:
+ schema: metadata/Document/v1
+ name: full-site
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: full-site-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data:
+ release_prefix: airship
+ chart_groups:
+ - kubernetes-proxy
+ - kubernetes-container-networking
+ - kubernetes-dns
+ - kubernetes-etcd
+ - kubernetes-haproxy
+ - kubernetes-core
+ - ingress-kube-system
+ - ucp-ceph-update
+ - ucp-ceph-config
+ - ucp-core
+ - ucp-keystone
+ - ucp-divingbell
+ - ucp-armada
+ - ucp-deckhand
+ - ucp-drydock
+ - ucp-promenade
+ - ucp-shipyard
+ - osh-infra-ingress-controller
+ - osh-infra-ceph-config
+ - osh-infra-logging
+ - osh-infra-monitoring
+ - osh-infra-mariadb
+ - osh-infra-dashboards
+ - openstack-ingress-controller
+ - openstack-ceph-config
+ - openstack-mariadb
+ - openstack-memcached
+ - openstack-keystone
+ - openstack-radosgw
+ - openstack-glance
+ - openstack-cinder
+ - openstack-compute-kit
+ - openstack-heat
+ - osh-infra-prometheus-openstack-exporter
+ - openstack-horizon
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: 'drydock/BootAction/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: i40evf_blacklist
+ storagePolicy: 'cleartext'
+ layeringDefinition:
+ abstract: false
+ layer: site
+ labels:
+ application: 'drydock'
+data:
+ signaling: false
+ node_filter:
+ filter_set_type: 'union'
+ filter_set:
+ - filter_type: 'union'
+ assets:
+ - path: /etc/modprobe.d/sriov_blacklist.conf
+ type: file
+ permissions: '644'
+ data_pipeline:
+ - utf8_decode
+ data: |
+ blacklist i40evf
+...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
[Service]
Type=simple
- #ExecStart=/opt/configure-ip-rules.sh -i bond1.2406 -c DH_SUB_POD_CIDR -o 10.34.0.0/15 -s 135.21.157.32/29
- #ExecStart=/opt/configure-ip-rules.sh -i bond0.44 -c DH_SUB_POD_CIDR -o 10.99.0.0/16 -s 172.29.1.0/24
ExecStart=/opt/configure-ip-rules.sh -g 172.29.1.1 -c 10.99.0.0/16 -s 172.29.1.136/29
-
-
[Install]
WantedBy=multi-user.target
data_pipeline:
cat <<EOU
Options are:
- -c POD_CIDR The pod CIDR for the Kubernetes cluster, e.g. 10.97.0.0/16
+ -c POD_CIDR The pod CIDR for the Kubernetes cluster, e.g. 10.99.0.0/16
-i INTERFACE The interface for internal pod traffic, e.g. bond1.2006
-o OVERLAP_CIDR (optional) This CIDR will be routed via the VRRP IP on
INTERFACE. It is used to provide a work around when
shift $((OPTIND-1))
if [ "x$POD_CIDR" == "x" ]; then
- echo "Missing pod CIDR, e.g -c 10.97.0.0/16" >&2
+ echo "Missing pod CIDR, e.g -c 10.99.0.0/16" >&2
usage
exit 1
fi
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
node_names:
- 'aknode31'
- 'aknode32'
- - 'aknode33'
- - 'aknode34'
# TODO(alanmeadows) move what is global about this document - everything except nodenames to global
assets:
- path: /opt/promjoin.sh
# you should use to contact kubernetes in the case below, this is cab24_mgmt
location: promenade+http://promenade-api.ucp.svc.cluster.local/api/v1.0/join-scripts?design_ref={{ action.design_ref | urlencode }}&hostname={{ node.hostname }}&ip={{ node.network.calico.ip }}{% for k, v in node.labels.items() %}&labels.dynamic={{ k }}={{ v }}{% endfor %}
location_pipeline:
-#originally rack06_calico
- template
data_pipeline:
- utf8_decode
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
# See the License for the specific language governing permissions and #
# limitations under the License. #
##############################################################################
-
schema: 'drydock/BaremetalNode/v1'
metadata:
schema: 'metadata/Document/v1'
layer: site
storagePolicy: cleartext
data:
- host_profile: MyControlPlane_HP
-#/new/notused/aic-clcp-manifests/site/clcp-seaworthy/profiles/host/cp_rack.yaml
+ host_profile: ControlPlane
+ # the hostname for a server, could be used in multiple DNS domains to
+ # represent different interfaces
addressing:
+ # Which network the address applies to. If a network appears in addressing
+ # that isn't assigned to an interface, design validation will fail
- network: oob
address: 192.168.41.131
- network: pxe
+ # The address assigned. Either a explicit IPv4 or IPv6 address
+ # or dhcp or slaac
address: 172.30.1.31
- network: oam
address: 192.168.2.31
tags:
- 'masters'
---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
schema: 'drydock/BaremetalNode/v1'
metadata:
schema: 'metadata/Document/v1'
layer: site
storagePolicy: cleartext
data:
- host_profile: MyControlPlane_HP
-#/new/notused/aic-clcp-manifests/site/clcp-seaworthy/profiles/host/cp_rack.yaml
+ host_profile: ControlPlane
+ # the hostname for a server, could be used in multiple DNS domains to
+ # represent different interfaces
addressing:
+ # Which network the address applies to. If a network appears in addressing
+ # that isn't assigned to an interface, design validation will fail
- network: oob
address: 192.168.41.132
- network: pxe
+ # The address assigned. Either a explicit IPv4 or IPv6 address
+ # or dhcp or slaac
address: 172.30.1.32
- network: oam
address: 192.168.2.32
rack: RACK01
tags:
- 'masters'
----
-schema: 'drydock/BaremetalNode/v1'
-metadata:
- schema: 'metadata/Document/v1'
- name: aknode33
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data:
- host_profile: MyComputePlane_HP
- addressing:
- - network: oob
- address: 192.168.41.133
- - network: pxe
- address: 172.30.1.33
- - network: oam
- address: 192.168.2.33
- - network: storage
- address: 172.31.1.33
- - network: overlay
- address: 10.0.101.33
- - network: calico
- address: 172.29.1.33
- metadata:
- rack: RACK01
- tags:
- - 'workers'
-#---
-#schema: 'drydock/BaremetalNode/v1'
-#metadata:
-# schema: 'metadata/Document/v1'
-# name: aknode34
-# layeringDefinition:
-# abstract: false
-# layer: site
-# storagePolicy: cleartext
-#data:
-# host_profile: MyComputePlane_HP
-# addressing:
-# - network: oob
-# address: 192.168.41.134
-# - network: pxe
-# address: 172.30.1.34
-# - network: oam
-# address: 192.168.2.34
-# - network: storage
-# address: 172.31.1.34
-# - network: overlay
-# address: 10.0.101.34
-# - network: calico
-# address: 172.29.1.34
-# metadata:
-# rack: RACK01
-# tags:
-# - 'workers'
...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: shipyard/DeploymentConfiguration/v1
+metadata:
+ schema: metadata/Document/v1
+ name: deployment-configuration
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ armada:
+ manifest: 'full-site'
+...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
- 8.8.8.8
- 8.8.8.8
upstream_servers_joined: '192.168.2.85,8.8.8.8'
-
+ ingress_domain: hpgen10.akraino.org
genesis:
hostname: aknode30
-# ip: 192.168.2.30
ip: 172.29.1.30
bootstrap:
- hostname: aknode31
- hostname: aknode32
+ proxy:
+ http: ""
+ https: ""
+ no_proxy: []
+
node_ports:
drydock_api: 30000
maas_api: 30001
ntp:
servers_joined: '0.ubuntu.pool.ntp.org,1.ubuntu.pool.ntp.org,2.ubuntu.pool.ntp.org'
-
# Used for FQDN setup/definition
domain:
url: hpgen10.lab.akraino.org
ldap:
+ base_url: 'its-a-ldap.example.com'
url: 'ldap://its-a-ldap.example.com'
+ auth_path: DC=test,DC=test,DC=com?sAMAccountName?sub?memberof=CN=test,OU=Application,OU=Groups,DC=test,DC=test,DC=com
common_name: AP-NC_Test_Users
subdomain: testitservices
domain: example
public_cidr: '172.31.1.0/24'
cluster_cidr: '172.31.1.0/24'
- # external: typically the floating IP subnet
- # tunnel: overlay network for VM traffic
neutron:
tunnel_device: 'bond0.45'
external_iface: 'bond0'
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
schema: 'drydock/NetworkLink/v1'
metadata:
schema: 'metadata/Document/v1'
-# name: gp
name: bond0
layeringDefinition:
abstract: false
mode: 802.1q
allowed_networks:
- oam
-# - public
- storage
- overlay
- calico
data:
vlan: '41'
mtu: 9000
- cidr: 192.168.2.0/24
+ cidr: 192.168.2.0/24
routes:
- subnet: '0.0.0.0/0'
gateway: 192.168.2.200
ranges:
- type: reserved
- start: 192.168.2.84
- end: 192.168.2.86
+ start: 192.168.2.84
+ end: 192.168.2.86
- type: static
start: 192.168.2.1
end: 192.168.2.83
- type: static
start: 172.29.1.5
end: 172.29.1.254
-# routes:
-# - subnet: '172.29.140.64/26'
-# gateway: 172.29.140.3
...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
- 172.30.1.32
groups:
- system:nodes
- - document_name: kubelet-aknode33
- common_name: system:node:aknode33
- hosts:
- - aknode33
- - 192.168.2.33
- - 172.29.1.33
- - 172.30.1.33
- groups:
- - system:nodes
- - document_name: kubelet-aknode34
- common_name: system:node:aknode34
- hosts:
- - aknode34
- - 192.168.2.34
- - 172.29.1.34
- - 172.30.1.34
- groups:
- - system:nodes
- document_name: scheduler
description: Service certificate for Kubernetes scheduler
common_name: system:kube-scheduler
- name: service-account
description: Service account signing key for use by Kubernetes controller-manager.
...
-
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: promenade/Genesis/v1
+metadata:
+ schema: metadata/Document/v1
+ name: genesis-site
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: genesis-global
+ actions:
+ - method: replace
+ path: .labels.dynamic
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data:
+ labels:
+ dynamic:
+ - beta.kubernetes.io/fluentd-ds-ready=true
+ - calico-etcd=enabled
+ - ceph-mds=enabled
+ - ceph-mon=enabled
+ - ceph-osd=enabled
+ - ceph-rgw=enabled
+ - ceph-mgr=enabled
+ - kube-dns=enabled
+ - kube-ingress=enabled
+ - kubernetes-apiserver=enabled
+ - kubernetes-controller-manager=enabled
+ - kubernetes-etcd=enabled
+ - kubernetes-scheduler=enabled
+ - promenade-genesis=enabled
+ - ucp-control-plane=enabled
+ - maas-control-plane=enabled
+ - ceph-osd-bootstrap=enabled
+ - openstack-libvirt=kernel
+ - openvswitch=enabled
+ - openstack-control-plane=enabled
+ - openstack-nova-compute=enabled
+ - sriov=enabled
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: 'drydock/HardwareProfile/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: DELL_HP_Generic
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ vendor: HP
+ generation: '10'
+ hw_version: '3'
+ bios_version: '2.8'
+ boot_mode: bios
+ bootstrap_protocol: pxe
+ pxe_interface: 0
+ device_aliases: {}
+...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
schema: drydock/HostProfile/v1
metadata:
schema: metadata/Document/v1
- name: MyComputePlane_HP
+ name: ComputePlane
storagePolicy: cleartext
labels:
- hosttype: MyComputePlane_HP
+ hosttype: ComputePlane
layeringDefinition:
abstract: false
layer: site
name: ipmi_admin_password
path: .
data:
+ hardware_profile: DELL_HP_Generic
oob:
type: 'ipmi'
network: 'oob'
- 'storage'
- 'overlay'
- 'calico'
+ p1p1:
+ slaves:
+ - 'sriov_nic01'
+ sriov:
+ vf_count: 32 # Currently ignored
+ trustedmode: false
+ p3p2:
+ slaves:
+ - 'sriov_nic02'
+ sriov:
+ vf_count: 32 # Currently ignored
+ trustedmode: false
storage:
physical_devices:
sdj:
partitions:
- name: 'root'
size: '20g'
- bootable: true
filesystem:
mountpoint: '/'
fstype: 'ext4'
kernel: 'hwe-16.04'
kernel_params:
console: 'ttyS1,115200n8'
+ intel_iommu: 'on'
+ iommu: 'pt'
+ amd_iommu: 'on'
+ transparent_hugepage: 'never'
+ hugepagesz: 'hardwareprofile:hugepages.dpdk.size'
+ hugepages: 'hardwareprofile:hugepages.dpdk.count'
+ default_hugepagesz: 'hardwareprofile:hugepages.dpdk.size'
+ isolcpus: 'hardwareprofile:cpuset.kvm'
metadata:
owner_data:
openstack-nova-compute: enabled
openvswitch: enabled
openstack-libvirt: kernel
+ sriov: enabled
beta.kubernetes.io/fluentd-ds-ready: 'true'
...
-
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
schema: drydock/HostProfile/v1
metadata:
schema: metadata/Document/v1
- name: MyControlPlane_HP
+ name: ControlPlane
storagePolicy: cleartext
labels:
- hosttype: MyControlPlane_HP
+ hosttype: ControlPlane
layeringDefinition:
abstract: false
layer: site
network: 'oob'
account: 'Administrator'
primary_network: 'oam'
- hardware_profile: DELL_HP_Generic
+ hardware_profile: DELL_HP_Generic
interfaces:
pxe:
device_link: pxe
- 'storage'
- 'overlay'
- 'calico'
+ p1p1:
+ slaves:
+ - 'sriov_nic01'
+ sriov:
+ vf_count: 32 # Currently ignored
+ trustedmode: false
+ p3p2:
+ slaves:
+ - 'sriov_nic02'
+ sriov:
+ vf_count: 32 # Currently ignored
+ trustedmode: false
storage:
physical_devices:
sdj:
partitions:
- name: 'root'
size: '20g'
- bootable: true
filesystem:
mountpoint: '/'
fstype: 'ext4'
platform:
image: 'xenial'
kernel: 'hwe-16.04'
-# kernel_params:
-# console: 'ttyS1,115200n8'
+ kernel_params:
+ console: 'ttyS1,115200n8'
+ intel_iommu: 'on'
+ iommu: 'pt'
+ amd_iommu: 'on'
+ transparent_hugepage: 'never'
+ hugepagesz: 'hardwareprofile:hugepages.dpdk.size'
+ hugepages: 'hardwareprofile:hugepages.dpdk.count'
+ default_hugepagesz: 'hardwareprofile:hugepages.dpdk.size'
+ isolcpus: 'hardwareprofile:cpuset.kvm'
metadata:
owner_data:
control-plane: enabled
openstack-cinder-control: enabled
openstack-cinder-volume: control
openstack-neutron: enabled
+ openstack-libvirt: kernel
openvswitch: enabled
- sriov: enabled
+ openstack-nova-compute: enabled
ucp-barbican: enabled
ceph-bootstrap: enabled
ceph-mon: enabled
+ ceph-mgr: enabled
ceph-osd: enabled
ceph-mds: enabled
ceph-rgw: enabled
postgresql: enabled
kube-ingress: enabled
sriov: enabled
- openstack-nova-compute: enabled
- openstack-libvirt: kernel
beta.kubernetes.io/fluentd-ds-ready: 'true'
...
-
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+# self-signed certifacte generated based on
+# https://libvirt.org/remote.html#Remote_certificates
+metadata:
+ layeringDefinition:
+ abstract: false
+ layer: site
+ name: ingress-crt
+ schema: metadata/Document/v1
+ storagePolicy: cleartext
+schema: deckhand/Certificate/v1
+data: |
+ -----BEGIN CERTIFICATE-----
+ MIIFKzCCA5OgAwIBAgIMW2h6FCcFdKeaw3vnMA0GCSqGSIb3DQEBCwUAMBIxEDAO
+ BgNVBAMTB0FpcnNoaXAwHhcNMTgwODA2MTY0MDUyWhcNMTkwODA2MTY0MDUyWjBJ
+ MTUwMwYDVQQDEyxpbmdyZXNzLmFpcnNoaXAtc2Vhd29ydGh5LmF0bGFudGFmb3Vu
+ ZHJ5LmNvbTEQMA4GA1UEChMHQWlyc2hpcDCCAaIwDQYJKoZIhvcNAQEBBQADggGP
+ ADCCAYoCggGBALvNHm/G/ylh6aPcvrhOcb4qz1BjcNtnxH8bzZng/rMeX3W2AzjC
+ r2JloJcDvOLBp/TkLOZPImnFW2/GCwktxPgXZuBTPzFV50g77KsPFw0fn3Si7+bs
+ F22tLhdOGk6MQj/WW4pKGHqdw1/VbPwOHBT+I4/scR1L2SZxYtSFIKGenHJH+PMV
+ bCdwnNOR80F8KRzK5iZs/r6S/QqVheieARSWWnk2+TtkM1BloGOhLSd+ZkWh9VO1
+ eOnZowkaDAJwD/G6zoSr5n+beaXzDnEcoVXFSwd4FLoV+om77o92XmZ4rVw0vTMO
+ k6jVwmkdT+dM2K2hLUG/TXWoV2/Qms70gzDOs85RtAkTPe4Ohtdpr51Q0hd35TKG
+ YLKzX/OPblD68iYJYSBvMPpAVTbFYVPW1AQx8wWfannYbMoeL8XTEOKfkqm90YP9
+ EhIdtmw4D7GZxlzG5FXXutmT9sqLfqlRu/RynAhBP8NQvw74WumhOe8r7GhCwgzC
+ gaPLGjeekoS6LQIDAQABo4IBSDCCAUQwDAYDVR0TAQH/BAIwADCBzQYDVR0RBIHF
+ MIHCgixpbmdyZXNzLmFpcnNoaXAtc2Vhd29ydGh5LmF0bGFudGFmb3VuZHJ5LmNv
+ bYIta2V5c3RvbmUuYWlyc2hpcC1zZWF3b3J0aHkuYXRsYW50YWZvdW5kcnkuY29t
+ gilub3ZhLmFpcnNoaXAtc2Vhd29ydGh5LmF0bGFudGFmb3VuZHJ5LmNvbYIsaG9y
+ aXpvbi5haXJzaGlwLXNlYXdvcnRoeS5hdGxhbnRhZm91bmRyeS5jb22HBAoXFQuH
+ BAoXFgswEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0PAQH/BAUDAwegADAdBgNV
+ HQ4EFgQUfTAjNgn/1U1Uh1MJDYT2m4dzhsYwHwYDVR0jBBgwFoAUJFuXPZo6RzfE
+ BlJjnnk5jhcP4wIwDQYJKoZIhvcNAQELBQADggGBAE2ISWmrxqrledJI3aLaS9Yw
+ WsZc8O8CnIyLoxrE85vUubFjuI9ixC/6dJxl2iB1n0H8JgmFREox32Q4+kDJI8V/
+ X9x0PFpRzL7QEPrLZhW94Yis3sOphLW0rf0t06ZepdHHeodYJu1pVMDmLq6bKXdX
+ vo+/WwKnZBXC1qPbXJByv/CN9MtViXOnBGORFRTJPb6U8379LNWclJ/LW12yTwNk
+ JGIbZU61Vxu+2nLIabmmRoODH2jomgMOMMzLgjT3Hvw3whe8GrUoxDiPYQVTDGNm
+ ly6m+5B1Nx06fkZazonozeaOhSQ7RblUSbo+w8TJmLRzD9ft7p4vpjBGxRADMcuF
+ DOjATgdZeisBUHTGEO0P6wJOBQuCFMX9AVl+u8ZpcuRaRaN+pBE6/BqcHBB6qV/N
+ w2DdNtP8BrJ3kJVNEDIo5oTbH5SToxgA4hWBV42M1rB+5vIMDKN3rwVDdNKWYhYc
+ VZpU3V9V6JzSW1O2w4Wu9PdbWJD9oSvC0qJgnjOXzg==
+ -----END CERTIFICATE-----
+...
+---
+metadata:
+ layeringDefinition:
+ abstract: false
+ layer: site
+ name: ingress-ca
+ schema: metadata/Document/v1
+ storagePolicy: cleartext
+schema: deckhand/CertificateAuthority/v1
+data: |
+ -----BEGIN CERTIFICATE-----
+ MIID7TCCAlWgAwIBAgIMW2h3tgSwie0Ypx8eMA0GCSqGSIb3DQEBCwUAMBIxEDAO
+ BgNVBAMTB0FpcnNoaXAwHhcNMTgwODA2MTYzMDQ2WhcNMTkwODA2MTYzMDQ2WjAS
+ MRAwDgYDVQQDEwdBaXJzaGlwMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKC
+ AYEAny0Nqu9U2tXdCCTNzD2T62htMmBLg3CmzWajfbfFl7ALqzo3HgbbY3PxTHDE
+ OJ/lwdm0HkEaGfEDXhJd06WZsa8+fKGqhKXvZXwXx5mJ8LCGxz6xiaxwo9lnKe6V
+ o3YX7bJ5YIVxQ2jhvZo+dY8Z/buloi2Tp2HbqTejKULH9+qdiQTDXAnyR0NLqzJ0
+ YQ4v4yU3zix3nBi8z29lQekGO9quNEka3nw2n0Gxmq5z1bNALGCF5F759mVkB0uT
+ fPGF+zm9eqlqAgduYg7R+JYUumVHvIoRY454GtAdZHTJHJZP0gQSGJsLff8ROFpI
+ GVYsOZhJXU9Ihc5VBC5PMErbmCn0YkuxAWNOYBstZ8l+uY6YiPoFV5Ulc/8M0If+
+ T6jbqzWoFC+4ysgY95RKOw53S4o/T6AFwiIKIw0xp3UfHCf6kr5Y0+XdDn5CXpJB
+ d1KK3PoUWzPSsxcUMXvgKWT4x1vsCId21dn1SmVSOEBhM08VZfjd5bvL9Xjt/E0j
+ mUqDAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcEADAd
+ BgNVHQ4EFgQUJFuXPZo6RzfEBlJjnnk5jhcP4wIwDQYJKoZIhvcNAQELBQADggGB
+ AJaoEtnDoWUUs4nSSqIGcoCfpIO0oqVp8DvkBOcxz5Rz8vMVJSC24/UnuCD2Wknx
+ 2V/E3edXIeRo7duhPtNCT7c8OKY/pJsZQTgOczn4rphoD1pmAIPZmpG6ssPadPiM
+ EP8xWJHZt8NXG7D5kJX2COvBvgNeWXL6MF7Tv8+t5xzt59Vitdb/7lm9Z6jjpvN+
+ zoG0pKx3XYESsnLAVAf00F+kWwds/3x3gQywUAQUDER0jliYUE5id+sojp357Cl9
+ XtY+8zSnTduuP8CfMhwv5p6j9xbqacfT7AzpQ6cy4xcQ7MA6JBQcxbaq4NtvIf6+
+ d/5N9d8LGnfXdCd9iwNy9Qk23Ea0SNhnk9F/NqGBPakU4TbHh4iTYMC/+hDGInpO
+ TIRelTidNBFNaIBg3Z0vsh0lDwbt/xhpXip+ZVBqKMTtktEceiVGru9cYUQA2tKI
+ XNoc5s0uQGMpdFzgED4lXZf+n7yGVMKohvi7Yn96HqujGIrVH6qThsI6m7pUSz40
+ +g==
+ -----END CERTIFICATE-----
+...
+---
+metadata:
+ layeringDefinition:
+ abstract: false
+ layer: site
+ name: ingress-key
+ schema: metadata/Document/v1
+ storagePolicy: cleartext
+schema: deckhand/CertificateKey/v1
+data: |
+ -----BEGIN RSA PRIVATE KEY-----
+ MIIG4wIBAAKCAYEAu80eb8b/KWHpo9y+uE5xvirPUGNw22fEfxvNmeD+sx5fdbYD
+ OMKvYmWglwO84sGn9OQs5k8iacVbb8YLCS3E+Bdm4FM/MVXnSDvsqw8XDR+fdKLv
+ 5uwXba0uF04aToxCP9ZbikoYep3DX9Vs/A4cFP4jj+xxHUvZJnFi1IUgoZ6cckf4
+ 8xVsJ3Cc05HzQXwpHMrmJmz+vpL9CpWF6J4BFJZaeTb5O2QzUGWgY6EtJ35mRaH1
+ U7V46dmjCRoMAnAP8brOhKvmf5t5pfMOcRyhVcVLB3gUuhX6ibvuj3ZeZnitXDS9
+ Mw6TqNXCaR1P50zYraEtQb9NdahXb9CazvSDMM6zzlG0CRM97g6G12mvnVDSF3fl
+ MoZgsrNf849uUPryJglhIG8w+kBVNsVhU9bUBDHzBZ9qedhsyh4vxdMQ4p+Sqb3R
+ g/0SEh22bDgPsZnGXMbkVde62ZP2yot+qVG79HKcCEE/w1C/Dvha6aE57yvsaELC
+ DMKBo8saN56ShLotAgMBAAECggGAYzZDhA1+sx/0zApL/xYB5NK83t0Ju/8fwX6w
+ qUBBjeLXz1mubgf7m2HQ6ragzLI9xpPcXHcl2PbYDT50ig7R5baHNK8FzUxyeKif
+ qOa56Mbx+C4zyqyi2+AHX2x1XVWfkhXuGip2sCA0HKalgqr5juWLZ/ci8rUlLLft
+ 3BPQX1FpmL4I+HIyxsspLmQGPGwZVAqkd1xRX+BLKZJAQdlm/LdJaIvwMr4Glcx6
+ ZOe68QhHgzXCYsyV6gR9qstF2OvVuLa2mUc7EzYInFIFhXUdAAwmDqkuuLRdRQhf
+ Ur8nqQW33T0cG0GBUzgBI5YmSPJvTSzcPmeSyNVx2/Yb0pkuXtCw67oDcAsN4nW8
+ uls49E2RaiLJYsy5vPsX5aJNcAxw/CWLdadQ3ukviD/MDJbpTl4F52GOVYL6K4XH
+ g5TJjj7xzjmK3ldR/Kscg7HpCitQLGUYdgIsAFdspXf4aSIa68IjDrc5NsJZuMzc
+ PbVHrw7QYNfHY7VNdUlOVqH5lS3BAoHBANRqKrQXtnJmM006TCEJXdcN/5M685jz
+ +L4Ox0Rhrq8ROgcN5q/hjKb6kP/MccQ9voGQOl9TKEyinGNdTtyc/fuH7RNlQwpS
+ HT+vEzVEcrSe8UFs8c6oJnHFO72ylFcibFf56LvbI3L8BZXp7gPSPQkp5f1NWEZk
+ X5bUL4UNiOm0diltba/ofxywF0M9WGD00eqi0Q29JRlvun+355j06CENxRoonNZC
+ wk1evIxhhckP9zLjI2Ykb1hV6yzwPWtmyQKBwQDiVgru/B396KhzDhLl5AL+pBWA
+ GsfiCbmPLh6W6V5VzldB4+GlMRrJ4zSjZQ3/nvX5KepqjMn1N6LQpZQUI/YShCKE
+ mW0XMiAfbp2d23MRMjLD8L/bIoBHQOPkCaMjbmyDOlCagWakEvHJO/TieVgTmYk6
+ mtEYVjJFWI9OCNMAHdl8ovWr3p+8YbVZ8LLv5ZO/V1cIjczoNQ6p8LG/pPMTDLXM
+ ScN9a8z3f8LQLBHBlu0155xvt95PQLAon/x21kUCgcAvPVk36hoiQQZhw3hQ1JNx
+ E2TmanLobkHAiurYE11VA+DC1t2Z+fBc5la+/MnEWfL3P4srzgOlX3imRIcYWzXE
+ 7crUyG1ray2kDxyXeRyFfN+srDzut8is/q81lfSVmEs+GY8f0DGHDfN0Dq1nXidC
+ 1XWXqs7aANKdaZ0T2xm61+57ciG1wGAckjDqPEdecLQKmaEijBEnIgj5BH5WLwk8
+ 6KIQGj4fDIPHzyzhj4LAX3ObdpZVzf6RR7JgsSEHtLkCgcBROW2dDC87MqZY++D+
+ TVBhz8LDgVjgHntQDc3+fGtVQcKAq+YLYU7qyrXWOWrHpGVDcK5mZHYJoVi1peY5
+ QBqL1I2KpoDGxT9P6GN6BgoKTsh3FsvTOVNtvrTJ3keEbJlWkrPgbrXGBeJtRC4C
+ pGdeSUg9FtgY8r4BsuFisLoAHbYyC008y5zpfusVBtNAUlQuY4qhUDoLzxafF/jB
+ /NEasgH/+SzFss0QuPHRwS7yGVaxdJfoY8TNDjrpqVhx0T0CgcEAvKG4UoWvT8gJ
+ pIeeAxxnv9yrMxgpntu4RXPDHgfX5tva6EaM3r3nLXjd9FVtlQ4cNBMhp9HNhS3a
+ dK+oEDcBysVxxfltlS2Bx0+gQf3WxgBCJwayKe3i/XCDza92EENgxTPmqB1LHiq5
+ 2b5aOl2Y5fP0eX6UryxRc443c/ejMHw4lGwnno0qpRk9M9Ucqv5J96QCfAlBSQQS
+ gOG9cypL0kBWzCejn9W4av8HkM8Noqd7Tqul1onv/46OBaX51kt3
+ -----END RSA PRIVATE KEY-----
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ceph_fsid
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 3e2a3755-863a-423b-bf19-e8b5bf7f3d95
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ceph_swift_keystone_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 610becbb8563c2d7abb2
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: maas-region-key
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 3858f62230ac3c915f300c664312c63f
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_barbican_oslo_db_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: d992b45a48a3bf2698bc
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_barbican_oslo_messaging_admin_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: c01c594967dfd4024121
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_barbican_oslo_messaging_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 7451bf1643ee73782da9
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_barbican_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: ec1a97a83907f193a717
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_barbican_rabbitmq_erlang_cookie
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 634c104df082faf67332
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_cinder_oslo_db_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 4be86cd9e1e9fc3f7dc5
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_cinder_oslo_messaging_admin_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 8d143e5fb4b4dac3768c
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_cinder_oslo_messaging_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: ac0217906c77ee117000
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_cinder_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 4dca0954fba72f359566
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_cinder_rabbitmq_erlang_cookie
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: f3bda8af291469d2240d
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_glance_oslo_db_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 153a394cfd01623987a7
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_glance_oslo_messaging_admin_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 2c3fcccd6597903cb67c
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_glance_oslo_messaging_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 597a366bd4f86f2d7070
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_glance_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: bf7662ee82349d8ce8a2
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_glance_rabbitmq_erlang_cookie
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 245f4c5f7ca0d06e8416
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_heat_oslo_db_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 6d5cbe4e78499e7ea1be
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_heat_oslo_messaging_admin_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 0fb3767e5bd60737c3ce
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_heat_oslo_messaging_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 2f986c8b860f5e2e6e67
+...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
# See the License for the specific language governing permissions and #
# limitations under the License. #
##############################################################################
-
schema: deckhand/Passphrase/v1
metadata:
schema: metadata/Document/v1
- name: ipmi_admin_password
+ name: osh_heat_password
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
-data: Admin123
+data: 444f3082037eb9921782
...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_heat_rabbitmq_erlang_cookie
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 7a525e66176fd10c317a
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_heat_stack_user_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 3cfcdb863f68ec896735
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_heat_trustee_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 6b1727c22c773c902647
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_horizon_oslo_db_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 97456d11a2389e0a68b9
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_infra_addons_jenkins_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 0ca991324505e13f7a77
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_infra_elasticsearch_admin_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: b12f1e35c6951455d62d
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_infra_grafana_admin_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 573a60b9ca0e5639f86b
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_infra_grafana_oslo_db_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 6e9a3a90bdac0988b850
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_infra_grafana_oslo_db_session_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: e59fde1e4e2ca04a0e6d
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_infra_kibana_admin_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: c3d955527901302d2c10
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_infra_nagios_admin_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: cc78bc60e26c2f5a28fa
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_infra_openstack_exporter_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: d5f5133765b1ab430e85
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_infra_oslo_db_admin_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: f6a5b5fe9e6eb437c207
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_keystone_admin_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: a3df1a9771d9f0480bb2
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_keystone_ldap_mechid_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 5aacc198d8a1edeff4a8
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_keystone_ldap_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 5aacc198d8a1edeff4a8
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_keystone_oslo_db_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 57cfda14a8ec656b9ccf
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_keystone_oslo_messaging_admin_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: c7e2ef5bfab729b9cdf1
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_keystone_oslo_messaging_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: a00052e05aa7e1b704bc
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_keystone_rabbitmq_erlang_cookie
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 7388108f67be16a4f252
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_neutron_oslo_db_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 5496c4a52d6223a1bc6c
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_neutron_oslo_messaging_admin_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 4eaff3effbc9a1b5ddc3
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_neutron_oslo_messaging_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 10a9e6ad21ef9f43173c
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_neutron_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 9bb23c5d7181eabc52f7
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_neutron_rabbitmq_erlang_cookie
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: afa9d3d0af33dcc3ca57
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_nova_oslo_db_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: a1b32d78a4e4deee451a
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_nova_oslo_messaging_admin_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: c450b0c73cafa654e144
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_nova_oslo_messaging_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 173ec39e9f950f86ae24
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_nova_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: a48fdaacf7bd05f7c3ff
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_nova_rabbitmq_erlang_cookie
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 410fe4f619b2cc8c417b
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_oslo_cache_secret_key
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 083d87906595da201c0b
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_oslo_db_admin_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 3affb82b52f975a256a8
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_placement_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: c8d291a1a4dfa9fd41e0
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_airflow_postgres_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 2b2e4c8018c2b4ae511f
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_armada_keystone_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 1263859ed8265dac6feb
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_barbican_keystone_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 138611c0102dc397da43
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_barbican_oslo_db_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 9915552068ae3e3dc2e2
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_deckhand_keystone_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 05f4bbbb3be35cc9b1ac
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_deckhand_postgres_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 3f4f1368325e1d492ee0
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_drydock_keystone_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 40cdf9c49bd6c7e66bc8
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_drydock_postgres_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 4c771ed9d38d38f4d939
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_keystone_admin_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: e170ddbdf99b022ae1fd
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_keystone_oslo_db_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 276a90de2bf3be8d1df8
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_maas_admin_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 825958a1a47ccba33b2a
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_maas_postgres_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: f3401297fd1b8e4b6df4
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_oslo_db_admin_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 045d835905deff7c4ed9
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_oslo_messaging_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 8744bd7b9d14fa037451
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_postgres_admin_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: a7330557eea3ce512402
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_promenade_keystone_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 4533ad6a479120ef4710
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_rabbitmq_erlang_cookie
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 541fe3ba1c65bd553e9a
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_shipyard_keystone_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: 86db58e20de93ef55477
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: deckhand/Passphrase/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_shipyard_postgres_password
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: d1fcd313bdc5fe69464b
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: deckhand/PublicKey/v1
+metadata:
+ schema: metadata/Document/v1
+ name: localadmin_ssh_public_key
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC/n4mNLAj3XKG2fcm+8eVe0NUlNH0g8DA8KJ53rSLKccm8gm4UgLmGOJyBfUloQZMuOpU6a+hexN4ECCliqI7+KUmgJgsvLkJ3OUMNTEVu9tDX5mdXeffsufaqFkAdmbJ/9PMPiPQ3/UqbbtyEcqoZAwUWf4ggAWSp00SGE1Okg+skPSbDzPVHb4810eXZT1yoIg29HAenJNNrsVxvnMT2kw2OYmLfxgEUh1Ev4c5LnUog4GXBDHQtHAwaIoTu9s/q8VIvGav62RJVFn3U1D0jkiwDLSIFn8ezORQ4YkSidwdSrtqsqa2TJ0E5w/n5h5IVGO9neY8YlXrgynLd4Y+7 root@pocnjrsv132
+...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
storagePolicy: cleartext
data:
revision: v4.0
- site_type: large
+ site_type: foundry
...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ replacement: true
+ name: kubernetes-calico
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: kubernetes-calico-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data:
+ values:
+ networking:
+ settings:
+ mesh: "off"
+ ippool:
+ ipip:
+ enabled: "false"
+ mode: "cross-subnet"
+ bgp:
+ asnumber: 65531
+ ipv4:
+ additional_cidrs:
+ - 172.29.1.136/29
+ peers:
+ - apiVersion: v1
+ kind: bgpPeer
+ metadata:
+ peerIP: 172.29.1.1
+ scope: global
+ spec:
+ asnumber: 65001
+...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
path: .values.images.tags
# IP addresses
- -
- src:
+ - src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .calico.etcd.service_ip
dest:
path: .values.service.ip
- -
- src:
+ - src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .calico.etcd.service_ip
path: .values.anchor.etcdctl_endpoint
# CAs
- -
- src:
+ - src:
schema: deckhand/CertificateAuthority/v1
name: calico-etcd
path: .
dest:
path: .values.secrets.tls.client.ca
- -
- src:
+ - src:
schema: deckhand/CertificateAuthority/v1
name: calico-etcd-peer
path: .
path: .values.secrets.tls.peer.ca
# Anchor client cert
- -
- src:
+ - src:
schema: deckhand/Certificate/v1
name: calico-etcd-anchor
path: .
dest:
path: .values.secrets.anchor.tls.cert
- -
- src:
+ - src:
schema: deckhand/CertificateKey/v1
name: calico-etcd-anchor
path: .
path: .values.secrets.anchor.tls.key
# Node names
- -
- src:
+ - src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .masters[0].hostname
dest:
path: .values.nodes[0].name
- -
- src:
+ - src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .masters[1].hostname
dest:
path: .values.nodes[1].name
- -
- src:
+ - src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .genesis.hostname
dest:
path: .values.nodes[2].name
- # Server certs
+ # Server certs
- src:
schema: deckhand/Certificate/v1
name: calico-etcd-aknode31
path: .
dest:
path: .values.nodes[1].tls.peer.key
+
# NOTE(mb874d): Be sure we generate these certs for genesis.
- src:
schema: deckhand/Certificate/v1
dest:
path: .values.nodes[2].tls.peer.key
-
-data: {}
-
+data:
+ values:
+ manifests:
+ test_etcd_health: false
...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: coredns
+ replacement: true
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: coredns-global
+ actions:
+ - method: replace
+ path: .values.conf.coredns.corefile
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+ substitutions:
+ # Zones
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .dns.cluster_domain
+ dest:
+ path: .values.conf.coredns.corefile
+ pattern: '(CLUSTER_DOMAIN)'
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .kubernetes.service_cidr
+ dest:
+ path: .values.conf.coredns.corefile
+ pattern: '(SERVICE_CIDR)'
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .kubernetes.pod_cidr
+ dest:
+ path: .values.conf.coredns.corefile
+ pattern: '(POD_CIDR)'
+
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .dns.upstream_servers[0]
+ dest:
+ path: .values.conf.coredns.corefile
+ pattern: '(UPSTREAM1)'
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .dns.upstream_servers[1]
+ dest:
+ path: .values.conf.coredns.corefile
+ pattern: '(UPSTREAM2)'
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .dns.upstream_servers[2]
+ dest:
+ path: .values.conf.coredns.corefile
+ pattern: '(UPSTREAM3)'
+data:
+ values:
+ conf:
+ coredns:
+ # TODO(alanmeadows) this needs to be adjusted to use substition
+ corefile: |
+ .:53 {
+ errors
+ health
+ autopath @kubernetes
+ kubernetes CLUSTER_DOMAIN SERVICE_CIDR POD_CIDR {
+ pods insecure
+ fallthrough in-addr.arpa ip6.arpa
+ upstream UPSTREAM1
+ upstream UPSTREAM2
+ upstream UPSTREAM3
+ }
+ prometheus :9153
+ proxy . UPSTREAM1
+ proxy . UPSTREAM2
+ proxy . UPSTREAM3
+ cache 30
+ }
+...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
abstract: false
layer: site
parentSelector:
- name: kubernetes-etcd-global
+ name: kubernetes-etcd-global
actions:
- - method: merge
- path: .
+ - method: merge
+ path: .
storagePolicy: cleartext
substitutions:
path: .values.images.tags
# IP addresses
- -
- src:
+ - src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .kubernetes.etcd_service_ip
dest:
path: .values.service.ip
- -
- src:
+ - src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .kubernetes.etcd_service_ip
path: .values.anchor.etcdctl_endpoint
# CAs
- -
- src:
+ - src:
schema: deckhand/CertificateAuthority/v1
name: kubernetes-etcd
path: .
dest:
path: .values.secrets.tls.client.ca
- -
- src:
+ - src:
schema: deckhand/CertificateAuthority/v1
name: kubernetes-etcd-peer
path: .
dest:
path: .values.secrets.tls.peer.ca
- -
- src:
+ - src:
schema: deckhand/Certificate/v1
name: kubernetes-etcd-anchor
path: .
dest:
path: .values.secrets.anchor.tls.cert
- -
- src:
+ - src:
schema: deckhand/CertificateKey/v1
name: kubernetes-etcd-anchor
path: .
path: .values.secrets.anchor.tls.key
# Node names
- -
- src:
+ - src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .masters[0].hostname
dest:
path: .values.nodes[0].name
- -
- src:
+ - src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .masters[1].hostname
dest:
path: .values.nodes[1].name
-
- -
- src:
+ - src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .genesis.hostname
dest:
path: .values.nodes[2].name
- # Server certs
+ # Server certs
- src:
schema: deckhand/Certificate/v1
name: kubernetes-etcd-aknode31
path: .
dest:
path: .values.nodes[1].tls.peer.key
+
# Genesis node
- src:
schema: deckhand/Certificate/v1
path: .values.nodes[2].tls.peer.key
data: {}
-
...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ingress-kube-system
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ ingress: kube-system
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data: {}
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: elasticsearch
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ hosttype: elasticsearch-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data: {}
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: fluent-logging
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ hosttype: fluent-logging-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data: {}
+...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
- name: neutron-site30
- #replacement: true
+ name: neutron
+ replacement: true
labels:
component: neutron
layeringDefinition:
storagePolicy: cleartext
data:
values:
+ labels:
+ agent:
+ sriov:
+ node_selector_key: sriov
+ node_selector_value: enabled
network:
-# auto_bridge_add:
-# br-bond0: bond0
+ backend:
+ - openvswitch
+ - sriov
interface:
sriov:
- device: ens6f0
plugins:
openvswitch_agent:
ovs:
- bridge_mappings: physnet:br-bond0
+ bridge_mappings: bond0:br-bond0
sriov_agent:
+ securitygroup:
+ firewall_driver: neutron.agent.firewall.NoopFirewallDriver
sriov_nic:
- physical_device_mappings: sriovnet1:ens6f0,sriovnet2:ens6f1
+ exclude_devices: null
+ physical_device_mappings: 'sriovnet1:ens6f0,sriovnet2:ens6f1'
ml2_conf:
+ ml2:
+ mechanism_drivers: l2population,openvswitch,sriovnicswitch
ml2_type_vlan:
- network_vlan_ranges: physnet:46:300,sriovnet1:100:4000,sriovnet2:100:4000,sriovnet3:100:4000,sriovnet4:100:4000
+ network_vlan_ranges: bond0:46:300,sriovnet1:2001:3000,sriovnet2:2001:3000
...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: nova
+ labels:
+ component: nova
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: nova-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data:
+ values:
+ network:
+ backend:
+ - openvswitch
+ - sriov
+ conf:
+ nova:
+ filter_scheduler:
+ enabled_filters: "RetryFilter, AvailabilityZoneFilter, RamFilter, ComputeFilter, ComputeCapabilitiesFilter, ImagePropertiesFilter, ServerGroupAntiAffinityFilter, ServerGroupAffinityFilter, PciPassthroughFilter, NUMATopologyFilter, DifferentHostFilter, SameHostFilter"
+ libvirt:
+ virt_type: kvm
+ DEFAULT:
+ vcpu_pin_set: "4-21,26-43,48-65,72-87"
+ vif_plugging_is_fatal: False
+ vif_plugging_timeout: 30
+ pci:
+ alias: '{ "vendor_id":"10de", "product_id":"1db4", "name":"V100", "device_type":"type-PCI" }'
+ passthrough_whitelist: '{"vendor_id": "10de", "product_id": "1db4"}'
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp-ceph-client-update
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: ucp-ceph-client-update-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data:
+ values:
+ conf:
+ pool:
+ target:
+ osd: 24
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp-ceph-client
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: ucp-ceph-client-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data:
+ values:
+ conf:
+ pool:
+ target:
+ osd: 8
+...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
- name: ucp-ceph
+ name: ucp-ceph-osd
layeringDefinition:
abstract: false
layer: site
parentSelector:
- name: ucp-ceph-global
+ name: ucp-ceph-osd-global
actions:
- method: replace
path: .values.conf.storage.osd
journal:
type: directory
location: /var/lib/ceph/journal/journal-sdi
- pool:
- target:
- osd: 8
...
-
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp-divingbell
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: ucp-divingbell-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+ substitutions:
+ - dest:
+ path: .values.conf.uamlite.users[0].user_sshkeys[0]
+ src:
+ schema: deckhand/PublicKey/v1
+ name: localadmin_ssh_public_key
+ path: .
+
+data:
+ values:
+ conf:
+ uamlite:
+ users:
+ - user_name: localadmin
+ user_sudo: true
+ user_sshkeys: []
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp-maas
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: ucp-maas-global
+ actions:
+ - method: replace
+ path: .values.conf.maas.proxy
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data:
+ values:
+ conf:
+ maas:
+ ntp:
+ disable_ntpd_region: true
+ disable_ntpd_rack: true
+ images:
+ default_os: 'ubuntu'
+ default_image: 'xenial'
+ default_kernel: 'hwe-16.04'
+ proxy:
+ proxy_enabled: 'false'
+ peer_proxy_enabled: false
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp-promenade
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: ucp-promenade-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data:
+ values:
+ pod:
+ env:
+ promenade_api:
+ - name: no_proxy
+ value: localhost,127.0.0.1,192.168.0.0/16,172.0.0.0/8,10.0.0.0/8
+ - name: NO_PROXY
+ value: localhost,127.0.0.1,192.168.0.0/16,172.0.0.0/8,10.0.0.0/8
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: pegleg/CommonSoftwareConfig/v1
+metadata:
+ schema: metadata/Document/v1
+ name: common-software-config
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ osh:
+ region_name: RegionOne
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+schema: pegleg/EndpointCatalogue/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_endpoints
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+ # substitutions:
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .ucp.identity.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .ucp.shipyard.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .ceph.object_store.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .ceph.ceph_object_store.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .ceph.object_store.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .ceph.object_store.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .ceph.object_store.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .ceph.ceph_object_store.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .ceph.ceph_object_store.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .ceph.ceph_object_store.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .ucp.identity.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .ucp.identity.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .ucp.identity.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .ucp.shipyard.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .ucp.shipyard.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .ucp.shipyard.host_fqdn_override.public.tls.key
+data:
+ ucp:
+ identity:
+ namespace: ucp
+ name: keystone
+ hosts:
+ default: keystone-api
+ public: keystone
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: iam.DOMAIN
+ path:
+ default: /v3
+ scheme:
+ default: http
+ # public: https
+ port:
+ admin:
+ default: 35357
+ api:
+ default: 80
+ public: 80
+ armada:
+ name: armada
+ hosts:
+ default: armada-api
+ public: armada
+ port:
+ api:
+ default: 8000
+ path:
+ default: /api/v1.0
+ scheme:
+ default: http
+ host_fqdn_override:
+ default: null
+ deckhand:
+ name: deckhand
+ hosts:
+ default: deckhand-int
+ public: deckhand-api
+ port:
+ api:
+ default: 9000
+ path:
+ default: /api/v1.0
+ scheme:
+ default: http
+ host_fqdn_override:
+ default: null
+ postgresql:
+ name: postgresql
+ hosts:
+ default: postgresql
+ path: /DB_NAME
+ scheme: postgresql+psycopg2
+ port:
+ postgresql:
+ default: 5432
+ host_fqdn_override:
+ default: null
+ postgresql_airflow_celery:
+ name: postgresql_airflow_celery_db
+ hosts:
+ default: postgresql
+ path: /DB_NAME
+ scheme: db+postgresql
+ port:
+ postgresql:
+ default: 5432
+ host_fqdn_override:
+ default: null
+ oslo_db:
+ hosts:
+ default: mariadb
+ discovery: mariadb-discovery
+ host_fqdn_override:
+ default: null
+ path: /DB_NAME
+ scheme: mysql+pymysql
+ port:
+ mysql:
+ default: 3306
+ wsrep:
+ default: 4567
+ key_manager:
+ name: barbican
+ hosts:
+ default: barbican-api
+ public: barbican
+ host_fqdn_override:
+ default: null
+ path:
+ default: /v1
+ scheme:
+ default: http
+ port:
+ api:
+ default: 9311
+ public: 80
+ oslo_messaging:
+ namespace: null
+ hosts:
+ default: rabbitmq
+ host_fqdn_override:
+ default: null
+ path: /openstack
+ scheme: rabbit
+ port:
+ amqp:
+ default: 5672
+ oslo_cache:
+ hosts:
+ default: memcached
+ host_fqdn_override:
+ default: null
+ port:
+ memcache:
+ default: 11211
+ physicalprovisioner:
+ name: drydock
+ hosts:
+ default: drydock-api
+ port:
+ api:
+ default: 9000
+ nodeport: 31900
+ path:
+ default: /api/v1.0
+ scheme:
+ default: http
+ host_fqdn_override:
+ default: null
+ maas_region_ui:
+ name: maas-region-ui
+ hosts:
+ default: maas-region-ui
+ public: maas
+ path:
+ default: /MAAS
+ scheme:
+ default: "http"
+ port:
+ region_ui:
+ default: 80
+ public: 80
+ host_fqdn_override:
+ default: null
+ kubernetesprovisioner:
+ name: promenade
+ hosts:
+ default: promenade-api
+ port:
+ api:
+ default: 80
+ path:
+ default: /api/v1.0
+ scheme:
+ default: http
+ host_fqdn_override:
+ default: null
+ shipyard:
+ name: shipyard
+ hosts:
+ default: shipyard-int
+ public: shipyard-api
+ port:
+ api:
+ default: 9000
+ public: 80
+ path:
+ default: /api/v1.0
+ scheme:
+ default: http
+ # public: https
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: shipyard.DOMAIN
+ airflow_web:
+ name: airflow-web
+ hosts:
+ default: airflow-web-int
+ public: airflow-web
+ port:
+ airflow_web:
+ default: 8080
+ path:
+ default: /
+ scheme:
+ default: http
+ host_fqdn_override:
+ default: null
+ airflow_flower:
+ name: airflow-flower
+ hosts:
+ default: airflow-flower
+ port:
+ airflow_flower:
+ default: 5555
+ path:
+ default: /
+ scheme:
+ default: http
+ host_fqdn_override:
+ default: null
+ ceph:
+ object_store:
+ name: swift
+ namespace: ceph
+ hosts:
+ default: ceph-rgw
+ public: radosgw
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: object-store.DOMAIN
+ path:
+ default: /swift/v1
+ scheme:
+ default: http
+ # public: "https"
+ port:
+ api:
+ default: 8088
+ # public: 443
+ ceph_object_store:
+ name: radosgw
+ namespace: ceph
+ hosts:
+ default: ceph-rgw
+ public: radosgw
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: object-store.DOMAIN
+ path:
+ default: /auth/v1.0
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8088
+ # public: 443
+ ceph_mon:
+ namespace: ceph
+ hosts:
+ default: ceph-mon
+ discovery: ceph-mon-discovery
+ host_fqdn_override:
+ default: null
+ port:
+ mon:
+ default: 6789
+ ceph_mgr:
+ namespace: ceph
+ hosts:
+ default: ceph-mgr
+ host_fqdn_override:
+ default: null
+ port:
+ mgr:
+ default: 7000
+ scheme:
+ default: http
+...
+---
+schema: pegleg/EndpointCatalogue/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_endpoints
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+ # substitutions:
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.object_store.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.ceph_object_store.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.object_store.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.object_store.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.object_store.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.ceph_object_store.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.ceph_object_store.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.ceph_object_store.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.image.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.cloudformation.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.orchestration.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.compute.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.compute_novnc_proxy.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.placement.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.network.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.identity.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.dashboard.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.volume.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.volumev2.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.volumev3.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.identity.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.identity.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.identity.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.orchestration.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.orchestration.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.orchestration.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.cloudformation.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.cloudformation.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.cloudformation.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.dashboard.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.dashboard.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.dashboard.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.image.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.image.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.image.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.volume.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.volume.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.volume.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.volumev2.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.volumev2.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.volumev2.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.volumev3.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.volumev3.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.volumev3.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.compute.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.compute.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.compute.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.compute_novnc_proxy.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.compute_novnc_proxy.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.compute_novnc_proxy.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.placement.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.placement.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.placement.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.network.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.network.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.network.host_fqdn_override.public.tls.key
+data:
+ osh:
+ object_store:
+ name: swift
+ namespace: ceph
+ hosts:
+ default: ceph-rgw
+ public: radosgw
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: object-store.DOMAIN
+ path:
+ default: /swift/v1/KEY_$(tenant_id)s
+ scheme:
+ default: http
+ # public: "https"
+ port:
+ api:
+ default: 8088
+ # public: 443
+ ceph_object_store:
+ name: radosgw
+ namespace: ceph
+ hosts:
+ default: ceph-rgw
+ public: radosgw
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: object-store.DOMAIN
+ path:
+ default: /auth/v1.0
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8088
+ # public: 443
+ oslo_db:
+ hosts:
+ default: mariadb
+ discovery: mariadb-discovery
+ host_fqdn_override:
+ default: null
+ path: /DB_NAME
+ scheme: mysql+pymysql
+ port:
+ mysql:
+ default: 3306
+ wsrep:
+ default: 4567
+ keystone_oslo_messaging:
+ namespace: openstack
+ hosts:
+ default: keystone-rabbitmq
+ host_fqdn_override:
+ default: null
+ path: /keystone
+ scheme: rabbit
+ port:
+ amqp:
+ default: 5672
+ http:
+ default: 15672
+ keystone_rabbitmq_exporter:
+ namespace: openstack
+ hosts:
+ default: keystone-rabbitmq-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: /metrics
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9095
+ oslo_cache:
+ namespace: openstack
+ hosts:
+ default: memcached
+ host_fqdn_override:
+ default: null
+ port:
+ memcache:
+ default: 11211
+ identity:
+ namespace: openstack
+ name: keystone
+ hosts:
+ default: keystone-api
+ public: keystone
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: identity.DOMAIN
+ path:
+ default: /v3
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ admin:
+ default: 35357
+ api:
+ default: 80
+ # public: 443
+ glance_oslo_messaging:
+ namespace: openstack
+ hosts:
+ default: glance-rabbitmq
+ host_fqdn_override:
+ default: null
+ path: /glance
+ scheme: rabbit
+ port:
+ amqp:
+ default: 5672
+ http:
+ default: 15672
+ glance_rabbitmq_exporter:
+ namespace: openstack
+ hosts:
+ default: glance-rabbitmq-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: /metrics
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9095
+ image:
+ name: glance
+ hosts:
+ default: glance-api
+ public: glance
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: image.DOMAIN
+ path:
+ default: null
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 9292
+ # public: 443
+ image_registry:
+ name: glance-registry
+ hosts:
+ default: glance-registry
+ public: glance-reg
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ scheme:
+ default: "http"
+ port:
+ api:
+ default: 9191
+ public: 80
+ cinder_oslo_messaging:
+ namespace: openstack
+ hosts:
+ default: cinder-rabbitmq
+ host_fqdn_override:
+ default: null
+ path: /cinder
+ scheme: rabbit
+ port:
+ amqp:
+ default: 5672
+ http:
+ default: 15672
+ cinder_rabbitmq_exporter:
+ namespace: openstack
+ hosts:
+ default: cinder-rabbitmq-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: /metrics
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9095
+ volume:
+ name: cinder
+ hosts:
+ default: cinder-api
+ public: cinder
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: volume.DOMAIN
+ path:
+ default: "/v1/%(tenant_id)s"
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8776
+ # public: 443
+ volumev2:
+ name: cinderv2
+ hosts:
+ default: cinder-api
+ public: cinder
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: volume.DOMAIN
+ path:
+ default: "/v2/%(tenant_id)s"
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8776
+ # public: 443
+ volumev3:
+ name: cinderv3
+ hosts:
+ default: cinder-api
+ public: cinder
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: volume.DOMAIN
+ path:
+ default: "/v3/%(tenant_id)s"
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8776
+ # public: 443
+ heat_oslo_messaging:
+ namespace: openstack
+ hosts:
+ default: heat-rabbitmq
+ host_fqdn_override:
+ default: null
+ path: /heat
+ scheme: rabbit
+ port:
+ amqp:
+ default: 5672
+ http:
+ default: 15672
+ heat_rabbitmq_exporter:
+ namespace: openstack
+ hosts:
+ default: heat-rabbitmq-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: /metrics
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9095
+ orchestration:
+ name: heat
+ hosts:
+ default: heat-api
+ public: heat
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: orchestration.DOMAIN
+ path:
+ default: "/v1/%(project_id)s"
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8004
+ # public: 443
+ cloudformation:
+ name: heat-cfn
+ hosts:
+ default: heat-cfn
+ public: cloudformation
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: cloudformation.DOMAIN
+ path:
+ default: /v1
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8000
+ # public: 443
+ cloudwatch:
+ name: heat-cloudwatch
+ hosts:
+ default: heat-cloudwatch
+ public: cloudwatch
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ type: null
+ scheme:
+ default: "http"
+ port:
+ api:
+ default: 8003
+ public: 80
+ neutron_oslo_messaging:
+ namespace: openstack
+ hosts:
+ default: neutron-rabbitmq
+ host_fqdn_override:
+ default: null
+ path: /neutron
+ scheme: rabbit
+ port:
+ amqp:
+ default: 5672
+ http:
+ default: 15672
+ neutron_rabbitmq_exporter:
+ namespace: openstack
+ hosts:
+ default: neutron-rabbitmq-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: /metrics
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9095
+ network:
+ name: neutron
+ hosts:
+ default: neutron-server
+ public: neutron
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: network.DOMAIN
+ path:
+ default: null
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 9696
+ # public: 443
+ nova_oslo_messaging:
+ namespace: openstack
+ hosts:
+ default: nova-rabbitmq
+ host_fqdn_override:
+ default: null
+ path: /nova
+ scheme: rabbit
+ port:
+ amqp:
+ default: 5672
+ http:
+ default: 15672
+ nova_rabbitmq_exporter:
+ namespace: openstack
+ hosts:
+ default: nova-rabbitmq-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: /metrics
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9095
+ compute:
+ name: nova
+ hosts:
+ default: nova-api
+ public: nova
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: compute.DOMAIN
+ path:
+ default: "/v2/%(tenant_id)s"
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8774
+ # public: 443
+ novncproxy:
+ default: 443
+ compute_metadata:
+ name: nova
+ hosts:
+ default: nova-metadata
+ public: metadata
+ host_fqdn_override:
+ default: null
+ path:
+ default: /
+ scheme:
+ default: "http"
+ port:
+ metadata:
+ default: 8775
+ public: 80
+ compute_novnc_proxy:
+ name: nova
+ hosts:
+ default: nova-novncproxy
+ public: novncproxy
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: nova-novncproxy.DOMAIN
+ path:
+ default: /vnc_auto.html
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ novnc_proxy:
+ default: 6080
+ # public: 443
+ compute_spice_proxy:
+ name: nova
+ hosts:
+ default: nova-spiceproxy
+ host_fqdn_override:
+ default: null
+ path:
+ default: /spice_auto.html
+ scheme:
+ default: "http"
+ port:
+ spice_proxy:
+ default: 6082
+ placement:
+ name: placement
+ hosts:
+ default: placement-api
+ public: placement
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: placement.DOMAIN
+ path:
+ default: /
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8778
+ # public: 443
+ dashboard:
+ name: horizon
+ hosts:
+ default: horizon-int
+ public: horizon
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: dashboard.DOMAIN
+ path:
+ default: null
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ web:
+ default: 80
+ # public: 443
+...
+---
+schema: pegleg/EndpointCatalogue/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_infra_endpoints
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+ # substitutions:
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh_infra.kibana.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh_infra.grafana.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh_infra.nagios.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh_infra.kibana.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh_infra.kibana.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh_infra.kibana.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh_infra.grafana.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh_infra.grafana.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh_infra.grafana.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh_infra.nagios.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh_infra.nagios.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh_infra.nagios.host_fqdn_override.public.tls.key
+ # path: .osh_infra.nagios.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .ldap.base_url
+ # dest:
+ # path: .osh_infra.ldap.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .ldap.auth_path
+ # dest:
+ # path: .osh_infra.ldap.path.default
+ # pattern: AUTH_PATH
+data:
+ osh_infra:
+ elasticsearch:
+ name: elasticsearch
+ namespace: osh-infra
+ hosts:
+ data: elasticsearch-data
+ default: elasticsearch-logging
+ discovery: elasticsearch-discovery
+ public: elasticsearch
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ scheme:
+ default: "http"
+ port:
+ http:
+ default: 80
+ prometheus_elasticsearch_exporter:
+ namespace: null
+ hosts:
+ default: elasticsearch-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: /metrics
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9108
+ fluentd:
+ namespace: osh-infra
+ name: fluentd
+ hosts:
+ default: fluentd-logging
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ scheme:
+ default: "http"
+ port:
+ service:
+ default: 24224
+ metrics:
+ default: 24220
+ prometheus_fluentd_exporter:
+ namespace: osh-infra
+ hosts:
+ default: fluentd-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: /metrics
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9309
+ oslo_db:
+ namespace: osh-infra
+ hosts:
+ default: mariadb
+ host_fqdn_override:
+ default: null
+ path: /DB_NAME
+ scheme: mysql+pymysql
+ port:
+ mysql:
+ default: 3306
+ grafana:
+ name: grafana
+ namespace: osh-infra
+ hosts:
+ default: grafana-dashboard
+ public: grafana
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: grafana.DOMAIN
+ path:
+ default: null
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ grafana:
+ default: 3000
+ # public: 443
+ monitoring:
+ name: prometheus
+ namespace: osh-infra
+ hosts:
+ default: prom-metrics
+ public: prometheus
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ scheme:
+ default: "http"
+ port:
+ api:
+ default: 9090
+ public: 80
+ kibana:
+ name: kibana
+ namespace: osh-infra
+ hosts:
+ default: kibana-dash
+ public: kibana
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: kibana.DOMAIN
+ path:
+ default: null
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ kibana:
+ default: 5601
+ # public: 443
+ alerts:
+ name: alertmanager
+ namespace: osh-infra
+ hosts:
+ default: alerts-engine
+ public: alertmanager
+ discovery: alertmanager-discovery
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ scheme:
+ default: "http"
+ port:
+ api:
+ default: 9093
+ public: 80
+ mesh:
+ default: 6783
+ kube_state_metrics:
+ namespace: kube-system
+ hosts:
+ default: kube-state-metrics
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ scheme:
+ default: "http"
+ port:
+ http:
+ default: 8080
+ kube_scheduler:
+ scheme:
+ default: "http"
+ path:
+ default: /metrics
+ kube_controller_manager:
+ scheme:
+ default: "http"
+ path:
+ default: /metrics
+ node_metrics:
+ namespace: kube-system
+ hosts:
+ default: node-exporter
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ scheme:
+ default: "http"
+ port:
+ metrics:
+ default: 9100
+ prometheus_port:
+ default: 9100
+ prometheus_openstack_exporter:
+ namespace: openstack
+ hosts:
+ default: openstack-metrics
+ host_fqdn_override:
+ default: null
+ path:
+ default: null
+ scheme:
+ default: "http"
+ port:
+ exporter:
+ default: 9103
+ nagios:
+ name: nagios
+ namespace: osh-infra
+ hosts:
+ default: nagios-metrics
+ public: nagios
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: nagios.DOMAIN
+ path:
+ default: null
+ scheme:
+ default: http
+ # public: https
+ port:
+ http:
+ default: 80
+ # public: 443
+ ldap:
+ hosts:
+ default: ldap
+ host_fqdn_override:
+ default: null
+ public:
+ host: DOMAIN
+ path:
+ default: /AUTH_PATH
+ scheme:
+ default: "ldap"
+ port:
+ ldap:
+ default: 389
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: pegleg/AccountCatalogue/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp_service_accounts
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ ucp:
+ postgres:
+ admin:
+ username: postgres
+ oslo_db:
+ admin:
+ username: root
+ oslo_messaging:
+ admin:
+ username: rabbitmq
+ keystone:
+ admin:
+ region_name: RegionOne
+ username: admin
+ project_name: admin
+ user_domain_name: default
+ project_domain_name: default
+ oslo_messaging:
+ admin:
+ username: rabbitmq
+ keystone:
+ username: keystone
+ oslo_db:
+ username: keystone
+ database: keystone
+ promenade:
+ keystone:
+ region_name: RegionOne
+ role: admin
+ project_name: service
+ project_domain_name: default
+ user_domain_name: default
+ username: promenade
+ drydock:
+ keystone:
+ region_name: RegionOne
+ role: admin
+ project_name: service
+ project_domain_name: default
+ user_domain_name: default
+ username: drydock
+ postgres:
+ username: drydock
+ database: drydock
+ shipyard:
+ keystone:
+ region_name: RegionOne
+ role: admin
+ project_name: service
+ project_domain_name: default
+ user_domain_name: default
+ username: shipyard
+ postgres:
+ username: shipyard
+ database: shipyard
+ airflow:
+ postgres:
+ username: airflow
+ database: airflow
+ oslo_messaging:
+ username: rabbitmq
+ maas:
+ admin:
+ username: admin
+ email: none@none
+ postgres:
+ username: maas
+ database: maasdb
+ barbican:
+ keystone:
+ region_name: RegionOne
+ role: admin
+ project_name: service
+ project_domain_name: default
+ user_domain_name: default
+ username: barbican
+ oslo_db:
+ username: barbican
+ database: barbican
+ oslo_messaging:
+ admin:
+ username: rabbitmq
+ keystone:
+ username: keystone
+ armada:
+ keystone:
+ project_domain_name: default
+ user_domain_name: default
+ project_name: service
+ region_name: RegionOne
+ role: admin
+ user_domain_name: default
+ username: armada
+ deckhand:
+ keystone:
+ region_name: RegionOne
+ role: admin
+ project_name: service
+ project_domain_name: default
+ user_domain_name: default
+ username: deckhand
+ postgres:
+ username: deckhand
+ database: deckhand
+ ceph:
+ swift:
+ keystone:
+ role: admin
+ region_name: RegionOne
+ username: swift
+ project_name: service
+ user_domain_name: default
+ project_domain_name: default
+...
+---
+schema: pegleg/AccountCatalogue/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_service_accounts
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+ substitutions:
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.keystone.admin.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.cinder.cinder.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.glance.glance.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.heat.heat.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.heat.heat_trustee.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.heat.heat_stack_user.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.swift.keystone.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.neutron.neutron.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.nova.nova.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.nova.placement.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.barbican.barbican.region_name
+ - src:
+ schema: pegleg/CommonSoftwareConfig/v1
+ name: common-software-config
+ path: .osh.region_name
+ dest:
+ path: .osh.barbican.barbican.region_name
+data:
+ osh:
+ keystone:
+ admin:
+ username: admin
+ project_name: admin
+ user_domain_name: default
+ project_domain_name: default
+ oslo_db:
+ username: keystone
+ database: keystone
+ oslo_messaging:
+ admin:
+ username: keystone-rabbitmq-admin
+ keystone:
+ username: keystone-rabbitmq-user
+ ldap:
+ username: "user@example-ldap.com"
+ cinder:
+ cinder:
+ role: admin
+ username: cinder
+ project_name: service
+ user_domain_name: default
+ project_domain_name: default
+ oslo_db:
+ username: cinder
+ database: cinder
+ oslo_messaging:
+ admin:
+ username: cinder-rabbitmq-admin
+ cinder:
+ username: cinder-rabbitmq-user
+ glance:
+ glance:
+ role: admin
+ username: glance
+ project_name: service
+ user_domain_name: default
+ project_domain_name: default
+ oslo_db:
+ username: glance
+ database: glance
+ oslo_messaging:
+ admin:
+ username: glance-rabbitmq-admin
+ glance:
+ username: glance-rabbitmq-user
+ ceph_object_store:
+ username: glance
+ heat:
+ heat:
+ role: admin
+ username: heat
+ project_name: service
+ user_domain_name: default
+ project_domain_name: default
+ heat_trustee:
+ role: admin
+ username: heat-trust
+ project_name: service
+ user_domain_name: default
+ project_domain_name: default
+ heat_stack_user:
+ role: admin
+ username: heat-domain
+ domain_name: heat
+ oslo_db:
+ username: heat
+ database: heat
+ oslo_messaging:
+ admin:
+ username: heat-rabbitmq-admin
+ heat:
+ username: heat-rabbitmq-user
+ swift:
+ keystone:
+ role: admin
+ username: swift
+ project_name: service
+ user_domain_name: default
+ project_domain_name: default
+ oslo_db:
+ admin:
+ username: root
+ neutron:
+ neutron:
+ role: admin
+ username: neutron
+ project_name: service
+ user_domain_name: default
+ project_domain_name: default
+ oslo_db:
+ username: neutron
+ database: neutron
+ oslo_messaging:
+ admin:
+ username: neutron-rabbitmq-admin
+ neutron:
+ username: neutron-rabbitmq-user
+ nova:
+ nova:
+ role: admin
+ username: nova
+ project_name: service
+ user_domain_name: default
+ project_domain_name: default
+ placement:
+ role: admin
+ username: placement
+ project_name: service
+ user_domain_name: default
+ project_domain_name: default
+ oslo_db:
+ username: nova
+ database: nova
+ oslo_db_api:
+ username: nova
+ database: nova_api
+ oslo_db_cell0:
+ username: nova
+ database: "nova_cell0"
+ oslo_messaging:
+ admin:
+ username: nova-rabbitmq-admin
+ nova:
+ username: nova-rabbitmq-user
+ horizon:
+ oslo_db:
+ username: horizon
+ database: horizon
+ barbican:
+ barbican:
+ role: admin
+ username: barbican
+ project_name: service
+ user_domain_name: default
+ project_domain_name: default
+ oslo_db:
+ username: barbican
+ database: barbican
+ oslo_messaging:
+ admin:
+ username: barbican-rabbitmq-admin
+ barbican:
+ username: barbican-rabbitmq-user
+...
+---
+schema: pegleg/AccountCatalogue/v1
+metadata:
+ schema: metadata/Document/v1
+ name: osh_infra_service_accounts
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ osh_infra:
+ grafana:
+ admin:
+ username: grafana
+ oslo_db:
+ username: grafana
+ database: grafana
+ oslo_db_session:
+ username: grafana_session
+ database: grafana_session
+ elasticsearch:
+ admin:
+ username: elasticsearch
+ kibana:
+ admin:
+ username: kibana
+ oslo_db:
+ admin:
+ username: root
+ prometheus_openstack_exporter:
+ user:
+ username: prometheus-openstack-exporter
+ project_name: service
+ user_domain_name: default
+ nagios:
+ admin:
+ username: nagios
+ ldap:
+ admin:
+ # NEWSITE-CHANGEME: Replace with the site's LDAP account used to
+ # authenticate to the active directory backend to validate keystone
+ # users.
+ bind: "test@ldap.example.com"
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Manifest/v1
+metadata:
+ schema: metadata/Document/v1
+ name: full-site
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: full-site-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data:
+ release_prefix: airship
+ chart_groups:
+ - kubernetes-proxy
+ - kubernetes-container-networking
+ - kubernetes-dns
+ - kubernetes-etcd
+ - kubernetes-haproxy
+ - kubernetes-core
+ - ingress-kube-system
+ - ucp-ceph-update
+ - ucp-ceph-config
+ - ucp-core
+ - ucp-keystone
+ - ucp-divingbell
+ - ucp-armada
+ - ucp-deckhand
+ - ucp-drydock
+ - ucp-promenade
+ - ucp-shipyard
+ - osh-infra-ingress-controller
+ - osh-infra-ceph-config
+ - osh-infra-logging
+ - osh-infra-monitoring
+ - osh-infra-mariadb
+ - osh-infra-dashboards
+ - openstack-ingress-controller
+ - openstack-ceph-config
+ - openstack-mariadb
+ - openstack-memcached
+ - openstack-keystone
+ - openstack-radosgw
+ - openstack-glance
+ - openstack-cinder
+ - openstack-compute-kit
+ - openstack-heat
+ - osh-infra-prometheus-openstack-exporter
+ - openstack-horizon
+...
+++ /dev/null
----
-##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: armada/Chart/v1
-metadata:
- schema: metadata/Document/v1
- name: nova
- labels:
- component: nova
- layeringDefinition:
- abstract: false
- layer: site
- parentSelector:
- name: nova-global
- actions:
- - method: merge
- path: .
- storagePolicy: cleartext
-data:
- values:
- conf:
- nova:
- libvirt:
- virt_type: kvm
- DEFAULT:
- vcpu_pin_set: "4-23,28-47"
- pci:
- alias: '{"name": "numa0", "capability_type": "pci", "product_id": "154c", "vendor_id": "8086", "device_type": "type-PCI", "numa_policy": "required"}'
- passthrough_whitelist: |
- [{"address": "0000:08:10.0", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:10.2", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:12.4", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:12.6", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:13.0", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:13.2", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:13.4", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:13.6", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:14.0", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:14.2", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:14.4", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:14.6", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:10.4", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:15.0", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:15.2", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:15.4", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:15.6", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:16.0", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:16.2", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:16.4", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:16.6", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:17.0", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:17.2", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:10.6", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:17.4", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:17.6", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:11.0", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:11.2", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:11.4", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:11.6", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:12.0", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:12.2", "physical_network": "sriovnet1", "trusted": "true"}, {"address": "0000:08:10.1", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:10.3", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:12.5", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:12.7", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:13.1", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:13.3", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:13.5", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:13.7", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:14.1", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:14.3", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:14.5", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:14.7", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:10.5", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:15.1", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:15.3", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:15.5", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:15.7", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:16.1", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:16.3", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:16.5", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:16.7", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:17.1", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:17.3", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:10.7", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:17.5", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:17.7", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:11.1", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:11.3", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:11.5", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:11.7", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:12.1", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:08:12.3", "physical_network": "sriovnet2", "trusted": "true"}, {"address": "0000:81:10.0", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:10.2", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:12.4", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:12.6", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:13.0", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:13.2", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:13.4", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:13.6", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:14.0", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:14.2", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:14.4", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:14.6", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:10.4", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:15.0", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:15.2", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:15.4", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:15.6", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:16.0", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:16.2", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:16.4", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:16.6", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:17.0", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:17.2", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:10.6", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:17.4", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:17.6", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:11.0", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:11.2", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:11.4", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:11.6", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:12.0", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:12.2", "physical_network": "sriovnet3", "trusted": "true"}, {"address": "0000:81:10.1", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:10.3", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:12.5", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:12.7", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:13.1", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:13.3", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:13.5", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:13.7", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:14.1", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:14.3", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:14.5", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:14.7", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:10.5", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:15.1", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:15.3", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:15.5", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:15.7", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:16.1", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:16.3", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:16.5", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:16.7", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:17.1", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:17.3", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:10.7", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:17.5", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:17.7", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:11.1", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:11.3", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:11.5", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:11.7", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:12.1", "physical_network": "sriovnet4", "trusted": "true"}, {"address": "0000:81:12.3", "physical_network": "sriovnet4", "trusted": "true"}]
-...
+++ /dev/null
----
-##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: pegleg/EndpointCatalogue/v1
-metadata:
- schema: metadata/Document/v1
- name: ucp_endpoints
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
- substitutions:
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .domain.url
- dest:
- path: .ucp.identity.host_fqdn_override.public
- pattern: DOMAIN
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .domain.url
- dest:
- path: .ucp.shipyard.host_fqdn_override.public
- pattern: DOMAIN
-data:
- ucp:
- identity:
- namespace: ucp
- name: keystone
- hosts:
- default: keystone-api
- public: keystone
- host_fqdn_override:
- default: null
- public: iam.DOMAIN
- path:
- default: /v3
- scheme:
- default: http
- port:
- admin:
- default: 35357
- api:
- default: 80
- armada:
- name: armada
- hosts:
- default: armada-api
- public: armada
- port:
- api:
- default: 8000
- path:
- default: /api/v1.0
- scheme:
- default: http
- host_fqdn_override:
- default: null
- deckhand:
- name: deckhand
- hosts:
- default: deckhand-int
- public: deckhand-api
- port:
- api:
- default: 9000
- path:
- default: /api/v1.0
- scheme:
- default: http
- host_fqdn_override:
- default: null
- postgresql:
- name: postgresql
- hosts:
- default: postgresql
- path: /DB_NAME
- scheme: postgresql+psycopg2
- port:
- postgresql:
- default: 5432
- host_fqdn_override:
- default: null
- postgresql_airflow_celery:
- name: postgresql_airflow_celery_db
- hosts:
- default: postgresql
- path: /DB_NAME
- scheme: db+postgresql
- port:
- postgresql:
- default: 5432
- host_fqdn_override:
- default: null
- oslo_db:
- hosts:
- default: mariadb
- discovery: mariadb-discovery
- host_fqdn_override:
- default: null
- path: /DB_NAME
- scheme: mysql+pymysql
- port:
- mysql:
- default: 3306
- wsrep:
- default: 4567
- key_manager:
- name: barbican
- hosts:
- default: barbican-api
- public: barbican
- host_fqdn_override:
- default: null
- path:
- default: /v1
- scheme:
- default: http
- port:
- api:
- default: 9311
- public: 80
- oslo_messaging:
- namespace: null
- hosts:
- default: rabbitmq
- host_fqdn_override:
- default: null
- path: /openstack
- scheme: rabbit
- port:
- amqp:
- default: 5672
- oslo_cache:
- hosts:
- default: memcached
- host_fqdn_override:
- default: null
- port:
- memcache:
- default: 11211
- physicalprovisioner:
- name: drydock
- hosts:
- default: drydock-api
- port:
- api:
- default: 9000
- nodeport: 31900
- path:
- default: /api/v1.0
- scheme:
- default: http
- host_fqdn_override:
- default: null
- maas_region_ui:
- name: maas-region-ui
- hosts:
- default: maas-region-ui
- public: maas
- path:
- default: /MAAS
- scheme:
- default: "http"
- port:
- region_ui:
- default: 80
- public: 80
- host_fqdn_override:
- default: null
- kubernetesprovisioner:
- name: promenade
- hosts:
- default: promenade-api
- port:
- api:
- default: 80
- path:
- default: /api/v1.0
- scheme:
- default: http
- host_fqdn_override:
- default: null
- shipyard:
- name: shipyard
- hosts:
- default: shipyard-int
- public: shipyard-api
- port:
- api:
- default: 9000
- public: 80
- path:
- default: /api/v1.0
- scheme:
- default: http
- host_fqdn_override:
- default: null
- public: shipyard.DOMAIN
- airflow_web:
- name: airflow-web
- hosts:
- default: airflow-web-int
- public: airflow-web
- port:
- airflow_web:
- default: 8080
- path:
- default: /
- scheme:
- default: http
- host_fqdn_override:
- default: null
- airflow_flower:
- name: airflow-flower
- hosts:
- default: airflow-flower
- port:
- airflow_flower:
- default: 5555
- path:
- default: /
- scheme:
- default: http
- host_fqdn_override:
- default: null
- ceph:
- object_store:
- name: swift
- namespace: ceph
- hosts:
- default: ceph-rgw
- host_fqdn_override:
- default: null
- path:
- default: /swift/v1
- scheme:
- default: http
- port:
- api:
- default: 8088
- ceph_mon:
- namespace: ceph
- hosts:
- default: ceph-mon
- discovery: ceph-mon-discovery
- host_fqdn_override:
- default: null
- port:
- mon:
- default: 6789
- ceph_mgr:
- namespace: ceph
- hosts:
- default: ceph-mgr
- host_fqdn_override:
- default: null
- port:
- mgr:
- default: 7000
- scheme:
- default: http
-...
----
-schema: pegleg/EndpointCatalogue/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_endpoints
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
- substitutions:
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .domain.url
- dest:
- path: .osh.image.host_fqdn_override.public
- pattern: DOMAIN
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .domain.url
- dest:
- path: .osh.cloudformation.host_fqdn_override.public
- pattern: DOMAIN
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .domain.url
- dest:
- path: .osh.orchestration.host_fqdn_override.public
- pattern: DOMAIN
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .domain.url
- dest:
- path: .osh.compute.host_fqdn_override.public
- pattern: DOMAIN
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .domain.url
- dest:
- path: .osh.compute_novnc_proxy.host_fqdn_override.public
- pattern: DOMAIN
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .domain.url
- dest:
- path: .osh.network.host_fqdn_override.public
- pattern: DOMAIN
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .domain.url
- dest:
- path: .osh.identity.host_fqdn_override.public
- pattern: DOMAIN
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .domain.url
- dest:
- path: .osh.dashboard.host_fqdn_override.public
- pattern: DOMAIN
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .domain.url
- dest:
- path: .osh.volume.host_fqdn_override.public
- pattern: DOMAIN
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .domain.url
- dest:
- path: .osh.volumev2.host_fqdn_override.public
- pattern: DOMAIN
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .domain.url
- dest:
- path: .osh.volumev3.host_fqdn_override.public
- pattern: DOMAIN
-data:
- osh:
- oslo_db:
- hosts:
- default: mariadb
- discovery: mariadb-discovery
- host_fqdn_override:
- default: null
- path: /DB_NAME
- scheme: mysql+pymysql
- port:
- mysql:
- default: 3306
- wsrep:
- default: 4567
- keystone_oslo_messaging:
- namespace: openstack
- hosts:
- default: keystone-rabbitmq
- host_fqdn_override:
- default: null
- path: /keystone
- scheme: rabbit
- port:
- amqp:
- default: 5672
- http:
- default: 15672
- keystone_rabbitmq_exporter:
- namespace: openstack
- hosts:
- default: keystone-rabbitmq-exporter
- host_fqdn_override:
- default: null
- path:
- default: /metrics
- scheme:
- default: "http"
- port:
- metrics:
- default: 9095
- oslo_cache:
- namespace: openstack
- hosts:
- default: memcached
- host_fqdn_override:
- default: null
- port:
- memcache:
- default: 11211
- identity:
- namespace: openstack
- name: keystone
- hosts:
- default: keystone-api
- public: keystone
- host_fqdn_override:
- default: null
- public: keystone.DOMAIN
- path:
- default: /v3
- scheme:
- default: "http"
- port:
- admin:
- default: 35357
- api:
- default: 80
- glance_oslo_messaging:
- namespace: openstack
- hosts:
- default: glance-rabbitmq
- host_fqdn_override:
- default: null
- path: /glance
- scheme: rabbit
- port:
- amqp:
- default: 5672
- http:
- default: 15672
- glance_rabbitmq_exporter:
- namespace: openstack
- hosts:
- default: glance-rabbitmq-exporter
- host_fqdn_override:
- default: null
- path:
- default: /metrics
- scheme:
- default: "http"
- port:
- metrics:
- default: 9095
- image:
- name: glance
- hosts:
- default: glance-api
- public: glance
- host_fqdn_override:
- default: null
- public: image.DOMAIN
- path:
- default: null
- scheme:
- default: "http"
- port:
- api:
- default: 9292
- public: 80
- image_registry:
- name: glance-registry
- hosts:
- default: glance-registry
- public: glance-reg
- host_fqdn_override:
- default: null
- path:
- default: null
- scheme:
- default: "http"
- port:
- api:
- default: 9191
- public: 80
- cinder_oslo_messaging:
- namespace: openstack
- hosts:
- default: cinder-rabbitmq
- host_fqdn_override:
- default: null
- path: /cinder
- scheme: rabbit
- port:
- amqp:
- default: 5672
- http:
- default: 15672
- cinder_rabbitmq_exporter:
- namespace: openstack
- hosts:
- default: cinder-rabbitmq-exporter
- host_fqdn_override:
- default: null
- path:
- default: /metrics
- scheme:
- default: "http"
- port:
- metrics:
- default: 9095
- volume:
- name: cinder
- hosts:
- default: cinder-api
- public: cinder
- host_fqdn_override:
- default: null
- public: volume.DOMAIN
- path:
- default: "/v1/%(tenant_id)s"
- scheme:
- default: "http"
- port:
- api:
- default: 8776
- public: 80
- volumev2:
- name: cinderv2
- hosts:
- default: cinder-api
- public: cinder
- host_fqdn_override:
- default: null
- public: volume.DOMAIN
- path:
- default: "/v2/%(tenant_id)s"
- scheme:
- default: "http"
- port:
- api:
- default: 8776
- public: 80
- volumev3:
- name: cinderv3
- hosts:
- default: cinder-api
- public: cinder
- host_fqdn_override:
- default: null
- public: volume.DOMAIN
- path:
- default: "/v3/%(tenant_id)s"
- scheme:
- default: "http"
- port:
- api:
- default: 8776
- public: 80
- ceph_object_store:
- name: radosgw
- namespace: ceph
- hosts:
- default: ceph-rgw
- host_fqdn_override:
- default: null
- path:
- default: /auth/v1.0
- scheme:
- default: "http"
- port:
- api:
- default: 8088
- heat_oslo_messaging:
- namespace: openstack
- hosts:
- default: heat-rabbitmq
- host_fqdn_override:
- default: null
- path: /heat
- scheme: rabbit
- port:
- amqp:
- default: 5672
- http:
- default: 15672
- heat_rabbitmq_exporter:
- namespace: openstack
- hosts:
- default: heat-rabbitmq-exporter
- host_fqdn_override:
- default: null
- path:
- default: /metrics
- scheme:
- default: "http"
- port:
- metrics:
- default: 9095
- orchestration:
- name: heat
- hosts:
- default: heat-api
- public: heat
- host_fqdn_override:
- default: null
- public: orchestration.DOMAIN
- path:
- default: "/v1/%(project_id)s"
- scheme:
- default: "http"
- port:
- api:
- default: 8004
- public: 80
- cloudformation:
- name: heat-cfn
- hosts:
- default: heat-cfn
- public: cloudformation
- host_fqdn_override:
- default: null
- public: cloudformation.DOMAIN
- path:
- default: /v1
- scheme:
- default: "http"
- port:
- api:
- default: 8000
- public: 80
- cloudwatch:
- name: heat-cloudwatch
- hosts:
- default: heat-cloudwatch
- public: cloudwatch
- host_fqdn_override:
- default: null
- path:
- default: null
- type: null
- scheme:
- default: "http"
- port:
- api:
- default: 8003
- public: 80
- neutron_oslo_messaging:
- namespace: openstack
- hosts:
- default: neutron-rabbitmq
- host_fqdn_override:
- default: null
- path: /neutron
- scheme: rabbit
- port:
- amqp:
- default: 5672
- http:
- default: 15672
- neutron_rabbitmq_exporter:
- namespace: openstack
- hosts:
- default: neutron-rabbitmq-exporter
- host_fqdn_override:
- default: null
- path:
- default: /metrics
- scheme:
- default: "http"
- port:
- metrics:
- default: 9095
- network:
- name: neutron
- hosts:
- default: neutron-server
- public: neutron
- host_fqdn_override:
- default: null
- public: network.DOMAIN
- path:
- default: null
- scheme:
- default: "http"
- port:
- api:
- default: 9696
- public: 80
- nova_oslo_messaging:
- namespace: openstack
- hosts:
- default: nova-rabbitmq
- host_fqdn_override:
- default: null
- path: /nova
- scheme: rabbit
- port:
- amqp:
- default: 5672
- http:
- default: 15672
- nova_rabbitmq_exporter:
- namespace: openstack
- hosts:
- default: nova-rabbitmq-exporter
- host_fqdn_override:
- default: null
- path:
- default: /metrics
- scheme:
- default: "http"
- port:
- metrics:
- default: 9095
- compute:
- name: nova
- hosts:
- default: nova-api
- public: nova
- host_fqdn_override:
- default: null
- public: compute.DOMAIN
- path:
- default: "/v2/%(tenant_id)s"
- scheme:
- default: "http"
- port:
- api:
- default: 8774
- public: 80
- novncproxy:
- default: 6080
- compute_metadata:
- name: nova
- hosts:
- default: nova-metadata
- public: metadata
- host_fqdn_override:
- default: null
- path:
- default: /
- scheme:
- default: "http"
- port:
- metadata:
- default: 8775
- public: 80
- compute_novnc_proxy:
- name: nova
- hosts:
- default: nova-novncproxy
- public: novncproxy
- host_fqdn_override:
- default: null
- public: nova-novncproxy.DOMAIN
- path:
- default: /vnc_auto.html
- scheme:
- default: "http"
- port:
- novnc_proxy:
- default: 6080
- compute_spice_proxy:
- name: nova
- hosts:
- default: nova-spiceproxy
- host_fqdn_override:
- default: null
- path:
- default: /spice_auto.html
- scheme:
- default: "http"
- port:
- spice_proxy:
- default: 6082
- placement:
- name: placement
- hosts:
- default: placement-api
- public: placement
- host_fqdn_override:
- default: null
- path:
- default: /
- scheme:
- default: "http"
- port:
- api:
- default: 8778
- public: 80
- dashboard:
- name: horizon
- hosts:
- default: horizon-int
- public: horizon
- host_fqdn_override:
- default: null
- public: dashboard.DOMAIN
- path:
- default: null
- scheme:
- default: "http"
- port:
- web:
- default: 80
- barbican_oslo_messaging:
- namespace: openstack
- hosts:
- default: barbican-rabbitmq
- host_fqdn_override:
- default: null
- path: /barbican
- scheme: rabbit
- port:
- amqp:
- default: 5672
- http:
- default: 15672
- barbican_rabbitmq_exporter:
- namespace: openstack
- hosts:
- default: barbican-rabbitmq-exporter
- host_fqdn_override:
- default: null
- path:
- default: /metrics
- scheme:
- default: "http"
- port:
- metrics:
- default: 9095
- key_manager:
- name: barbican
- hosts:
- default: barbican-api
- public: barbican
- host_fqdn_override:
- default: null
- path:
- default: /v1
- scheme:
- default: "http"
- port:
- api:
- default: 9311
- public: 80
-...
----
-schema: pegleg/EndpointCatalogue/v1
-metadata:
- schema: metadata/Document/v1
- name: osh_infra_endpoints
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
- substitutions:
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .domain.url
- dest:
- path: .osh_infra.kibana.host_fqdn_override.public
- pattern: DOMAIN
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .domain.url
- dest:
- path: .osh_infra.grafana.host_fqdn_override.public
- pattern: DOMAIN
-data:
- osh_infra:
- elasticsearch:
- name: elasticsearch
- namespace: osh-infra
- hosts:
- data: elasticsearch-data
- default: elasticsearch-logging
- discovery: elasticsearch-discovery
- public: elasticsearch
- host_fqdn_override:
- default: null
- path:
- default: null
- scheme:
- default: "http"
- port:
- http:
- default: 80
- prometheus_elasticsearch_exporter:
- namespace: null
- hosts:
- default: elasticsearch-exporter
- host_fqdn_override:
- default: null
- path:
- default: /metrics
- scheme:
- default: "http"
- port:
- metrics:
- default: 9108
- fluentd:
- namespace: osh-infra
- name: fluentd
- hosts:
- default: fluentd-logging
- host_fqdn_override:
- default: null
- path:
- default: null
- scheme:
- default: "http"
- port:
- service:
- default: 24224
- metrics:
- default: 24220
- prometheus_fluentd_exporter:
- namespace: osh-infra
- hosts:
- default: fluentd-exporter
- host_fqdn_override:
- default: null
- path:
- default: /metrics
- scheme:
- default: "http"
- port:
- metrics:
- default: 9309
- oslo_db:
- namespace: osh-infra
- hosts:
- default: mariadb
- host_fqdn_override:
- default: null
- path: /DB_NAME
- scheme: mysql+pymysql
- port:
- mysql:
- default: 3306
- grafana:
- name: grafana
- namespace: osh-infra
- hosts:
- default: grafana-dashboard
- public: grafana
- host_fqdn_override:
- default: null
- public: grafana.DOMAIN
- path:
- default: null
- scheme:
- default: "http"
- port:
- grafana:
- default: 3000
- monitoring:
- name: prometheus
- namespace: osh-infra
- hosts:
- default: prom-metrics
- public: prometheus
- host_fqdn_override:
- default: null
- path:
- default: null
- scheme:
- default: "http"
- port:
- api:
- default: 9090
- public: 80
- kibana:
- name: kibana
- namespace: osh-infra
- hosts:
- default: kibana-dash
- public: kibana
- host_fqdn_override:
- default: null
- public: kibana.DOMAIN
- path:
- default: null
- scheme:
- default: "http"
- port:
- kibana:
- default: 5601
- alerts:
- name: alertmanager
- namespace: osh-infra
- hosts:
- default: alerts-engine
- public: alertmanager
- discovery: alertmanager-discovery
- host_fqdn_override:
- default: null
- path:
- default: null
- scheme:
- default: "http"
- port:
- api:
- default: 9093
- public: 80
- mesh:
- default: 6783
- kube_state_metrics:
- namespace: kube-system
- hosts:
- default: kube-state-metrics
- host_fqdn_override:
- default: null
- path:
- default: null
- scheme:
- default: "http"
- port:
- http:
- default: 8080
- kube_scheduler:
- scheme:
- default: "http"
- path:
- default: /metrics
- kube_controller_manager:
- scheme:
- default: "http"
- path:
- default: /metrics
- node_metrics:
- namespace: kube-system
- hosts:
- default: node-exporter
- host_fqdn_override:
- default: null
- path:
- default: null
- scheme:
- default: "http"
- port:
- metrics:
- default: 9100
- prometheus_port:
- default: 9100
- prometheus_openstack_exporter:
- namespace: openstack
- hosts:
- default: openstack-metrics
- host_fqdn_override:
- default: null
- path:
- default: null
- scheme:
- default: "http"
- port:
- exporter:
- default: 9103
-...
+++ /dev/null
----
-##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-site_name: hp_akraino
-ipmi_admin_password: Admin123
-networks:
- bonded: yes
- primary: bond0
- slaves:
- - name: ens3f0
- - name: ens3f1
- oob:
- vlan: 40
- interface:
- cidr: 192.168.41.0/24
- routes:
- gateway: 192.168.41.1
- ranges:
- reserved:
- start: 192.168.41.2
- end: 192.168.41.4
- static:
- start: 192.168.41.5
- end: 192.168.41.254
- host:
- vlan: 41
- interface: bond0.41
- cidr: 192.168.2.0/24
- routes:
- gateway: 192.168.2.85
- ranges:
- reserved:
- start: 192.168.2.84
- end: 192.168.2.86
- static:
- start: 192.168.2.1
- end: 192.168.2.83
- storage:
- vlan: 42
- interface: bond0.42
- cidr: 172.31.1.0/24
- ranges:
- reserved:
- start: 172.31.1.1
- end: 172.31.1.10
- static:
- start: 172.31.1.11
- end: 172.31.1.254
- pxe:
- vlan:
- interface: eno1
- cidr: 172.30.1.0/24
- gateway: 172.30.1.1
- ranges:
- reserved:
- start: 172.30.1.2
- end: 172.30.1.10
- static:
- start: 172.30.1.11
- end: 172.30.1.200
- dhcp:
- start: 172.30.1.201
- end: 172.30.1.254
- ksn:
- vlan: 44
- interface: bond0.44
- cidr: 172.29.1.0/24
- local_asnumber: 65531
- ranges:
- static:
- start: 172.29.1.5
- end: 172.29.1.254
- additional_cidrs:
- - 172.29.1.136/29
- ingress_cidr: 172.29.1.137/32
- peers:
- - ip: 172.29.1.1
- scope: global
- asnumber: 65001
- vrrp_ip: 172.29.1.1 # keep peers ip address in case of only peer.
- neutron:
- vlan: 45
- interface: bond0.45
- cidr: 10.0.101.0/24
- ranges:
- reserved:
- start: 10.0.101.1
- end: 10.0.101.10
- static:
- start: 10.0.101.11
- end: 10.0.101.254
-sriovnets:
-- physical: sriovnet1
- interface: ens6f0
- vlan_start: 100
- vlan_end: 4000
- whitelists:
- "0000:af:02.0": "enp175s2"
- "0000:af:02.1": "enp175s2f1"
- "0000:af:03.2": "enp175s3f2"
- "0000:af:03.3": "enp175s3f3"
- "0000:af:03.4": "enp175s3f4"
- "0000:af:03.5": "enp175s3f5"
- "0000:af:03.6": "enp175s3f6"
- "0000:af:03.7": "enp175s3f7"
- "0000:af:04.0": "enp175s4"
- "0000:af:04.1": "enp175s4f1"
- "0000:af:04.2": "enp175s4f2"
- "0000:af:04.3": "enp175s4f3"
- "0000:af:02.2": "enp175s2f2"
- "0000:af:04.4": "enp175s4f4"
- "0000:af:04.5": "enp175s4f5"
- "0000:af:04.6": "enp175s4f6"
- "0000:af:04.7": "enp175s4f7"
- "0000:af:05.0": "enp175s5"
- "0000:af:05.1": "enp175s5f1"
- "0000:af:05.2": "enp175s5f2"
- "0000:af:05.3": "enp175s5f3"
- "0000:af:05.4": "enp175s5f4"
- "0000:af:05.5": "enp175s5f5"
- "0000:af:02.3": "enp175s2f3"
- "0000:af:05.6": "enp175s5f6"
- "0000:af:05.7": "enp175s5f7"
- "0000:af:02.4": "enp175s2f4"
- "0000:af:02.5": "enp175s2f5"
- "0000:af:02.6": "enp175s2f6"
- "0000:af:02.7": "enp175s2f7"
- "0000:af:03.0": "enp175s3"
- "0000:af:03.1": "enp175s3f1"
-- physical: sriovnet2
- interface: ens6f1
- vlan_start: 100
- vlan_end: 4000
- whitelists:
- "0000:af:0a.0": "enp175s10"
- "0000:af:0a.1": "enp175s10f1"
- "0000:af:0b.2": "enp175s11f2"
- "0000:af:0b.3": "enp175s11f3"
- "0000:af:0b.4": "enp175s11f4"
- "0000:af:0b.5": "enp175s11f5"
- "0000:af:0b.6": "enp175s11f6"
- "0000:af:0b.7": "enp175s11f7"
- "0000:af:0c.0": "enp175s12"
- "0000:af:0c.1": "enp175s12f1"
- "0000:af:0c.2": "enp175s12f2"
- "0000:af:0c.3": "enp175s12f3"
- "0000:af:0a.2": "enp175s10f2"
- "0000:af:0c.4": "enp175s12f4"
- "0000:af:0c.5": "enp175s12f5"
- "0000:af:0c.6": "enp175s12f6"
- "0000:af:0c.7": "enp175s12f7"
- "0000:af:0d.0": "enp175s13"
- "0000:af:0d.1": "enp175s13f1"
- "0000:af:0d.2": "enp175s13f2"
- "0000:af:0d.3": "enp175s13f3"
- "0000:af:0d.4": "enp175s13f4"
- "0000:af:0d.5": "enp175s13f5"
- "0000:af:0a.3": "enp175s10f3"
- "0000:af:0d.6": "enp175s13f6"
- "0000:af:0d.7": "enp175s13f7"
- "0000:af:0a.4": "enp175s10f4"
- "0000:af:0a.5": "enp175s10f5"
- "0000:af:0a.6": "enp175s10f6"
- "0000:af:0a.7": "enp175s10f7"
- "0000:af:0b.0": "enp175s11"
- "0000:af:0b.1": "enp175s11f1"
-storage:
- osds:
- - data: /dev/sdb
- journal: /var/lib/openstack-helm/ceph/journal0/osd/journal-sdb
- - data: /dev/sdc
- journal: /var/lib/openstack-helm/ceph/journal1/osd/journal-sdc
- - data: /dev/sdd
- journal: /var/lib/openstack-helm/ceph/journal0/osd/journal-sdd
- - data: /dev/sde
- journal: /var/lib/openstack-helm/ceph/journal1/osd/journal-sde
- - data: /dev/sdf
- journal: /var/lib/openstack-helm/ceph/journal0/osd/journal-sdf
- - data: /dev/sdg
- journal: /var/lib/openstack-helm/ceph/journal1/osd/journal-sdg
- - data: /dev/sdg
- journal: /var/lib/openstack-helm/ceph/journal0/osd/journal-sdh
- - data: /dev/sdi
- journal: /var/lib/openstack-helm/ceph/journal1/osd/journal-sdi
- - data: /dev/sdk
- journal: /var/lib/openstack-helm/ceph/journal0/osd/journal-sdk
- osd_count: 9
-genesis:
- name: csonjrsv30
- oob: 192.168.41.30
- host: 192.168.2.30
- storage: 172.31.1.30
- pxe: 172.30.1.30
- ksn: 172.29.1.30
- neutron: 10.0.101.30
-masters:
- - name : csonjrsv31
- - name : csonjrsv32
-workers:
- - name : csonjrsv33
- - name : csonjrsv34
-servers:
- - name : csonjrsv31
- oob: 192.168.41.31
- host: 192.168.2.31
- storage: 172.31.1.31
- pxe: 172.30.1.31
- ksn: 172.29.1.31
- neutron: 10.0.101.31
- - name : csonjrsv32
- oob: 192.168.41.32
- host: 192.168.2.32
- storage: 172.31.1.32
- pxe: 172.30.1.32
- ksn: 172.29.1.32
- neutron: 10.0.101.32
- - name : csonjrsv33
- oob: 192.168.41.33
- host: 192.168.2.33
- storage: 172.31.1.33
- pxe: 172.30.1.33
- ksn: 172.29.1.33
- neutron: 10.0.101.33
- - name : csonjrsv34
- oob: 192.168.41.34
- host: 192.168.2.34
- storage: 172.31.1.34
- pxe: 172.30.1.34
- ksn: 172.29.1.34
- neutron: 10.0.101.34
-hardware:
- vendor: HP
- generation: '10'
- hw_version: '3'
- bios_version: '2.8'
-disks:
- - name : sdj
- labels:
- bootdrive: 'true'
- partitions:
- - name: root
- size: 20g
- mountpoint: /
- - name: boot
- size: 1g
- mountpoint: /boot
- - name: var
- size: 100g
- mountpoint: /var
- - name : sdb
- partitions:
- - name: cephj0
- size: 100g
- mountpoint: /var/lib/openstack-helm/ceph/journal0
- - name : sdc
- partitions:
- - name: cephj1
- size: 100g
- mountpoint: /var/lib/openstack-helm/ceph/journal1
-genesis_ssh_public_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC/n4mNLAj3XKG2fcm+8eVe0NUlNH0g8DA8KJ53rSLKccm8gm4UgLmGOJyBfUloQZMuOpU6a+hexN4ECCliqI7+KUmgJgsvLkJ3OUMNTEVu9tDX5mdXeffsufaqFkAdmbJ/9PMPiPQ3/UqbbtyEcqoZAwUWf4ggAWSp00SGE1Okg+skPSbDzPVHb4810eXZT1yoIg29HAenJNNrsVxvnMT2kw2OYmLfxgEUh1Ev4c5LnUog4GXBDHQtHAwaIoTu9s/q8VIvGav62RJVFn3U1D0jkiwDLSIFn8ezORQ4YkSidwdSrtqsqa2TJ0E5w/n5h5IVGO9neY8YlXrgynLd4Y+7 root@pocnjrsv132"
-kubernetes:
- api_service_ip: 10.96.0.1
- etcd_service_ip: 10.96.0.2
- pod_cidr: 10.99.0.0/16
- service_cidr: 10.96.0.0/15
-regional_server:
- ip: 135.16.101.85
-...
+++ /dev/null
----
-##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: armada/Chart/v1
-metadata:
- schema: metadata/Document/v1
- name: kubernetes-calico
- layeringDefinition:
- abstract: false
- layer: site
- parentSelector:
- name: kubernetes-calico-global
- actions:
- - method: delete
- path: .values.calico
- - method: delete
- path: .values.etcd
- - method: merge
- path: .
- storagePolicy: cleartext
- substitutions:
- # IP addresses
- -
- src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .calico.etcd.service_ip
- dest:
- path: .values.endpoints.etcd.host_fqdn_override.default
- -
- src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .kubernetes.pod_cidr
- dest:
- path: .values.networking.podSubnet
- -
- src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .kubernetes.api_service_ip
- dest:
- path: .values.conf.policy_controller.K8S_API
- pattern: SUB_KUBERNETES_IP
-
- # Other site-specific configuration
- -
- src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .calico.ip_autodetection_method
- dest:
- path: .values.conf.node.IP_AUTODETECTION_METHOD
-
- # Certificates
- -
- src:
- schema: deckhand/CertificateAuthority/v1
- name: calico-etcd
- path: .
- dest:
- path: .values.endpoints.etcd.auth.client.tls.ca
- -
- src:
- schema: deckhand/Certificate/v1
- name: calico-node
- path: .
- dest:
- path: .values.endpoints.etcd.auth.client.tls.crt
- -
- src:
- schema: deckhand/CertificateKey/v1
- name: calico-node
- path: .
- dest:
- path: .values.endpoints.etcd.auth.client.tls.key
-data:
- chart_name: calico
- release: calico
- namespace: kube-system
- timeout: 600
- upgrade:
- no_hooks: true
- values:
- conf:
- cni_network_config:
- name: k8s-pod-network
- cniVersion: 0.1.0
- type: calico
- etcd_endpoints: __ETCD_ENDPOINTS__
- etcd_ca_cert_file: /etc/calico/pki/ca
- etcd_cert_file: /etc/calico/pki/crt
- etcd_key_file: /etc/calico/pki/key
- log_level: info
- mtu: 1500
- ipam:
- type: calico-ipam
- policy:
- type: k8s
- k8s_api_root: https://__KUBERNETES_SERVICE_HOST__:__KUBERNETES_SERVICE_PORT__
- k8s_auth_token: __SERVICEACCOUNT_TOKEN__
-
- policy_controller:
- K8S_API: "https://SUB_KUBERNETES_IP:443"
-
- node:
- CALICO_STARTUP_LOGLEVEL: INFO
- CLUSTER_TYPE:
- - k8s
- - bgp
- WAIT_FOR_STORAGE: "true"
-
- endpoints:
- etcd:
- hosts:
- default: calico-etcd
- scheme:
- default: https
-
- networking:
- mtu: 1500
- settings:
- mesh: "off"
- ippool:
- ipip:
- enabled: "false"
- mode: "cross-subnet"
- bgp:
- asnumber: {{yaml.networks.ksn.local_asnumber}}
- ipv4:
- additional_cidrs:
-{% for add_cidr in yaml.networks.ksn.additional_cidrs %}
- - {{add_cidr}}
-{% endfor %}
- peers:
-{% for peer in yaml.networks.ksn.peers %}
- - apiVersion: v1
- kind: bgpPeer
- metadata:
- peerIP: {{peer.ip}}
- scope: {{peer.scope}}
- spec:
- asnumber: {{peer.asnumber}}
-{% endfor %}
- manifests:
- daemonset_calico_etcd: false
- job_image_repo_sync: false
- service_calico_etcd: false
-...
+++ /dev/null
----
-##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: armada/Chart/v1
-metadata:
- schema: metadata/Document/v1
- name: ucp-promenade
- layeringDefinition:
- abstract: false
- layer: site
- parentSelector:
- name: ucp-promenade-global
- actions:
- - method: merge
- path: .
- storagePolicy: cleartext
-data:
- values:
- pod:
- env:
- promenade_api:
- - name: http_proxy
- value: http://one.proxy.att.com:8888
- - name: https_proxy
- value: http://one.proxy.att.com:8888
- - name: no_proxy
- value: {{yaml.genesis.pxe}},{{yaml.kubernetes.api_service_ip}},.cluster.local
- - name: HTTP_PROXY
- value: http://one.proxy.att.com:8888
- - name: HTTPS_PROXY
- value: http://one.proxy.att.com:8888
- - name: NO_PROXY
- value: {{yaml.genesis.pxe}},{{yaml.kubernetes.api_service_ip}},.cluster.local
-...
+++ /dev/null
----
-##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: deckhand/Passphrase/v1
-metadata:
- schema: metadata/Document/v1
- name: ipmi_admin_password
- layeringDefinition:
- abstract: false
- layer: site
- storagePolicy: cleartext
-data: {{yaml.ipmi_admin_password}}
-...
+++ /dev/null
----
-##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-data:
- revision: v4.0
- site_type: 5ec
-metadata:
- layeringDefinition: {abstract: false, layer: site}
- name: {{yaml.site_name}}
- schema: metadata/Document/v1
- storagePolicy: cleartext
-schema: pegleg/SiteDefinition/v1
-...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: 'drydock/BootAction/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: i40evf_blacklist
+ storagePolicy: 'cleartext'
+ layeringDefinition:
+ abstract: false
+ layer: site
+ labels:
+ application: 'drydock'
+data:
+ signaling: false
+ node_filter:
+ filter_set_type: 'union'
+ filter_set:
+ - filter_type: 'union'
+ assets:
+ - path: /etc/modprobe.d/sriov_blacklist.conf
+ type: file
+ permissions: '644'
+ data_pipeline:
+ - utf8_decode
+ data: |
+ blacklist i40evf
+...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
# limitations under the License. #
##############################################################################
-schema: 'drydock/BootAction/v1'
-metadata:
- schema: 'metadata/Document/v1'
- name: promjoin
- storagePolicy: 'cleartext'
- layeringDefinition:
- abstract: false
- layer: site
- labels:
- application: 'drydock'
-data:
- node_filter:
- filter_set_type: 'union'
- filter_set:
- - filter_type: 'union'
- node_names:
-{% for server in yaml.servers %}
- - '{{server.name}}'
-{% endfor %}
-{% raw %} # TODO(alanmeadows) move what is global about this document - everything except nodenames to global
- assets:
- - path: /opt/promjoin.sh
- type: file
- permissions: '555'
- # TODO(alanmeadows) You must replace the ip= parameter below with the appropriate MaaS network name of the network
- # you should use to contact kubernetes in the case below, this is cab24_mgmt
- location: promenade+http://promenade-api.ucp.svc.cluster.local/api/v1.0/join-scripts?design_ref={{ action.design_ref | urlencode }}&hostname={{ node.hostname }}{% if 'ksn' in node.network %}&ip={{ node.network.ksn.ip }}{% endif %}{% for k, v in node.labels.items() %}&labels.dynamic={{ k }}={{ v }}{% endfor %}
- location_pipeline:
- - template
- data_pipeline:
- - utf8_decode
- - path: /lib/systemd/system/promjoin.service
- type: unit
- permissions: '600'
- data: |-
- W1VuaXRdCkRlc2NyaXB0aW9uPVByb21lbmFkZSBJbml0aWFsaXphdGlvbiBTZXJ2aWNlCkFmdGVy
- PW5ldHdvcmstb25saW5lLnRhcmdldCBsb2NhbC1mcy50YXJnZXQKQ29uZGl0aW9uUGF0aEV4aXN0
- cz0hL3Zhci9saWIvcHJvbS5kb25lCgpbU2VydmljZV0KVHlwZT1zaW1wbGUKRXhlY1N0YXJ0PS9v
- cHQvcHJvbWpvaW4uc2gKCltJbnN0YWxsXQpXYW50ZWRCeT1tdWx0aS11c2VyLnRhcmdldAo=
- data_pipeline:
- - base64_decode
- - utf8_decode
-{% endraw %}
----
schema: 'drydock/BootAction/v1'
metadata:
schema: 'metadata/Document/v1'
lookup "${TABLE}" \
pref 10100
fi
----
-schema: 'drydock/BootAction/v1'
-metadata:
- schema: 'metadata/Document/v1'
- name: i40evf_blacklist
- storagePolicy: 'cleartext'
- layeringDefinition:
- abstract: false
- layer: site
- labels:
- application: 'drydock'
-data:
- assets:
- - path: /etc/modprobe.d/sriov_blacklist.conf
- type: file
- permissions: '644'
- data_pipeline:
- - utf8_decode
- data: |
- blacklist i40evf
...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: 'drydock/BootAction/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: promjoin
+ storagePolicy: 'cleartext'
+ layeringDefinition:
+ abstract: false
+ layer: site
+ labels:
+ application: 'drydock'
+data:
+ signaling: false
+ node_filter:
+ filter_set_type: 'union'
+ filter_set:
+ - filter_type: 'union'
+ node_names:
+{% for server in yaml.masters %}
+ - '{{server.name}}'
+{% endfor %}
+{% for server in yaml.workers %}
+ - '{{server.name}}'
+{% endfor %}
+{% raw %} # TODO(alanmeadows) move what is global about this document - everything except nodenames to global
+ assets:
+ - path: /opt/promjoin.sh
+ type: file
+ permissions: '555'
+ # TODO(alanmeadows) You must replace the ip= parameter below with the appropriate MaaS network name of the network
+ # you should use to contact kubernetes in the case below, this is cab24_mgmt
+ location: promenade+http://promenade-api.ucp.svc.cluster.local/api/v1.0/join-scripts?design_ref={{ action.design_ref | urlencode }}&hostname={{ node.hostname }}&ip={{ node.network.calico.ip }}{% for k, v in node.labels.items() %}&labels.dynamic={{ k }}={{ v }}{% endfor %}
+ location_pipeline:
+ - template
+ data_pipeline:
+ - utf8_decode
+ - path: /lib/systemd/system/promjoin.service
+ type: unit
+ permissions: '600'
+ data: |-
+ W1VuaXRdCkRlc2NyaXB0aW9uPVByb21lbmFkZSBJbml0aWFsaXphdGlvbiBTZXJ2aWNlCkFmdGVy
+ PW5ldHdvcmstb25saW5lLnRhcmdldCBsb2NhbC1mcy50YXJnZXQKQ29uZGl0aW9uUGF0aEV4aXN0
+ cz0hL3Zhci9saWIvcHJvbS5kb25lCgpbU2VydmljZV0KVHlwZT1zaW1wbGUKRXhlY1N0YXJ0PS9v
+ cHQvcHJvbWpvaW4uc2gKCltJbnN0YWxsXQpXYW50ZWRCeT1tdWx0aS11c2VyLnRhcmdldAo=
+ data_pipeline:
+ - base64_decode
+ - utf8_decode
+{% endraw %}
+...
+{% for server in yaml.masters %}
+---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
# See the License for the specific language governing permissions and #
# limitations under the License. #
##############################################################################
-
-{% for server in yaml.servers %}
----
schema: 'drydock/BaremetalNode/v1'
metadata:
schema: 'metadata/Document/v1'
layer: site
storagePolicy: cleartext
data:
- host_profile: MyControlPlane_HP
+ host_profile: ControlPlane
# the hostname for a server, could be used in multiple DNS domains to
# represent different interfaces
addressing:
# Which network the address applies to. If a network appears in addressing
# that isn't assigned to an interface, design validation will fail
+ - network: oob
+ address: {{server.oob}}
- network: pxe
# The address assigned. Either a explicit IPv4 or IPv6 address
# or dhcp or slaac
address: {{server.pxe}}
- network: oam
address: {{server.host}}
- - network: ksn
- address: {{server.ksn}}
- network: storage
address: {{server.storage}}
- network: overlay
address: {{server.neutron}}
+ - network: calico
+ address: {{server.ksn}}
+ metadata:
+ rack: RACK01
+ tags:
+ - 'masters'
+{% endfor %}
+{% for server in yaml.workers %}
+---
+schema: 'drydock/BaremetalNode/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: {{server.name}}
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ host_profile: ComputePlane
+ # the hostname for a server, could be used in multiple DNS domains to
+ # represent different interfaces
+ addressing:
+ # Which network the address applies to. If a network appears in addressing
+ # that isn't assigned to an interface, design validation will fail
- network: oob
address: {{server.oob}}
+ - network: pxe
+ # The address assigned. Either a explicit IPv4 or IPv6 address
+ # or dhcp or slaac
+ address: {{server.pxe}}
+ - network: oam
+ address: {{server.host}}
+ - network: storage
+ address: {{server.storage}}
+ - network: overlay
+ address: {{server.neutron}}
+ - network: calico
+ address: {{server.ksn}}
metadata:
- rack: rack01
+ rack: RACK01
tags:
- - 'masters'
+ - 'workers'
{% endfor %}
...
-
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
cluster_domain: cluster.local
service_ip: 10.96.0.10
upstream_servers:
- - 135.37.9.16
- - 135.38.244.16
- - 135.188.34.84
- upstream_servers_joined: 135.37.9.16,135.38.244.16,135.53.34.84
-
+{% for server in yaml.dns.upstream_servers %}
+ - {{server}}
+{% endfor %}
+ upstream_servers_joined: '{{yaml.dns.upstream_servers_joined}}'
+ ingress_domain: {{yaml.dns.ingress_domain}}
genesis:
hostname: {{yaml.genesis.name}}
ip: {{yaml.genesis.ksn}}
service_cidr: {{yaml.kubernetes.service_cidr}}
apiserver_port: 6443
haproxy_port: 6553
- service_node_port_range: 30000-35357
+ service_node_port_range: 30000-32767
etcd:
container_port: 2379
- hostname: {{master.name}}
{% endfor %}
- workers:
-{% for worker in yaml.workers %}
- - hostname: {{worker.name}}
-{% endfor %}
-
proxy:
- http: http://one.proxy.att.com:8080
- https: http://one.proxy.att.com:8080
- no_proxy: '{{yaml.kubernetes.api_service_ip}},*.cluster.local,{{yaml.genesis.host}}{%for server in yaml.servers%},{{server.host}}{% endfor %}'
+ http: ""
+ https: ""
+ no_proxy: []
node_ports:
drydock_api: 30000
maas_api: 30001
- maas_proxy: 31800 # hardcoded in maas
+ maas_proxy: 31800 # hardcoded in MAAS
shipyard_api: 30003
airflow_web: 30004
ntp:
- servers_joined: '135.25.154.100'
+ servers_joined: '0.ubuntu.pool.ntp.org,1.ubuntu.pool.ntp.org,2.ubuntu.pool.ntp.org'
+
+ # Used for FQDN setup/definition
+ domain:
+ url: {{yaml.site_name}}.lab.akraino.org
+
+ ldap:
+ base_url: 'its-a-ldap.example.com'
+ url: 'ldap://its-a-ldap.example.com'
+ auth_path: DC=test,DC=test,DC=com?sAMAccountName?sub?memberof=CN=test,OU=Application,OU=Groups,DC=test,DC=test,DC=com
+ common_name: AP-NC_Test_Users
+ subdomain: testitservices
+ domain: example
storage:
ceph:
neutron:
tunnel_device: '{{yaml.networks.neutron.interface}}'
- external_iface: '{{yaml.networks.neutron.interface}}'
+ external_iface: '{{yaml.networks.primary}}'
openvswitch:
- external_iface: '{{yaml.networks.neutron.interface}}'
+ external_iface: '{{yaml.networks.primary}}'
...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
noconfig: enabled
bonding:
mode: disabled
- mtu: 1500
+ mtu: 9000
linkspeed: auto
trunking:
mode: disabled
routes:
- subnet: '0.0.0.0/0'
gateway: {{yaml.networks.oob.routes.gateway}}
- metric: 100
ranges:
- type: static
start: {{yaml.networks.oob.ranges.static.start}}
layer: site
storagePolicy: cleartext
data:
- routedomain: provisioning
cidr: {{yaml.networks.pxe.cidr}}
+ routes:
+ - subnet: '0.0.0.0/0'
+ gateway: {{yaml.networks.pxe.routes.gateway}}
ranges:
- type: reserved
start: {{yaml.networks.pxe.ranges.reserved.start}}
- type: dhcp
start: {{yaml.networks.pxe.ranges.dhcp.start}}
end: {{yaml.networks.pxe.ranges.dhcp.end}}
+ dns:
+ domain: {{yaml.networks.pxe.dns.domain}}
+ servers: '{{yaml.networks.pxe.dns.servers}}'
...
---
schema: 'drydock/NetworkLink/v1'
- oam
- storage
- overlay
- - ksn
+ - calico
...
---
schema: 'drydock/Network/v1'
storagePolicy: cleartext
data:
vlan: '{{yaml.networks.host.vlan}}'
+ mtu: 9000
cidr: {{yaml.networks.host.cidr}}
routes:
- subnet: '0.0.0.0/0'
gateway: {{yaml.networks.host.routes.gateway}}
- metric: 100
ranges:
- type: reserved
start: {{yaml.networks.host.ranges.reserved.start}}
- type: static
start: {{yaml.networks.host.ranges.static.start}}
end: {{yaml.networks.host.ranges.static.end}}
+ dns:
+ domain: {{yaml.networks.host.dns.domain}}
+ servers: '{{yaml.networks.host.dns.servers}}'
...
---
schema: 'drydock/Network/v1'
mtu: 9000
cidr: {{yaml.networks.storage.cidr}}
ranges:
- - type: reserved
- start: {{yaml.networks.storage.ranges.reserved.start}}
- end: {{yaml.networks.storage.ranges.reserved.end}}
- type: static
start: {{yaml.networks.storage.ranges.static.start}}
end: {{yaml.networks.storage.ranges.static.end}}
schema: 'drydock/Network/v1'
metadata:
schema: 'metadata/Document/v1'
- name: ksn
+ name: overlay
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data:
- vlan: '44'
+ vlan: '{{yaml.networks.neutron.vlan}}'
mtu: 9000
- cidr: {{yaml.networks.ksn.cidr}}
+ cidr: {{yaml.networks.neutron.cidr}}
ranges:
- type: static
- start: {{yaml.networks.ksn.ranges.static.start}}
- end: {{yaml.networks.ksn.ranges.static.end}}
+ start: {{yaml.networks.neutron.ranges.static.start}}
+ end: {{yaml.networks.neutron.ranges.static.end}}
...
---
schema: 'drydock/Network/v1'
metadata:
schema: 'metadata/Document/v1'
- name: overlay
+ name: calico
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data:
- vlan: '{{yaml.networks.neutron.vlan}}'
+ vlan: '{{yaml.networks.ksn.vlan}}'
mtu: 9000
- cidr: {{yaml.networks.neutron.cidr}}
+ cidr: {{yaml.networks.ksn.cidr}}
ranges:
- - type: reserved
- start: {{yaml.networks.neutron.ranges.reserved.start}}
- end: {{yaml.networks.neutron.ranges.reserved.end}}
- type: static
- start: {{yaml.networks.neutron.ranges.static.start}}
- end: {{yaml.networks.neutron.ranges.static.end}}
+ start: {{yaml.networks.ksn.ranges.static.start}}
+ end: {{yaml.networks.ksn.ranges.static.end}}
...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
- {{yaml.genesis.name}}
- {{yaml.genesis.host}}
- {{yaml.genesis.ksn}}
- - {{yaml.genesis.storage}}
+ - {{yaml.genesis.pxe}}
groups:
- system:nodes
- document_name: kubelet-{{yaml.genesis.name}}
- {{yaml.genesis.name}}
- {{yaml.genesis.host}}
- {{yaml.genesis.ksn}}
- - {{yaml.genesis.storage}}
+ - {{yaml.genesis.pxe}}
groups:
- system:nodes
-{% for server in yaml.servers %}
+{% for server in yaml.masters %}
- document_name: kubelet-{{ server.name }}
common_name: system:node:{{ server.name }}
hosts:
- {{server.name}}
- {{server.host}}
- {{server.ksn}}
- - {{server.storage}}
+ - {{server.pxe}}
+ groups:
+ - system:nodes
+{% endfor %}
+{% for server in yaml.workers %}
+ - document_name: kubelet-{{ server.name }}
+ common_name: system:node:{{ server.name }}
+ hosts:
+ - {{server.name}}
+ - {{server.host}}
+ - {{server.ksn}}
+ - {{server.pxe}}
groups:
- system:nodes
{% endfor %}
- {{yaml.genesis.name}}
- {{yaml.genesis.host}}
- {{yaml.genesis.ksn}}
- - {{yaml.genesis.storage}}
+ - {{yaml.genesis.pxe}}
- 127.0.0.1
- localhost
- kubernetes-etcd.kube-system.svc.cluster.local
- {{yaml.genesis.name}}
- {{yaml.genesis.host}}
- {{yaml.genesis.ksn}}
- - {{yaml.genesis.storage}}
+ - {{yaml.genesis.pxe}}
- 127.0.0.1
- localhost
- kubernetes-etcd.kube-system.svc.cluster.local
- {{yaml.kubernetes.etcd_service_ip}}
-{% for server in yaml.servers %}
+{% for server in yaml.masters %}
- document_name: kubernetes-etcd-{{ server.name }}
common_name: kubernetes-etcd-{{ server.name }}
hosts:
- {{ server.name }}
- {{server.host}}
- {{server.ksn}}
- - {{server.storage}}
+ - {{server.pxe}}
- 127.0.0.1
- localhost
- kubernetes-etcd.kube-system.svc.cluster.local
- {{yaml.genesis.name}}
- {{yaml.genesis.host}}
- {{yaml.genesis.ksn}}
- - {{yaml.genesis.storage}}
+ - {{yaml.genesis.pxe}}
- 127.0.0.1
- localhost
- kubernetes-etcd.kube-system.svc.cluster.local
- {{yaml.genesis.name}}
- {{yaml.genesis.host}}
- {{yaml.genesis.ksn}}
- - {{yaml.genesis.storage}}
+ - {{yaml.genesis.pxe}}
- 127.0.0.1
- localhost
- kubernetes-etcd.kube-system.svc.cluster.local
- {{yaml.kubernetes.etcd_service_ip}}
-{% for server in yaml.servers %}
+{% for server in yaml.masters %}
- document_name: kubernetes-etcd-{{server.name}}-peer
common_name: kubernetes-etcd-{{server.name}}-peer
hosts:
- {{server.name}}
- {{server.host}}
- {{server.ksn}}
- - {{server.storage}}
+ - {{server.pxe}}
- 127.0.0.1
- localhost
- kubernetes-etcd.kube-system.svc.cluster.local
- {{yaml.genesis.name}}
- {{yaml.genesis.host}}
- {{yaml.genesis.ksn}}
- - {{yaml.genesis.storage}}
+ - {{yaml.genesis.pxe}}
- 127.0.0.1
- localhost
- 10.96.232.136
-{% for server in yaml.servers %}
+{% for server in yaml.masters %}
- document_name: calico-etcd-{{server.name}}
common_name: calico-etcd-{{server.name}}
hosts:
- {{server.name}}
- {{server.host}}
- {{server.ksn}}
- - {{server.storage}}
+ - {{server.pxe}}
- 127.0.0.1
- localhost
- 10.96.232.136
- {{yaml.genesis.name}}
- {{yaml.genesis.host}}
- {{yaml.genesis.ksn}}
- - {{yaml.genesis.storage}}
+ - {{yaml.genesis.pxe}}
- 127.0.0.1
- localhost
- 10.96.232.136
-{% for server in yaml.servers %}
+{% for server in yaml.masters %}
- document_name: calico-etcd-{{server.name}}-peer
common_name: calico-etcd-{{server.name}}-peer
hosts:
- {{server.name}}
- {{server.host}}
- {{server.ksn}}
- - {{server.storage}}
+ - {{server.pxe}}
- 127.0.0.1
- localhost
- 10.96.232.136
{% endfor %}
+ - document_name: calico-node-peer
+ common_name: calcico-node-peer
keypairs:
- name: service-account
description: Service account signing key for use by Kubernetes controller-manager.
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: drydock/HostProfile/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ComputePlane
+ storagePolicy: cleartext
+ labels:
+ hosttype: ComputePlane
+ layeringDefinition:
+ abstract: false
+ layer: site
+ substitutions:
+ - dest:
+ path: .oob.credential
+ src:
+ schema: deckhand/Passphrase/v1
+ name: ipmi_admin_password
+ path: .
+data:
+ hardware_profile: DELL_HP_Generic
+ oob:
+ type: 'ipmi'
+ network: 'oob'
+ account: '{{yaml.ipmi_admin.username}}'
+ primary_network: 'oam'
+ hardware_profile: DELL_HP_Generic
+ interfaces:
+ pxe:
+ device_link: pxe
+ slaves:
+ - '{{yaml.networks.pxe.interface}}'
+ networks:
+ - 'pxe'
+ bond0:
+ device_link: bond0
+ slaves:
+{% for slave in yaml.networks.slaves %}
+ - '{{ slave.name }}'
+{% endfor %}
+ networks:
+ - 'oam'
+ - 'storage'
+ - 'overlay'
+ - 'calico'
+ p1p1:
+ slaves:
+ - 'sriov_nic01'
+ sriov:
+ vf_count: 32 # Currently ignored
+ trustedmode: false
+ p3p2:
+ slaves:
+ - 'sriov_nic02'
+ sriov:
+ vf_count: 32 # Currently ignored
+ trustedmode: false
+ storage:
+ physical_devices:
+{% for disk in yaml.disks_compute %}
+ {{disk.name}}:
+ {% if disk.labels %}
+ labels:
+ {% for key, value in disk.labels.items() %}
+ {{key}}: '{{value}}'
+ {% endfor %}
+ {% endif %}
+ partitions:
+ {% for p in disk.partitions %}
+ - name: '{{p.name}}'
+ size: '{{p.size}}'
+ filesystem:
+ mountpoint: '{{p.mountpoint}}'
+ fstype: 'ext4'
+ mount_options: 'defaults'
+ {% endfor %}
+{% endfor %}
+ platform:
+ image: 'xenial'
+ kernel: 'hwe-16.04'
+ kernel_params:
+ console: 'ttyS1,115200n8'
+ intel_iommu: 'on'
+ iommu: 'pt'
+ amd_iommu: 'on'
+ transparent_hugepage: 'never'
+ hugepagesz: 'hardwareprofile:hugepages.dpdk.size'
+ hugepages: 'hardwareprofile:hugepages.dpdk.count'
+ default_hugepagesz: 'hardwareprofile:hugepages.dpdk.size'
+ isolcpus: 'hardwareprofile:cpuset.kvm'
+ metadata:
+ owner_data:
+ openstack-nova-compute: enabled
+ openvswitch: enabled
+ openstack-libvirt: kernel
+ sriov: enabled
+ beta.kubernetes.io/fluentd-ds-ready: 'true'
+...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
schema: drydock/HostProfile/v1
metadata:
schema: metadata/Document/v1
- name: MyControlPlane_HP
+ name: ControlPlane
storagePolicy: cleartext
labels:
- hosttype: MyControlPlane_HP
+ hosttype: ControlPlane
layeringDefinition:
abstract: false
layer: site
oob:
type: 'ipmi'
network: 'oob'
- account: 'administrator'
+ account: '{{yaml.ipmi_admin.username}}'
primary_network: 'oam'
hardware_profile: DELL_HP_Generic
interfaces:
pxe:
device_link: pxe
slaves:
- - 'eno1'
+ - '{{yaml.networks.pxe.interface}}'
networks:
- 'pxe'
bond0:
- 'oam'
- 'storage'
- 'overlay'
- - 'ksn'
+ - 'calico'
+ p1p1:
+ slaves:
+ - 'sriov_nic01'
+ sriov:
+ vf_count: 32 # Currently ignored
+ trustedmode: false
+ p3p2:
+ slaves:
+ - 'sriov_nic02'
+ sriov:
+ vf_count: 32 # Currently ignored
+ trustedmode: false
storage:
physical_devices:
{% for disk in yaml.disks %}
kernel: 'hwe-16.04'
kernel_params:
console: 'ttyS1,115200n8'
+ intel_iommu: 'on'
+ iommu: 'pt'
+ amd_iommu: 'on'
+ transparent_hugepage: 'never'
+ hugepagesz: 'hardwareprofile:hugepages.dpdk.size'
+ hugepages: 'hardwareprofile:hugepages.dpdk.count'
+ default_hugepagesz: 'hardwareprofile:hugepages.dpdk.size'
+ isolcpus: 'hardwareprofile:cpuset.kvm'
metadata:
owner_data:
control-plane: enabled
openstack-cinder-control: enabled
openstack-cinder-volume: control
openstack-neutron: enabled
+ openstack-libvirt: kernel
openvswitch: enabled
- sriov: enabled
+ openstack-nova-compute: enabled
ucp-barbican: enabled
ceph-bootstrap: enabled
ceph-mon: enabled
+ ceph-mgr: enabled
ceph-osd: enabled
ceph-mds: enabled
ceph-rgw: enabled
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
tag_definitions: []
authorized_keys: []
...
-
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
abstract: false
layer: site
storagePolicy: cleartext
-data: {{yaml.ipmi_admin_password}}
+data: '{{yaml.ipmi_admin.password}}'
...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
# limitations under the License. #
##############################################################################
-data:
- revision: v4.0
- site_type: 5ec
+schema: pegleg/SiteDefinition/v1
metadata:
- layeringDefinition: {abstract: false, layer: site}
- name: {{yaml.site_name}}
schema: metadata/Document/v1
+ layeringDefinition:
+ abstract: false
+ layer: site
+ name: {{yaml.site_name}}
storagePolicy: cleartext
-schema: pegleg/SiteDefinition/v1
+data:
+ revision: v4.0
+ site_type: foundry
...
-
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
- name: ucp-promenade
+ replacement: true
+ name: kubernetes-calico
layeringDefinition:
abstract: false
layer: site
parentSelector:
- name: ucp-promenade-global
+ name: kubernetes-calico-global
actions:
- method: merge
path: .
storagePolicy: cleartext
data:
values:
- pod:
- env:
- promenade_api:
- - name: no_proxy
- value: 172.30.1.30,10.96.0.1,.cluster.local,192.168.2.30,192.168.2.31,192.168.2.32,192.168.2.33,192.168.2.34,nexus3.att-akraino.org,hpgen10.lab.akraino.org,gcr.io,quay.io,lachlanevenson,docker.io,github.com,localhost,127.0.0.1
- - name: NO_PROXY
- value: 172.30.1.30,10.96.0.1,.cluster.local,192.168.2.30,192.168.2.31,192.168.2.32,192.168.2.33,192.168.2.34,nexus3.att-akraino.org,hpgen10.lab.akraino.org,gcr.io,quay.io,lachlanevenson,docker.io,github.com,localhost,127.0.0.1
+ networking:
+ settings:
+ mesh: "off"
+ ippool:
+ ipip:
+ enabled: "false"
+ mode: "cross-subnet"
+ bgp:
+ asnumber: {{yaml.networks.ksn.local_asnumber}}
+ ipv4:
+ additional_cidrs:
+{% for add_cidr in yaml.networks.ksn.additional_cidrs %}
+ - {{add_cidr}}
+{% endfor %}
+ peers:
+{% for peer in yaml.networks.ksn.peers %}
+ - apiVersion: v1
+ kind: bgpPeer
+ metadata:
+ peerIP: {{peer.ip}}
+ scope: {{peer.scope}}
+ spec:
+ asnumber: {{peer.asnumber}}
+{% endfor %}
...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
path: .
storagePolicy: cleartext
substitutions:
- # Node names
-{% set count = [0] %}
-{% for server in yaml.masters %}
- -
- src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .masters[{{count[0]}}].hostname
+
+ # Chart source
+ - src:
+ schema: pegleg/SoftwareVersions/v1
+ name: software-versions
+ path: .charts.kubernetes.calico.etcd
dest:
- path: .values.nodes[{{count[0]}}].name
- {% if count.append(count.pop() + 1) %}{% endif %}
-{% endfor %}
-{% for server in yaml.workers %}
- -
- src:
+ path: .source
+
+ # Image versions
+ - src:
+ schema: pegleg/SoftwareVersions/v1
+ name: software-versions
+ path: .images.calico.etcd
+ dest:
+ path: .values.images.tags
+
+ # IP addresses
+ - src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
- path: .masters[{{count[0]}}].hostname
+ path: .calico.etcd.service_ip
dest:
- path: .values.nodes[{{count[0]}}].name
- {% if count.append(count.pop() + 1) %}{% endif %}
-{% endfor %}
- -
- src:
+ path: .values.service.ip
+ - src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
- path: .genesis.hostname
+ path: .calico.etcd.service_ip
dest:
- path: .values.nodes[{{count[0]}}].name
-{% set count = [0] %}
-{% for server in yaml.masters %}
- # Server certs
- -
- src:
- schema: deckhand/Certificate/v1
- name: calico-etcd-{{server.name}}
+ path: .values.anchor.etcdctl_endpoint
+
+ # CAs
+ - src:
+ schema: deckhand/CertificateAuthority/v1
+ name: calico-etcd
path: .
dest:
- path: .values.nodes[{{count[0]}}].tls.client.cert
- -
- src:
- schema: deckhand/CertificateKey/v1
- name: calico-etcd-{{server.name}}
+ path: .values.secrets.tls.client.ca
+ - src:
+ schema: deckhand/CertificateAuthority/v1
+ name: calico-etcd-peer
path: .
dest:
- path: .values.nodes[{{count[0]}}].tls.client.key
- -
- src:
+ path: .values.secrets.tls.peer.ca
+
+ # Anchor client cert
+ - src:
schema: deckhand/Certificate/v1
- name: calico-etcd-{{server.name}}-peer
+ name: calico-etcd-anchor
path: .
dest:
- path: .values.nodes[{{count[0]}}].tls.peer.cert
- -
- src:
+ path: .values.secrets.anchor.tls.cert
+ - src:
schema: deckhand/CertificateKey/v1
- name: calico-etcd-{{server.name}}-peer
+ name: calico-etcd-anchor
path: .
dest:
- path: .values.nodes[{{count[0]}}].tls.peer.key
- {% if count.append(count.pop() + 1) %}{% endif %}
+ path: .values.secrets.anchor.tls.key
+
+ # Node names
+{% set count = [0] %}
+{% for server in yaml.masters %}
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .masters[{{count[0]}}].hostname
+ dest:
+ path: .values.nodes[{{count[0]}}].name
+ {% if count.append(count.pop() + 1) %}{% endif %}
{% endfor %}
-{% for server in yaml.workers %}
- # Server certs
- -
- src:
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .genesis.hostname
+ dest:
+ path: .values.nodes[{{count[0]}}].name
+
+ # Server certs
+{% set count = [0] %}
+{% for server in yaml.masters %}
+ - src:
schema: deckhand/Certificate/v1
name: calico-etcd-{{server.name}}
path: .
dest:
path: .values.nodes[{{count[0]}}].tls.client.cert
- -
- src:
+ - src:
schema: deckhand/CertificateKey/v1
name: calico-etcd-{{server.name}}
path: .
dest:
path: .values.nodes[{{count[0]}}].tls.client.key
- -
- src:
+ - src:
schema: deckhand/Certificate/v1
name: calico-etcd-{{server.name}}-peer
path: .
dest:
path: .values.nodes[{{count[0]}}].tls.peer.cert
- -
- src:
+ - src:
schema: deckhand/CertificateKey/v1
name: calico-etcd-{{server.name}}-peer
path: .
{% endfor %}
# NOTE(mb874d): Be sure we generate these certs for genesis.
- -
- src:
+ - src:
schema: deckhand/Certificate/v1
name: calico-etcd-{{yaml.genesis.name}}
path: .
dest:
path: .values.nodes[{{count[0]}}].tls.client.cert
- -
- src:
+ - src:
schema: deckhand/CertificateKey/v1
name: calico-etcd-{{yaml.genesis.name}}
path: .
dest:
path: .values.nodes[{{count[0]}}].tls.client.key
- -
- src:
+ - src:
schema: deckhand/Certificate/v1
name: calico-etcd-{{yaml.genesis.name}}-peer
path: .
dest:
path: .values.nodes[{{count[0]}}].tls.peer.cert
- -
- src:
+ - src:
schema: deckhand/CertificateKey/v1
name: calico-etcd-{{yaml.genesis.name}}-peer
path: .
dest:
path: .values.nodes[{{count[0]}}].tls.peer.key
-data: {}
+data:
+ values:
+ manifests:
+ test_etcd_health: false
...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
path: .
storagePolicy: cleartext
substitutions:
- # Node names
-{% set count = [0] %}
-{% for server in yaml.masters %}
+
+ # Chart source
- src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .masters[{{count[0]}}].hostname
+ schema: pegleg/SoftwareVersions/v1
+ name: software-versions
+ path: .charts.kubernetes.etcd
dest:
- path: .values.nodes[{{count[0]}}].name
- {% if count.append(count.pop() + 1) %}{% endif %}
-{% endfor %}
-{% for server in yaml.workers %}
+ path: .source
+
+ # Images
+ - src:
+ schema: pegleg/SoftwareVersions/v1
+ name: software-versions
+ path: .images.kubernetes.etcd
+ dest:
+ path: .values.images.tags
+
+ # IP addresses
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
- path: .masters[{{count[0]}}].hostname
+ path: .kubernetes.etcd_service_ip
dest:
- path: .values.nodes[{{count[0]}}].name
- {% if count.append(count.pop() + 1) %}{% endif %}
-{% endfor %}
+ path: .values.service.ip
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
- path: .genesis.hostname
+ path: .kubernetes.etcd_service_ip
dest:
- path: .values.nodes[{{count[0]}}].name
+ path: .values.anchor.etcdctl_endpoint
- # Server certs
-{% set count = [0] %}
-{% for server in yaml.masters %}
+ # CAs
- src:
- schema: deckhand/Certificate/v1
- name: kubernetes-etcd-{{server.name}}
+ schema: deckhand/CertificateAuthority/v1
+ name: kubernetes-etcd
path: .
dest:
- path: .values.nodes[{{count[0]}}].tls.client.cert
+ path: .values.secrets.tls.client.ca
- src:
- schema: deckhand/CertificateKey/v1
- name: kubernetes-etcd-{{server.name}}
+ schema: deckhand/CertificateAuthority/v1
+ name: kubernetes-etcd-peer
path: .
dest:
- path: .values.nodes[{{count[0]}}].tls.client.key
+ path: .values.secrets.tls.peer.ca
+
- src:
schema: deckhand/Certificate/v1
- name: kubernetes-etcd-{{server.name}}-peer
+ name: kubernetes-etcd-anchor
path: .
dest:
- path: .values.nodes[{{count[0]}}].tls.peer.cert
+ path: .values.secrets.anchor.tls.cert
- src:
schema: deckhand/CertificateKey/v1
- name: kubernetes-etcd-{{server.name}}-peer
+ name: kubernetes-etcd-anchor
path: .
dest:
- path: .values.nodes[{{count[0]}}].tls.peer.key
+ path: .values.secrets.anchor.tls.key
+
+ # Node names
+{% set count = [0] %}
+{% for server in yaml.masters %}
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .masters[{{count[0]}}].hostname
+ dest:
+ path: .values.nodes[{{count[0]}}].name
{% if count.append(count.pop() + 1) %}{% endif %}
{% endfor %}
-{% for server in yaml.workers %}
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .genesis.hostname
+ dest:
+ path: .values.nodes[{{count[0]}}].name
+
+ # Server certs
+{% set count = [0] %}
+{% for server in yaml.masters %}
- src:
schema: deckhand/Certificate/v1
name: kubernetes-etcd-{{server.name}}
path: .values.nodes[{{count[0]}}].tls.peer.key
data: {}
-
...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
- method: merge
path: .
storagePolicy: cleartext
-data:
- values:
- network:
- vip:
- manage: true
- interface: ingress0
- addr: {{yaml.networks.ksn.ingress_cidr}}
+data: {}
...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
metadata:
schema: metadata/Document/v1
name: neutron
+ replacement: true
labels:
component: neutron
layeringDefinition:
abstract: false
layer: site
parentSelector:
- name: neutron-5ec
+ name: neutron-global
actions:
- method: merge
path: .
storagePolicy: cleartext
data:
values:
+ labels:
+ agent:
+ sriov:
+ node_selector_key: sriov
+ node_selector_value: enabled
network:
- auto_bridge_add:
- br-bond0: bond0
+ backend:
+ - openvswitch
+ - sriov
interface:
sriov:
{% for sriovnet in yaml.sriovnets %}
plugins:
openvswitch_agent:
ovs:
- bridge_mappings: oam:br-bond0
+ bridge_mappings: bond0:br-bond0
sriov_agent:
+ securitygroup:
+ firewall_driver: neutron.agent.firewall.NoopFirewallDriver
sriov_nic:
+ exclude_devices: null
physical_device_mappings: '
{%- for sriovnet in yaml.sriovnets -%}
{%- if loop.index > 1 -%}
{{sriovnet.physical}}:{{sriovnet.interface}}
{%- endfor %}'
ml2_conf:
+ ml2:
+ mechanism_drivers: l2population,openvswitch,sriovnicswitch
ml2_type_vlan:
- network_vlan_ranges: oam:100:4000
+ network_vlan_ranges: bond0:46:300
{%- for sriovnet in yaml.sriovnets -%}
,{{sriovnet.physical}}:{{sriovnet.vlan_start}}:{{sriovnet.vlan_end}}
{%- endfor %}
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
abstract: false
layer: site
parentSelector:
- name: nova-5ec
+ name: nova-global
actions:
- method: merge
path: .
storagePolicy: cleartext
data:
values:
+ network:
+ backend:
+ - openvswitch
+ - sriov
conf:
nova:
+ filter_scheduler:
+ enabled_filters: "RetryFilter, AvailabilityZoneFilter, RamFilter, ComputeFilter, ComputeCapabilitiesFilter, ImagePropertiesFilter, ServerGroupAntiAffinityFilter, ServerGroupAffinityFilter, PciPassthroughFilter, NUMATopologyFilter, DifferentHostFilter, SameHostFilter"
libvirt:
virt_type: kvm
DEFAULT:
- vcpu_pin_set: "4-23,28-47"
+ vcpu_pin_set: "4-21,26-43,48-65,72-87"
+ vif_plugging_is_fatal: False
+ vif_plugging_timeout: 30
pci:
- alias: '{"name": "numa0", "capability_type": "pci", "product_id": "154c", "vendor_id": "8086", "device_type": "type-PCI", "numa_policy": "required"}'
- passthrough_whitelist: |
- [
-{%- for sriov in yaml.sriovnets -%}
- {%set sriovloop = loop%}
- {%- for whitelist in sriov.whitelists -%}
- {%- if sriovloop.index > 1 or loop.index > 1 -%}
- ,
- {%- endif -%}
- {"address": "{{whitelist.address}}", "physical_network": "{{sriov.physical}}", "trusted": "true"}
- {%- endfor -%}
-{%- endfor -%}
-]
+ alias: '{ "vendor_id":"10de", "product_id":"1db4", "name":"V100", "device_type":"type-PCI" }'
+ passthrough_whitelist: '{"vendor_id": "10de", "product_id": "1db4"}'
...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp-ceph-client-update
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: ucp-ceph-client-update-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data:
+ values:
+ conf:
+ pool:
+ target:
+ osd: {{yaml.storage.total_osd_count}}
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp-ceph-client
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: ucp-ceph-client-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data:
+ values:
+ conf:
+ pool:
+ target:
+ osd: {{yaml.storage.osd_count}}
+...
---
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
- name: ucp-ceph
+ name: ucp-ceph-osd
layeringDefinition:
abstract: false
layer: site
parentSelector:
- name: ucp-ceph-global
+ name: ucp-ceph-osd-global
actions:
- method: replace
path: .values.conf.storage.osd
type: directory
location: {{osd.journal}}
{% endfor %}
- pool:
- target:
- osd: {{yaml.storage.osd_count}}
...
-
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp-promenade
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: ucp-promenade-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data:
+ values:
+ pod:
+ env:
+ promenade_api:
+ - name: no_proxy
+ value: localhost,127.0.0.1,192.168.0.0/16,172.0.0.0/8,10.0.0.0/8
+ - name: NO_PROXY
+ value: localhost,127.0.0.1,192.168.0.0/16,172.0.0.0/8,10.0.0.0/8
+...
+++ /dev/null
-#!/usr/bin/env bash
-##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-
-read -p "Are you sure you wish to continue? (y/n)" REPLY
-if [ "$REPLY" != "y" ]; then
- echo "Good Bye"
- exit
-fi
-
-set -x
-
-# Check that we are root
-if [[ $(whoami) != "root" ]]
-then
- echo "Must be root to run $0"
- exit -1
-fi
-
-export KUBECONFIG=/etc/kubernetes/admin/kubeconfig.yaml
-
-kubectl drain --delete-local-data --force $(hostname)
-systemctl stop kubelet
-df -lh | awk '{ print $6 }' | grep -i kubelet | xargs -I {} umount -f -l {}
-df -lh | awk '{ print $6 }' | grep -i docker | grep -v "/var/lib" | xargs -I {} umount -f -l {}
-umount -f -l /run/user/0
-mount -a
-docker rm -fv $(docker ps -aq)
-
-#systemctl stop docker
-apt-get remove --autoremove --purge -y docker-engine=1.13.1-0~ubuntu-xenial socat=1.7.3.1-1
-#Docker
-rm -rf /dev/docker-data
-rm -rf /var/lib/docker/*
-rm -rf /etc/docker
-rm -rf /etc/systemd/system/docker.service.d
-rm -rf /var/lib/dockershim
-
-#Ceph
-rm -rf /var/lib/openstack-helm
-rm -rf /var/lib/ceph
-dd if=/dev/zero of=/dev/sdb bs=512 count=1 conv=notrunc
-dd if=/dev/zero of=/dev/sdc bs=512 count=1 conv=notrunc
-rm -rf /var/lib/openstack-helm/ceph/journal0/*
-rm -rf /var/lib/openstack-helm/ceph/journal1/*
-
-#Kubernetes
-rm -rf /etc/kubernetes
-rm -rf /usr/local/bin/kubectl
-rm -rf /usr/local/bin/kubelet
-rm -rf /var/lib/kubelet
-rm -rf /etc/systemd/system/kubelet
-rm -rf /etc/systemd/system/kubelet.service
-
-# apt-get install creates the following directory
-rm -rf /etc/systemd/system/kubelet.service.d/
-rm -rf /var/log/pods
-rm -rf /var/log/containers
-
-#etcd
-rm -rf /var/lib/auxiliary-etcd-0
-rm -rf /var/lib/auxiliary-etcd-1
-rm -rf /var/lib/auxiliary-calico-etcd-0
-rm -rf /var/lib/auxiliary-calico-etcd-1
-rm -rf /var/lib/calico-etcd
-rm -rf /var/lib/kube-etcd
-
-#nova
-rm -rf /var/lib/nova/*
-
-#ONAP
-rm -rf /dockerdata-nfs/onap/
-rm -rf /etc/dnsmasq.d
-rm -rf /opt/cni
-rm -rf /usr/local/bin/bootstrap
-rm -rf /usr/local/bin/helm
-rm -rf /var/lib/prom.done
-
-# Remove files generated by Promenade
-rm -rf /etc/cni
-rm -rf /etc/coredns
-rm -rf /etc/etcd
-rm -rf /etc/genesis
-rm -rf /var/lib/etcd
-rm -rf /var/lib/kubelet/pods
systemctl restart docker || true
}
-cleanup() {
- rm -rf ./tars/$SITE/configs/promenade
- rm -rf ./tars/$SITE/configs/promenade-bundle
+create_directories() {
mkdir -p ./tars/$SITE/configs/promenade
mkdir -p ./tars/$SITE/configs/promenade-bundle
}
}
#install_docker
-cleanup
+create_directories
get_site_config
gen_certs
gen_bundle
#!/bin/bash
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
# limitations under the License. #
##############################################################################
+set -x
+TIMESTAMP=$(date +"%Y%m%d%H%M")
+echo "Logging to /var/log/yaml_builds/2genesis_$TIMESTAMP.log"
+exec > /var/log/yaml_builds/2genesis_$TIMESTAMP.log
+exec 2>&1
source $(dirname $0)/setenv.sh
if [ -z "$1" ]
then
- echo "Plese pass site name as command line argument"
+ echo "Please pass site name as command line argument"
exit -2
else
SITE=${SITE:-$1}
echo "SITE=$SITE"
fi
+if [ -z "$YAML_BUILDS" ]
+then
+ echo "Please set YAML_BUILDS"
+ exit -3
+fi
+
source $(dirname $0)/env_$SITE.sh
-scp $AIC_CLCP_MANIFESTS/tools/promenade-bundle.tar $GENESIS_HOST:/tmp/
+cd $YAML_BUILDS
+# Install OS on Genesis
+python $YAML_BUILDS/scripts/jcopy.py $SITE.yaml $YAML_BUILDS/tools/j2/serverrc.j2 $YAML_BUILDS/tools/"$GENESIS_NAME"rc
+/opt/akraino/tools/install_server_os.sh --rc /opt/akraino/yaml_builds/tools/"$GENESIS_NAME"rc --skip-confirm
+
+scp $YAML_BUILDS/tars/promenade-bundle-$SITE.tar $GENESIS_HOST:/tmp/
ssh $GENESIS_HOST << EOF
- mkdir -p /opt/sitename/aic-clcp-manifests/tools
- cp /tmp/promenade-bundle.tar /opt/sitename/aic-clcp-manifests/tools/
- cd /opt/sitename/aic-clcp-manifests/tools/
- tar -xmf promenade-bundle.tar
- mkdir configs/promenade
- cp configs/promenade-bundle/*.yaml configs/promenade/
- bash /opt/sitename/aic-clcp-manifests/tools/configs/promenade-bundle/genesis.sh
+ # TODO avoid following hard coding$
+ route add -net 192.168.41.0/24 gw 192.168.2.1 bond0.41
+ mkdir -p /root/akraino
+ cp /tmp/promenade-bundle-$SITE.tar /root/akraino/
+ cd /root/akraino/
+ tar -xmf promenade-bundle-$SITE.tar
EOF
-
+# Update BIOS Setting
+python $YAML_BUILDS/scripts/update_bios_settings.py $SITE.yaml
#!/bin/bash
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
if [ -z "$1" ]
then
- echo "Plese pass site name as command line argument"
+ echo "Please pass site name as command line argument"
exit -2
else
SITE=${SITE:-$1}
source $(dirname $0)/env_$SITE.sh
-KEYSTONE_IMAGE=$(grep "keystone_db_sync" $AIC_CLCP_MANIFESTS/global/v4.0/software/config/versions.yaml | uniq | awk '{print $2}')
-SHIPYARD_IMAGE=$(grep "shipyard_db_sync" $AIC_CLCP_MANIFESTS/global/v4.0/software/config/versions.yaml | uniq | awk '{print $2}')
-
-DRYDOCK_PASSWORD=$(grep "^data:" $AIC_CLCP_MANIFESTS/site/$SITE/secrets/passphrases/ucp_drydock_keystone_password.yaml | awk '{print $2}')
-SHIPYARD_PASSWORD=$(grep "^data:" $AIC_CLCP_MANIFESTS/site/$SITE/secrets/passphrases/ucp_shipyard_keystone_password.yaml | awk '{print $2}')
-REGION_NAME=$SITE
-
-mkdir -p $YAML_BUILDS/tools/$SITE
-cp $YAML_BUILDS/tools/deploy_site.sh $YAML_BUILDS/tools/$SITE/
-sed -i -e "s,KEYSTONE_IMAGE=,KEYSTONE_IMAGE=$KEYSTONE_IMAGE,g" $YAML_BUILDS/tools/$SITE/deploy_site.sh
-sed -i -e "s,SHIPYARD_IMAGE=,SHIPYARD_IMAGE=$SHIPYARD_IMAGE,g" $YAML_BUILDS/tools/$SITE/deploy_site.sh
-sed -i -e "s/DRYDOCK_PASSWORD=/DRYDOCK_PASSWORD=$DRYDOCK_PASSWORD/g" $YAML_BUILDS/tools/$SITE/deploy_site.sh
-sed -i -e "s/SHIPYARD_PASSWORD=/SHIPYARD_PASSWORD=$SHIPYARD_PASSWORD/g" $YAML_BUILDS/tools/$SITE/deploy_site.sh
-sed -i -e "s/REGION_NAME=/REGION_NAME=$REGION_NAME/g" $YAML_BUILDS/tools/$SITE/deploy_site.sh
-sed -i -e "s/{{yaml.genesis.host}}/$GENESIS_HOST/g" $YAML_BUILDS/tools/$SITE/deploy_site.sh
-
-scp $YAML_BUILDS/tools/$SITE/deploy_site.sh $GENESIS_HOST:/opt/sitename/aic-clcp-manifests/tools/
-ssh $GENESIS_HOST 'bash /opt/sitename/aic-clcp-manifests/tools/deploy_site.sh'
+ssh $GENESIS_HOST << EOF
+ cd /root/akraino
+ bash configs/promenade-bundle/genesis.sh
+ # Shipyard takes time to really come up and start responding.
+ date
+ sleep 900
+ # Following is a workaround, tested on dell servers.
+ # TODO to be removed when not required.
+ bash update_iptables.sh
+ bash deploy_site.sh
+EOF
--- /dev/null
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+# Add proxy settings if required for your environment
+# export http_proxy=http://your.proxy.com:8080/
+# export https_proxy=http://your.proxy.com:8080/
+#
+
+# host name for server
+SRV_NAME=aknode30
+
+# server oem - Dell or HPE (case sensitive)
+SRV_OEM=HPE
+
+# out of band interface information for server (idrac/ilo/etc)
+SRV_OOB_IP=192.168.41.130
+SRV_OOB_USR=Administrator
+SRV_OOB_PWD=Admin123
+
+# mac address of server to be used during the build - not required for Dell servers
+SRV_MAC=3c:fd:fe:aa:90:b0
+
+# name of network interface used during build when ipxe.efi is booted and when os is booted
+# ipxe numbers ports from 0-n in pci bus order.
+# the netx value will depend on how many nics are in the server
+# and which pci device number is assigned to the slot
+SRV_IPXE_INF=net4
+
+# the build interface is the nic used by the Ubuntu installed to load the OS
+SRV_BLD_INF=ens3f0
+
+# the boot device is the device name on which the OS will be loaded
+SRV_BOOT_DEVICE=sdj
+SRV_CEPH_DEVICE=sdk
+
+# ipxe script to use - based on the os version and kernel to install
+# valid options are script-hwe-16.04.4-amd64.ipxe or script-16.04.4-amd64.ipxe
+SRV_BLD_SCRIPT=script-hwe-16.04.5-amd64.ipxe
+
+# template xml file to set bios and raid configuration settings
+SRV_BIOS_TEMPLATE=hpe_dl380_g10_uefi_base.json.template
+SRV_BOOT_TEMPLATE=hpe_dl380_g10_uefi_httpboot.json.template
+SRV_HTTP_BOOT_DEV=NIC.Slot.3-1-1
+
+# tempalte to run to configure OS after first boot
+# current options are: firstboot.sh.template, firstboot-genesis.sh.tempate or firstboot-airship-iab.sh.template
+SRV_FIRSTBOOT_TEMPLATE=firstboot-genesis.sh.template
+
+# VLAN to use during build and for final network configuration
+SRV_VLAN=41
+SRV_STORAGE_VLAN=42
+SRV_CALICO_VLAN=44
+SRV_NEUTRON_VLAN=45
+SRV_PXE_INF=eno1
+
+# basic network information for dhcp config and final server network settings
+SRV_MTU=9000
+SRV_IP=192.168.2.30
+SRV_STORAGE_IP=172.31.1.30
+SRV_CALICO_IP=172.29.1.30
+SRV_NEUTRON_IP=10.0.101.30
+SRV_PXE_IP=172.30.1.30
+SRV_SUBNET=192.168.2.0
+SRV_NETMASK=255.255.255.0
+SRV_GATEWAY=192.168.2.200
+SRV_DNS="192.168.2.85 8.8.8.8 8.8.4.4"
+SRV_DOMAIN=lab.akraino.org
+SRV_DNSSEARCH=lab.akraino.org
+SRV_NTP=ntp.ubuntu.org
+
+# root password for server being built
+SRV_PWD=akraino,d
+
+# network bond information
+SRV_BOND=bond0
+SRV_SLAVE1=ens3f0
+SRV_SLAVE2=ens3f1
+
--- /dev/null
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+# Add proxy settings if required for your environment
+# export http_proxy=http://your.proxy.com:8080/
+# export https_proxy=http://your.proxy.com:8080/
+#
+
+# host name for server
+SRV_NAME=aknode40
+
+# server oem - Dell or HPE (case sensitive)
+SRV_OEM=Dell
+
+# out of band interface information for server (idrac/ilo/etc)
+SRV_OOB_IP=192.168.41.40
+SRV_OOB_USR=root
+SRV_OOB_PWD=calvin
+
+# mac address of server to be used during the build - not required for Dell servers
+SRV_MAC=
+
+# name of network interface used during build when ipxe.efi is booted and when os is booted
+# ipxe numbers ports from 0-n in pci bus order.
+# the netx value will depend on how many nics are in the server
+# and which pci device number is assigned to the slot
+SRV_IPXE_INF=net4
+
+# the build interface is the nic used by the Ubuntu installed to load the OS
+SRV_BLD_INF=enp94s0f0
+
+# the boot device is the device name on which the OS will be loaded
+SRV_BOOT_DEVICE=sdg
+SRV_CEPH_DEVICE=sdh
+
+# ipxe script to use - based on the os version and kernel to install
+# valid options are script-hwe-16.04.4-amd64.ipxe or script-16.04.4-amd64.ipxe
+SRV_BLD_SCRIPT=script-hwe-16.04.5-amd64.ipxe
+
+# template xml file to set bios and raid configuration settings
+SRV_BIOS_TEMPLATE=dell_r740_g14_uefi_base.xml.template
+SRV_BOOT_TEMPLATE=dell_r740_g14_uefi_httpboot.xml.template
+SRV_HTTP_BOOT_DEV=NIC.Slot.2-1-1
+
+# tempalte to run to configure OS after first boot
+# current options are: firstboot.sh.template, firstboot-genesis.sh.tempate or firstboot-airship-iab.sh.template
+SRV_FIRSTBOOT_TEMPLATE=firstboot-genesis.sh.template
+
+# VLAN to use during build and for final network configuration
+SRV_VLAN=41
+SRV_STORAGE_VLAN=42
+SRV_CALICO_VLAN=44
+SRV_NEUTRON_VLAN=45
+SRV_PXE_INF=eno3
+
+# basic network information for dhcp config and final server network settings
+SRV_MTU=9000
+SRV_IP=192.168.2.40
+SRV_STORAGE_IP=172.31.2.40
+SRV_CALICO_IP=172.29.1.40
+SRV_NEUTRON_IP=10.0.102.40
+SRV_PXE_IP=172.30.2.40
+SRV_SUBNET=192.168.2.0
+SRV_NETMASK=255.255.255.0
+SRV_GATEWAY=192.168.2.200
+SRV_DNS="192.168.2.85 8.8.8.8 8.8.4.4"
+SRV_DOMAIN=lab.akraino.org
+SRV_DNSSEARCH=lab.akraino.org
+SRV_NTP=ntp.ubuntu.org
+
+# root password for server being built
+SRV_PWD=akraino,d
+
+# network bond information
+SRV_BOND=bond0
+SRV_SLAVE1=enp94s0f0
+SRV_SLAVE2=enp94s0f1
+
--- /dev/null
+#!/bin/bash
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+set -eux
+
+log () {
+printf "$(date)\t%s\n" "${1}"
+}
+
+
+TO_RM=(
+"/etc/apt/apt.conf.d/20-proxy.conf"
+"/etc/apt/sources.list.d/promenade-sources.list"
+"/etc/cni"
+"/etc/coredns"
+"/etc/docker/daemon.json"
+"/etc/etcd"
+"/etc/genesis"
+"/etc/kubernetes"
+"/etc/logrotate.d/json-logrotate"
+"/etc/systemd/system/kubelet.service"
+"/etc/systemd/system/docker.service.d/http-proxy.conf"
+"/home/ceph"
+"/usr/local/bin/armada"
+"/usr/local/bin/helm"
+"/usr/local/bin/kubectl"
+"/usr/local/bin/promenade-teardown"
+"/var/lib/anchor/calico-etcd-bootstrap"
+"/var/lib/etcd"
+"/var/lib/kubelet/pods"
+"/var/lib/openstack-helm"
+"/var/log/armada"
+"/var/log/containers"
+"/var/log/pods"
+)
+
+TO_LEAVE=(
+"/etc/hosts"
+"/etc/resolv.conf"
+)
+
+prune_docker() {
+log "Docker prune"
+docker volume prune -f
+docker system prune -a -f
+}
+
+remove_containers() {
+log "Remove all Docker containers"
+docker ps -aq 2> /dev/null | xargs --no-run-if-empty docker rm -fv
+}
+
+remove_files() {
+for item in "${TO_RM[@]}"; do
+log "Removing ${item}"
+rm -rf "${item}"
+done
+}
+
+leave_files() {
+for item in "${TO_LEAVE[@]}"; do
+log "WARNING: === ${item} === has been modified, but we didn't revert changes."
+done
+}
+
+reset_docker() {
+log "Remove all local Docker images"
+docker images -qa | xargs --no-run-if-empty docker rmi -f
+
+log "Remove remaining Docker files"
+systemctl stop docker
+if ! rm -rf /var/lib/docker/*; then
+log "Failed to cleanup some files in /var/lib/docker"
+find /var/lib/docker
+fi
+systemctl start docker
+}
+
+stop_kubelet() {
+log "Stop Kubelet and clean pods"
+systemctl stop kubelet || true
+
+# Issue with orhan PODS
+# https://github.com/kubernetes/kubernetes/issues/38498
+find var/lib/kubelet/pods 2> dev/null | while read orphan_pod; do
+if [[ ${orphan_pod} == io~secret ]] || [[ ${orphan_pod} == empty-dir ]]; then
+umount "${orphan_pod}" || true
+rm -rf "${orphan_pod}"
+fi
+done
+}
+
+
+FORCE=0
+RESET_DOCKER=0
+
+while getopts "fk" opt; do
+case "${opt}" in
+f)
+FORCE=1
+;;
+k)
+RESET_DOCKER=1
+;;
+*)
+echo "Unknown option"
+exit 1
+;;
+esac
+done
+
+if [[ $FORCE == "0" ]]; then
+echo Warning: This cleanup script is very aggressive. Run with -f to avoid this prompt.
+while true; do
+read -p "Are you sure you wish to proceed with aggressive cleanup?" yn
+case $yn in
+[Yy]*)
+RESET_DOCKER=1
+break
+;;
+*)
+echo Exiting.
+exit 1
+esac
+done
+fi
+
+stop_kubelet
+remove_containers
+remove_files
+prune_docker
+
+systemctl daemon-reload
+
+if [[ $RESET_DOCKER == "1" ]]; then
+reset_docker
+fi
+
+leave_files
#!/bin/bash
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
set -x
+TIMESTAMP=$(date +"%Y%m%d%H%M")
+echo "logging to /var/log/deploy_site_$TIMESTAMP.log"
+exec > /var/log/deploy_site_$TIMESTAMP.log
+exec 2>&1
# Regional Server specific variables
KEYSTONE_IMAGE=
sleep 5
}
-#clean_configdocs
-#create_configdocs
-#commit_configdocs
+sleep 900
+clean_configdocs
+create_configdocs
+commit_configdocs
renderedconfigdocs
-#deploy_site
-getactions
+deploy_site
+#getactions
#update_site
##
--- /dev/null
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+# Add proxy settings if required for your environment
+# export http_proxy=http://your.proxy.com:8080/
+# export https_proxy=http://your.proxy.com:8080/
+#
+
+# host name for server
+SRV_NAME={{yaml.genesis.name}}
+
+# server oem - Dell or HPE (case sensitive)
+SRV_OEM={{yaml.genesis.oem}}
+
+# out of band interface information for server (idrac/ilo/etc)
+SRV_OOB_IP={{yaml.genesis.oob}}
+SRV_OOB_USR={{yaml.ipmi_admin.username}}
+SRV_OOB_PWD={{yaml.ipmi_admin.password}}
+
+# mac address of server to be used during the build - not required for Dell servers
+SRV_MAC={{yaml.genesis.mac_address}}
+
+# name of network interface used during build when ipxe.efi is booted and when os is booted
+# ipxe numbers ports from 0-n in pci bus order.
+# the netx value will depend on how many nics are in the server
+# and which pci device number is assigned to the slot
+SRV_IPXE_INF={{yaml.networks.pxe.inf}}
+
+# the build interface is the nic used by the Ubuntu installed to load the OS
+SRV_BLD_INF={{yaml.networks.slaves[0].name}}
+
+# the boot device is the device name on which the OS will be loaded
+SRV_BOOT_DEVICE={{yaml.disks[0].name}}
+SRV_CEPH_DEVICE={{yaml.disks[1].name}}
+
+# ipxe script to use - based on the os version and kernel to install
+# valid options are script-hwe-16.04.4-amd64.ipxe or script-16.04.4-amd64.ipxe
+SRV_BLD_SCRIPT=script-hwe-16.04.5-amd64.ipxe
+
+# template xml file to set bios and raid configuration settings
+SRV_BIOS_TEMPLATE={{yaml.genesis.bios_template}}
+SRV_BOOT_TEMPLATE={{yaml.genesis.boot_template}}
+SRV_HTTP_BOOT_DEV={{yaml.genesis.http_boot_device}}
+
+# tempalte to run to configure OS after first boot
+# current options are: firstboot.sh.template, firstboot-genesis.sh.tempate or firstboot-airship-iab.sh.template
+SRV_FIRSTBOOT_TEMPLATE=firstboot-genesis.sh.template
+
+# VLAN to use during build and for final network configuration
+SRV_VLAN={{yaml.networks.host.vlan}}
+SRV_STORAGE_VLAN={{yaml.networks.storage.vlan}}
+SRV_CALICO_VLAN={{yaml.networks.ksn.vlan}}
+SRV_NEUTRON_VLAN={{yaml.networks.neutron.vlan}}
+SRV_PXE_INF={{yaml.networks.pxe.interface}}
+
+# basic network information for dhcp config and final server network settings
+SRV_MTU=9000
+SRV_IP={{yaml.genesis.host}}
+SRV_STORAGE_IP={{yaml.genesis.storage}}
+SRV_CALICO_IP={{yaml.genesis.ksn}}
+SRV_NEUTRON_IP={{yaml.genesis.neutron}}
+SRV_PXE_IP={{yaml.genesis.pxe}}
+SRV_SUBNET={{yaml.networks.host.subnet}}
+SRV_NETMASK={{yaml.networks.host.netmask}}
+SRV_GATEWAY={{yaml.networks.host.routes.gateway}}
+SRV_DNS="{{yaml.networks.host.dns.servers}}"
+SRV_DOMAIN={{yaml.networks.host.dns.domain}}
+SRV_DNSSEARCH={{yaml.networks.host.dns.domain}}
+SRV_NTP=ntp.ubuntu.org
+
+# root password for server being built
+SRV_PWD={{yaml.genesis.root_password}}
+
+# network bond information
+SRV_BOND={{yaml.networks.primary}}
+{% for slave in yaml.networks.slaves %}
+SRV_SLAVE{{loop.index}}={{slave.name}}
+{% endfor %}
--- /dev/null
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+# Add proxy settings if required for your environment
+# export http_proxy=http://your.proxy.com:8080/
+# export https_proxy=http://your.proxy.com:8080/
+#
+# Set the ip and port to use when creating the web server
+BUILD_WEBIP=192.168.2.5
+
+# host name for server
+SRV_NAME={{yaml.name}}
+
+# out of band interface information for server (idrac/ilo/etc)
+SRV_OOB_IP={{yaml.oob}}
+SRV_OOB_USR={{yaml.oob_user}}
+SRV_OOB_PWD={{yaml.oob_password}}
#!/bin/bash
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
# limitations under the License. #
##############################################################################
-
export GENESIS_HOST={{yaml.genesis.host}}
echo GENESIS_HOST=$GENESIS_HOST
-export GENESIS_PXE={{yaml.genesis.pxe}}
-echo GENESIS_PXE=$GENESIS_PXE
-export REGIONAL_SERVER_IP={{yaml.regional_server.ip}}
-echo REGIONAL_SERVER_IP=$REGIONAL_SERVER_IP
+export PXE_INTERFACE={{yaml.networks.pxe.interface}}
+echo PXE_INTERFACE=$PXE_INTERFACE
+export HOST_INTERFACE={{yaml.networks.host.interface}}
+echo HOST_INTERFACE=$HOST_INTERFACE
+export GENESIS_NAME={{yaml.genesis.name}}
+echo GENESIS_NAME=$GENESIS_NAME
--- /dev/null
+#!/usr/bin/env bash
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+set -x
+
+PEGLEG_IMAGE=${PEGLEG_IMAGE:-quay.io/airshipit/pegleg:09d85465827f1468d3469e5bbcf6b48f25338e7c}
+
+echo
+echo "== NOTE: Workspace $WORKSPACE is available as /workspace in container context =="
+echo
+
+docker run --rm -t \
+ --net=none \
+ --workdir="/site" \
+ -v "${WORKSPACE}:/site" \
+ -v "${AIRSHIP_TREASUREMAP}:/global" \
+ "${PEGLEG_IMAGE}" \
+ pegleg "${@}"
#!/bin/bash
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
##############################################################################
-export YAML_BUILDS=/opt/yaml_builds
+export YAML_BUILDS=/opt/akraino/yaml_builds
echo YAML_BUILDS=$YAML_BUILDS
-export AIC_CLCP_MANIFESTS=/opt/yaml_builds/aic-clcp-manifests
-echo AIC_CLCP_MANIFESTS=$AIC_CLCP_MANIFESTS
-export AIC_CLCP_SECURITY_MANIFESTS=/opt/yaml_builds/aic-clcp-security-manifests
-echo AIC_CLCP_SECURITY_MANIFESTS=$AIC_CLCP_SECURITY_MANIFESTS
+export AIRSHIP_TREASUREMAP=/root/airship-treasuremap
+echo AIRSHIP_TREASUREMAP=$AIRSHIP_TREASUREMAP
#!/bin/bash
##############################################################################
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved. #
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. #
# limitations under the License. #
##############################################################################
+set -x
if [ -z "$1" ]
then
- echo "Plese pass site name as command line argument"
+ echo "Please pass site name as command line argument"
exit -2
else
export SITE=${SITE:-$1}
--- /dev/null
+#!/bin/bash
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+set -x
+TIMESTAMP=$(date +"%Y%m%d%H%M")
+echo "Logging to /var/log/yaml_builds/transfer_$TIMESTAMP.log"
+exec > /var/log/yaml_builds/transfer_$TIMESTAMP.log
+exec 2>&1
+
+source $(dirname $0)/setenv.sh
+
+if [ -z "$1" ]
+then
+ echo "Please pass site name as command line argument"
+ exit -2
+else
+ SITE=${SITE:-$1}
+ echo "SITE=$SITE"
+fi
+
+if [ -z "$YAML_BUILDS" ]
+then
+ echo "Please set YAML_BUILDS"
+ exit -3
+fi
+
+
+source $(dirname $0)/env_$SITE.sh
+
+cd $YAML_BUILDS
+
+scp $YAML_BUILDS/tars/promenade-bundle-$SITE.tar $GENESIS_HOST:/tmp/
+ssh $GENESIS_HOST << EOF
+ # TODO avoid following hard coding$
+ cp /tmp/promenade-bundle-$SITE.tar /root/akraino/
+ cd /root/akraino/
+ tar -xmf promenade-bundle-$SITE.tar
+EOF
+# Update BIOS Setting
+python $YAML_BUILDS/scripts/update_bios_settings.py $SITE.yaml
--- /dev/null
+#!/bin/bash
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+HOST_INTERFACE=
+PXE_INTERFACE=
+
+echo 1 > /proc/sys/net/ipv4/ip_forward
+iptables -t nat -A POSTROUTING -o $HOST_INTERFACE -j MASQUERADE
+iptables -A FORWARD -i $HOST_INTERFACE -o $PXE_INTERFACE -m state --state RELATED,ESTABLISHED -j ACCEPT
+iptables -A FORWARD -i $PXE_INTERFACE -o $HOST_INTERFACE -j ACCEPT
+
# See the License for the specific language governing permissions and
# limitations under the License.
-export VERSION=0.0.1-SNAPSHOT
+export VERSION=0.0.2-SNAPSHOT
Code Review / yaml_builds.git / commitdiff