vlan: 41
interface: bond0.41
cidr: 192.168.2.0/24
+ subnet: 192.168.2.0
+ netmask: 255.255.255.0
routes:
gateway: 192.168.2.200
ranges:
dns:
domain: lab.akraino.org
servers: '192.168.2.85 8.8.8.8 8.8.4.4'
+ inf: net4
ksn:
vlan: 44
interface: bond0.44
pxe: 172.30.2.40
ksn: 172.29.1.40
neutron: 10.0.102.40
+ root_password: smil3yfc
+ oem: Dell
masters:
- name : aknode41
oob: 192.168.41.41
pxe: 172.30.2.41
ksn: 172.29.1.41
neutron: 10.0.102.41
+ oob_user: root
+ oob_password: calvin
- name : aknode42
oob: 192.168.41.42
host: 192.168.2.42
pxe: 172.30.2.42
ksn: 172.29.1.42
neutron: 10.0.102.42
+ oob_user: root
+ oob_password: calvin
#workers:
# - name : aknode43
# oob: 192.168.41.43
static:
start: 192.168.2.1
end: 192.168.2.83
+ dns:
+ domain: lab.akraino.org
+ servers: '192.168.2.85 8.8.8.8 8.8.4.4'
storage:
vlan: 42
interface: bond0.42
dhcp:
start: 172.30.1.201
end: 172.30.1.254
+ dns:
+ domain: lab.akraino.org
+ servers: '192.168.2.85 8.8.8.8 8.8.4.4'
+ inf: net4
ksn:
vlan: 44
interface: bond0.44
static:
start: 10.0.101.2
end: 10.0.101.254
+dns:
+ upstream_servers:
+ - 192.168.2.85
+ - 8.8.8.8
+ - 8.8.8.8
+ upstream_servers_joined: '192.168.2.85,8.8.8.8'
+ ingress_domain: hpgen10.akraino.org
sriovnets:
- physical: sriovnet1
interface: ens6f0
total_osd_count: 24
genesis:
name: aknode30
- oob: 192.168.41.30
+ oob: 192.168.41.130
host: 192.168.2.30
storage: 172.31.1.30
pxe: 172.30.1.30
pxe: 172.30.1.33
ksn: 172.29.1.33
neutron: 10.0.101.33
- - name : aknode34
- oob: 192.168.41.134
- host: 192.168.2.34
- storage: 172.31.1.34
- pxe: 172.30.1.34
- ksn: 172.29.1.34
- neutron: 10.0.101.34
+# - name : aknode34
+# oob: 192.168.41.134
+# host: 192.168.2.34
+# storage: 172.31.1.34
+# pxe: 172.30.1.34
+# ksn: 172.29.1.34
+# neutron: 10.0.101.34
hardware:
vendor: HP
generation: '10'
- name: cephj
size: 300g
mountpoint: /var/lib/ceph/journal
+disks_compute:
+ - name : sdj
+ labels:
+ bootdrive: 'true'
+ partitions:
+ - name: root
+ size: 20g
+ mountpoint: /
+ - name: boot
+ size: 1g
+ mountpoint: /boot
+ - name: var
+ size: '>300g'
+ mountpoint: /var
+ - name : sdk
+ partitions:
+ - name: nova
+ size: '99%'
+ mountpoint: /var/lib/nova
genesis_ssh_public_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC/n4mNLAj3XKG2fcm+8eVe0NUlNH0g8DA8KJ53rSLKccm8gm4UgLmGOJyBfUloQZMuOpU6a+hexN4ECCliqI7+KUmgJgsvLkJ3OUMNTEVu9tDX5mdXeffsufaqFkAdmbJ/9PMPiPQ3/UqbbtyEcqoZAwUWf4ggAWSp00SGE1Okg+skPSbDzPVHb4810eXZT1yoIg29HAenJNNrsVxvnMT2kw2OYmLfxgEUh1Ev4c5LnUog4GXBDHQtHAwaIoTu9s/q8VIvGav62RJVFn3U1D0jkiwDLSIFn8ezORQ4YkSidwdSrtqsqa2TJ0E5w/n5h5IVGO9neY8YlXrgynLd4Y+7 root@pocnjrsv132"
kubernetes:
api_service_ip: 10.96.0.1
print '{0} -> {1}'.format(source_path, target_path)
total += 1
-def expand_file(target_dir, file):
+def expand_file(target_file, file):
global total
- if not os.path.exists(target_dir):
- os.makedirs(target_dir)
+ if not os.path.exists(os.path.dirname(target_file)):
+ os.makedirs(os.path.dirname(target_file))
env = jinja2.Environment()
env.trim_blocks = True
env.lstrip_blocks = True
with open(file) as fd:
template = env.from_string(fd.read())
data = template.render(yaml=yaml)
- target_path = target_dir + '/' + os.path.basename(file)
- fd2 = open(target_path,'w')
+ fd2 = open(target_file,'w')
fd2.write(data)
fd2.write("\n")
fd2.close()
- print '{0} -> {1}'.format(file, target_path)
+ print '{0} -> {1}'.format(file, target_file)
total += 1
if len(sys.argv) != 4:
--- /dev/null
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+import os
+import sys
+import yaml
+import jinja2
+import subprocess
+
+with open(sys.argv[1]) as f:
+ yaml = yaml.safe_load(f)
+
+def create_rc_genesis(source, target_suffix):
+ env = jinja2.Environment()
+ env.trim_blocks = True
+ env.lstrip_blocks = True
+
+ with open(source) as fd:
+ template = env.from_string(fd.read())
+ data = template.render(yaml=yaml)
+ target_file = yaml['genesis']['name']+target_suffix
+ fd2 = open(target_file,'w')
+ fd2.write(data)
+ fd2.write("\n")
+ fd2.close()
+ print '{0} -> {1}'.format(source, target_file)
+
+def create_rc_masters(source, target_suffix):
+ env = jinja2.Environment()
+ env.trim_blocks = True
+ env.lstrip_blocks = True
+
+ for master in yaml['masters']:
+ with open(source) as fd:
+ template = env.from_string(fd.read())
+ data = template.render(yaml=master)
+ target_file = "server-config/"+master['name']+target_suffix
+ print target_file
+ if not os.path.exists(os.path.dirname(target_file)):
+ os.makedirs(os.path.dirname(target_file))
+ fd2 = open(target_file,'w')
+ fd2.write(data)
+ fd2.write("\n")
+ fd2.close()
+ print '{0} -> {1}'.format(source, target_file)
+ command = '/opt/akraino/redfish/apply_dellxml.sh --rc {0} --template dell_r740_g14_uefi_base.xml.template --no-confirm'.format(target_file)
+ print 'command: {0}'.format(command)
+ os.system(command)
+
+if len(sys.argv) != 2:
+ print 'usage: update_bios_settings.py <yaml>'
+ sys.exit(1)
+
+#create_rc_genesis("tools/j2/serverrc.j2", "rc")
+create_rc_masters("tools/j2/serverrc_raid.j2", "rc.raid")
+
- ucp-control-plane=enabled
- maas-control-plane=enabled
- ceph-osd-bootstrap=enabled
-# - openstack-libvirt=kernel
-# - openvswitch=enabled
-# - openstack-control-plane=enabled
-# - openstack-nova-compute=enabled
+ - openstack-libvirt=kernel
+ - openvswitch=enabled
+ - openstack-control-plane=enabled
+ - openstack-nova-compute=enabled
...
filter_set_type: 'union'
filter_set:
- filter_type: 'union'
- node_names:
- - 'aknode33'
- - 'aknode34'
assets:
- path: /etc/modprobe.d/sriov_blacklist.conf
type: file
[Service]
Type=simple
- #ExecStart=/opt/configure-ip-rules.sh -i bond1.2406 -c DH_SUB_POD_CIDR -o 10.34.0.0/15 -s 135.21.157.32/29
- #ExecStart=/opt/configure-ip-rules.sh -i bond0.44 -c DH_SUB_POD_CIDR -o 10.99.0.0/16 -s 172.29.1.0/24
ExecStart=/opt/configure-ip-rules.sh -g 172.29.1.1 -c 10.99.0.0/16 -s 172.29.1.136/29
-
-
[Install]
WantedBy=multi-user.target
data_pipeline:
cat <<EOU
Options are:
- -c POD_CIDR The pod CIDR for the Kubernetes cluster, e.g. 10.97.0.0/16
+ -c POD_CIDR The pod CIDR for the Kubernetes cluster, e.g. 10.99.0.0/16
-i INTERFACE The interface for internal pod traffic, e.g. bond1.2006
-o OVERLAP_CIDR (optional) This CIDR will be routed via the VRRP IP on
INTERFACE. It is used to provide a work around when
shift $((OPTIND-1))
if [ "x$POD_CIDR" == "x" ]; then
- echo "Missing pod CIDR, e.g -c 10.97.0.0/16" >&2
+ echo "Missing pod CIDR, e.g -c 10.99.0.0/16" >&2
usage
exit 1
fi
- 'aknode31'
- 'aknode32'
- 'aknode33'
- - 'aknode34'
# TODO(alanmeadows) move what is global about this document - everything except nodenames to global
assets:
- path: /opt/promjoin.sh
# you should use to contact kubernetes in the case below, this is cab24_mgmt
location: promenade+http://promenade-api.ucp.svc.cluster.local/api/v1.0/join-scripts?design_ref={{ action.design_ref | urlencode }}&hostname={{ node.hostname }}&ip={{ node.network.calico.ip }}{% for k, v in node.labels.items() %}&labels.dynamic={{ k }}={{ v }}{% endfor %}
location_pipeline:
-#originally rack06_calico
- template
data_pipeline:
- utf8_decode
# See the License for the specific language governing permissions and #
# limitations under the License. #
##############################################################################
-
schema: 'drydock/BaremetalNode/v1'
metadata:
schema: 'metadata/Document/v1'
layer: site
storagePolicy: cleartext
data:
- host_profile: MyControlPlane_HP
+ host_profile: ControlPlane
+ # the hostname for a server, could be used in multiple DNS domains to
+ # represent different interfaces
addressing:
+ # Which network the address applies to. If a network appears in addressing
+ # that isn't assigned to an interface, design validation will fail
- network: oob
address: 192.168.41.131
- network: pxe
+ # The address assigned. Either a explicit IPv4 or IPv6 address
+ # or dhcp or slaac
address: 172.30.1.31
- network: oam
address: 192.168.2.31
tags:
- 'masters'
---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
schema: 'drydock/BaremetalNode/v1'
metadata:
schema: 'metadata/Document/v1'
layer: site
storagePolicy: cleartext
data:
- host_profile: MyControlPlane_HP
-#/new/notused/aic-clcp-manifests/site/clcp-seaworthy/profiles/host/cp_rack.yaml
+ host_profile: ControlPlane
+ # the hostname for a server, could be used in multiple DNS domains to
+ # represent different interfaces
addressing:
+ # Which network the address applies to. If a network appears in addressing
+ # that isn't assigned to an interface, design validation will fail
- network: oob
address: 192.168.41.132
- network: pxe
+ # The address assigned. Either a explicit IPv4 or IPv6 address
+ # or dhcp or slaac
address: 172.30.1.32
- network: oam
address: 192.168.2.32
layer: site
storagePolicy: cleartext
data:
- host_profile: MyComputePlane_HP
+ host_profile: ComputePlane
+ # the hostname for a server, could be used in multiple DNS domains to
+ # represent different interfaces
addressing:
+ # Which network the address applies to. If a network appears in addressing
+ # that isn't assigned to an interface, design validation will fail
- network: oob
address: 192.168.41.133
- network: pxe
+ # The address assigned. Either a explicit IPv4 or IPv6 address
+ # or dhcp or slaac
address: 172.30.1.33
- network: oam
address: 192.168.2.33
rack: RACK01
tags:
- 'workers'
-#---
-#schema: 'drydock/BaremetalNode/v1'
-#metadata:
-# schema: 'metadata/Document/v1'
-# name: aknode34
-# layeringDefinition:
-# abstract: false
-# layer: site
-# storagePolicy: cleartext
-#data:
-# host_profile: MyComputePlane_HP
-# addressing:
-# - network: oob
-# address: 192.168.41.134
-# - network: pxe
-# address: 172.30.1.34
-# - network: oam
-# address: 192.168.2.34
-# - network: storage
-# address: 172.31.1.34
-# - network: overlay
-# address: 10.0.101.34
-# - network: calico
-# address: 172.29.1.34
-# metadata:
-# rack: RACK01
-# tags:
-# - 'workers'
...
- 8.8.8.8
- 8.8.8.8
upstream_servers_joined: '192.168.2.85,8.8.8.8'
-
+ ingress_domain: hpgen10.akraino.org
genesis:
hostname: aknode30
-# ip: 192.168.2.30
ip: 172.29.1.30
bootstrap:
ntp:
servers_joined: '0.ubuntu.pool.ntp.org,1.ubuntu.pool.ntp.org,2.ubuntu.pool.ntp.org'
-
# Used for FQDN setup/definition
domain:
url: hpgen10.lab.akraino.org
ldap:
+ base_url: 'its-a-ldap.example.com'
url: 'ldap://its-a-ldap.example.com'
+ auth_path: DC=test,DC=test,DC=com?sAMAccountName?sub?memberof=CN=test,OU=Application,OU=Groups,DC=test,DC=test,DC=com
common_name: AP-NC_Test_Users
subdomain: testitservices
domain: example
public_cidr: '172.31.1.0/24'
cluster_cidr: '172.31.1.0/24'
- # external: typically the floating IP subnet
- # tunnel: overlay network for VM traffic
neutron:
tunnel_device: 'bond0.45'
external_iface: 'bond0'
schema: 'drydock/NetworkLink/v1'
metadata:
schema: 'metadata/Document/v1'
-# name: gp
name: bond0
layeringDefinition:
abstract: false
mode: 802.1q
allowed_networks:
- oam
-# - public
- storage
- overlay
- calico
- type: static
start: 172.29.1.5
end: 172.29.1.254
-# routes:
-# - subnet: '172.29.140.64/26'
-# gateway: 172.29.140.3
...
- 172.30.1.33
groups:
- system:nodes
- - document_name: kubelet-aknode34
- common_name: system:node:aknode34
- hosts:
- - aknode34
- - 192.168.2.34
- - 172.29.1.34
- - 172.30.1.34
- groups:
- - system:nodes
- document_name: scheduler
description: Service certificate for Kubernetes scheduler
common_name: system:kube-scheduler
- name: service-account
description: Service account signing key for use by Kubernetes controller-manager.
...
-
- ucp-control-plane=enabled
- maas-control-plane=enabled
- ceph-osd-bootstrap=enabled
-# - openstack-libvirt=kernel
-# - openvswitch=enabled
-# - openstack-control-plane=enabled
-# - openstack-nova-compute=enabled
+ - openstack-libvirt=kernel
+ - openvswitch=enabled
+ - openstack-control-plane=enabled
+ - openstack-nova-compute=enabled
...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: 'drydock/HardwareProfile/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: DELL_HP_Generic
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ vendor: HP
+ generation: '10'
+ hw_version: '3'
+ bios_version: '2.8'
+ boot_mode: bios
+ bootstrap_protocol: pxe
+ pxe_interface: 0
+ device_aliases: {}
+...
schema: drydock/HostProfile/v1
metadata:
schema: metadata/Document/v1
- name: MyComputePlane_HP
+ name: ComputePlane
storagePolicy: cleartext
labels:
- hosttype: MyComputePlane_HP
+ hosttype: ComputePlane
layeringDefinition:
abstract: false
layer: site
partitions:
- name: 'root'
size: '20g'
- bootable: true
filesystem:
mountpoint: '/'
fstype: 'ext4'
sriov: enabled
beta.kubernetes.io/fluentd-ds-ready: 'true'
...
-
schema: drydock/HostProfile/v1
metadata:
schema: metadata/Document/v1
- name: MyControlPlane_HP
+ name: ControlPlane
storagePolicy: cleartext
labels:
- hosttype: MyControlPlane_HP
+ hosttype: ControlPlane
layeringDefinition:
abstract: false
layer: site
network: 'oob'
account: 'Administrator'
primary_network: 'oam'
- hardware_profile: DELL_HP_Generic
+ hardware_profile: DELL_HP_Generic
interfaces:
pxe:
device_link: pxe
- 'storage'
- 'overlay'
- 'calico'
+ p1p1:
+ slaves:
+ - 'sriov_nic01'
+ sriov:
+ vf_count: 32 # Currently ignored
+ trustedmode: false
+ p3p2:
+ slaves:
+ - 'sriov_nic02'
+ sriov:
+ vf_count: 32 # Currently ignored
+ trustedmode: false
storage:
physical_devices:
sdj:
partitions:
- name: 'root'
size: '20g'
- bootable: true
filesystem:
mountpoint: '/'
fstype: 'ext4'
platform:
image: 'xenial'
kernel: 'hwe-16.04'
-# kernel_params:
-# console: 'ttyS1,115200n8'
+ kernel_params:
+ console: 'ttyS1,115200n8'
+ intel_iommu: 'on'
+ iommu: 'pt'
+ amd_iommu: 'on'
+ transparent_hugepage: 'never'
+ hugepagesz: 'hardwareprofile:hugepages.dpdk.size'
+ hugepages: 'hardwareprofile:hugepages.dpdk.count'
+ default_hugepagesz: 'hardwareprofile:hugepages.dpdk.size'
+ isolcpus: 'hardwareprofile:cpuset.kvm'
metadata:
owner_data:
control-plane: enabled
openstack-cinder-control: enabled
openstack-cinder-volume: control
openstack-neutron: enabled
+ openstack-libvirt: kernel
openvswitch: enabled
+ openstack-nova-compute: enabled
sriov: enabled
ucp-barbican: enabled
ceph-bootstrap: enabled
ceph-mon: enabled
+ ceph-mgr: enabled
ceph-osd: enabled
ceph-mds: enabled
ceph-rgw: enabled
postgresql: enabled
kube-ingress: enabled
sriov: enabled
- openstack-nova-compute: enabled
- openstack-libvirt: kernel
beta.kubernetes.io/fluentd-ds-ready: 'true'
...
-
--- /dev/null
+---
+# self-signed certifacte generated based on
+# https://libvirt.org/remote.html#Remote_certificates
+metadata:
+ layeringDefinition:
+ abstract: false
+ layer: site
+ name: ingress-crt
+ schema: metadata/Document/v1
+ storagePolicy: cleartext
+schema: deckhand/Certificate/v1
+data: |
+ -----BEGIN CERTIFICATE-----
+ MIIFKzCCA5OgAwIBAgIMW2h6FCcFdKeaw3vnMA0GCSqGSIb3DQEBCwUAMBIxEDAO
+ BgNVBAMTB0FpcnNoaXAwHhcNMTgwODA2MTY0MDUyWhcNMTkwODA2MTY0MDUyWjBJ
+ MTUwMwYDVQQDEyxpbmdyZXNzLmFpcnNoaXAtc2Vhd29ydGh5LmF0bGFudGFmb3Vu
+ ZHJ5LmNvbTEQMA4GA1UEChMHQWlyc2hpcDCCAaIwDQYJKoZIhvcNAQEBBQADggGP
+ ADCCAYoCggGBALvNHm/G/ylh6aPcvrhOcb4qz1BjcNtnxH8bzZng/rMeX3W2AzjC
+ r2JloJcDvOLBp/TkLOZPImnFW2/GCwktxPgXZuBTPzFV50g77KsPFw0fn3Si7+bs
+ F22tLhdOGk6MQj/WW4pKGHqdw1/VbPwOHBT+I4/scR1L2SZxYtSFIKGenHJH+PMV
+ bCdwnNOR80F8KRzK5iZs/r6S/QqVheieARSWWnk2+TtkM1BloGOhLSd+ZkWh9VO1
+ eOnZowkaDAJwD/G6zoSr5n+beaXzDnEcoVXFSwd4FLoV+om77o92XmZ4rVw0vTMO
+ k6jVwmkdT+dM2K2hLUG/TXWoV2/Qms70gzDOs85RtAkTPe4Ohtdpr51Q0hd35TKG
+ YLKzX/OPblD68iYJYSBvMPpAVTbFYVPW1AQx8wWfannYbMoeL8XTEOKfkqm90YP9
+ EhIdtmw4D7GZxlzG5FXXutmT9sqLfqlRu/RynAhBP8NQvw74WumhOe8r7GhCwgzC
+ gaPLGjeekoS6LQIDAQABo4IBSDCCAUQwDAYDVR0TAQH/BAIwADCBzQYDVR0RBIHF
+ MIHCgixpbmdyZXNzLmFpcnNoaXAtc2Vhd29ydGh5LmF0bGFudGFmb3VuZHJ5LmNv
+ bYIta2V5c3RvbmUuYWlyc2hpcC1zZWF3b3J0aHkuYXRsYW50YWZvdW5kcnkuY29t
+ gilub3ZhLmFpcnNoaXAtc2Vhd29ydGh5LmF0bGFudGFmb3VuZHJ5LmNvbYIsaG9y
+ aXpvbi5haXJzaGlwLXNlYXdvcnRoeS5hdGxhbnRhZm91bmRyeS5jb22HBAoXFQuH
+ BAoXFgswEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0PAQH/BAUDAwegADAdBgNV
+ HQ4EFgQUfTAjNgn/1U1Uh1MJDYT2m4dzhsYwHwYDVR0jBBgwFoAUJFuXPZo6RzfE
+ BlJjnnk5jhcP4wIwDQYJKoZIhvcNAQELBQADggGBAE2ISWmrxqrledJI3aLaS9Yw
+ WsZc8O8CnIyLoxrE85vUubFjuI9ixC/6dJxl2iB1n0H8JgmFREox32Q4+kDJI8V/
+ X9x0PFpRzL7QEPrLZhW94Yis3sOphLW0rf0t06ZepdHHeodYJu1pVMDmLq6bKXdX
+ vo+/WwKnZBXC1qPbXJByv/CN9MtViXOnBGORFRTJPb6U8379LNWclJ/LW12yTwNk
+ JGIbZU61Vxu+2nLIabmmRoODH2jomgMOMMzLgjT3Hvw3whe8GrUoxDiPYQVTDGNm
+ ly6m+5B1Nx06fkZazonozeaOhSQ7RblUSbo+w8TJmLRzD9ft7p4vpjBGxRADMcuF
+ DOjATgdZeisBUHTGEO0P6wJOBQuCFMX9AVl+u8ZpcuRaRaN+pBE6/BqcHBB6qV/N
+ w2DdNtP8BrJ3kJVNEDIo5oTbH5SToxgA4hWBV42M1rB+5vIMDKN3rwVDdNKWYhYc
+ VZpU3V9V6JzSW1O2w4Wu9PdbWJD9oSvC0qJgnjOXzg==
+ -----END CERTIFICATE-----
+...
+---
+metadata:
+ layeringDefinition:
+ abstract: false
+ layer: site
+ name: ingress-ca
+ schema: metadata/Document/v1
+ storagePolicy: cleartext
+schema: deckhand/CertificateAuthority/v1
+data: |
+ -----BEGIN CERTIFICATE-----
+ MIID7TCCAlWgAwIBAgIMW2h3tgSwie0Ypx8eMA0GCSqGSIb3DQEBCwUAMBIxEDAO
+ BgNVBAMTB0FpcnNoaXAwHhcNMTgwODA2MTYzMDQ2WhcNMTkwODA2MTYzMDQ2WjAS
+ MRAwDgYDVQQDEwdBaXJzaGlwMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKC
+ AYEAny0Nqu9U2tXdCCTNzD2T62htMmBLg3CmzWajfbfFl7ALqzo3HgbbY3PxTHDE
+ OJ/lwdm0HkEaGfEDXhJd06WZsa8+fKGqhKXvZXwXx5mJ8LCGxz6xiaxwo9lnKe6V
+ o3YX7bJ5YIVxQ2jhvZo+dY8Z/buloi2Tp2HbqTejKULH9+qdiQTDXAnyR0NLqzJ0
+ YQ4v4yU3zix3nBi8z29lQekGO9quNEka3nw2n0Gxmq5z1bNALGCF5F759mVkB0uT
+ fPGF+zm9eqlqAgduYg7R+JYUumVHvIoRY454GtAdZHTJHJZP0gQSGJsLff8ROFpI
+ GVYsOZhJXU9Ihc5VBC5PMErbmCn0YkuxAWNOYBstZ8l+uY6YiPoFV5Ulc/8M0If+
+ T6jbqzWoFC+4ysgY95RKOw53S4o/T6AFwiIKIw0xp3UfHCf6kr5Y0+XdDn5CXpJB
+ d1KK3PoUWzPSsxcUMXvgKWT4x1vsCId21dn1SmVSOEBhM08VZfjd5bvL9Xjt/E0j
+ mUqDAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcEADAd
+ BgNVHQ4EFgQUJFuXPZo6RzfEBlJjnnk5jhcP4wIwDQYJKoZIhvcNAQELBQADggGB
+ AJaoEtnDoWUUs4nSSqIGcoCfpIO0oqVp8DvkBOcxz5Rz8vMVJSC24/UnuCD2Wknx
+ 2V/E3edXIeRo7duhPtNCT7c8OKY/pJsZQTgOczn4rphoD1pmAIPZmpG6ssPadPiM
+ EP8xWJHZt8NXG7D5kJX2COvBvgNeWXL6MF7Tv8+t5xzt59Vitdb/7lm9Z6jjpvN+
+ zoG0pKx3XYESsnLAVAf00F+kWwds/3x3gQywUAQUDER0jliYUE5id+sojp357Cl9
+ XtY+8zSnTduuP8CfMhwv5p6j9xbqacfT7AzpQ6cy4xcQ7MA6JBQcxbaq4NtvIf6+
+ d/5N9d8LGnfXdCd9iwNy9Qk23Ea0SNhnk9F/NqGBPakU4TbHh4iTYMC/+hDGInpO
+ TIRelTidNBFNaIBg3Z0vsh0lDwbt/xhpXip+ZVBqKMTtktEceiVGru9cYUQA2tKI
+ XNoc5s0uQGMpdFzgED4lXZf+n7yGVMKohvi7Yn96HqujGIrVH6qThsI6m7pUSz40
+ +g==
+ -----END CERTIFICATE-----
+...
+---
+metadata:
+ layeringDefinition:
+ abstract: false
+ layer: site
+ name: ingress-key
+ schema: metadata/Document/v1
+ storagePolicy: cleartext
+schema: deckhand/CertificateKey/v1
+data: |
+ -----BEGIN RSA PRIVATE KEY-----
+ MIIG4wIBAAKCAYEAu80eb8b/KWHpo9y+uE5xvirPUGNw22fEfxvNmeD+sx5fdbYD
+ OMKvYmWglwO84sGn9OQs5k8iacVbb8YLCS3E+Bdm4FM/MVXnSDvsqw8XDR+fdKLv
+ 5uwXba0uF04aToxCP9ZbikoYep3DX9Vs/A4cFP4jj+xxHUvZJnFi1IUgoZ6cckf4
+ 8xVsJ3Cc05HzQXwpHMrmJmz+vpL9CpWF6J4BFJZaeTb5O2QzUGWgY6EtJ35mRaH1
+ U7V46dmjCRoMAnAP8brOhKvmf5t5pfMOcRyhVcVLB3gUuhX6ibvuj3ZeZnitXDS9
+ Mw6TqNXCaR1P50zYraEtQb9NdahXb9CazvSDMM6zzlG0CRM97g6G12mvnVDSF3fl
+ MoZgsrNf849uUPryJglhIG8w+kBVNsVhU9bUBDHzBZ9qedhsyh4vxdMQ4p+Sqb3R
+ g/0SEh22bDgPsZnGXMbkVde62ZP2yot+qVG79HKcCEE/w1C/Dvha6aE57yvsaELC
+ DMKBo8saN56ShLotAgMBAAECggGAYzZDhA1+sx/0zApL/xYB5NK83t0Ju/8fwX6w
+ qUBBjeLXz1mubgf7m2HQ6ragzLI9xpPcXHcl2PbYDT50ig7R5baHNK8FzUxyeKif
+ qOa56Mbx+C4zyqyi2+AHX2x1XVWfkhXuGip2sCA0HKalgqr5juWLZ/ci8rUlLLft
+ 3BPQX1FpmL4I+HIyxsspLmQGPGwZVAqkd1xRX+BLKZJAQdlm/LdJaIvwMr4Glcx6
+ ZOe68QhHgzXCYsyV6gR9qstF2OvVuLa2mUc7EzYInFIFhXUdAAwmDqkuuLRdRQhf
+ Ur8nqQW33T0cG0GBUzgBI5YmSPJvTSzcPmeSyNVx2/Yb0pkuXtCw67oDcAsN4nW8
+ uls49E2RaiLJYsy5vPsX5aJNcAxw/CWLdadQ3ukviD/MDJbpTl4F52GOVYL6K4XH
+ g5TJjj7xzjmK3ldR/Kscg7HpCitQLGUYdgIsAFdspXf4aSIa68IjDrc5NsJZuMzc
+ PbVHrw7QYNfHY7VNdUlOVqH5lS3BAoHBANRqKrQXtnJmM006TCEJXdcN/5M685jz
+ +L4Ox0Rhrq8ROgcN5q/hjKb6kP/MccQ9voGQOl9TKEyinGNdTtyc/fuH7RNlQwpS
+ HT+vEzVEcrSe8UFs8c6oJnHFO72ylFcibFf56LvbI3L8BZXp7gPSPQkp5f1NWEZk
+ X5bUL4UNiOm0diltba/ofxywF0M9WGD00eqi0Q29JRlvun+355j06CENxRoonNZC
+ wk1evIxhhckP9zLjI2Ykb1hV6yzwPWtmyQKBwQDiVgru/B396KhzDhLl5AL+pBWA
+ GsfiCbmPLh6W6V5VzldB4+GlMRrJ4zSjZQ3/nvX5KepqjMn1N6LQpZQUI/YShCKE
+ mW0XMiAfbp2d23MRMjLD8L/bIoBHQOPkCaMjbmyDOlCagWakEvHJO/TieVgTmYk6
+ mtEYVjJFWI9OCNMAHdl8ovWr3p+8YbVZ8LLv5ZO/V1cIjczoNQ6p8LG/pPMTDLXM
+ ScN9a8z3f8LQLBHBlu0155xvt95PQLAon/x21kUCgcAvPVk36hoiQQZhw3hQ1JNx
+ E2TmanLobkHAiurYE11VA+DC1t2Z+fBc5la+/MnEWfL3P4srzgOlX3imRIcYWzXE
+ 7crUyG1ray2kDxyXeRyFfN+srDzut8is/q81lfSVmEs+GY8f0DGHDfN0Dq1nXidC
+ 1XWXqs7aANKdaZ0T2xm61+57ciG1wGAckjDqPEdecLQKmaEijBEnIgj5BH5WLwk8
+ 6KIQGj4fDIPHzyzhj4LAX3ObdpZVzf6RR7JgsSEHtLkCgcBROW2dDC87MqZY++D+
+ TVBhz8LDgVjgHntQDc3+fGtVQcKAq+YLYU7qyrXWOWrHpGVDcK5mZHYJoVi1peY5
+ QBqL1I2KpoDGxT9P6GN6BgoKTsh3FsvTOVNtvrTJ3keEbJlWkrPgbrXGBeJtRC4C
+ pGdeSUg9FtgY8r4BsuFisLoAHbYyC008y5zpfusVBtNAUlQuY4qhUDoLzxafF/jB
+ /NEasgH/+SzFss0QuPHRwS7yGVaxdJfoY8TNDjrpqVhx0T0CgcEAvKG4UoWvT8gJ
+ pIeeAxxnv9yrMxgpntu4RXPDHgfX5tva6EaM3r3nLXjd9FVtlQ4cNBMhp9HNhS3a
+ dK+oEDcBysVxxfltlS2Bx0+gQf3WxgBCJwayKe3i/XCDza92EENgxTPmqB1LHiq5
+ 2b5aOl2Y5fP0eX6UryxRc443c/ejMHw4lGwnno0qpRk9M9Ucqv5J96QCfAlBSQQS
+ gOG9cypL0kBWzCejn9W4av8HkM8Noqd7Tqul1onv/46OBaX51kt3
+ -----END RSA PRIVATE KEY-----
+...
abstract: false
layer: site
storagePolicy: cleartext
-data: Admin123
+data: calvin
...
path: .
dest:
path: .values.nodes[1].tls.peer.key
+
# NOTE(mb874d): Be sure we generate these certs for genesis.
- src:
schema: deckhand/Certificate/v1
dest:
path: .values.nodes[2].tls.peer.key
-
data: {}
-
...
path: .masters[1].hostname
dest:
path: .values.nodes[1].name
-
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .
dest:
path: .values.nodes[1].tls.peer.key
+
# Genesis node
- src:
schema: deckhand/Certificate/v1
--- /dev/null
+---
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: elasticsearch
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ hosttype: elasticsearch-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data: {}
+...
--- /dev/null
+---
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: fluent-logging
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ hosttype: fluent-logging-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data: {}
+...
firewall_driver: neutron.agent.firewall.NoopFirewallDriver
sriov_nic:
exclude_devices: null
- physical_device_mappings: sriovnet1:ens6f0,sriovnet2:ens6f1
+ physical_device_mappings: 'sriovnet1:ens6f0,sriovnet2:ens6f1'
ml2_conf:
ml2:
mechanism_drivers: l2population,openvswitch,sriovnicswitch
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: nova
+ labels:
+ component: nova
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: nova-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data:
+ values:
+ network:
+ backend:
+ - openvswitch
+ - sriov
+ conf:
+ nova:
+ filter_scheduler:
+ enabled_filters: "RetryFilter, AvailabilityZoneFilter, RamFilter, ComputeFilter, ComputeCapabilitiesFilter, ImagePropertiesFilter, ServerGroupAntiAffinityFilter, ServerGroupAffinityFilter, PciPassthroughFilter, NUMATopologyFilter, DifferentHostFilter, SameHostFilter"
+ libvirt:
+ virt_type: kvm
+ DEFAULT:
+ vcpu_pin_set: "4-21,26-43,48-65,72-87"
+ vif_plugging_is_fatal: False
+ vif_plugging_timeout: 30
+ pci:
+ alias: '{ "vendor_id":"10de", "product_id":"1db4", "name":"V100", "device_type":"type-PCI" }'
+ passthrough_whitelist: '{"vendor_id": "10de", "product_id": "1db4"}'
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp-ceph-client-update
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: ucp-ceph-client-update-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data:
+ values:
+ conf:
+ pool:
+ target:
+ osd: 24
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp-ceph-client
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: ucp-ceph-client-global
+ actions:
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data:
+ values:
+ conf:
+ pool:
+ target:
+ osd: 8
+...
--- /dev/null
+---
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: ucp-ceph-osd
+ layeringDefinition:
+ abstract: false
+ layer: site
+ parentSelector:
+ name: ucp-ceph-osd-global
+ actions:
+ - method: replace
+ path: .values.conf.storage.osd
+ - method: merge
+ path: .
+ storagePolicy: cleartext
+data:
+ values:
+ conf:
+ storage:
+ osd:
+ - data:
+ type: block-logical
+ location: /dev/sdb
+ journal:
+ type: directory
+ location: /var/lib/ceph/journal/journal-sdb
+ - data:
+ type: block-logical
+ location: /dev/sdc
+ journal:
+ type: directory
+ location: /var/lib/ceph/journal/journal-sdc
+ - data:
+ type: block-logical
+ location: /dev/sdd
+ journal:
+ type: directory
+ location: /var/lib/ceph/journal/journal-sdd
+ - data:
+ type: block-logical
+ location: /dev/sde
+ journal:
+ type: directory
+ location: /var/lib/ceph/journal/journal-sde
+ - data:
+ type: block-logical
+ location: /dev/sdf
+ journal:
+ type: directory
+ location: /var/lib/ceph/journal/journal-sdf
+ - data:
+ type: block-logical
+ location: /dev/sdg
+ journal:
+ type: directory
+ location: /var/lib/ceph/journal/journal-sdg
+ - data:
+ type: block-logical
+ location: /dev/sdh
+ journal:
+ type: directory
+ location: /var/lib/ceph/journal/journal-sdh
+ - data:
+ type: block-logical
+ location: /dev/sdi
+ journal:
+ type: directory
+ location: /var/lib/ceph/journal/journal-sdi
+...
# See the License for the specific language governing permissions and #
# limitations under the License. #
##############################################################################
-
schema: pegleg/EndpointCatalogue/v1
metadata:
schema: metadata/Document/v1
abstract: false
layer: site
storagePolicy: cleartext
- substitutions:
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .domain.url
- dest:
- path: .ucp.identity.host_fqdn_override.public
- pattern: DOMAIN
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .domain.url
- dest:
- path: .ucp.shipyard.host_fqdn_override.public
- pattern: DOMAIN
+ # substitutions:
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .ucp.identity.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .ucp.shipyard.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .ceph.object_store.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .ceph.ceph_object_store.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .ceph.object_store.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .ceph.object_store.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .ceph.object_store.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .ceph.ceph_object_store.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .ceph.ceph_object_store.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .ceph.ceph_object_store.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .ucp.identity.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .ucp.identity.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .ucp.identity.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .ucp.shipyard.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .ucp.shipyard.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .ucp.shipyard.host_fqdn_override.public.tls.key
data:
ucp:
identity:
public: keystone
host_fqdn_override:
default: null
- public: iam.DOMAIN
+ # public:
+ # host: iam.DOMAIN
path:
default: /v3
scheme:
default: http
+ # public: https
port:
admin:
default: 35357
api:
default: 80
+ public: 80
armada:
name: armada
hosts:
default: /api/v1.0
scheme:
default: http
+ # public: https
host_fqdn_override:
default: null
- public: shipyard.DOMAIN
+ # public:
+ # host: shipyard.DOMAIN
airflow_web:
name: airflow-web
hosts:
namespace: ceph
hosts:
default: ceph-rgw
+ public: radosgw
host_fqdn_override:
default: null
+ # public:
+ # host: object-store.DOMAIN
path:
default: /swift/v1
scheme:
default: http
+ # public: "https"
+ port:
+ api:
+ default: 8088
+ # public: 443
+ ceph_object_store:
+ name: radosgw
+ namespace: ceph
+ hosts:
+ default: ceph-rgw
+ public: radosgw
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: object-store.DOMAIN
+ path:
+ default: /auth/v1.0
+ scheme:
+ default: "http"
+ # public: "https"
port:
api:
default: 8088
+ # public: 443
ceph_mon:
namespace: ceph
hosts:
abstract: false
layer: site
storagePolicy: cleartext
- substitutions:
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .domain.url
- dest:
- path: .osh.image.host_fqdn_override.public
- pattern: DOMAIN
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .domain.url
- dest:
- path: .osh.cloudformation.host_fqdn_override.public
- pattern: DOMAIN
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .domain.url
- dest:
- path: .osh.orchestration.host_fqdn_override.public
- pattern: DOMAIN
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .domain.url
- dest:
- path: .osh.compute.host_fqdn_override.public
- pattern: DOMAIN
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .domain.url
- dest:
- path: .osh.compute_novnc_proxy.host_fqdn_override.public
- pattern: DOMAIN
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .domain.url
- dest:
- path: .osh.network.host_fqdn_override.public
- pattern: DOMAIN
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .domain.url
- dest:
- path: .osh.identity.host_fqdn_override.public
- pattern: DOMAIN
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .domain.url
- dest:
- path: .osh.dashboard.host_fqdn_override.public
- pattern: DOMAIN
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .domain.url
- dest:
- path: .osh.volume.host_fqdn_override.public
- pattern: DOMAIN
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .domain.url
- dest:
- path: .osh.volumev2.host_fqdn_override.public
- pattern: DOMAIN
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .domain.url
- dest:
- path: .osh.volumev3.host_fqdn_override.public
- pattern: DOMAIN
+ # substitutions:
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.object_store.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.ceph_object_store.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.object_store.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.object_store.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.object_store.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.ceph_object_store.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.ceph_object_store.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.ceph_object_store.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.image.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.cloudformation.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.orchestration.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.compute.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.compute_novnc_proxy.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.placement.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.network.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.identity.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.dashboard.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.volume.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.volumev2.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh.volumev3.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.identity.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.identity.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.identity.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.orchestration.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.orchestration.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.orchestration.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.cloudformation.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.cloudformation.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.cloudformation.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.dashboard.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.dashboard.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.dashboard.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.image.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.image.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.image.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.volume.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.volume.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.volume.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.volumev2.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.volumev2.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.volumev2.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.volumev3.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.volumev3.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.volumev3.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.compute.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.compute.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.compute.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.compute_novnc_proxy.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.compute_novnc_proxy.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.compute_novnc_proxy.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.placement.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.placement.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.placement.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh.network.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh.network.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh.network.host_fqdn_override.public.tls.key
data:
osh:
object_store:
public: radosgw
host_fqdn_override:
default: null
- public:
- host: object-store.DOMAIN
+ # public:
+ # host: object-store.DOMAIN
path:
default: /swift/v1/KEY_$(tenant_id)s
scheme:
default: http
- public: "https"
+ # public: "https"
port:
api:
default: 8088
- public: 443
+ # public: 443
+ ceph_object_store:
+ name: radosgw
+ namespace: ceph
+ hosts:
+ default: ceph-rgw
+ public: radosgw
+ host_fqdn_override:
+ default: null
+ # public:
+ # host: object-store.DOMAIN
+ path:
+ default: /auth/v1.0
+ scheme:
+ default: "http"
+ # public: "https"
+ port:
+ api:
+ default: 8088
+ # public: 443
oslo_db:
hosts:
default: mariadb
public: keystone
host_fqdn_override:
default: null
- public: keystone.DOMAIN
+ # public:
+ # host: identity.DOMAIN
path:
default: /v3
scheme:
default: "http"
+ # public: "https"
port:
admin:
default: 35357
api:
default: 80
+ # public: 443
glance_oslo_messaging:
namespace: openstack
hosts:
public: glance
host_fqdn_override:
default: null
- public: image.DOMAIN
+ # public:
+ # host: image.DOMAIN
path:
default: null
scheme:
default: "http"
+ # public: "https"
port:
api:
default: 9292
- public: 80
+ # public: 443
image_registry:
name: glance-registry
hosts:
public: cinder
host_fqdn_override:
default: null
- public: volume.DOMAIN
+ # public:
+ # host: volume.DOMAIN
path:
default: "/v1/%(tenant_id)s"
scheme:
default: "http"
+ # public: "https"
port:
api:
default: 8776
- public: 80
+ # public: 443
volumev2:
name: cinderv2
hosts:
public: cinder
host_fqdn_override:
default: null
- public: volume.DOMAIN
+ # public:
+ # host: volume.DOMAIN
path:
default: "/v2/%(tenant_id)s"
scheme:
default: "http"
+ # public: "https"
port:
api:
default: 8776
- public: 80
+ # public: 443
volumev3:
name: cinderv3
hosts:
public: cinder
host_fqdn_override:
default: null
- public: volume.DOMAIN
+ # public:
+ # host: volume.DOMAIN
path:
default: "/v3/%(tenant_id)s"
scheme:
default: "http"
+ # public: "https"
port:
api:
default: 8776
- public: 80
- ceph_object_store:
- name: radosgw
- namespace: ceph
- hosts:
- default: ceph-rgw
- host_fqdn_override:
- default: null
- path:
- default: /auth/v1.0
- scheme:
- default: "http"
- port:
- api:
- default: 8088
+ # public: 443
heat_oslo_messaging:
namespace: openstack
hosts:
public: heat
host_fqdn_override:
default: null
- public: orchestration.DOMAIN
+ # public:
+ # host: orchestration.DOMAIN
path:
default: "/v1/%(project_id)s"
scheme:
default: "http"
+ # public: "https"
port:
api:
default: 8004
- public: 80
+ # public: 443
cloudformation:
name: heat-cfn
hosts:
public: cloudformation
host_fqdn_override:
default: null
- public: cloudformation.DOMAIN
+ # public:
+ # host: cloudformation.DOMAIN
path:
default: /v1
scheme:
default: "http"
+ # public: "https"
port:
api:
default: 8000
- public: 80
+ # public: 443
cloudwatch:
name: heat-cloudwatch
hosts:
public: neutron
host_fqdn_override:
default: null
- public: network.DOMAIN
+ # public:
+ # host: network.DOMAIN
path:
default: null
scheme:
default: "http"
+ # public: "https"
port:
api:
default: 9696
- public: 80
+ # public: 443
nova_oslo_messaging:
namespace: openstack
hosts:
public: nova
host_fqdn_override:
default: null
- public: compute.DOMAIN
+ # public:
+ # host: compute.DOMAIN
path:
default: "/v2/%(tenant_id)s"
scheme:
default: "http"
+ # public: "https"
port:
api:
default: 8774
- public: 80
+ # public: 443
novncproxy:
- default: 6080
+ default: 443
compute_metadata:
name: nova
hosts:
public: novncproxy
host_fqdn_override:
default: null
- public: nova-novncproxy.DOMAIN
+ # public:
+ # host: nova-novncproxy.DOMAIN
path:
default: /vnc_auto.html
scheme:
default: "http"
+ # public: "https"
port:
novnc_proxy:
default: 6080
+ # public: 443
compute_spice_proxy:
name: nova
hosts:
public: placement
host_fqdn_override:
default: null
+ # public:
+ # host: placement.DOMAIN
path:
default: /
scheme:
default: "http"
+ # public: "https"
port:
api:
default: 8778
- public: 80
+ # public: 443
dashboard:
name: horizon
hosts:
public: horizon
host_fqdn_override:
default: null
- public: dashboard.DOMAIN
+ # public:
+ # host: dashboard.DOMAIN
path:
default: null
scheme:
default: "http"
+ # public: "https"
port:
web:
default: 80
- barbican_oslo_messaging:
- namespace: openstack
- hosts:
- default: barbican-rabbitmq
- host_fqdn_override:
- default: null
- path: /barbican
- scheme: rabbit
- port:
- amqp:
- default: 5672
- http:
- default: 15672
- barbican_rabbitmq_exporter:
- namespace: openstack
- hosts:
- default: barbican-rabbitmq-exporter
- host_fqdn_override:
- default: null
- path:
- default: /metrics
- scheme:
- default: "http"
- port:
- metrics:
- default: 9095
- key_manager:
- name: barbican
- hosts:
- default: barbican-api
- public: barbican
- host_fqdn_override:
- default: null
- path:
- default: /v1
- scheme:
- default: "http"
- port:
- api:
- default: 9311
- public: 80
+ # public: 443
...
---
schema: pegleg/EndpointCatalogue/v1
abstract: false
layer: site
storagePolicy: cleartext
- substitutions:
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .domain.url
- dest:
- path: .osh_infra.kibana.host_fqdn_override.public
- pattern: DOMAIN
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .domain.url
- dest:
- path: .osh_infra.grafana.host_fqdn_override.public
- pattern: DOMAIN
+ # substitutions:
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh_infra.kibana.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh_infra.grafana.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .dns.ingress_domain
+ # dest:
+ # path: .osh_infra.nagios.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh_infra.kibana.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh_infra.kibana.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh_infra.kibana.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh_infra.grafana.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh_infra.grafana.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh_infra.grafana.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: deckhand/Certificate/v1
+ # name: ingress-crt
+ # path: .
+ # dest:
+ # path: .osh_infra.nagios.host_fqdn_override.public.tls.crt
+ # - src:
+ # schema: deckhand/CertificateAuthority/v1
+ # name: ingress-ca
+ # path: .
+ # dest:
+ # path: .osh_infra.nagios.host_fqdn_override.public.tls.ca
+ # - src:
+ # schema: deckhand/CertificateKey/v1
+ # name: ingress-key
+ # path: .
+ # dest:
+ # path: .osh_infra.nagios.host_fqdn_override.public.tls.key
+ # path: .osh_infra.nagios.host_fqdn_override.public.tls.key
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .ldap.base_url
+ # dest:
+ # path: .osh_infra.ldap.host_fqdn_override.public.host
+ # pattern: DOMAIN
+ # - src:
+ # schema: pegleg/CommonAddresses/v1
+ # name: common-addresses
+ # path: .ldap.auth_path
+ # dest:
+ # path: .osh_infra.ldap.path.default
+ # pattern: AUTH_PATH
data:
osh_infra:
elasticsearch:
public: grafana
host_fqdn_override:
default: null
- public: grafana.DOMAIN
+ # public:
+ # host: grafana.DOMAIN
path:
default: null
scheme:
default: "http"
+ # public: "https"
port:
grafana:
default: 3000
+ # public: 443
monitoring:
name: prometheus
namespace: osh-infra
public: kibana
host_fqdn_override:
default: null
- public: kibana.DOMAIN
+ # public:
+ # host: kibana.DOMAIN
path:
default: null
scheme:
default: "http"
+ # public: "https"
port:
kibana:
default: 5601
+ # public: 443
alerts:
name: alertmanager
namespace: osh-infra
public: nagios
host_fqdn_override:
default: null
- public:
- host: nagios.DOMAIN
+ # public:
+ # host: nagios.DOMAIN
path:
default: null
scheme:
default: http
- public: https
+ # public: https
port:
http:
default: 80
- public: 443
+ # public: 443
ldap:
hosts:
default: ldap
path: .
storagePolicy: cleartext
data:
- release_prefix: clcp
+ release_prefix: airship
chart_groups:
- kubernetes-proxy
- kubernetes-container-networking
- ucp-drydock
- ucp-promenade
- ucp-shipyard
-# - artifactory-ceph-config
-# - artifactory-mariadb
-# - artifactory-webapp
-# - jenkins
- osh-infra-ingress-controller
- osh-infra-ceph-config
- osh-infra-logging
- openstack-ceph-config
- openstack-mariadb
- openstack-memcached
- - openstack-compute-services
- openstack-keystone
- - openstack-glance
- openstack-radosgw
+ - openstack-glance
- openstack-cinder
- openstack-compute-kit
- openstack-heat
- osh-infra-prometheus-openstack-exporter
- openstack-horizon
- - openstack-barbican
-
...
+++ /dev/null
----
-##############################################################################
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may #
-# not use this file except in compliance with the License. #
-# #
-# You may obtain a copy of the License at #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-##############################################################################
-
-schema: armada/Chart/v1
-metadata:
- schema: metadata/Document/v1
- name: nova
- labels:
- component: nova
- layeringDefinition:
- abstract: false
- layer: site
- parentSelector:
- name: nova-global
- actions:
- - method: merge
- path: .
- storagePolicy: cleartext
-data:
- values:
- network:
- backend:
- - openvswitch
- - sriov
- conf:
- nova:
- filter_scheduler:
- enabled_filters: "RetryFilter, AvailabilityZoneFilter, RamFilter, ComputeFilter, ComputeCapabilitiesFilter, ImagePropertiesFilter, ServerGroupAntiAffinityFilter, ServerGroupAffinityFilter, PciPassthroughFilter, NUMATopologyFilter, DifferentHostFilter, SameHostFilter"
- libvirt:
- virt_type: kvm
- DEFAULT:
- debug: True
- vcpu_pin_set: "4-21,26-43,48-65,72-87"
- vif_plugging_is_fatal: False
- vif_plugging_timeout: 30
- pci:
- alias: '{"name": "numa0", "capability_type": "pci", "product_id": "154c", "vendor_id": "8086", "device_type": "type-PCI", "numa_policy": "required"}'
- passthrough_whitelist: |
- [{"address": "0000:af:02.0", "physical_network": "sriovnet1"},{"address": "0000:af:02.1", "physical_network": "sriovnet1"},{"address": "0000:af:02.2", "physical_network": "sriovnet1"},{"address": "0000:af:02.3", "physical_network": "sriovnet1"},{"address": "0000:af:02.4", "physical_network": "sriovnet1"},{"address": "0000:af:02.5", "physical_network": "sriovnet1"},{"address": "0000:af:02.6", "physical_network": "sriovnet1"},{"address": "0000:af:02.7", "physical_network": "sriovnet1"},{"address": "0000:af:03.0", "physical_network": "sriovnet1"},{"address": "0000:af:03.1", "physical_network": "sriovnet1"},{"address": "0000:af:03.2", "physical_network": "sriovnet1"},{"address": "0000:af:03.3", "physical_network": "sriovnet1"},{"address": "0000:af:03.4", "physical_network": "sriovnet1"},{"address": "0000:af:03.5", "physical_network": "sriovnet1"},{"address": "0000:af:03.6", "physical_network": "sriovnet1"},{"address": "0000:af:03.7", "physical_network": "sriovnet1"},{"address": "0000:af:04.0", "physical_network": "sriovnet1"},{"address": "0000:af:04.1", "physical_network": "sriovnet1"},{"address": "0000:af:04.2", "physical_network": "sriovnet1"},{"address": "0000:af:04.3", "physical_network": "sriovnet1"},{"address": "0000:af:04.4", "physical_network": "sriovnet1"},{"address": "0000:af:04.5", "physical_network": "sriovnet1"},{"address": "0000:af:04.6", "physical_network": "sriovnet1"},{"address": "0000:af:04.7", "physical_network": "sriovnet1"},{"address": "0000:af:05.0", "physical_network": "sriovnet1"},{"address": "0000:af:05.1", "physical_network": "sriovnet1"},{"address": "0000:af:05.2", "physical_network": "sriovnet1"},{"address": "0000:af:05.3", "physical_network": "sriovnet1"},{"address": "0000:af:05.4", "physical_network": "sriovnet1"},{"address": "0000:af:05.5", "physical_network": "sriovnet1"},{"address": "0000:af:05.6", "physical_network": "sriovnet1"},{"address": "0000:af:05.7", "physical_network": "sriovnet1"},{"address": "0000:af:0a.0", "physical_network": "sriovnet2"},{"address": "0000:af:0a.1", "physical_network": "sriovnet2"},{"address": "0000:af:0a.2", "physical_network": "sriovnet2"},{"address": "0000:af:0a.3", "physical_network": "sriovnet2"},{"address": "0000:af:0a.4", "physical_network": "sriovnet2"},{"address": "0000:af:0a.5", "physical_network": "sriovnet2"},{"address": "0000:af:0a.6", "physical_network": "sriovnet2"},{"address": "0000:af:0a.7", "physical_network": "sriovnet2"},{"address": "0000:af:0b.0", "physical_network": "sriovnet2"},{"address": "0000:af:0b.1", "physical_network": "sriovnet2"},{"address": "0000:af:0b.2", "physical_network": "sriovnet2"},{"address": "0000:af:0b.3", "physical_network": "sriovnet2"},{"address": "0000:af:0b.4", "physical_network": "sriovnet2"},{"address": "0000:af:0b.5", "physical_network": "sriovnet2"},{"address": "0000:af:0b.6", "physical_network": "sriovnet2"},{"address": "0000:af:0b.7", "physical_network": "sriovnet2"},{"address": "0000:af:0c.0", "physical_network": "sriovnet2"},{"address": "0000:af:0c.1", "physical_network": "sriovnet2"},{"address": "0000:af:0c.2", "physical_network": "sriovnet2"},{"address": "0000:af:0c.3", "physical_network": "sriovnet2"},{"address": "0000:af:0c.4", "physical_network": "sriovnet2"},{"address": "0000:af:0c.5", "physical_network": "sriovnet2"},{"address": "0000:af:0c.6", "physical_network": "sriovnet2"},{"address": "0000:af:0c.7", "physical_network": "sriovnet2"},{"address": "0000:af:0d.0", "physical_network": "sriovnet2"},{"address": "0000:af:0d.1", "physical_network": "sriovnet2"},{"address": "0000:af:0d.2", "physical_network": "sriovnet2"},{"address": "0000:af:0d.3", "physical_network": "sriovnet2"},{"address": "0000:af:0d.4", "physical_network": "sriovnet2"},{"address": "0000:af:0d.5", "physical_network": "sriovnet2"},{"address": "0000:af:0d.6", "physical_network": "sriovnet2"},{"address": "0000:af:0d.7", "physical_network": "sriovnet2"}]
-...
source $(dirname $0)/env_$SITE.sh
+cd $YAML_BUILDS
+# Update BIOS Setting
+python $YAML_BUILDS/scripts/update_bios_settings.py $SITE.yaml
+# Install OS on Genesis
+python $YAML_BUILDS/scripts/jcopy.py $SITE.yaml $YAML_BUILDS/tools/j2/serverrc.j2 $YAML_BUILDS/tools/"$GENESIS_NAME"rc
+/opt/akraino/redfish/install_server_os.sh --rc /opt/akraino/yaml_builds/tools/"$GENESIS_NAME"rc --skip-confirm
+
scp $YAML_BUILDS/tars/promenade-bundle-$SITE.tar $GENESIS_HOST:/tmp/
ssh $GENESIS_HOST << EOF
mkdir -p /root/akraino
fi
cd $YAML_BUILDS
-cp -r site/common/* site/$SITE/
python ./scripts/jcopy.py $SITE.yaml ./templates $YAML_BUILDS/site/$SITE
-python ./scripts/jcopy.py $SITE.yaml ./tools/j2/set_site_env.sh ./tools
-mv ./tools/set_site_env.sh ./tools/env_$SITE.sh
+python ./scripts/jcopy.py $SITE.yaml ./tools/j2/set_site_env.sh ./tools/env_$SITE.sh
+cp -r site/common/* site/$SITE/
--- /dev/null
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+# Add proxy settings if required for your environment
+# export http_proxy=http://your.proxy.com:8080/
+# export https_proxy=http://your.proxy.com:8080/
+#
+
+# host name for server
+SRV_NAME={{yaml.genesis.name}}
+
+# server oem - Dell or HPE (case sensitive)
+SRV_OEM={{yaml.genesis.oem}}
+
+# out of band interface information for server (idrac/ilo/etc)
+SRV_OOB_IP={{yaml.genesis.oob}}
+SRV_OOB_USR={{yaml.ipmi_admin.username}}
+SRV_OOB_PWD={{yaml.ipmi_admin.password}}
+
+# mac address of server to be used during the build - not required for Dell servers
+# SRV_MAC=3c:fd:fe:b8:10:60
+
+# name of network interface used during build when ipxe.efi is booted and when os is booted
+# ipxe numbers ports from 0-n in pci bus order.
+# the netx value will depend on how many nics are in the server
+# and which pci device number is assigned to the slot
+SRV_IPXE_INF={{yaml.networks.pxe.inf}}
+
+# the build interface is the nic used by the Ubuntu installed to load the OS
+SRV_BLD_INF={{yaml.networks.slaves[0].name}}
+
+# the boot device is the device name on which the OS will be loaded
+SRV_BOOT_DEVICE={{yaml.disks[0].name}}
+
+# ipxe script to use - based on the os version and kernel to install
+# valid options are script-hwe-16.04.4-amd64.ipxe or script-16.04.4-amd64.ipxe
+SRV_BLD_SCRIPT=script-hwe-16.04.5-amd64.ipxe
+
+# template xml file to set bios and raid configuration settings
+SRV_BIOS_TEMPLATE=dell_r740_g14_uefi_base.xml.template
+SRV_BOOT_TEMPLATE=dell_r740_g14_uefi_httpboot.xml.template
+SRV_HTTP_BOOT_DEV=NIC.Slot.7-1-1
+
+# tempalte to run to configure OS after first boot
+# current options are: firstboot.sh.template, firstboot-genesis.sh.tempate or firstboot-airship-iab.sh.template
+SRV_FIRSTBOOT_TEMPLATE=firstboot-genesis.sh.template
+
+# VLAN to use during build and for final network configuration
+SRV_VLAN={{yaml.networks.host.vlan}}
+SRV_STORAGE_VLAN={{yaml.networks.storage.vlan}}
+SRV_CALICO_VLAN={{yaml.networks.ksn.vlan}}
+SRV_NEUTRON_VLAN={{yaml.networks.neutron.vlan}}
+
+# basic network information for dhcp config and final server network settings
+SRV_MTU=9000
+SRV_IP={{yaml.genesis.host}}
+SRV_STORAGE_IP={{yaml.genesis.storage}}
+SRV_CALICO_IP={{yaml.genesis.ksn}}
+SRV_NEUTRON_IP={{yaml.genesis.neutron}}
+SRV_SUBNET={{yaml.networks.host.subnet}}
+SRV_NETMASK={{yaml.networks.host.netmask}}
+SRV_GATEWAY={{yaml.networks.host.routes.gateway}}
+#SRV_DNS={{yaml.networks.host.dns.servers | first}}
+SRV_DNS=192.168.2.85
+SRV_DOMAIN={{yaml.networks.host.dns.domain}}
+SRV_DNSSEARCH={{yaml.networks.host.dns.domain}}
+SRV_NTP=ntp.ubuntu.org
+
+# root password for server being built
+SRV_PWD={{yaml.genesis.root_password}}
+
+# network bond information
+SRV_BOND={{yaml.networks.primary}}
+{% for slave in yaml.networks.slaves %}
+SRV_SLAVE{{loop.index}}={{slave.name}}
+{% endfor %}
--- /dev/null
+##############################################################################
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may #
+# not use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+# Add proxy settings if required for your environment
+# export http_proxy=http://your.proxy.com:8080/
+# export https_proxy=http://your.proxy.com:8080/
+#
+# Set the ip and port to use when creating the web server
+BUILD_WEBIP=192.168.2.5
+
+# host name for server
+SRV_NAME={{yaml.name}}
+
+# out of band interface information for server (idrac/ilo/etc)
+SRV_OOB_IP={{yaml.oob}}
+SRV_OOB_USR={{yaml.oob_user}}
+SRV_OOB_PWD={{yaml.oob_password}}
echo PXE_INTERFACE=$PXE_INTERFACE
export HOST_INTERFACE={{yaml.networks.host.interface}}
echo HOST_INTERFACE=$HOST_INTERFACE
+export GENESIS_NAME={{yaml.genesis.name}}
+echo GENESIS_NAME=$GENESIS_NAME
set -x
-PEGLEG_IMAGE=${PEGLEG_IMAGE:-quay.io/airshipit/pegleg:master}
+PEGLEG_IMAGE=${PEGLEG_IMAGE:-quay.io/airshipit/pegleg:09d85465827f1468d3469e5bbcf6b48f25338e7c}
echo
echo "== NOTE: Workspace $WORKSPACE is available as /workspace in container context =="
Code Review / yaml_builds.git / commitdiff